Twenty Year Anniversary
Showing 1 - 25 of 64 RSS Feed

Files Date: 2012-08-29

Endonesia 8.5 CMS Publisher Module SQL Injection
Posted Aug 29, 2012
Authored by Crim3R

Endonesia 8.5 CMS publisher module suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 125ced50bcbab35700cdbb483721f58d
squidGuard 1.4 Denial Of Service
Posted Aug 29, 2012
Authored by Stefan Bauer

squidGuard version 1.4 may suffer from a denial of service vulnerability when fed a long URL.

tags | exploit, denial of service
MD5 | 158763f39298913d91bb5c4e83c5ed68
Winlog Lite SCADA HMI System 2.06.17 SEH Overwrite
Posted Aug 29, 2012
Authored by Ciph3r

Winlog Lite SCADA HMI system version 2.06.17 suffers from a SEH overwrite vulnerability.

tags | exploit
MD5 | 0835ef58aed4416b07d9dcc746c517af
YourOnlineAgents CMS Blind SQL Injection
Posted Aug 29, 2012
Authored by Crim3R

YourOnlineAgents CMS suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1a7d09449f9ee96fa546e9840e69de60
Rudimentary Runtracer For Windows 7
Posted Aug 29, 2012
Authored by JODE | Site nsense.net

This is a rudimentary runtracer for Windows 7 on x86 (ASLR resilient).

tags | x86
systems | windows, 7
MD5 | 352a3526fd4ae1480860ad14025a617c
iSolution CMS SQL Injection
Posted Aug 29, 2012
Authored by Crim3R

iSolution CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | 664709b04ba62b1388d758ee6d552fb5
Disqus Blog Comments SQL Injection
Posted Aug 29, 2012
Authored by Spy_w4r3

Disqus Blog Comments suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b4c0439a5065fb9c9c9390c8befd79dc
WordPress HD Webplayer 1.1 SQL Injection
Posted Aug 29, 2012
Authored by JoinSe7en

WordPress HD Webplayer version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 97544f42d269bb7c551419b6ae7b6931
Mandriva Linux Security Advisory 2012-147
Posted Aug 29, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-147 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. Security researcher Abhishek Arya of Google Chrome Security Team discovered a series of use-after-free issues using the Address Sanitizer tool. Many of these issues are potentially exploitable, allowing for remote code execution. Security researcher Mariusz Mlynski reported that it is possible to shadow the location object using Object.defineProperty. This could be used to confuse the current location to plugins, allowing for possible cross-site scripting attacks. Various other vulnerabilities were also addressed.

tags | advisory, remote, arbitrary, vulnerability, code execution, xss
systems | linux, mandriva
advisories | CVE-2012-1956, CVE-2012-1970, CVE-2012-1971, CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956, CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960, CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964, CVE-2012-3966, CVE-2012-3967, CVE-2012-3968, CVE-2012-3969, CVE-2012-3970, CVE-2012-3971, CVE-2012-3972, CVE-2012-3974, CVE-2012-3975, CVE-2012-3978, CVE-2012-3980
MD5 | 7721451d529b1ae5a3c50b31422b2423
Zero Day Initiative Advisory 12-182
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-182 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC ApplicationXtender. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WxSuperCtrl650.ocx ActiveX control. By manipulating a combination of the DisplayImageFile, AnnoLoad and AnnoSave methods, the vulnerable AnnoSave() method can enable an attacker to save arbitrary files inside arbitrary locations. The attacker is able to control the file extension and the creation path via a directory traversal issue. An attacker can leverage this vulnerability to execute code under the context of the process.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2012-2289
MD5 | ad5a7ee4b1191b037a60920e83550394
Zero Day Initiative Advisory 12-181
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-181 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins as well as the Microsoft Windows spooler service. When handling certain requests the client-file-name parameter is improperly copied to a local stack buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM.

tags | advisory, remote, arbitrary, local, activex
systems | windows
advisories | CVE-2011-4186
MD5 | df64ac3cc732a46a7daea33b76ce9554
Zero Day Initiative Advisory 12-180
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-180 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Admin Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ISGrid.dll ActiveX control. The process performs insufficient bounds checking on user-supplied data passed in the DoFindReplace() method which results in heap corruption. This vulnerability can be leveraged to execute code under the context of the process.

