exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 61 RSS Feed

Files Date: 2012-02-29

Cisco Security Advisory 20120229-cuc
Posted Feb 29, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unity Connection suffers from privilege escalation and denial of service vulnerability. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | cisco
advisories | CVE-2012-0366, CVE-2012-0367
SHA-256 | d92d9b14e9a4b27d2110450fc1e22d5c701454277099f0a6e84388632eb60a92
Mandriva Linux Security Advisory 2012-026
Posted Feb 29, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-026 - Multiple vulnerabilities has been discovered and corrected in postgresql. Permissions on a function called by a trigger are not properly checked. SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate authorities. Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file. This advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.

tags | advisory, arbitrary, spoof, vulnerability
systems | linux, mandriva
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
SHA-256 | 58823cceba466692ad13c21cdfd598a07b7adba85c277925ad3952248d6683a2
Netmechanica NetDecision HTTP Server Denial Of Service
Posted Feb 29, 2012
Authored by Prabhu S Angadi | Site secpod.com

Netmechanica NetDecision HTTP Server version 4.5.1 suffers from a denial of service vulnerability. Proof of concept included.

tags | exploit, web, denial of service, proof of concept
systems | linux
SHA-256 | ca7ef23ba9cddc766da91fa094b455ac195767a04b5de95766cd28f60896aac8
Cisco Security Advisory 20120229-cius
Posted Feb 29, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Cius Software contains a denial of service vulnerability that could cause the device to stop responding. Devices running Cius Software Versions prior to 9.2(1) SR2 are vulnerable. A remote, unauthenticated attacker could exploit this vulnerability by sending malicious network traffic to affected devices. Cisco has released free software updates that address this vulnerability.

tags | advisory, remote, denial of service
systems | cisco
advisories | CVE-2012-0359
SHA-256 | fd010e4e40e30827b02ebca240977bc17896e8c204fb1121463994ac1d278c59
Dotclear 2.4.1.2 Cross Site Scripting
Posted Feb 29, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

Dotclear version 2.4.1.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2012-1039
SHA-256 | 1633e6f76281da7b22a07b63915222b61722ccb291e2995dfcf8a370d633aecc
Netmechanica NetDecision Traffic Grapher Server Information Disclosure
Posted Feb 29, 2012
Authored by Prabhu S Angadi | Site secpod.com

Netmechanica NetDecision Traffic Grapher Server version 4.5.1 suffers from an information disclosure vulnerability. Proof of concept exploit included.

tags | exploit, proof of concept, info disclosure
systems | linux
SHA-256 | 4f4a2b5632ea55b2d28166670eeaf8ab65b35106db8518ff6257c36d4a0c1575
ZipCart 6.x Access Bypass
Posted Feb 29, 2012
Authored by Chris Burgess | Site drupal.org

ZipCart version 6.x suffers from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | 0e9f709682d4ce2cc90cfcee885a9245af53e3bf08a6c86a5d9e2949587d7bc2
Cool Aid 6.x Access Bypass / Cross Site Scripting
Posted Feb 29, 2012
Authored by Ivo Van Geertruyen | Site drupal.org

Cool Aid version 6.x suffers from access bypass and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | ceaebd230146d69ac1a7302356242e64c1ac00d8647db62d251525c7328404fd
Yealink VOIP Phone Cross Site Scripting
Posted Feb 29, 2012
Authored by Narendra Shinde

Yealink VOIP Phone suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-1417
SHA-256 | 1c5d7a80bb2cf3d1f660ade3a9a696b35ca2ec64015f60892c18290b1f7c608c
ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer Overflow
Posted Feb 29, 2012
Authored by sinn3r, Dmitriy Evdokimov | Site metasploit.com

This Metasploit module exploits a vulnerability found in ASUS Net4Switch's ipswcom.dll ActiveX control. A buffer overflow condition is possible in multiple places all because of the poor use of the CxDbgPrint() function, which allows remote attackers to gain arbitrary code execution under the context of the user.

tags | exploit, remote, overflow, arbitrary, code execution, activex
advisories | OSVDB-79438
SHA-256 | 5a0d5660197cc09bd3b197a510a2691b26d23e0b9efcd8f318ca25b4b430ea47
IBM Personal Communications I-Series Buffer Overflow
Posted Feb 29, 2012
Authored by TecR0c | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in IBM Personal Communications I-Series. The issue affects file parsing in which data copied to a location in memory exceeds the size of the reserved destination area. The buffer is located on the runtime program stack. Versions tested: IBM System i Access for Windows V6R1M0 version 06.01.0001.0000a which bundles pcsws.exe version 5090.27271.709.

tags | exploit, overflow
systems | windows
advisories | CVE-2012-0201
SHA-256 | 466e2459c3b7c7835607910609c5997d620ec132852f11a98e5e4ee4f42e0214
AliveChat Cross Site Scripting
Posted Feb 29, 2012
Authored by Sony

AliveChat suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3ba907a2a1ddde8f9eeafe44610f701ec4c866da849c021d82239b377383029d
WebfolioCMS 1.1.4 Cross Site Request Forgery
Posted Feb 29, 2012
Authored by Ivano Binetti

