exploit the possibilities
Showing 1 - 24 of 24 RSS Feed

Files Date: 2011-12-03

Ubuntu Security Notice USN-1286-1
Posted Dec 3, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1286-1 - Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2011-2491, CVE-2011-2496, CVE-2011-2517, CVE-2011-2525, CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4326, CVE-2011-4330
SHA-256 | 6043a3fbf2080a512662c349ee447bed0a78df45f28b48e5909b135726bd239e
Indexed Blind SQL Injection
Posted Dec 3, 2011
Authored by gamma95

Whitepaper called Indexed Blind SQL Injection. Time based blind SQL attacks suffer from low bit/request ratios. Each request produces only one valuable bit of information. This paper describes a tweak that produces higher yield at the expense of a longer runtime. Along the way, some issues and notes of applicability are also discussed.

tags | paper, sql injection
SHA-256 | 84e74daa46ea6185f1c1f4ee9764bc2315f2a4cf39e46f8dfcea99039a5ecb21
AlldataSheet Cross Site Scripting
Posted Dec 3, 2011
Authored by 3spi0n

AlldataSheet suffers from a cross site scripting vulnerability in view.jsp.

tags | exploit, xss
SHA-256 | d0be3decf4ecc68139c1346f821272547344f5eaba34924b922e0eb54fcbf721
Avid Media Composer 5.5 - Avid Phonetic Indexer Stack Overflow
Posted Dec 3, 2011
Authored by Nick Freeman | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in process AvidPhoneticIndexer.exe (port 4659), which comes as part of the Avid Media Composer 5.5 Editing Suite. This daemon sometimes starts on a different port; if you start it standalone it will run on port 4660.

tags | exploit, overflow
advisories | OSVDB-77376
SHA-256 | e325ea7c310110db0d0e34758f28771015fc9185c9f35054df350536e370ced2
CCMPlayer 1.5 Stack Buffer Overflow
Posted Dec 3, 2011
Authored by Rh0 | Site metasploit.com

This Metasploit module exploits a stack based buffer overflow in CCMPlayer 1.5. Opening a m3u playlist with a long track name, a SEH exception record can be overwritten with parts of the controllable buffer. SEH execution is triggered after an invalid read of an injectable address, thus allowing arbitrary code execution. This Metasploit module works on multiple Windows platforms including: Windows XP SP3, Windows Vista, and Windows 7.

tags | exploit, overflow, arbitrary, code execution
systems | windows
advisories | OSVDB-77453
SHA-256 | b1838839c525c11d9b53cae384041c70a3a02194b24bf115638e1db8ac88a5f5
Linux/x86-64 execve(/bin/sh) Shellcode
Posted Dec 3, 2011
Authored by X-h4ck

52 bytes small Linux/x86-64 execve(/bin/sh) shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | b085392d44827f904a32929b6caeac38668907ff2075dc9550154ce0ab29c36f
NJStar Communicator 3.0 MiniSmtp Buffer Overflow
Posted Dec 3, 2011
Authored by Julian Pulido

NJStar Communicator version 3.0 MiniSmtp buffer overflow exploit with ASLR bypass.

