exploit the possibilities
Showing 1 - 25 of 61 RSS Feed

Files Date: 2012-02-29

Cisco Security Advisory 20120229-cuc
Posted Feb 29, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unity Connection suffers from privilege escalation and denial of service vulnerability. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | cisco
advisories | CVE-2012-0366, CVE-2012-0367
MD5 | 68c27023223083fc31438df0d9cc12db
Mandriva Linux Security Advisory 2012-026
Posted Feb 29, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-026 - Multiple vulnerabilities has been discovered and corrected in postgresql. Permissions on a function called by a trigger are not properly checked. SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate authorities. Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file. This advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.

tags | advisory, arbitrary, spoof, vulnerability
systems | linux, mandriva
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
MD5 | f728f35a754010929427e9f14844f505
Netmechanica NetDecision HTTP Server Denial Of Service
Posted Feb 29, 2012
Authored by Prabhu S Angadi | Site secpod.com

Netmechanica NetDecision HTTP Server version 4.5.1 suffers from a denial of service vulnerability. Proof of concept included.

tags | exploit, web, denial of service, proof of concept
systems | linux
MD5 | e1a7c744b61abe4bd2cd106ed702b736
Cisco Security Advisory 20120229-cius
Posted Feb 29, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Cius Software contains a denial of service vulnerability that could cause the device to stop responding. Devices running Cius Software Versions prior to 9.2(1) SR2 are vulnerable. A remote, unauthenticated attacker could exploit this vulnerability by sending malicious network traffic to affected devices. Cisco has released free software updates that address this vulnerability.

tags | advisory, remote, denial of service
systems | cisco
advisories | CVE-2012-0359
MD5 | bc1eae254a9dc2bf95dea9809ed50608
Dotclear 2.4.1.2 Cross Site Scripting
Posted Feb 29, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

Dotclear version 2.4.1.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2012-1039
MD5 | f4e4d73faf5476faa61daefc13fadf36
Netmechanica NetDecision Traffic Grapher Server Information Disclosure
Posted Feb 29, 2012
Authored by Prabhu S Angadi | Site secpod.com

Netmechanica NetDecision Traffic Grapher Server version 4.5.1 suffers from an information disclosure vulnerability. Proof of concept exploit included.

tags | exploit, proof of concept, info disclosure
systems | linux
MD5 | 9e94fa153cbc3f17e41f22a8b4bd0966
ZipCart 6.x Access Bypass
Posted Feb 29, 2012
Authored by Chris Burgess | Site drupal.org

ZipCart version 6.x suffers from an access bypass vulnerability.

tags | advisory, bypass
MD5 | da0051d73b9160d001bdaafb0d37a99c
Cool Aid 6.x Access Bypass / Cross Site Scripting
Posted Feb 29, 2012
Authored by Ivo Van Geertruyen | Site drupal.org

Cool Aid version 6.x suffers from access bypass and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
MD5 | 0c69121ff538ea7479ed4ea4da7aca8a
Yealink VOIP Phone Cross Site Scripting
Posted Feb 29, 2012
Authored by Narendra Shinde

Yealink VOIP Phone suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-1417
MD5 | 1356c22c62ef3603d02f11bd45485604
ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer Overflow
Posted Feb 29, 2012
Authored by sinn3r, Dmitriy Evdokimov | Site metasploit.com

This Metasploit module exploits a vulnerability found in ASUS Net4Switch's ipswcom.dll ActiveX control. A buffer overflow condition is possible in multiple places all because of the poor use of the CxDbgPrint() function, which allows remote attackers to gain arbitrary code execution under the context of the user.

tags | exploit, remote, overflow, arbitrary, code execution, activex
advisories | OSVDB-79438
MD5 | 89e2542c604e3e6e89bba3b879832ab3
IBM Personal Communications I-Series Buffer Overflow
Posted Feb 29, 2012
Authored by TecR0c | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in IBM Personal Communications I-Series. The issue affects file parsing in which data copied to a location in memory exceeds the size of the reserved destination area. The buffer is located on the runtime program stack. Versions tested: IBM System i Access for Windows V6R1M0 version 06.01.0001.0000a which bundles pcsws.exe version 5090.27271.709.

tags | exploit, overflow
systems | windows
advisories | CVE-2012-0201
MD5 | 2d5f9b10f02a872dad2c7339ae14ed2a
AliveChat Cross Site Scripting
Posted Feb 29, 2012
Authored by Sony

