what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 53 RSS Feed

Files Date: 2011-11-02

Microsoft Excel 2007 SP2 Buffer Overwrite
Posted Nov 2, 2011
Authored by Abysssec | Site abysssec.com

A remote code execution vulnerability exists in the way that Microsoft Excel 2007 SP2 handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. This is the same vulnerability that is referenced in MS11-021. Proof of concept exploit code included.

tags | exploit, remote, code execution, proof of concept
systems | linux
SHA-256 | 9a5d1f96fbe02680c7966f213409b939e32dceb7cdd048b0e6ab2e26c9aed2cf
Cisco Security Advisory 20111102-srp500
Posted Nov 2, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Small Business SRP500 Series Services Ready Platforms contain an operating system command injection vulnerability. The vulnerability can be exploited via a remote session to the Services Ready Platform Configuration Utility web interface. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

tags | advisory, remote, web
systems | cisco
advisories | CVE-2011-4005
SHA-256 | 0778862bf9fa19104435b1722feca5da37fb341ae1519f5ec6815b4acba36416
SetSeed CMS 5.8.20 SQL Injection
Posted Nov 2, 2011
Authored by LiquidWorm | Site zeroscience.mk

SetSeed CMS version 5.8.20 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the vulnerable script using the cookie input 'loggedInUser', which could allow the attacker to view, add, modify or delete information in the back-end database.

tags | exploit, remote, sql injection
SHA-256 | 2c7d6fde362078986308ded7ffb7656180b3a2a54c0736c861bf3fe6f0c9453c
Solaris 11 USB Hub Class Descriptor Kernel Stack Overflow
Posted Nov 2, 2011
Authored by Andy Davis | Site ngssecure.com

It was discovered that a local attacker can send a malformed USB hub class descriptor via a malicious USB device and trigger a kernel stack overflow in Solaris versions 8, 9, 10, and 11 Express.

tags | advisory, overflow, kernel, local
systems | solaris
SHA-256 | a80d1f9f52f13b9e8415d9d58079861c76c46a4c8467e2a7cfa25f5c7369fe03
Google Maps Open Redirect
Posted Nov 2, 2011
Authored by Sony

Google Maps suffers from an open redirect vulnerability.

tags | exploit
SHA-256 | aee1da50d87ec097baea750b5d4f0d6957a5a88360a5a737ab62d26afcd11f9f
NATO Research And Technology Org Local File Inclusion
Posted Nov 2, 2011
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

The NATO Research and Technology Organisation (RTO) service (Organisation pour la Recherche et la Technologie OTAN in French) suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | ddc802549714d9973c40c51236b45d28ad3274b4723797e32a1a7adb5e57cd5a
Citibank CitiDirect Online Banking Forced Use Of Vulnerable JRE
Posted Nov 2, 2011
Authored by Tomasz Tometzky Ostrowski

Citibank CitiDirect Online Banking software is forcing the use of a vulnerable version of the Java Runtime Environment, again.

tags | advisory, java
SHA-256 | 10db1585f570c0c0436c5668ad5955bf1a4e6b12f877810cf62870beabcefb0d
Multi Threaded TCP Port Scanner 3.0
Posted Nov 2, 2011
Authored by SecPoint | Site secpoint.com

This is a basic TCP SYN scanner that is multi-threaded.

Changes: Added host name resolution, various options, and more. Various improvements and bug fixes.
tags | tool, scanner, tcp
systems | unix
SHA-256 | 05a84a886d1c59a2eb79d1ef37a2e76d8540fbc184e6059c4dbc8ef23136fb77
Efront 3.6.10 Build 11944 Cross Site Scripting / SQL Injection
Posted Nov 2, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Efront version 3.6.10 build 11944 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 3278059d1102def6193bc6a5a50c9ac3e596bb1a775fbbf9d7af34f53340e4db
Mandriva Linux Security Advisory 2011-164
Posted Nov 2, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-164 - This advisory updates wireshark to the latest version (1.6.3), fixing several security issues. An uninitialized variable in the CSN.1 dissector could cause a crash. Huzaifa Sidhpurwala of Red Hat Security Response Team discovered that the Infiniband dissector could dereference a NULL pointer. Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a buffer overflow in the ERF file reader. The updated packages have been upgraded to the latest 1.6.x version which is not vulnerable to these issues.

