exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files Date: 2012-09-17

Microsoft Internet Explorer execCommand Use-After-Free
Posted Sep 17, 2012
Authored by Eric Romang, sinn3r, juan vazquez, binjo | Site metasploit.com

This Metasploit module exploits a vulnerability found in Microsoft Internet Explorer (MSIE). When rendering an HTML page, the CMshtmlEd object gets deleted in an unexpected manner, but the same memory is reused again later in the CMshtmlEd::Exec() function, leading to a use-after-free condition. Please note that this vulnerability has been exploited in the wild since Sep 14 2012, and there is currently no official patch for it.

tags | exploit
advisories | OSVDB-85532
SHA-256 | 66f9396f0db135d2fa969a6675b705145fd8d9a8e475df6ffb4eb653d1a76be3
Webmin /file/show.cgi Remote Command Execution
Posted Sep 17, 2012
Authored by unknown, juan vazquez | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin 1.580. The vulnerability exists in the /file/show.cgi component and allows an authenticated user, with access to the File Manager Module, to execute arbitrary commands with root privileges. The module has been tested successfully with Webim 1.580 over Ubuntu 10.04.

tags | exploit, arbitrary, cgi, root
systems | linux, ubuntu
advisories | CVE-2012-2982, OSVDB-85248
SHA-256 | d7e27005cef2dea975ee0263e61102bda3d07c173825124a4099ef2ae10c8605
Spiceworks 6.0.00993 Cross Site Scripting
Posted Sep 17, 2012
Authored by LiquidWorm | Site zeroscience.mk

Spiceworks suffers from multiple stored cross site scripting vulnerabilities. The issues are triggered when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Versions 6.0.00993 and 6.0.00966 are affected.

tags | exploit, arbitrary, vulnerability, xss
SHA-256 | 4ce5933102d2ccf865d7267ad00d42bf306c382f9f03e4434c196f2d1258452f
Intel SMEP Overview And Partial Bypass On Windows 8
Posted Sep 17, 2012
Authored by Artem Shishkin | Site ptsecurity.com

This paper provides an overview of a new hardware security feature introduced by Intel and covers its support on Windows 8. Among the other common features it complicates vulnerability exploitation on a target system. But if these features are not properly configured all of them may become useless. This paper demonstrates a security flaw on x86 version of Windows 8 leading to a bypass of the SMEP security feature.

tags | paper, x86
systems | windows
SHA-256 | 10a2d51d5bfd486134d95d8b2224eca2ab57042d0d379ba4799ab901aa84e922
TorrentTrader 2.08 XSS / Directory Traversal / Bypass
Posted Sep 17, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

TorrentTrader version 2.08 suffers from authorization bypass, cross site scripting, path disclosure, and directory traversal vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 7185dd5b6ed5a821ecd9a5ec901d5d961227f2ab65af5e4ed90e84f1cd946946
Novell GroupWise iCalendar Date/Time Parsing Denial of Service
Posted Sep 17, 2012
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Novell GroupWise, which can be exploited by malicious people to cause a DoS (Denial of Service). However, no checks are performed by a function in iCalendar to ensure that the supplied date-time string is longer than 8 characters. This may result in an out-of-bounds read access violation, causing GWIA to crash in case a shorter date-time string was supplied via e.g. an e-mail with a specially crafted .ics attachment. Novell GroupWise version 8.0.2 HP3 is affected.

tags | advisory, denial of service
advisories | CVE-2011-3827
SHA-256 | 47079011e77d4b03dcf622040e29f04c46c08e437a5ae7d2a92d9802266de359
Novell Groupwise 8.0.2 HP3 / 2012 Integer Overflow
Posted Sep 17, 2012
Authored by Francis Provencher

Novell Groupwise versions 8.0.2 HP3 and 2012 suffers from an integer overflow vulnerability.

tags | exploit, overflow
SHA-256 | f82e2a8cfbd871bf746381353b9d597a48d059ad35b2d45116b4b230fc917e0f
Netsweeper WebAdmin Portal CSRF / XSS / SQL Injection
Posted Sep 17, 2012
Authored by Jacob Holcomb

Netsweeper WebAdmin Portal suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. Note that most of this data released back in July of 2012 without the SQL injection information.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
advisories | CVE-2012-2446, CVE-2012-2447, CVE-2012-3859
SHA-256 | 334e61b447c540bdcd2f46a9286fba1fb02a185a296fb66758697dd81cba3c6b
NCMedia Sound Editor Pro 7.5.1 Buffer Overflow
Posted Sep 17, 2012
Authored by Julien Ahrens | Site security.inshell.net

A local buffer overflow vulnerability has been found on the NCMedia Sound Editor Pro version 7.5.1. The application saves the paths for all recently used files in a file called "MRUList201202.dat" in the directory %appdata%\Sound Editor Pro\. When clicking on the "File" menu item the application reads the contents of the file, but does not validate the length of the string loaded from the file before passing it to a buffer, which leads to a stack-based buffer overflow.

tags | exploit, overflow, local
SHA-256 | a1f0e2a2be8b3403de464902a0d925d7567541a522d8d12be77fb9410aac9104
LuxCal 2.7.0 XSS / LFI / Information Disclosure
Posted Sep 17, 2012
Authored by L0n3ly-H34rT

LuxCal version 2.7.0 suffers from cross site scripting, information disclosure, and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion, info disclosure
SHA-256 | 503bd9fd609f08e15c9a8ac9ee45ba2ebf9dfbf41405bb3bcf3614423544d6dc
FreeWebshop 2.2.9 Cross Site Scripting / SQL Injection
Posted Sep 17, 2012
Authored by HTTPCS

FreeWebshop version 2.2.9 suffers from cross site scripting and multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | f0f154ab364674f14b5f153465e8811cc06e2b9b2d41a40b64d7cf47db4d65cf
UK CPNI IPv6 Toolkit 1.2.3
Posted Sep 17, 2012
Authored by Fernando Gont

This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.