AliveChat suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4a395ee410d43709cec872a5936ab543
WebfolioCMS 1.1.4 Cross Site Request Forgery
Posted Feb 29, 2012
Authored by Ivano Binetti

WebfolioCMS versions 1.1.4 and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 4fdfba972fcd4fb5dec78d96ddf38872
Netmechanica NetDecision Dashboard Server Information Disclosure
Posted Feb 29, 2012
Authored by Prabhu S Angadi | Site secpod.com

Netmechanica NetDecision 4.5.1 Dashboard Server version 1.0 is prone to an information disclosure vulnerability. Proof of concept exploit included.

tags | exploit, proof of concept, info disclosure
systems | linux
MD5 | aab2e7fe9ae81bf198f8ce01cfd7ac3b
Microsoft Internet Explorer 8 Code Execution
Posted Feb 29, 2012
Authored by Ivan Fratric

This is a proof of concept exploit that allows an attacker to execute arbitrary code via vectors involving a dereferenced memory address in Microsoft Internet Explorer 8. It leverages the issue discussed in MS11-081. The exploit is slightly crippled by the author.

tags | exploit, arbitrary, proof of concept
advisories | CVE-2011-1999
MD5 | 019b8a52cdfa45c64282b47a5068cc29
Ubuntu Security Notice USN-1378-1
Posted Feb 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1378-1 - It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. It was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32 characters. If a host name was exactly 32 characters, this issue could be exploited by an attacker to spoof the SSL certificate. This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Various other issues were also addressed.

tags | advisory, spoof
systems | linux, ubuntu
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868, CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
MD5 | c6d497732c221a6c0a60ff2a9ac24a31
Red Hat Security Advisory 2012-0343-01
Posted Feb 29, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0343-01 - The IBM 1.4.2 SR13-FP11 Java release includes the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2011-3389, CVE-2011-3545, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3552, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560
MD5 | f9b74c4612832103615d8a6046b22b51
Ubuntu Security Notice USN-1380-1
Posted Feb 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1380-1 - The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged user could oops the system causing a denial of service. A bug was discovered in the Linux kernel's calculation of OOM (Out of memory) scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-2498, CVE-2011-2518, CVE-2011-4097, CVE-2012-0207, CVE-2011-2498, CVE-2011-2518, CVE-2011-4097, CVE-2012-0207
MD5 | cbf670852c7d33349683932e7de814a5
Ubuntu Security Notice USN-1379-1
Posted Feb 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1379-1 - Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet Group Management Protocol) packets. An unprivileged local user could exploit this flaw to crash the system. A flaw was discovered in the Linux kernel's AppArmor security interface when invalid information was written to it. An unprivileged local user could use this to cause a denial of service on the system. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2011-1927, CVE-2011-0716, CVE-2011-3619, CVE-2011-0716, CVE-2011-1927, CVE-2011-3619
MD5 | ce143cf8b1b8cc8e8cc1bb38636b82a1
Debian Security Advisory 2420-1
Posted Feb 29, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2420-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform.

tags | advisory, java, vulnerability
systems | linux, debian
advisories | CVE-2011-3377, CVE-2011-3563, CVE-2011-5035, CVE-2012-0497, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507
MD5 | 84ac30183d557321f669490dc38a7881
BrewBlogger 2.3.2 CSRF / SQL Injection / Shell Upload
Posted Feb 29, 2012
Authored by KedAns-Dz

BrewBlogger version 2.3.2 suffers from cross site request forgery, shell upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection, csrf
MD5 | 24481cc19b1eeff4a7f132784f17fc27
Oracle Live Help On Demand Webcare Cross Site Scripting
Posted Feb 29, 2012
Authored by Sony

Oracle Live Help On Demand Webcare suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6ee4e4cbe3c323e5762d508dcd67164e
European Central Bank SQL Injection
Posted Feb 29, 2012
Authored by Th4 MasK

European Central Bank suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e38cfcf643b17354b7bf7339863df310
MediaFront 6.x / 7.x Cross Site Scripting
Posted Feb 29, 2012
Authored by Oscar Estepa | Site drupal.org

MediaFront versions 6.x / 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 83c1c9fec0d359bcc14efea81dfd02f2
Bravenet Web Services Cross Site Scripting
Posted Feb 29, 2012
Authored by Sony

Bravenet Web Services suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
MD5 | 309469266cd79bad7f78e411ed1953d9
Page 1 of 3
Back123Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close