tags | advisory, overflow
systems | linux, redhat, mandriva
advisories | CVE-2011-4100, CVE-2011-4101, CVE-2011-4102
SHA-256 | db68935e03bc26d480a3863e093cf87d2a9d9d664061a92252578d30c1c013c0
Mandriva Linux Security Advisory 2011-163
Posted Nov 2, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-163 - Multiple vulnerabilities was discovered and corrected in phpldapadmin. Input appended to the URL in cmd.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Input passed to the orderby parameter in cmd.php is not properly sanitised in lib/functions.php before being used in a create_function() function call. This can be exploited to inject and execute arbitrary PHP code. The updated packages have been upgraded to the latest version which is not vulnerable to these issues.

tags | advisory, arbitrary, php, vulnerability
systems | linux, mandriva
advisories | CVE-2011-4074, CVE-2011-4075
SHA-256 | 6a8eb2c9e6fc20b6430bd1ef4c22501633d729e8da1461de60a868adcbc1ea75
Apache ap_pregsub Integer Overflow
Posted Nov 2, 2011
Authored by halfdog

An exploitable integer overflow in Apache allows a remote attacker to crash the process or perform execution of arbitrary code as the user running Apache. To exploit the vulnerability, a crafted .htaccess file has to be placed on the server.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2011-3607
SHA-256 | de93709165ae3da045b8b7cd8bcaa006e9c80ce8ed576e25755ced04b4c304ff
phpMyAdmin Arbitrary File Read
Posted Nov 2, 2011
Authored by WooYun | Site wooyun.org

phpMyAdmin suffers from a remote arbitrary file reading vulnerability when using a simplexml_load_string function meant to read xml from user input.

tags | exploit, remote, arbitrary
SHA-256 | e9107c1ea9ecd076a0b594c54978d18ecaa5e210966639afd6ab79b6715853a9
BestShopPro SQL Injection / Cross Site Scripting
Posted Nov 2, 2011
Authored by CoBRa_21

BestShopPro suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 540a1e2899f1eeb5b42cd9faa97a86991ef8385ac014a8a49b99929f96f955f1
Calibre E-Book Reader Local Root
Posted Nov 2, 2011
Authored by zx2c4

Calibre E-Book Reader local root exploit that leverages PATH manipulation and a suid mount helper.

tags | exploit, local, root
SHA-256 | e5fa170d241da03c918fe3a8ffb3e7a7364e4e4825c16fc83ac7bd17e8ee6b78
Secunia Security Advisory 46146
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has discovered two vulnerabilities in Sunway ForceControl and Sunway pNetPower, which can be exploited by malicious people to disclose system information and compromise a user's system.

tags | advisory, vulnerability
SHA-256 | bc54e8e45cbb92b2ad5a93e790fa46a5117048116d354fb03e5f44a424d7c813
Secunia Security Advisory 46058
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Dolphin Browser HD for Android, which can be exploited by malicious people to bypass certain security features.

tags | advisory
SHA-256 | 6e0a51185511bc7efe2f02a467490327e464ecea93b3406acdc24b7681794ac7
Secunia Security Advisory 46107
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in PHP, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, php
SHA-256 | a13ce4cf55e804f1fd5b68ae77508fba6d60191ed633351a698b3da3964e3f25
Secunia Security Advisory 46182
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for openldap. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, fedora
SHA-256 | 50b00562c9f468f6d79f1e0020853c15efb8d6ea3599ed26213040cf48a2ba5a
Secunia Security Advisory 46131
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in JAKCMS, which can be exploited by malicious users to bypass certain security restrictions and compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | b309ae08119745205af18bb27ee9e53d53278ab05bbc62f1602b1622c60e718f
Secunia Security Advisory 46683
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 75acfa20e6de8a7da821d28f9237e1c136d38d2a6f4a7c22724ae437dc1e6280
Secunia Security Advisory 46644
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 8f2efa6baa1dd4ef499fa3ff006d93aa0f85850f1e3a3176e9aa038583cb8e94
Secunia Security Advisory 46676
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Attachmate has acknowledged a vulnerability in Attachmate Reflection for the Web, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, web, denial of service
SHA-256 | cf104de270512b47811c1c203afcd79e531d56aacafbb4b84ed60f4f7d840e7a
Secunia Security Advisory 46682
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Adobe Flash Player included in Solaris, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, and compromise a user's system.

tags | advisory, vulnerability, xss
systems | solaris
SHA-256 | 8da9bdf1a06c4f9ad271e187805f984b5686a23c370ecc2550b6e9be4c2992c0
Secunia Security Advisory 46686
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VP-ASP, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection, asp
SHA-256 | d0a802f61456e731fc7e9c76326b74ba8a365f29eb649dbfbed48322681967b1
Page 1 of 3
Back123Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close