Exploit the possiblities
Showing 1 - 25 of 27 RSS Feed

Files Date: 2011-12-29

Open Source CERT Security Advisory 2011.003
Posted Dec 29, 2011
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

A variety of programming languages suffer from a denial-of-service (DoS) condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms.

tags | advisory
advisories | CVE-2011-4461, CVE-2011-4838, CVE-2011-4885, CVE-2011-4462, CVE-2011-4815
MD5 | 22dd5e111e5c4f6aa908cc54c3e0e83a
HP Security Bulletin HPSBMU02731 SSRT100518
Posted Dec 29, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02731 SSRT100518 - Potential security vulnerabilities have been identified with HP Database Archiving Software. These vulnerabilities could be exploited remotely to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2011-4163, CVE-2011-4164, CVE-2011-4165
MD5 | 5ff8db5eab8775d565444c5b2863a725
Register Plus Redux 3.7.3.1 XSS / SQL Injection / Code Execution
Posted Dec 29, 2011
Authored by MustLive

Register Plus Redux versions 3.7.3.1 and below suffer from cross site scripting, remote SQL injection and code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, sql injection
MD5 | 5854f76518ef7422568805884e91a5f4
Microsoft Security Bulletin Summary For December, 2011
Posted Dec 29, 2011
Site microsoft.com

This bulletin summary lists a Microsoft security bulletin released for December, 2011.

tags | advisory
MD5 | 2d722e7fb08ffd50618692aa92fc2add
HP Security Bulletin HPSBPI02728 SSRT100692 2
Posted Dec 29, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 2 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 2 of this advisory.

tags | advisory
advisories | CVE-2011-4161
MD5 | 258e5d2e4dd64a3681f9370fdf753013
HP Security Bulletin HPSBPI02732 SSRT100435
Posted Dec 29, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02732 SSRT100435 - Potential security vulnerabilities have been identified with HP Managed Printing Administration. These vulnerabilities could be exploited remotely for execution of arbitrary code, directory traversal, creation and deletion of arbitrary files, and unauthorized access to the application database. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2011-4166, CVE-2011-4167, CVE-2011-4168, CVE-2011-4169
MD5 | 732e86404359d73ff7d1bff0b2acf996
Neturf Cross Site Scripting
Posted Dec 29, 2011
Authored by Farbod Mahini | Site h4ckcity.org

Neturf suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8e7c9cc42fdeb6fb44590def0145ed7c
Bugzilla XSS / XSRF / Unauthorized Account Creation
Posted Dec 29, 2011
Site bugzilla.org

Bugzilla versions 2.17.1 to 3.4.12, 3.5.1 to 3.6.6, 3.7.1 to 4.0.2 and 4.1.1 to 4.1.3 suffer from a cross site scripting vulnerability. Versions 2.23.3 to 3.4.12, 3.5.1 to 3.6.6, 3.7.1 to 4.0.2 and 4.1.1 to 4.1.3 suffer from an unauthorized account creation vulnerability. Versions 2.0 to 3.4.12, 3.5.1 to 3.6.6, 3.7.1 to 4.0.2 and 4.1.1 to 4.1.3 suffer from a cross site request forgery vulnerability.

tags | advisory, xss, csrf
advisories | CVE-2011-3657, CVE-2011-3667
MD5 | 50429da124721ab9e6ce0e96e153c916
Winn Guestbook 2.4.8c Cross Site Scripting
Posted Dec 29, 2011
Authored by G13

Winn Guestbook version 2.4.8c suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2011-5026
MD5 | ff167d3c0ec0d45544ea9d72362ea3c3
Red Hat Security Advisory 2011-1854-01
Posted Dec 29, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1854-01 - The krb5-appl packages provide Kerberos-aware telnet, ftp, rcp, rsh, and rlogin clients and servers. Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root. Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package.

