Exploit the possiblities
Showing 1 - 25 of 34 RSS Feed

Files Date: 2012-06-18

Squiz CMS 4.6.3 XXE Injection / Cross Site Scripting
Posted Jun 18, 2012
Authored by Nadeem Salim | Site senseofsecurity.com.au

Squiz CMS version 4.6.3 suffers from cross site scripting and XXE injection vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | d37d70f297f2a2b8d25536c00c9d3ad7
Red Hat Security Advisory 2012-0745-01
Posted Jun 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0745-01 - Python is an interpreted, interactive, object-oriented programming language. A denial of service flaw was found in the implementation of associative arrays in Python. An attacker able to supply a large number of inputs to a Python application that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions.

tags | advisory, denial of service, python
systems | linux, redhat
advisories | CVE-2011-4940, CVE-2011-4944, CVE-2012-1150
MD5 | 71ab9ac648077b734a35a8a9ede7ed0e
Red Hat Security Advisory 2012-0744-01
Posted Jun 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0744-01 - Python is an interpreted, interactive, object-oriented programming language. A denial of service flaw was found in the implementation of associative arrays in Python. An attacker able to supply a large number of inputs to a Python application that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions.

tags | advisory, denial of service, python
systems | linux, redhat
advisories | CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, CVE-2012-1150
MD5 | 59ca55e6cc80a57ab0a92fe7138ce424
Red Hat Security Advisory 2012-0743-01
Posted Jun 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0743-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. A buffer overflow flaw was found in the macvtap device driver, used for creating a bridged network between the guest and the host in KVM environments. A privileged guest user in a KVM guest could use this flaw to crash the host. Note: This issue only affected hosts that have the vhost_net module loaded with the experimental_zcopytx module option enabled, and that also have macvtap configured for at least one guest.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2012-0044, CVE-2012-1179, CVE-2012-2119, CVE-2012-2121, CVE-2012-2123, CVE-2012-2136, CVE-2012-2137, CVE-2012-2372, CVE-2012-2373
MD5 | 2db63b5e18312f65ad820bccf0795f8e
Ubuntu Security Notice USN-1478-1
Posted Jun 18, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1478-1 - Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly handled certain malformed DV files. If a user were tricked into opening a crafted DV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 11.10. Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly handled certain malformed NSV files. If a user were tricked into opening a crafted NSV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 11.04 and Ubuntu 11.10. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-3940, CVE-2011-3945, CVE-2011-3947, CVE-2011-3951, CVE-2011-3952, CVE-2011-4031, CVE-2012-0848, CVE-2012-0850, CVE-2012-0851, CVE-2012-0852, CVE-2012-0853, CVE-2012-0858, CVE-2012-0859, CVE-2012-0947, CVE-2011-3929, CVE-2011-3936, CVE-2011-3940, CVE-2011-3945, CVE-2011-3947, CVE-2011-3951, CVE-2011-3952, CVE-2011-4031, CVE-2012-0848, CVE-2012-0850, CVE-2012-0851, CVE-2012-0852, CVE-2012-0853, CVE-2012-0858
MD5 | 829135b137230d4454a357fdca18a6d1
Ubuntu Security Notice USN-1479-1
Posted Jun 18, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1479-1 - Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly handled certain malformed DV files. If a user were tricked into opening a crafted DV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly handled certain malformed NSV files. If a user were tricked into opening a crafted NSV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-3940, CVE-2011-3947, CVE-2011-3951, CVE-2011-3952, CVE-2012-0851, CVE-2012-0852, CVE-2012-0853, CVE-2012-0858, CVE-2012-0859, CVE-2012-0947, CVE-2011-3929, CVE-2011-3936, CVE-2011-3940, CVE-2011-3947, CVE-2011-3951, CVE-2011-3952, CVE-2012-0851, CVE-2012-0852, CVE-2012-0853, CVE-2012-0858, CVE-2012-0859, CVE-2012-0947
MD5 | c2be4d79602dacc52751912f98bc55ef
WordPress Security Fingerprinter 1.0
Posted Jun 18, 2012
Authored by Alberto Fontanella | Site fulgursecurity.com

