exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2011-11-24

Samsung.com Cross Site Scripting
Posted Nov 24, 2011
Authored by (In)Security Romania | Site insecurity.ro

The chat.support.samsung.com site suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | eead845bf9d525cdd9395c7a28c039d8
Red Hat Security Advisory 2011-1478-01
Posted Nov 24, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1478-01 - The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM 1.5.0 SR13 Java release. All running instances of IBM Java must be restarted for this update to take effect.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2011-3545, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3552, CVE-2011-3554, CVE-2011-3556
MD5 | ab601d5697ef7af5761a44df72f38008
SIP Army Knife Fuzzer 11232011
Posted Nov 24, 2011
Authored by Blake Cornell

SIP Army Knife is a fuzzer that searches for cross site scripting, SQL injection, log injection, format strings, buffer overflows, and more.

tags | overflow, xss, sql injection, fuzzer
MD5 | 8c91029192323bd09eaf9a421c288fc1
Zabbix 1.8.4 SQL Injection
Posted Nov 24, 2011
Authored by Marcio Almeida

Zabbix versions 1.8.4 and below suffer from a remote SQL injection vulnerability in popup.php.

tags | exploit, remote, php, sql injection
MD5 | 87f70e3224cb26b9faa77e83708622b3
HP Network Node Manager i 9.10 Cross Site Scripting
Posted Nov 24, 2011
Authored by 0a2940

HP Network Node Manager i version 9.10 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 4f163f97ba71e8c42a8e83864d5d1533
CgCraft LLC Design SQL Injection
Posted Nov 24, 2011
Authored by 3spi0n

CgCraft LLC Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 70f2d4684b619c94ea320a17682b6a2a
Linux/MIPS /bin/sh Shellcode
Posted Nov 24, 2011
Authored by rigan

48 bytes small Linux/MIPS execve /bin/sh shellcode.

tags | shellcode
systems | linux
MD5 | 7b532a91a3adeb6521aa12000acfa83e
Log1CMS 2.0 Remote Code Execution
Posted Nov 24, 2011
Authored by Adel SBM

Log1CMS version 2.0 remote code execution exploit that leverages ajax_create_folder.php.

tags | exploit, remote, php, code execution
MD5 | 190b3bad473bcab89d7813cf76d9d02f
Ubuntu Security Notice USN-1279-1
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1279-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-2183, CVE-2011-2491, CVE-2011-2494, CVE-2011-2495, CVE-2011-2517, CVE-2011-2905, CVE-2011-2909
MD5 | b453296a7d8bffc0468a45fc6110c91e
Ubuntu Security Notice USN-1278-1
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1278-1 - It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-1585, CVE-2011-2183, CVE-2011-2491, CVE-2011-2496, CVE-2011-2517
MD5 | 7b0e3a87a8ff04a70dd2b49f153c0e5c
Ubuntu Security Notice USN-1269-1
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1269-1 - Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2011-2491, CVE-2011-2496, CVE-2011-2517, CVE-2011-2525
MD5 | 1672934ba43067cd176b264118166431
EDJE Technologies SQL Injection
Posted Nov 24, 2011
Authored by 3spi0n

EDJE Technologies suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0c3cca060f21d8a9c02ee8e456c21622
Linux/MIPS Add User Shellcode
Posted Nov 24, 2011
Authored by rigan

164 bytes small Linux/MIPS add user (UID 0) with password shellcode.

tags | shellcode
systems | linux
MD5 | 424df93294449b7de6743901069dd441
HP Security Bulletin HPSBUX02725 SSRT100627
Posted Nov 24, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02725 SSRT100627 - Potential security vulnerabilities have been identified with HP-UX Apache Running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to disclose information, allow authentication bypass, allow cross-site scripting (XSS), gain unauthorized access, or create a Denial of Service (DoS). The Tomcat-based Servlet Engine is contained in the HP-UX Apache Web Server Suite. Revision 1 of this advisory.

tags | advisory, web, denial of service, vulnerability, xss
systems | hpux
advisories | CVE-2010-3718, CVE-2010-4476, CVE-2011-0013, CVE-2011-2204, CVE-2011-2526, CVE-2011-2729, CVE-2011-3190
MD5 | 78b8c944a8723e2c2c2dfb9ecab0640d
HP Security Bulletin HPSBUX02724 SSRT100650 2
Posted Nov 24, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02724 SSRT100650 2 - A potential security vulnerability has been identified with HP-UX running SAM. This vulnerability could be locally exploited to create an increase in privilege. Revision 2 of this advisory.

tags | advisory
systems | hpux
advisories | CVE-2011-4159
MD5 | 59ed3a8a6fe11c4eebb4ad7202abc3b7
LibLime Koha 4.2 Local File Inclusion
Posted Nov 24, 2011
Authored by Akin Tosunlar

LibLime Koha versions 4.2 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | b6ecd906f57561b8784db06912e99b80
Ubuntu Security Notice USN-1277-2
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1277-2 - USN-1277-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 8. Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Marc Schoenefeld discovered that using Firebug to profile a JavaScript file with many functions would cause Firefox to crash. An attacker might be able to exploit this without using the debugging APIs, which could potentially remotely crash the browser, resulting in a denial of service. Various other issues were addressed as well.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-3648, CVE-2011-3650, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, CVE-2011-3655
MD5 | 4c5cf8a2d6a455628518e110753cd9c8
Ubuntu Security Notice USN-1277-1
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1277-1 - Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Marc Schoenefeld discovered that using Firebug to profile a JavaScript file with many functions would cause Firefox to crash. An attacker might be able to exploit this without using the debugging APIs, which could potentially remotely crash the browser, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, web, denial of service, javascript
systems | linux, ubuntu
advisories | CVE-2011-3648, CVE-2011-3650, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, CVE-2011-3655
MD5 | ec1bbab85b1672ddd6bdab441702f7fd
Page 1 of 1
Back1Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    10 Files
  • 7
    Dec 7th
    1 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    15 Files
  • 10
    Dec 10th
    30 Files
  • 11
    Dec 11th
    8 Files
  • 12
    Dec 12th
    20 Files
  • 13
    Dec 13th
    6 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close