Exploit the possiblities
Showing 1 - 25 of 1,192 RSS Feed

Files Date: 2012-06-01 to 2012-06-30

Hewlett-Packard Data Protector DtbClsAddObject Parsing Remote Code Execution
Posted Jun 29, 2012
Authored by Aaron Portnoy, HP DVLabs | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dpwintdb.exe process which listens by default on TCP port 3817. When parsing data within a DtbClsAddObject request, the process copies data from the network into a fixed-length buffer on the stack via an unchecked loop. This can be leveraged by attackers to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
advisories | CVE-2012-0123
MD5 | 8b4e4aaf4e7294a8c074fea60783bf0c
Debian Security Advisory 2505-1
Posted Jun 29, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2505-1 - An XML External Entities inclusion vulnerability was discovered in Zend Framework, a PHP library. This vulnerability may allow attackers to access to local files, depending on how the framework is used.

tags | advisory, local, php
systems | linux, debian
advisories | CVE-2012-3363
MD5 | 0a5213fc1f3b5b1fc91375c0a200f38c
Ubuntu Security Notice USN-1493-1
Posted Jun 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1493-1 - Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system privileges.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-2313, CVE-2012-2319, CVE-2012-2313, CVE-2012-2319
MD5 | bf6449c596cf1ab53e772b60c78e04b1
Ubuntu Security Notice USN-1492-1
Posted Jun 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1492-1 - Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system privileges.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-2313, CVE-2012-2319, CVE-2012-2313, CVE-2012-2319
MD5 | e3416ef44d69c9327f96cc156a37ac67
Ubuntu Security Notice USN-1491-1
Posted Jun 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1491-1 - Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system privileges.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-2313, CVE-2012-2319, CVE-2012-2313, CVE-2012-2319
MD5 | a9423ad3a665e67573606b17539a986d
Ubuntu Security Notice USN-1490-1
Posted Jun 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1490-1 - Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system privileges. A flaw was discovered in the Linux kernel's NFSv4 (Network file system) handling of ACLs (access control lists). A remote NFS server (attacker) could cause a denial of service (OOPS). Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-2313, CVE-2012-2319, CVE-2012-2375, CVE-2012-2313, CVE-2012-2319, CVE-2012-2375
MD5 | d250ad71b1303bab568b80c02ec4fc58
Ubuntu Security Notice USN-1489-1
Posted Jun 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1489-1 - A flaw was discovered in the Linux kernel's NFSv4 (Network file system) handling of ACLs (access control lists). A remote NFS server (attacker) could cause a denial of service (OOPS).

tags | advisory, remote, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2012-2375
MD5 | f856e3333d817f1ecc95fb1c4b614358
Ubuntu Security Notice USN-1488-1
Posted Jun 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1488-1 - Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system privileges. A flaw was discovered in the Linux kernel's NFSv4 (Network file system) handling of ACLs (access control lists). A remote NFS server (attacker) could cause a denial of service (OOPS). Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-2313, CVE-2012-2319, CVE-2012-2375, CVE-2012-2313, CVE-2012-2319, CVE-2012-2375
MD5 | 6e62b2d47a5005585db88c7c3e3edfaa
Ubuntu Security Notice USN-1487-1
Posted Jun 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1487-1 - A flaw was discovered in the Linux kernel's NFSv4 (Network file system) handling of ACLs (access control lists). A remote NFS server (attacker) could cause a denial of service (OOPS).

tags | advisory, remote, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2012-2375
MD5 | 99260c830c3cbd112412195c96d933f9
Ubuntu Security Notice USN-1486-1
Posted Jun 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1486-1 - A flaw was discovered in the Linux kernel's NFSv4 (Network file system) handling of ACLs (access control lists). A remote NFS server (attacker) could cause a denial of service (OOPS).

tags | advisory, remote, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2012-2375
MD5 | dbc613fffedad2fae938c6159db01d15
GIMP 2.8.0 Denial Of Service
Posted Jun 29, 2012
Authored by Joseph Sheridan | Site reactionpenetrationtesting.co.uk

There is a file handling denial of service in GIMP (the GNU Image Manipulation Program) for the 'fit' file format affecting all versions (Windows and Linux) up to 2.8.0. A file in the fit format with a malformed 'XTENSION' header will cause a crash in the GIMP program. The flaw is triggered by opening a crafted 'fit' file or allowing the file explorer dialog to preview the file. Proof of concept included.

tags | exploit, denial of service, proof of concept
systems | linux, windows
advisories | CVE-2012-3236
MD5 | 9010e4009599ecb23e4c8ad1ffbd2957
Irfanview Plugins 4.33 Overflow
Posted Jun 29, 2012
Authored by Joseph Sheridan | Site reactionpenetrationtesting.co.uk