tags | exploit, overflow
advisories | CVE-2011-4040
SHA-256 | 0b7da0b7c7134272e31478cea7b4b013563a075161c8cc011b32e019d9b3d3de
Secunia Security Advisory 47051
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gjoko Krstic has reported a vulnerability in Hero Framework, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 5b0e412342c8782357b48faac887d0be90519bf791fc1cd4c1a774e2eb1ac41e
Secunia Security Advisory 47075
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for BIND in HP-UX. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | hpux
SHA-256 | 2bc382dd3c689e925b9988b105504a5fec60ca95d2962b9322420c00b8ce671e
Secunia Security Advisory 47042
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for cyrus-imapd. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 5615e5c67e2cd4a947b4f1822d03c2a42699973015b585edaca75b8708ad14f9
Secunia Security Advisory 47050
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for pidgin. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, suse
SHA-256 | 651d4d2e23efb2efa8a5e736c92b46f96cc5212706d59c3faf493f8125968981
Secunia Security Advisory 47055
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the PAR-Packer module for Perl, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local, perl
SHA-256 | 58c6ca20753a25849db339ac22e2ae944747be2205bdbc0a4dafb8a394b7af3c
Secunia Security Advisory 47084
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the PAR module for Perl, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local, perl
SHA-256 | 157e1a4c44fd0b3be7d612004b08d965d9aab3dda90bfebaf990325237997514
Secunia Security Advisory 47031
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for openjdk-6. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, and compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | ffec8379e285615dc2a2aa64f9134e0c26f97f8312def5cff955563ab0199aae
Secunia Security Advisory 47057
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefan Schurtz has discovered a vulnerability in Ariadne, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | aa3749e7b98a5b911f47c4991c8d8829ec6fb476915d007aee972963c0b646b8
Secunia Security Advisory 47085
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has reported a vulnerability in HP Device Access Manager for HP ProtectTools, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 96f5d16f2c555fa2aaa8922f0ad421a720f673c576f9020ae54c09a299518ab4
Secunia Security Advisory 47011
Posted Dec 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered two vulnerabilities in SugarCRM, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 24d31ab9817d1fa934d817d645c04f4bff8788a9329798e6a8627d0d27fba178
Firefox CSS :visited Proof Of Concept
Posted Dec 3, 2011
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

This code is a proof of concept that demonstrates history extraction in Firefox through non-destructive cache timing.

tags | exploit, proof of concept
systems | linux
SHA-256 | cbb18dbf852eed470c1735fe94fe71da7a9d688fa9c6f2a7c8668720d84a7c08
Nixory Anti-Spyware Tool 1.2.4
Posted Dec 3, 2011
Site nixory.sourceforge.net

Nixory is an innovative, fast, and powerful anti-spyware program, with a user-friendly graphical interface. It protects Mozilla Firefox from dangerous spyware and harmful cookies. Platform independent source tarball.

Changes: Bugfixes for the Internet Explorer scanner were applied and automatic profile detection was improved.
tags | tool
systems | unix
SHA-256 | 7868fe33902327ce3a552f50dc3b73cf3b3a2f80765f6d972c0d8cbedad17fc6
HP Device Access Manager Memory Corruption
Posted Dec 3, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

HP Device Access Manager for Protect Tools Information Store versions prior to 6.1.0.1 suffer from a heap memory corruption vulnerability.

tags | exploit
SHA-256 | 8c5130001eada0160e3dd77d56ccf4b9801e81f2792039461e1bebc3eb0b5821
WSN Classifieds 6.2.12 / 6.2.18 Cross Site Scripting / SQL Injection
Posted Dec 3, 2011
Authored by d3v1l, RandomStorm

WSN Classifieds versions 6.2.12 and 6.2.18 suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | ec80bf8c704d3c2fbc67354cdd3cb78d2fa65092e98866d3233b3ed135e38b06
HideMAC 1.2
Posted Dec 3, 2011
Authored by infodox | Site compsoc.nuigalway.ie

A MAC changing utility that uses both ifconfig and GNU-Macchanger (checks if mac changer exists, if not, uses ifconfig) to spoof ones MAC with a totally random value. Written in Python.

tags | tool, spoof, python
systems | unix
SHA-256 | be6130bf64c1b4bd8dff08738fd95e00e2600a3558797364ad485593266a1157
Kayako Fusion Information Disclosure
Posted Dec 3, 2011
Authored by Yuri Goltsev, Alexander Zaitsev | Site ptsecurity.com

Kayako Fusion suffers from an authenticated database information disclosure vulnerability.

tags | advisory, info disclosure
SHA-256 | cc1dab82ec0f475319794b7ce744899d7353c572499294e47c04bbaeb46a0e73
HP Security Bulletin HPSBHF02723 SSRT100536
Posted Dec 3, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF02723 SSRT100536 - A potential security vulnerability has been identified with HP Protect Tools Device Access Manager for Windows. The vulnerability can be remotely exploited to cause execution of arbitrary code or Denial of Service(DoS). Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary
systems | windows
advisories | CVE-2011-4162
SHA-256 | 1c3e885e054278ea06a9eb7a42554c3dffc46b649801638b333a7dffdedb41d8
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close