what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files Date: 2012-01-04

Adobe Reader U3D Memory Corruption
Posted Jan 4, 2012
Authored by jduck, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability in the U3D handling within versions 9.x through 9.4.6 and 10 through to 10.1.1 of Adobe Reader. The vulnerability is due to the use of uninitialized memory. Arbitrary code execution is achieved by embedding specially crafted U3D data into a PDF document. A heap spray via JavaScript is used in order to ensure that the memory used by the invalid pointer issue is controlled.

tags | exploit, arbitrary, javascript, code execution
advisories | CVE-2011-2462, OSVDB-77529
SHA-256 | 958220f3112687e60ccfaeeb8830223cf29aa4ac4c24d29d128ae6cc845d5953
Debian Security Advisory 2380-1
Posted Jan 4, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2380-1 - It was discovered that the foomatic-filters, a support package for setting up printers, allowed authenticated users to submit crafted print jobs which would execute shell commands on the print servers.

tags | advisory, shell
systems | linux, debian
advisories | CVE-2011-2697, CVE-2011-2964
SHA-256 | 8d1c6967c42a4413bb90cb928fabf374654f58608e3beba8949f92912c5d5f31
Debian Security Advisory 2379-1
Posted Jan 4, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2379-1 - It was discovered that the Key Distribution Center (KDC) in Kerberos 5 crashes when processing certain crafted requests.

tags | advisory
systems | linux, debian
advisories | CVE-2011-1528, CVE-2011-1529
SHA-256 | 86c78e53f20e5c9ad7fa89a4bc63ad1c87ac40109a63176b3411ffd508bd3e60
Limny 3.0.1 Cross Site Scripting
Posted Jan 4, 2012
Authored by LiquidWorm | Site zeroscience.mk

Limny version 3.0.1 suffers from a cross site scripting issue in '/admin/login.php' that uses the 'PHP_SELF' variable. The vulnerability is present because there isn't any filtering to the mentioned variable in the affected script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary, php, xss
SHA-256 | 7b6a8335a1f8d7c5654df937e151cca19fb86f683c13b9fd435dbffc83896e41
S.S.T Javascript Keylogger
Posted Jan 4, 2012
Authored by Amir Masoud

S.S.T (Save Typed Text) javascript proof of concept keylogging code.

tags | tool, javascript, sniffer, proof of concept
SHA-256 | 3d93476f79d386daaf0081e819a0e2b9b68992bbd8af9ed271d5b909759e9021
UBB Forum 7.5.6 Cross Site Scripting
Posted Jan 4, 2012
Authored by Sony

UBB Forum version 7.5.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5d1c727c5e1d04f0f5f41c307184a14fec7277c27eed460262a65d9f9b2e6fe1
PHP 4 Hash Collision Proof Of Concept
Posted Jan 4, 2012
Authored by Antoine Santo

PHP 4 hash collision proof of concept code that computes hash values for form parameters.

tags | exploit, php, proof of concept
systems | linux
advisories | CVE-2011-4885
SHA-256 | 3d3bf041251739817bd2e288dbcb0d9939d030c50313a9b6ccde7df5b0e91a31
Orchard 1.3.9 Open Redirection
Posted Jan 4, 2012
Authored by Mesut Timur | Site netsparker.com

Orchard versions 1.3.9 and below suffer from an open redirection vulnerability.

tags | exploit
SHA-256 | 192e9b87eb0aeffabf617ac74724970dbdb7ea6620e725c034bfb05ac253e38e
Typo3 4.5 - 4.7 Code Execution
Posted Jan 4, 2012
Authored by MaXe

Typo3 versions 4.5 through 4.7 suffer from remote code execution vulnerabilities by leveraging local and remote file inclusion.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
SHA-256 | 0bb7898ef5dbe4ce9650e23ee5837592fe177acddbfad98219e5f136d5c68825
immediaC CMS SQL Injection
Posted Jan 4, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

immediaC CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | de38ddf4875c087d196de7705615810d764c73d01b4fe21e2186fe1194209d06
Biz Technologies SQL Injection
Posted Jan 4, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

