exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2011-11-24

Samsung.com Cross Site Scripting
Posted Nov 24, 2011
Authored by (In)Security Romania | Site insecurity.ro

The chat.support.samsung.com site suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9f0803be25349ade84268a4aab6e25c1ad1370139f3f20ec2b32bc4121d9d3c2
Red Hat Security Advisory 2011-1478-01
Posted Nov 24, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1478-01 - The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM 1.5.0 SR13 Java release. All running instances of IBM Java must be restarted for this update to take effect.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2011-3545, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3552, CVE-2011-3554, CVE-2011-3556
SHA-256 | 7cbb5153f3abe274888815acc7fa18117fcca8ce03c1474aa2d2b823dd99ca87
SIP Army Knife Fuzzer 11232011
Posted Nov 24, 2011
Authored by Blake Cornell

SIP Army Knife is a fuzzer that searches for cross site scripting, SQL injection, log injection, format strings, buffer overflows, and more.

tags | overflow, xss, sql injection, fuzzer
SHA-256 | 4fd73eaa07d985c2b97468b07640cbf674016b6d676e720e5c0ed70b2df09c64
Zabbix 1.8.4 SQL Injection
Posted Nov 24, 2011
Authored by Marcio Almeida

Zabbix versions 1.8.4 and below suffer from a remote SQL injection vulnerability in popup.php.

tags | exploit, remote, php, sql injection
SHA-256 | b56256dc6e49aa84426a464efcebce6a3ac34661337e511965f33cf77a058512
HP Network Node Manager i 9.10 Cross Site Scripting
Posted Nov 24, 2011
Authored by 0a2940

HP Network Node Manager i version 9.10 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 83eae4f4628bedcd448ce44aa7fc9d25cf598baae74f35123c5bec4ee8114545
CgCraft LLC Design SQL Injection
Posted Nov 24, 2011
Authored by 3spi0n

CgCraft LLC Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | db95c752930f8fbb2bb27965feaf5d9f06bfff11b71a172a9c17ed2c4410faae
Linux/MIPS /bin/sh Shellcode
Posted Nov 24, 2011
Authored by rigan

48 bytes small Linux/MIPS execve /bin/sh shellcode.

tags | shellcode
systems | linux
SHA-256 | e05b3f3d11e44fb1f0249c1ab2224ecc1c315978a8021004d63803a15a770b0e
Log1CMS 2.0 Remote Code Execution
Posted Nov 24, 2011
Authored by Adel SBM

Log1CMS version 2.0 remote code execution exploit that leverages ajax_create_folder.php.

tags | exploit, remote, php, code execution
SHA-256 | e42cee700505621b6ad1fce6c51c6c98f6b151986a1cc0d80ea0e471e27e2e1d
Ubuntu Security Notice USN-1279-1
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1279-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-2183, CVE-2011-2491, CVE-2011-2494, CVE-2011-2495, CVE-2011-2517, CVE-2011-2905, CVE-2011-2909
SHA-256 | a57a6a4677aad213b5b06f27421d5abb8eefa70db03930de1545039b4bd62c37
Ubuntu Security Notice USN-1278-1
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1278-1 - It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-1585, CVE-2011-2183, CVE-2011-2491, CVE-2011-2496, CVE-2011-2517
SHA-256 | 8fc659e1e77c5000547f9f535c1921bdcb9f9740bffb44f47b411d8891107fd1
Ubuntu Security Notice USN-1269-1
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1269-1 - Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2011-2491, CVE-2011-2496, CVE-2011-2517, CVE-2011-2525
SHA-256 | 748fe00a71d2900d82893524fc7936b6d46ed4c251a839f7421b33b7b5d70cb7
EDJE Technologies SQL Injection
Posted Nov 24, 2011
Authored by 3spi0n

EDJE Technologies suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 86f1b29825b746b58601471a709df104c9b9d5494c02fb26eb8ec1216d7443c0
Linux/MIPS Add User Shellcode
Posted Nov 24, 2011
Authored by rigan

164 bytes small Linux/MIPS add user (UID 0) with password shellcode.

tags | shellcode
systems | linux
SHA-256 | 33fe89705d37ee6fd02b2cee2201f40340d0f78902c3d725866581684affd745
HP Security Bulletin HPSBUX02725 SSRT100627
Posted Nov 24, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02725 SSRT100627 - Potential security vulnerabilities have been identified with HP-UX Apache Running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to disclose information, allow authentication bypass, allow cross-site scripting (XSS), gain unauthorized access, or create a Denial of Service (DoS). The Tomcat-based Servlet Engine is contained in the HP-UX Apache Web Server Suite. Revision 1 of this advisory.

tags | advisory, web, denial of service, vulnerability, xss
systems | hpux
advisories | CVE-2010-3718, CVE-2010-4476, CVE-2011-0013, CVE-2011-2204, CVE-2011-2526, CVE-2011-2729, CVE-2011-3190
SHA-256 | da0edbfa949de2b7034ad0a1fe927c5c9205a87431abdda03737962e90086071
HP Security Bulletin HPSBUX02724 SSRT100650 2
Posted Nov 24, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02724 SSRT100650 2 - A potential security vulnerability has been identified with HP-UX running SAM. This vulnerability could be locally exploited to create an increase in privilege. Revision 2 of this advisory.

tags | advisory
systems | hpux
advisories | CVE-2011-4159
SHA-256 | 150c53828ac40def657ef231f9f25d5ce03f432d4f8dfeb50cd875906b300e5c
LibLime Koha 4.2 Local File Inclusion
Posted Nov 24, 2011
Authored by Akin Tosunlar

LibLime Koha versions 4.2 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 4dbc5554bbfad191d732b5f61b07b2f5e33f63eea0e11ef62d9f69e503feb65b
Ubuntu Security Notice USN-1277-2
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1277-2 - USN-1277-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 8. Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Marc Schoenefeld discovered that using Firebug to profile a JavaScript file with many functions would cause Firefox to crash. An attacker might be able to exploit this without using the debugging APIs, which could potentially remotely crash the browser, resulting in a denial of service. Various other issues were addressed as well.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-3648, CVE-2011-3650, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, CVE-2011-3655
SHA-256 | 28bd532ded831a89497654f782221fbde98b55af2975d73060350ebece644e3d
Ubuntu Security Notice USN-1277-1
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1277-1 - Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Marc Schoenefeld discovered that using Firebug to profile a JavaScript file with many functions would cause Firefox to crash. An attacker might be able to exploit this without using the debugging APIs, which could potentially remotely crash the browser, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, web, denial of service, javascript
systems | linux, ubuntu
advisories | CVE-2011-3648, CVE-2011-3650, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, CVE-2011-3655
SHA-256 | 50cacdc3fc2d46a4452a7d176ace181644b756e1e80e2655e104e50a14231030
Page 1 of 1
Back1Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close