what you don't know can hurt you
Showing 1 - 24 of 24 RSS Feed

Files Date: 2011-12-03

Ubuntu Security Notice USN-1286-1
Posted Dec 3, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1286-1 - Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2011-2491, CVE-2011-2496, CVE-2011-2517, CVE-2011-2525, CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4326, CVE-2011-4330
MD5 | 181615408671a2238103499da1dc4198
Indexed Blind SQL Injection
Posted Dec 3, 2011
Authored by gamma95

Whitepaper called Indexed Blind SQL Injection. Time based blind SQL attacks suffer from low bit/request ratios. Each request produces only one valuable bit of information. This paper describes a tweak that produces higher yield at the expense of a longer runtime. Along the way, some issues and notes of applicability are also discussed.

tags | paper, sql injection
MD5 | 9e7ad9653111f72569433f8ab5f75f03
AlldataSheet Cross Site Scripting
Posted Dec 3, 2011
Authored by 3spi0n

AlldataSheet suffers from a cross site scripting vulnerability in view.jsp.

tags | exploit, xss
MD5 | ade7ea92dfde59ecf7e968af5ce9912f
Avid Media Composer 5.5 - Avid Phonetic Indexer Stack Overflow
Posted Dec 3, 2011
Authored by Nick Freeman | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in process AvidPhoneticIndexer.exe (port 4659), which comes as part of the Avid Media Composer 5.5 Editing Suite. This daemon sometimes starts on a different port; if you start it standalone it will run on port 4660.

tags | exploit, overflow
advisories | OSVDB-77376
MD5 | c4fdcbd39db3ab6e312ae7a02000ae94
CCMPlayer 1.5 Stack Buffer Overflow
Posted Dec 3, 2011
Authored by Rh0 | Site metasploit.com

This Metasploit module exploits a stack based buffer overflow in CCMPlayer 1.5. Opening a m3u playlist with a long track name, a SEH exception record can be overwritten with parts of the controllable buffer. SEH execution is triggered after an invalid read of an injectable address, thus allowing arbitrary code execution. This Metasploit module works on multiple Windows platforms including: Windows XP SP3, Windows Vista, and Windows 7.

tags | exploit, overflow, arbitrary, code execution
systems | windows, xp, vista, 7
advisories | OSVDB-77453
MD5 | 3aae8f1a871387793558f0a991da878c
Linux/x86-64 execve(/bin/sh) Shellcode
Posted Dec 3, 2011
Authored by X-h4ck

52 bytes small Linux/x86-64 execve(/bin/sh) shellcode.

tags | x86, shellcode
systems | linux
MD5 | 914e31cdfa121ea06909d162cee3f66c
NJStar Communicator 3.0 MiniSmtp Buffer Overflow
Posted Dec 3, 2011
Authored by Julian Pulido

NJStar Communicator version 3.0 MiniSmtp buffer overflow exploit with ASLR bypass.

tags | exploit, overflow
advisories | CVE-2011-4040
MD5 | cdaa23e5c55b3137bbe77ae911e28aa9
Secunia Security Advisory 47051
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gjoko Krstic has reported a vulnerability in Hero Framework, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 2f100319b11e69b9ab19dade033cbecb
Secunia Security Advisory 47075
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for BIND in HP-UX. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | hpux
MD5 | 21e958a1642afe9f4503ffb45d0ed896
Secunia Security Advisory 47042
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for cyrus-imapd. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, redhat
MD5 | 3c966d7c8eaa2347ab3831aedc7acff4
Secunia Security Advisory 47050
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for pidgin. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, suse
MD5 | 71a690076d784acf887dd750115b0c69
Secunia Security Advisory 47055
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the PAR-Packer module for Perl, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local, perl
MD5 | 11e7159dfb88c15e26b2796be7c85ca8
Secunia Security Advisory 47084
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the PAR module for Perl, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local, perl
MD5 | a0852fdec4543610221f1ee343cc391c
Secunia Security Advisory 47031
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for openjdk-6. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, and compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, debian
MD5 | b6d7614c4d9f3b51e9f3954ec63e5585
Secunia Security Advisory 47057
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefan Schurtz has discovered a vulnerability in Ariadne, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | f6b1bfd886a1a4e0a161afff299e8073
Secunia Security Advisory 47085
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has reported a vulnerability in HP Device Access Manager for HP ProtectTools, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | a32757f1416fb6e66c7012c26b6ee9ad
Secunia Security Advisory 47011
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered two vulnerabilities in SugarCRM, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 6dff613e9f7f1bae8d7d61a43c2345cb
Firefox CSS :visited Proof Of Concept
Posted Dec 3, 2011
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

This code is a proof of concept that demonstrates history extraction in Firefox through non-destructive cache timing.

tags | exploit, proof of concept
systems | linux
MD5 | 40789638dd11c307730257784d663de0
Nixory Anti-Spyware Tool 1.2.4
Posted Dec 3, 2011
Site nixory.sourceforge.net

Nixory is an innovative, fast, and powerful anti-spyware program, with a user-friendly graphical interface. It protects Mozilla Firefox from dangerous spyware and harmful cookies. Platform independent source tarball.

Changes: Bugfixes for the Internet Explorer scanner were applied and automatic profile detection was improved.
tags | tool
systems | unix
MD5 | 978d7604dbd83b45e127424b473f1f65
HP Device Access Manager Memory Corruption
Posted Dec 3, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

HP Device Access Manager for Protect Tools Information Store versions prior to 6.1.0.1 suffer from a heap memory corruption vulnerability.

tags | exploit
MD5 | 51a4ef47b3e5df801138076acd1aad8e
WSN Classifieds 6.2.12 / 6.2.18 Cross Site Scripting / SQL Injection
Posted Dec 3, 2011
Authored by d3v1l, RandomStorm

WSN Classifieds versions 6.2.12 and 6.2.18 suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | da9c40d0e7215fdd651efb447ef7db39
HideMAC 1.2
Posted Dec 3, 2011
Authored by infodox | Site compsoc.nuigalway.ie

A MAC changing utility that uses both ifconfig and GNU-Macchanger (checks if mac changer exists, if not, uses ifconfig) to spoof ones MAC with a totally random value. Written in Python.

tags | tool, spoof, python
systems | unix
MD5 | cb4a03a3851cd847f91c37c693e96a72
Kayako Fusion Information Disclosure
Posted Dec 3, 2011
Authored by Yuri Goltsev, Alexander Zaitsev | Site ptsecurity.com

Kayako Fusion suffers from an authenticated database information disclosure vulnerability.

tags | advisory, info disclosure
MD5 | b031211fc49b99c16bf56c2f14a6beda
HP Security Bulletin HPSBHF02723 SSRT100536
Posted Dec 3, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF02723 SSRT100536 - A potential security vulnerability has been identified with HP Protect Tools Device Access Manager for Windows. The vulnerability can be remotely exploited to cause execution of arbitrary code or Denial of Service(DoS). Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary
systems | windows
advisories | CVE-2011-4162
MD5 | c2ddf1b8e9b6e54dd6482bef9935e855
Page 1 of 1
Back1Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close