Biz Technologies suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 49e25ce37e98e84cc037b36ed6912207786b701d154059f8faa9412bdff48831
Ischianelweb SQL Injection
Posted Jan 4, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

Ischianelweb suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 83a08816f523dc6e93174b9603c155aa12d3e1cade79fa3a8fbdb7806f93c9d6
ImpressCMS 1.3 Final Cross Site Scripting / Local File Inclusion
Posted Jan 4, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

ImpressCMS version 1.3 Final suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
SHA-256 | 26e84bfacb999830ae889786b3bb6072cb73e0fd403c3a62ec44f96785279992
Logement Laval SQL Injection
Posted Jan 4, 2012
Authored by Th4 MasK

Logement Laval suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 45780e0ce039a1b53b28eac03f49e5414e048b9551c9aafebbfb1e09226f684f
Mediashaker Blind SQL Injection
Posted Jan 4, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

Mediashaker suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a968bb9e134047e84af855bc1527a5f589e012773e84989f47d97d4b3e6da4fa
EasyWebRealEstate Blind SQL Injection
Posted Jan 4, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

EasyWebRealEstate suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a88bbf00974a79031c65796ed4b2d823e9ca8d145399383d88b9d36e978787b9
Otterware Statit4 Cross Site Scripting
Posted Jan 4, 2012
Authored by Sony

Otterware Statit4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 11a79004188086d90cb187d7bfe126905fcc41f2582bdb519a2e097f5709cef5
Posse Sports SQL Injection
Posted Jan 4, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

Posse Sports suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1fa4eb3b09ffbe04f961aea9b3b369e86519c14382dadef1fb75cb3ecab84494
SyriaNobles SQL Injection
Posted Jan 4, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

SyriaNobles suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e901e4ae859d4a83b3adb388fabcfa98af2d0bc4730e305cf58306680bafbf7b
VLC Media Player 1.1.11 Proof Of Concept
Posted Jan 4, 2012
Authored by Fabi

VLC Media Player version 1.1.11 local crash proof of concept exploit that creates a malicious .amr file.

tags | exploit, denial of service, local, proof of concept
SHA-256 | 3654b16d4f40690e87c6db730f6a6a8e8d68a8e12ea1c3ac542e32750b0de54a
Netcut 2.0 Denial Of Service
Posted Jan 4, 2012
Authored by MaYaSeVeN

Netcut version 2.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | d61c68f9cc4b4fa0d53cf3ce20ab57fd0d8f0db731c6008b6eeac55e089cd632
Textpattern CMS 4.4.1 Cross Site Scripting
Posted Jan 4, 2012
Authored by Jonathan Claudius | Site trustwave.com

Textpattern CMS version 4.4.1 before change set 3612 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2011-5019
SHA-256 | caf423b9229fdd97872243c81b9025070f2924eb3658589f6e7bc52ca6f8921c
Ubuntu Security Notice USN-1317-1
Posted Jan 4, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1317-1 - It was discovered that Ghostscript did not correctly handle memory allocation when parsing certain malformed JPEG-2000 images. If a user or automated system were tricked into opening a specially crafted image, an attacker could cause a denial of service and possibly execute arbitrary code with user privileges. It was discovered that Ghostscript did not correctly handle certain formatting operations when parsing JPEG-2000 images. If a user or automated system were tricked into opening a specially crafted image, an attacker could cause a denial of service and possibly execute arbitrary code with user privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-3520, CVE-2008-3522, CVE-2009-3743, CVE-2010-4054, CVE-2011-4516, CVE-2011-4517
SHA-256 | 1fcf7293472e791a0923b72c104ac27add330ec563ccfa26ed3174c631ebbd57
Guestek / Oneview Wireless Cracker
Posted Jan 4, 2012
Authored by Skraps

Proof of concept WiFi cracking code for Guestek / Oneview systems as found in Extended Stay of America hotels.

tags | cracker, proof of concept
SHA-256 | 2403e22ec2786784417aed238e2d1245788498cd2b5c9c1e8be22ee0466b44eb
Secunia Security Advisory 47372
Posted Jan 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in GraphicsClone Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | f043334f6681398c14d5e5dc2f3250adf42385b10db17543c57c70f78b46fee8
Page 1 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    7 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close