tags | advisory, remote, overflow, arbitrary, root
systems | linux, redhat
advisories | CVE-2011-4862
MD5 | 2354bff33b377bbd83053cc59dee5612
Microsoft Security Bulletin Advance Notification For December 2011
Posted Dec 29, 2011
Site microsoft.com

This is an advance notification of a security bulletin that Microsoft is intending to release on December 29th, 2011.

tags | advisory
MD5 | f5295e3927c91021a0baa79cd8d92d84
Akiva Webboard SQL Injection
Posted Dec 29, 2011
Authored by Alexander Fuchs

Akiva Webboard suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | e901117410783dee25d285c35a6863f4
Brute Forcing Wi-Fi Protected Setup
Posted Dec 29, 2011
Authored by Stefan Viehbock

This paper discusses a vulnerability in WPS that allows attackers to recover WPA/WPA2 keys in a matter of hours.

tags | paper, wireless
MD5 | 795e111de4ff159c05752bfb679f8945
Reaver-WPS 1.0
Posted Dec 29, 2011
Authored by Craig Heffner | Site code.google.com

Reaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases. Reaver has been designed to be a robust and practical attack against WPS, and has been tested against a wide variety of access points and WPS implementations. On average Reaver will recover the target AP's plain text WPA/WPA2 passphrase in 4-10 hours, depending on the AP. In practice, it will generally take half this time to guess the correct WPS pin and recover the passphrase.

tags | tool, wireless
systems | unix
MD5 | 7c22180fac128f898c68a8c6b18796f1
Red Hat Security Advisory 2011-1853-01
Posted Dec 29, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1853-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root. Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package.

tags | advisory, remote, overflow, arbitrary, root
systems | linux, redhat
advisories | CVE-2011-4862
MD5 | de1ee424806e54838c4f7f10461aa749
Patator Brute Forcer 0.3
Posted Dec 29, 2011
Authored by Sebastien Macke | Site hsc.fr

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage. When Medusa, Hydra or other brute-force tools fail to do what you want, Patator might be what you need.

tags | tool, cracker
MD5 | 02993a1354fc980e835d40477e8d41fc
Pound Reverse HTTP Proxy 2.6
Posted Dec 29, 2011
Authored by roseg | Site apsis.ch

Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.

Changes: Support for SNI via multiple Cert directives. A pre-defined number of threads for better performance on small hardware. Translation of hexadecimal characters in the URL for pattern matching. Support for a "Disabled" directive in the configuration. More detailed error logging. Allows multiple AddHeader directives.
tags | tool, web
systems | linux
MD5 | 8c913b527332694943c4c67c8f152071
Joomla Simple File Upload 1.3 Remote Code Execution
Posted Dec 29, 2011
Authored by gmda

The Joomla Simple File Upload component version 1.3 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution, file upload
MD5 | 3b32de96b55e075fd3fbccab10f4ec4d
DIY-CMS Blog Mod SQL Injection
Posted Dec 29, 2011
Authored by snup

DIY-CMS Blog suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | da518ab15d4957662c5b0a509e3a90ea
Secunia Security Advisory 46706
Posted Dec 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - mghack has discovered multiple vulnerabilities in e107, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | ef3e3f933fb34c31e321cb695df7baed
Secunia Security Advisory 47361
Posted Dec 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in HP Database Archiving Software, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 683a3d60cde57aa8b3ea6d12205423db
Secunia Security Advisory 47359
Posted Dec 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for krb5. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, redhat
MD5 | 222a3673fa87d6eed58ec53869aba326
Secunia Security Advisory 47357
Posted Dec 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for krb5-appl. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, redhat
MD5 | 794f1f1cf85950dd24317115f5a03bfc
Secunia Security Advisory 47343
Posted Dec 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in CoCSoft Stream Down, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | f00a93e86b625d4c223cf905f285115e
Secunia Security Advisory 46097
Posted Dec 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in the WP Symposium plugin for WordPress, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 0fc5326884941708c3beda158da5964e
Page 1 of 2
Back12Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    5 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close