IrfanView Formats PlugIn is prone to an overflow condition. The JLS Plugin (jpeg_ls.dll) library fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted JLS compressed image file, a context-dependent attacker could potentially execute arbitrary code. Proof of concept included. Irfanview Plugins version 4.33 is affected.

tags | exploit, overflow, arbitrary, proof of concept
systems | linux
advisories | CVE-2012-3585
MD5 | 19e2303aec22265a732c54a7f34abcc2
PHP Money Books 1.03 Stored Cross Site Scripting
Posted Jun 29, 2012
Authored by chap0

PHP Money Books version 1.03 suffers from stored cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
MD5 | 6b9da8d5a40f04f97fe6b20d8004ee1c
PC Tools Firewall Plus 7.0.0.123 Denial Of Service
Posted Jun 29, 2012
Authored by 0in

PC Tools Firewall Plus version 7.0.0.123 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | f6bac6e8c2b376f4ac64e15640be62af
SpecView 2.5 Build 853 Directory Traversal
Posted Jun 29, 2012
Authored by Luigi Auriemma | Site aluigi.org

SpecView versions 2.5 build 853 and below suffer from a remote directory traversal vulnerability.

tags | exploit, remote
MD5 | 9eef6ed8841e3f517eb5b136c095b3a7
PowerNet Twin Client 8.9 Stack Overflow
Posted Jun 29, 2012
Authored by Luigi Auriemma | Site aluigi.org

PowerNet Twin Client versions 8.9 and below suffer from a stack overflow vulnerability.

tags | exploit, overflow
systems | linux
MD5 | db43fc66775afd6136a274f67c10fd8e
Apple QuickTime TeXML Stack Buffer Overflow
Posted Jun 29, 2012
Authored by sinn3r, Alexander Gavrun, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in Apple QuickTime. When handling a TeXML file, it is possible to trigger a stack-based buffer overflow, and then gain arbitrary code execution under the context of the user. The flaw is generally known as a bug while processing the 'transform' attribute, however, that attack vector seems to only cause a TerminateProcess call due to a corrupt stack cookie, and more data will only trigger a warning about the malformed XML file. This Metasploit module exploits the 'color' value instead, which accomplishes the same thing.

tags | exploit, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2012-0663, OSVDB-81934
MD5 | 85791f9a94c2dae702f38a6997745009
Openfire Admin Console Authentication Bypass
Posted Jun 29, 2012
Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in the administration console of Openfire servers. By using this vulnerability it is possible to upload/execute a malicious Openfire plugin on the server and execute arbitrary Java code. This Metasploit module has been tested against Openfire 3.6.0a. It is possible to remove the uploaded plugin after execution, however this might turn the server in some kind of unstable state, making re-exploitation difficult. You might want to do this manually.

tags | exploit, java, arbitrary, bypass
advisories | CVE-2008-6508, OSVDB-49663
MD5 | 99330c91d94ab9d7d7a596c52a05bf81
Lefigaro.fr Cross Site Scripting
Posted Jun 29, 2012
Authored by Th4 MasK

Lefigaro.fr suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6e8faccef683616e3637eedc903627c3
Internet Mobile Denial Of Service
Posted Jun 29, 2012
Authored by Dark-Puzzle

Internet Mobile suffers from a denial of service vulnerability that triggers an exception handler. Post exploitation the program must be reinstalled.

tags | exploit, denial of service
MD5 | 010b98b6e1dc049e70e99de23d774cfa
Hi-Media SQL Injection
Posted Jun 29, 2012
Authored by Mr.XpR

Hi-media suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 281c483dd8dcbac87a20b8c7c19321b0
B2CPrint Remote Shell Upload
Posted Jun 29, 2012
Authored by Mr.XpR

B2CPrint suffers from a remote ASP shell upload vulnerability.

tags | exploit, remote, shell, asp
MD5 | f5aa295b7d93548e976624a7ec2ec038
Kongregate.com Cross Site Scripting
Posted Jun 29, 2012
Authored by Th4 MasK

Kongregate.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5688558ef751c18e93484ecb651f6e7e
Ghana50.gov.gh Cross Site Scripting
Posted Jun 29, 2012
Authored by Th4 MasK

Ghana50.gov.gh suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 177a35367f04bee3be38baeec9dde872
Secunia Security Advisory 49755
Posted Jun 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM Support Assistant, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.

tags | advisory, vulnerability, xss
MD5 | 6aff83caac3b3ed4e494610163f9b5a1
Page 1 of 48
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    10 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close