exploit the possibilities
Showing 1 - 25 of 37 RSS Feed

Files Date: 2012-03-02

Debian Security Advisory 2423-1
Posted Mar 2, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2423-1 - Several vulnerabilities were discovered in Movable Type, a blogging system.

tags | advisory, vulnerability
systems | linux, debian
MD5 | ff30cb36b25932f245d8115b00acea6c
SourceForge.net Cross Site Scripting
Posted Mar 2, 2012
Authored by Sony

SourceForge suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 03ecd0c7658fc5b595fdfe55654d699f
Refinery CMS Cross Site Scripting
Posted Mar 2, 2012
Authored by d4g4

Refinery CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3ad2e26ab4c5bfb7e55e744d5ba84adf
Drupal CMS 7.12 Cross Site Request Forgery
Posted Mar 2, 2012
Authored by Ivano Binetti

Drupal CMS version 7.12 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 624cc16af3f882c63334256d25a4f257
Photobucket Cross Site Scripting
Posted Mar 2, 2012
Authored by Sony

Photobucket suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 472adf18253f4e1dc43883f5b30aa3db
KoolUploader Shell Upload
Posted Mar 2, 2012
Authored by Daniel Godoy

KoolUploader suffers from a shell upload vulnerability.

tags | exploit, shell
MD5 | 80dc1d392a62c732472e300802bed7e8
09so Cross Site Scripting
Posted Mar 2, 2012
Authored by Th4 MasK

09so suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b31ab1457270d53b78be35b3e81f3d5d
2Creation SQL Injection
Posted Mar 2, 2012
Authored by Th4 MasK

2Creation suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3009f479d23fdf7b646bfdd1d368c89a
Secunia Security Advisory 47382
Posted Mar 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Russ McRee has discovered a vulnerability in Redaxscript, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 2329672750c3485ee92684b0b561398d
Secunia Security Advisory 48216
Posted Mar 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM Tivoli Provisioning Manager Express for Software Distribution, which can be exploited by malicious people to conduct SQL injection attacks and compromise a user's system.

tags | advisory, vulnerability, sql injection
MD5 | 47c324536873d6c3e754c41d1d3ba63c
Secunia Security Advisory 48243
Posted Mar 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libvorbis. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, suse
MD5 | 951a629d8f45c1197a0cdb6fe42c0b58
Secunia Security Advisory 48227
Posted Mar 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in CMS Builder, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | dd8e131a6a82cb10536c33975f58809b
Secunia Security Advisory 48221
Posted Mar 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Benjamin Kunz Mejri has discovered multiple vulnerabilities in LDAP Account Manager Pro, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 78dbfc8a334b27c3cd0e1e5800403d4c
Secunia Security Advisory 48241
Posted Mar 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Ruby on Rails, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, ruby
MD5 | 3fe8e95347f131d8cb808023a5f26f5f
Secunia Security Advisory 48242
Posted Mar 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for ubuntuone-couch. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, ubuntu
MD5 | beb5e6a3fbc9a132f1cfe1d59f0f214a
DJ Studio Pro 5.1 .pls Stack Buffer Overflow
Posted Mar 2, 2012
Authored by Sebastien Duquette | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in DJ Studio Pro 5.1.6.5.2. When handling a .pls file, DJ Studio will copy the user-supplied data on the stack without any proper bounds checking done beforehand, therefore allowing code execution under the context of the user.

tags | exploit, overflow, code execution
advisories | CVE-2009-4656, OSVDB-58159
MD5 | d794d7da1e3203ab56aa48c0ec6655f0
Endian UTM Firewall 2.4.x / 2.5.0 CSRF / XSS
Posted Mar 2, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Endian UTM Firewall versions 2.4.x and 2.5.0 suffer from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | ca055aa54f5884ba08c7f46de1dbfc51
LDAP Account Manager Pro 3.6 Cross Site Scripting
Posted Mar 2, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

LDAP Account Manager Pro version 3.6 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | d32f4efec6b548c33f3bbc8cff340388
httpry Specialized HTTP Packet Sniffer 0.1.7
Posted Mar 2, 2012
Authored by Dumpster Keeper | Site dumpsterventures.com

httpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications. It does not display the raw HTTP data transferred, but instead focuses on parsing and displaying the request/response line along with associated header fields.

Changes: This release brings substantial improvements to some existing features. First, IPv6 parsing can now follow extension headers that are present in the captured packets. Second, the rate statistics code has been substantially overhauled to handle an arbitrary number of hosts, along with a couple of additional switches for controlling behavior. Additionally, this release fixes compiling on Mac OS X and adds an optional switch to specify the PID filename.
tags | tool, web, sniffer
systems | unix
MD5 | ee7f9b766adbf22facfc2f98a908de67
FlashFXP 4.1.8.1701 Buffer Overflow
Posted Mar 2, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

FlashFXP version 4.1.8.1701 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 4204668d890c2ac1d194891c9ede418c
phxEventManager 2.0 Beta 5 SQL Injection
Posted Mar 2, 2012
Authored by skys

phxEventManager version 2.0 beta 5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d2f78325bf57125f3d29b371db444c92
Mandriva Linux Security Advisory 2012-028
Posted Mar 2, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-028 - libxslt allows remote attackers to cause a denial of service via unspecified vectors. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-3970
MD5 | e5ce855d1687b172c2a8088fc9f83445
Ubuntu Security Notice USN-1373-2
Posted Mar 2, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1373-2 - USN 1373-1 fixed vulnerabilities in OpenJDK 6 in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04 for all architectures except for ARM (armel). This provides the corresponding OpenJDK 6 update for use with the ARM (armel) architecture in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-5035, CVE-2011-3563, CVE-2012-0497, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507, CVE-2011-3563, CVE-2011-5035, CVE-2012-0497, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507
MD5 | d4e6e3c3acb6cfbe9b5a4bd26750b228
Red Hat Security Advisory 2012-0345-02
Posted Mar 2, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0345-02 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. It was found that JBoss Web did not handle large numbers of parameters and large parameter values efficiently. A remote attacker could make JBoss Web use an excessive amount of CPU time by sending an HTTP request containing a large number of parameters or large parameter values. This update introduces limits on the number of parameters and headers processed per request to address this issue. The default limit is 512 for parameters and 128 for headers. These defaults can be changed by setting the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties in "jboss-as/server/[PROFILE]/deploy/properties-service.xml".

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2012-0022
MD5 | 12c0d0eedbc5e7f69fb65870542445dd
Ubuntu Security Notice USN-1381-1
Posted Mar 2, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1381-1 - It was discovered that Ubuntu One Couch did not perform any server certificate validation when using HTTPS connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to alter or compromise confidential information.

tags | advisory, remote, web
systems | linux, ubuntu
MD5 | 19e4e157a54a9947911dd5f29a8223e7
Page 1 of 2
Back12Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    3 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close