WebfolioCMS versions 1.1.4 and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 0849389ad4d6fe3af34e505d20e49d82b9c9e5c38b3487cb54bffc1e05aee6f1
Netmechanica NetDecision Dashboard Server Information Disclosure
Posted Feb 29, 2012
Authored by Prabhu S Angadi | Site secpod.com

Netmechanica NetDecision 4.5.1 Dashboard Server version 1.0 is prone to an information disclosure vulnerability. Proof of concept exploit included.

tags | exploit, proof of concept, info disclosure
systems | linux
SHA-256 | 9e78999e2f80125d161a1e724c61cc2d21074ece71a296f2bd0eb7164fdb24ce
Microsoft Internet Explorer 8 Code Execution
Posted Feb 29, 2012
Authored by Ivan Fratric

This is a proof of concept exploit that allows an attacker to execute arbitrary code via vectors involving a dereferenced memory address in Microsoft Internet Explorer 8. It leverages the issue discussed in MS11-081. The exploit is slightly crippled by the author.

tags | exploit, arbitrary, proof of concept
advisories | CVE-2011-1999
SHA-256 | 31cef28f3ae91f47c652ada6f2b786f3ba4d464050c6d2c3cfd46b5a0f99df82
Ubuntu Security Notice USN-1378-1
Posted Feb 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1378-1 - It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. It was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32 characters. If a host name was exactly 32 characters, this issue could be exploited by an attacker to spoof the SSL certificate. This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Various other issues were also addressed.

tags | advisory, spoof
systems | linux, ubuntu
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868, CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
SHA-256 | 15354f617687e5b1aa22fb70189dc40c214e0a0db7ca57569398efa37eb20a24
Red Hat Security Advisory 2012-0343-01
Posted Feb 29, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0343-01 - The IBM 1.4.2 SR13-FP11 Java release includes the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2011-3389, CVE-2011-3545, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3552, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560
SHA-256 | 016430a2d87fdded37d3c1af086eef2cd6dd0762d89388c1ddf19287ce40fc47
Ubuntu Security Notice USN-1380-1
Posted Feb 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1380-1 - The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged user could oops the system causing a denial of service. A bug was discovered in the Linux kernel's calculation of OOM (Out of memory) scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-2498, CVE-2011-2518, CVE-2011-4097, CVE-2012-0207, CVE-2011-2498, CVE-2011-2518, CVE-2011-4097, CVE-2012-0207
SHA-256 | 75b2e946d5ac4bde2cd9ccb2f923e5ac56c71eccf01382aa1830ca8d92bf01c6
Ubuntu Security Notice USN-1379-1
Posted Feb 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1379-1 - Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet Group Management Protocol) packets. An unprivileged local user could exploit this flaw to crash the system. A flaw was discovered in the Linux kernel's AppArmor security interface when invalid information was written to it. An unprivileged local user could use this to cause a denial of service on the system. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2011-1927, CVE-2011-0716, CVE-2011-3619, CVE-2011-0716, CVE-2011-1927, CVE-2011-3619
SHA-256 | d97988a146bf536d15292678f886a31e40031833fe724ea17074beea34a4a56a
Debian Security Advisory 2420-1
Posted Feb 29, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2420-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform.

tags | advisory, java, vulnerability
systems | linux, debian
advisories | CVE-2011-3377, CVE-2011-3563, CVE-2011-5035, CVE-2012-0497, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507
SHA-256 | fa1b83bdce1c8a57ecb30bfd91b17d3c396d3e17e373a4a5a9bbff32d14720f2
BrewBlogger 2.3.2 CSRF / SQL Injection / Shell Upload
Posted Feb 29, 2012
Authored by KedAns-Dz

BrewBlogger version 2.3.2 suffers from cross site request forgery, shell upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection, csrf
SHA-256 | 674b26c64d971b9a144e02536d38c471153b34e1b24f8b7e3dc3d6f7ef29a66b
Oracle Live Help On Demand Webcare Cross Site Scripting
Posted Feb 29, 2012
Authored by Sony

Oracle Live Help On Demand Webcare suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7e4f2111017c66130c9ae165a74c12a728cbd0c8a2ff74c16cbbac908f8ac1a3
European Central Bank SQL Injection
Posted Feb 29, 2012
Authored by Th4 MasK

European Central Bank suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 10f0d549cf310d858a1b2e73ce8e57e3f013bbc82d4cf188d703935ff27417d3
MediaFront 6.x / 7.x Cross Site Scripting
Posted Feb 29, 2012
Authored by Oscar Estepa | Site drupal.org

MediaFront versions 6.x / 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | a63b9fbc20dc44405b79e7f717e234f5e14aec187385aa611dc39a17d0ed1753
Bravenet Web Services Cross Site Scripting
Posted Feb 29, 2012
Authored by Sony

Bravenet Web Services suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
SHA-256 | 13e0082063b74510016efa214322429d1ea204a41d51404d33e56e83e8b7b8b1
Page 1 of 3
Back123Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close