WordPress Security Fingerprinter is a bash shell script that will enumerate a site for known WordPress vulnerabilities.

tags | tool, shell, scanner, vulnerability, bash
systems | unix
MD5 | af831ca9a8d0e1f39e4905748ccab2ac
WordPress LB Mixed Slideshow 1.0 Shell Upload
Posted Jun 18, 2012
Authored by Sammy FORGIT

WordPress LB Mixed Slideshow plugin version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 56fab83939b920047501b85d8cd4680e
WordPress Famous 2.0.5 Shell Upload
Posted Jun 18, 2012
Authored by Sammy FORGIT

WordPress Famous theme version 2.0.5 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | d80ebc5f5384b71489abee66588431b7
VANA CMS SQL Injection
Posted Jun 18, 2012
Authored by Black Hat Group

VANA CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 38badbb22b37b56ed668fe87cf0d3505
WordPress Lim4wp 1.1.1 Shell Upload
Posted Jun 18, 2012
Authored by Sammy FORGIT

WordPress Lim4wp plugin version 1.1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 321e9a41e6ef32b386bebb6f6b34f537
WordPress Wp-ImageZoom 1.0.3 File Disclosure
Posted Jun 18, 2012
Authored by Sammy FORGIT

WordPress Wp-ImageZoom plugin version 1.03 suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 66a7bf5110dce39d8073b55e9af8065f
WordPress Deep-Blue 1.9.2 Shell Upload
Posted Jun 18, 2012
Authored by Sammy FORGIT

WordPress Deep-Blue theme version 1.9.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | c54dba08e4fb318be12ac89afcf60e77
Bricolage 1.x SQL Injection / Cross Site Scripting
Posted Jun 18, 2012
Authored by r007k17-w

Bricolage version 1.x suffers from persistent cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | ffa42b988c06d4d6f2d9d02e86c82a4c
MyTickets Blind SQL Injection
Posted Jun 18, 2012
Authored by al-swisre

MyTickets versions 1 through 2.0.8 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 74f2543578fb1aa72e0c85cb50517ad1
Total Video Player 1.31 Proof Of Concept
Posted Jun 18, 2012
Authored by 0dem

Total Video Player version 1.31 crash proof of concept denial of service exploit that creates malicious files.

tags | exploit, denial of service, proof of concept
MD5 | 3503b7e865c243e96bcb8c4d05dd8d6f
Secunia Security Advisory 49633
Posted Jun 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-ti-omap4. This fixes multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service), by malicious, local users to gain escalated privileges, and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | 8d01cfe302ccb5b0e2728fdd1b5ae68d
Secunia Security Advisory 49631
Posted Jun 18, 2012
Site secunia.com

Secunia Security Advisory - A security issue has been reported in Symantec LiveUpdate Administrator, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

MD5 | 3534e2cce1f4e9738326bd88f8af5142
Secunia Security Advisory 49631
Posted Jun 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Symantec LiveUpdate Administrator, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
MD5 | 3534e2cce1f4e9738326bd88f8af5142
Secunia Security Advisory 49654
Posted Jun 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Application Server, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 396484d11278ed58af9306a876a72828
Secunia Security Advisory 49231
Posted Jun 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for python-tornado. This fixes a vulnerability, which can be exploited by malicious people to conduct HTTP response splitting attacks in an application using the framework.

tags | advisory, web, python
systems | linux, suse
MD5 | 52011803ac1ec85c832ef098e024d921
Secunia Security Advisory 49610
Posted Jun 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the LB Mixed Slideshow plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 083891c957b50d27a0a93ef7fcc5e20a
Secunia Security Advisory 49209
Posted Jun 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in Samsung AllShare, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | b9fed435f8ffff6b90cf14b9d9a4f14f
Secunia Security Advisory 49555
Posted Jun 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in NOCC, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
MD5 | 2395a5d04df9de4aedbe202ec2a77cf8
Secunia Security Advisory 49632
Posted Jun 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in Innominate mGuard, which can be exploited by malicious people to conduct brute force attacks.

tags | advisory
MD5 | 09eda8fb0509ad5a22952f81e898cd6f
Page 1 of 2
Back12Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close