Exploit the possiblities
Showing 1 - 25 of 35 RSS Feed

Files Date: 2012-09-17

Microsoft Internet Explorer execCommand Use-After-Free
Posted Sep 17, 2012
Authored by Eric Romang, sinn3r, juan vazquez, binjo | Site metasploit.com

This Metasploit module exploits a vulnerability found in Microsoft Internet Explorer (MSIE). When rendering an HTML page, the CMshtmlEd object gets deleted in an unexpected manner, but the same memory is reused again later in the CMshtmlEd::Exec() function, leading to a use-after-free condition. Please note that this vulnerability has been exploited in the wild since Sep 14 2012, and there is currently no official patch for it.

tags | exploit
advisories | OSVDB-85532
MD5 | 377c4b7a481946f0167f08116e969e05
Webmin /file/show.cgi Remote Command Execution
Posted Sep 17, 2012
Authored by unknown, juan vazquez | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin 1.580. The vulnerability exists in the /file/show.cgi component and allows an authenticated user, with access to the File Manager Module, to execute arbitrary commands with root privileges. The module has been tested successfully with Webim 1.580 over Ubuntu 10.04.

tags | exploit, arbitrary, cgi, root
systems | linux, ubuntu
advisories | CVE-2012-2982, OSVDB-85248
MD5 | dc34581214599ff103986008fd746663
Spiceworks 6.0.00993 Cross Site Scripting
Posted Sep 17, 2012
Authored by LiquidWorm | Site zeroscience.mk

Spiceworks suffers from multiple stored cross site scripting vulnerabilities. The issues are triggered when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Versions 6.0.00993 and 6.0.00966 are affected.

tags | exploit, arbitrary, vulnerability, xss
MD5 | 29cc4191f82c4bf00d9359b919b7f4b3
Intel SMEP Overview And Partial Bypass On Windows 8
Posted Sep 17, 2012
Authored by Artem Shishkin | Site ptsecurity.com

This paper provides an overview of a new hardware security feature introduced by Intel and covers its support on Windows 8. Among the other common features it complicates vulnerability exploitation on a target system. But if these features are not properly configured all of them may become useless. This paper demonstrates a security flaw on x86 version of Windows 8 leading to a bypass of the SMEP security feature.

tags | paper, x86
systems | windows
MD5 | ab1b81d93e4ee350a697ffa182c747f2
TorrentTrader 2.08 XSS / Directory Traversal / Bypass
Posted Sep 17, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

TorrentTrader version 2.08 suffers from authorization bypass, cross site scripting, path disclosure, and directory traversal vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 80f944bda396bc57c5a55368cbeda7aa
Novell GroupWise iCalendar Date/Time Parsing Denial of Service
Posted Sep 17, 2012
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Novell GroupWise, which can be exploited by malicious people to cause a DoS (Denial of Service). However, no checks are performed by a function in iCalendar to ensure that the supplied date-time string is longer than 8 characters. This may result in an out-of-bounds read access violation, causing GWIA to crash in case a shorter date-time string was supplied via e.g. an e-mail with a specially crafted .ics attachment. Novell GroupWise version 8.0.2 HP3 is affected.

tags | advisory, denial of service
advisories | CVE-2011-3827
MD5 | 295a73ebe071ceada11101ab06f90a70
Novell Groupwise 8.0.2 HP3 / 2012 Integer Overflow
Posted Sep 17, 2012
Authored by Francis Provencher

Novell Groupwise versions 8.0.2 HP3 and 2012 suffers from an integer overflow vulnerability.

tags | exploit, overflow
MD5 | ad26af23d31e8ed5621d25afcf513d4d
Netsweeper WebAdmin Portal CSRF / XSS / SQL Injection
Posted Sep 17, 2012
Authored by Jacob Holcomb

Netsweeper WebAdmin Portal suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. Note that most of this data released back in July of 2012 without the SQL injection information.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
advisories | CVE-2012-2446, CVE-2012-2447, CVE-2012-3859
MD5 | aa024e95d3e0bd01ec3350b56bd27bdd
NCMedia Sound Editor Pro 7.5.1 Buffer Overflow
Posted Sep 17, 2012
Authored by Julien Ahrens | Site security.inshell.net

A local buffer overflow vulnerability has been found on the NCMedia Sound Editor Pro version 7.5.1. The application saves the paths for all recently used files in a file called "MRUList201202.dat" in the directory %appdata%\Sound Editor Pro\. When clicking on the "File" menu item the application reads the contents of the file, but does not validate the length of the string loaded from the file before passing it to a buffer, which leads to a stack-based buffer overflow.

tags | exploit, overflow, local
MD5 | 683e36ad32979a2dbbb73075ecb56872
LuxCal 2.7.0 XSS / LFI / Information Disclosure
Posted Sep 17, 2012
Authored by L0n3ly-H34rT

LuxCal version 2.7.0 suffers from cross site scripting, information disclosure, and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion, info disclosure
MD5 | 7fd4ffc706cd0c93b49021a19ecda422
FreeWebshop 2.2.9 Cross Site Scripting / SQL Injection
Posted Sep 17, 2012
Authored by HTTPCS

FreeWebshop version 2.2.9 suffers from cross site scripting and multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 259aa6cc2df59f0ae624cf8ba51185d0
UK CPNI IPv6 Toolkit 1.2.3
Posted Sep 17, 2012
Authored by Fernando Gont

This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.