tags | advisory, remote, arbitrary, activex
MD5 | b7dfbc22ec5b459a2bb61c0c4c715048
Zero Day Initiative Advisory 12-179
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-179 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC ApplicationXtender. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AEXView.ocx ActiveX control. By manipulating a combination of the DisplayImageFile, AnnoLoad and AnnoSave methods, the vulnerable AnnoSave() method can enable an attacker to save arbitrary files in arbitrary locations. The attacker is able to control the file extension and the creation path via a directory traversal issue. An attacker can leverage this vulnerability to execute code under the context of the process.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2012-2289
MD5 | 6e275d5c3a1df639b7e1d8181951bc1a
Zero Day Initiative Advisory 12-178
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-178 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is update() which allows an unauthenticated user to update the admin credentials. This can lead to remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, code execution
MD5 | b9f52292a3fd95040a5ccc8eb25f3358
Zero Day Initiative Advisory 12-177
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-177 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is loadFileContent() which will return the content of any local file on the server including the configuration files containing password information. This can lead to remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, local, code execution
MD5 | 169f055a50ca57dcdda43598477f0061
Zero Day Initiative Advisory 12-176
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-176 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is getFileInternal() which will return the content of any local file on the server including the configuration files containing password information. This can lead to remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, local, code execution
MD5 | 9dfdbb6d27a0a073d5e24e620812064f
Zero Day Initiative Advisory 12-175
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-175 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is create() which allows unauthenticated user to create a new user account for the service. This account has access to an DownloadFilesHandler which contains a flaw that allows you to download any file from the server including the server configuration files that contains the admin credentials. This can lead to remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, code execution
MD5 | 6235aa1c44a61837d722dafdd1464128
Zero Day Initiative Advisory 12-174
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-174 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw is a directory traversal in the UploadFilesHandler url that allows you to upload files to the server into a directory on the server that allows for scripting. This vulnerability could lead to remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, code execution
MD5 | d9683a4737f50a2e9b9aaa62595f9539
Zero Day Initiative Advisory 12-173
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-173 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is getSiteScopeConfiguration() which will return the current configuration of the server including the administrator login and password information. A remote attacker could abuse this vulnerability to login to SiteScope with administrative privileges then execute arbitrary code through the underlying functionality.

tags | advisory, remote, arbitrary
MD5 | 6b930837e26c5f14abfb0d7b3e218f5f
Zero Day Initiative Advisory 12-172
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-172 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Operations Orchestration. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RSScheduler service JDBC component of Operations Orchestra which listens by default on TCP port 9001. The component is vulnerable to SQL injection attacks. Remote, unauthenticated attackers can exploit this vulnerability by injecting malicious SQL into the target, which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp, code execution, sql injection
MD5 | c122d5f20de7484bb22088ac3e28b7d1
Zero Day Initiative Advisory 12-171
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-171 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The flaw exists within the uam.exe component which listens by default on UDP port 1811. When logging received actions to a log file, sprintf is used to build the log message. The process does not properly verify the destination buffer on the stack is of sufficient size to handle the newly created string. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, udp
MD5 | 1e7948bc21660998019c09e7a17803c6
Zero Day Initiative Advisory 12-170
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-170 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Application Lifecycle Management. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XGO.ocx ActiveX control. The control exposed two vulnerable functions: 'SetShapeNodeType', which is vulnerable to a type confusion allowing user specified memory to be used as an object; and 'CopyToFile' which allows an attacker to create and overwrite files on the system of the user invoking the control. The attacker can utilize these vulnerabilities to execute remote code under the context of the process.

tags | advisory, remote, arbitrary, vulnerability, activex
MD5 | f5cac49510746837c5ebaca13344667e
Zero Day Initiative Advisory 12-169
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-169 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE Proficy Historian. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the KeyHelp.ocx ActiveX control. The control contains a LaunchTriPane function that allows launching of the HTML Help executable (hh.exe) with customized command line parameters. By using the -decompile switch, an attacker can specify the folder to decompile to and a UNC path to a specially crafted .chm file. The attacker can utilize this vulnerability to execute remote code under the context of the process.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2012-2516
MD5 | 3b0052bbe971789bdcac74947574989e
Zero Day Initiative Advisory 12-168
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-168 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft Thin Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ISSymbol.ocx ActiveX component. The process performs insufficient bounds checking on user-supplied data passed in as the 'InternationalSeparator' parameter which results in a heap overflow. This vulnerability can be leveraged to execute code under the context of the user running the browser.

tags | advisory, remote, overflow, arbitrary, activex
advisories | CVE-2011-0340
MD5 | 86f79d24c79266e247ebd6d26713d071
Zero Day Initiative Advisory 12-167
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-167 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell File Reporter Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within NFRAgent.exe which communicates with the Agent component over HTTPS on TCP port 3037. When parsing tags inside the VOL element, the process performs insufficient bounds checking on user-supplied data prior to copying it into a fixed-length buffer on the stack. This vulnerability can result in remote code execution under the context of the SYSTEM account.

tags | advisory, remote, web, arbitrary, tcp, code execution
MD5 | 6004b9ac788b8d416e9fa60d38883458
Page 1 of 3
Back123Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    32 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close