Changes: Various updates and OSes supported.
tags | tool, scanner
systems | linux, netbsd, unix, freebsd, openbsd, debian, ubuntu
SHA-256 | 37fde545740ff58ff27a5cb9590cb1aef36206d163471d31c5f7531f501e90c5
Red Hat Security Advisory 2012-1284-01
Posted Sep 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1284-01 - The spice-gtk packages provide a GIMP Toolkit widget for SPICE clients. Both Virtual Machine Manager and Virtual Machine Viewer can make use of this widget to access virtual machines using the SPICE protocol. It was discovered that the spice-gtk setuid helper application, spice-client-glib-usb-acl-helper, did not clear the environment variables read by the libraries it uses. A local attacker could possibly use this flaw to escalate their privileges by setting specific environment variables before running the helper application.

tags | advisory, local, protocol
systems | linux, redhat
advisories | CVE-2012-4425
SHA-256 | f2c0f0bb7859b916967ca5677435478e5dd6ca4702ec05db09d5b281423e0052
Red Hat Security Advisory 2012-1283-01
Posted Sep 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1283-01 - OpenJPEG is an open source library for reading and writing image files in JPEG 2000 format. It was found that OpenJPEG failed to sanity-check an image header field before using it. A remote attacker could provide a specially-crafted image file that could cause an application linked against OpenJPEG to crash or, possibly, execute arbitrary code. This issue was discovered by Huzaifa Sidhpurwala of the Red Hat Security Response Team.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2012-3535
SHA-256 | c223a367dbb574263853258126dea3b874b289aec4f93f819b0dde0fb91949a2
Debian Security Advisory 2549-1
Posted Sep 17, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2549-1 - Multiple vulnerabilities have been discovered in devscripts, a set of scripts to make the life of a Debian Package maintainer easier.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-2240, CVE-2012-2241, CVE-2012-2242, CVE-2012-3500
SHA-256 | 848402d3090c98eb8f956af92baa57671d5c38d44b3f75fc8e58d24bd48e1d11
Debian Security Advisory 2480-4
Posted Sep 17, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2480-4 - The security updates for request-tracker3.8, DSA-2480-1, DSA-2480-2, and DSA-2480-3, contained minor regressions.

tags | advisory
systems | linux, debian
SHA-256 | a8a9ffeaee4d8ba69063d098e441bcb7d3eedaed9e66a42a5e31a87060cdf6e6
Ubuntu Security Notice USN-1570-1
Posted Sep 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1570-1 - It was discovered that GnuPG used a short ID when downloading keys from a keyserver, even if a long ID was requested. An attacker could possibly use this to return a different key with a duplicate short key id.

tags | advisory
systems | linux, ubuntu
SHA-256 | aa800a4e7a51b00e5f866cc878a7f8a4f4a074b3ebd0d926511a10980c175106
Ubuntu Security Notice USN-1569-1
Posted Sep 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1569-1 - It was discovered that PHP incorrectly handled certain character sequences when applying HTTP response-splitting protection. A remote attacker could create a specially-crafted URL and inject arbitrary headers. It was discovered that PHP incorrectly handled directories with a large number of files. This could allow a remote attacker to execute arbitrary code with the privileges of the web server, or to perform a denial of service. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2012-2688, CVE-2012-3450, CVE-2011-1398, CVE-2012-2688, CVE-2012-3450, CVE-2012-4388
SHA-256 | ca286c3dc3421c19e6fd6053965096637970d19dc1b7ac9c4b2b75b876f38310
NCMedia Sound Editor Pro 7.5.1 Buffer Overflow
Posted Sep 17, 2012
Authored by Julien Ahrens

NCMedia Sound Editor Pro version 7.5.1 suffers from a MRUList201202.dat file handling buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 622be827ae2f496adf9292ac657f311604c6fcd62f590a02bc8c7745d6858de5
Nikto Web Scanner 2.1.5
Posted Sep 17, 2012
Authored by Sullo | Site cirt.net

Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers.

Changes: Various fixes and changes.
tags | tool, web, cgi
systems | unix
SHA-256 | 0e672a6a46bf2abde419a0e8ea846696d7f32e99ad18a6b405736ee6af07509f
Secunia Security Advisory 50650
Posted Sep 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
SHA-256 | af1b375357fd01eac3d6c612cfe136b3edcdb00daf744545b3fe24d61e73c3ac
Secunia Security Advisory 50646
Posted Sep 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Liferay Portal, which can be exploited by malicious users to manipulate certain data.

tags | advisory
SHA-256 | 54ae025e73628b9d53a32f0468a25b716923e59348daee17dd499118c304839e
Hacking Android For Fun And Profit
Posted Sep 17, 2012
Authored by G13

This is a brief whitepaper with examples and information on hacking the Android platform from Google.

tags | paper
SHA-256 | e9176c55d89393a905a6c089cf727073616f686508f90c534455c54eb3f00e4a
Secunia Security Advisory 50617
Posted Sep 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in Auxilium PetRatePro, which can be exploited by malicious people to conduct cross-site request and SQL injection attacks and compromise a vulnerable system.

tags | advisory, vulnerability, sql injection
SHA-256 | 63f334f565efdc1e9bdbac996bed1330f92245c5457b39d3a164a46508bca77a
Secunia Security Advisory 50619
Posted Sep 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM AIX, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | aix
SHA-256 | 8371ba639cdd0ff278e28c38d4ab6899f6563db630ec9817ddf8c7e62bf3b505
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close