Changes: Various updates and OSes supported.
tags | tool, scanner
systems | linux, netbsd, unix, freebsd, openbsd, debian, ubuntu
MD5 | a4557708150feac8fb1fae279a6414f1
Red Hat Security Advisory 2012-1284-01
Posted Sep 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1284-01 - The spice-gtk packages provide a GIMP Toolkit widget for SPICE clients. Both Virtual Machine Manager and Virtual Machine Viewer can make use of this widget to access virtual machines using the SPICE protocol. It was discovered that the spice-gtk setuid helper application, spice-client-glib-usb-acl-helper, did not clear the environment variables read by the libraries it uses. A local attacker could possibly use this flaw to escalate their privileges by setting specific environment variables before running the helper application.

tags | advisory, local, protocol
systems | linux, redhat
advisories | CVE-2012-4425
MD5 | 984184f3d420eba2bb4291070a5ff4c5
Red Hat Security Advisory 2012-1283-01
Posted Sep 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1283-01 - OpenJPEG is an open source library for reading and writing image files in JPEG 2000 format. It was found that OpenJPEG failed to sanity-check an image header field before using it. A remote attacker could provide a specially-crafted image file that could cause an application linked against OpenJPEG to crash or, possibly, execute arbitrary code. This issue was discovered by Huzaifa Sidhpurwala of the Red Hat Security Response Team.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2012-3535
MD5 | 8acdcd5cc296b9e9b7d680ae0c8b74b2
Debian Security Advisory 2549-1
Posted Sep 17, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2549-1 - Multiple vulnerabilities have been discovered in devscripts, a set of scripts to make the life of a Debian Package maintainer easier.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-2240, CVE-2012-2241, CVE-2012-2242, CVE-2012-3500
MD5 | a28ad734a5ec81d4661c2324e0110980
Debian Security Advisory 2480-4
Posted Sep 17, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2480-4 - The security updates for request-tracker3.8, DSA-2480-1, DSA-2480-2, and DSA-2480-3, contained minor regressions.

tags | advisory
systems | linux, debian
MD5 | 9a85b3e6c701ad38b81db6708d5a2385
Ubuntu Security Notice USN-1570-1
Posted Sep 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1570-1 - It was discovered that GnuPG used a short ID when downloading keys from a keyserver, even if a long ID was requested. An attacker could possibly use this to return a different key with a duplicate short key id.

tags | advisory
systems | linux, ubuntu
MD5 | da7fd51f243ca80096dee1573bc2c778
Ubuntu Security Notice USN-1569-1
Posted Sep 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1569-1 - It was discovered that PHP incorrectly handled certain character sequences when applying HTTP response-splitting protection. A remote attacker could create a specially-crafted URL and inject arbitrary headers. It was discovered that PHP incorrectly handled directories with a large number of files. This could allow a remote attacker to execute arbitrary code with the privileges of the web server, or to perform a denial of service. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2012-2688, CVE-2012-3450, CVE-2011-1398, CVE-2012-2688, CVE-2012-3450, CVE-2012-4388
MD5 | 22ce0e3ffcaeb8af36df2bddcb09332d
NCMedia Sound Editor Pro 7.5.1 Buffer Overflow
Posted Sep 17, 2012
Authored by Julien Ahrens

NCMedia Sound Editor Pro version 7.5.1 suffers from a MRUList201202.dat file handling buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 53897c0924f6dbaa1be2fe38e25af252
Nikto Web Scanner 2.1.5
Posted Sep 17, 2012
Authored by Sullo | Site cirt.net

Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers.

Changes: Various fixes and changes.
tags | tool, web, cgi
systems | unix
MD5 | efcc98a918becb77471ee9a5df0a7b1e
Secunia Security Advisory 50650
Posted Sep 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
MD5 | 1a89f1952a797f9ece47bb30af84bced
Secunia Security Advisory 50646
Posted Sep 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Liferay Portal, which can be exploited by malicious users to manipulate certain data.

tags | advisory
MD5 | 7531ba2c875925d2076d001b73fe2cae
Hacking Android For Fun And Profit
Posted Sep 17, 2012
Authored by G13

This is a brief whitepaper with examples and information on hacking the Android platform from Google.

tags | paper
MD5 | f7e79cbbc22d85f10d2308b07ba47c9b
Secunia Security Advisory 50617
Posted Sep 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in Auxilium PetRatePro, which can be exploited by malicious people to conduct cross-site request and SQL injection attacks and compromise a vulnerable system.

tags | advisory, vulnerability, sql injection
MD5 | 0c6f0ef94395c97543d4dfa26ad0d322
Secunia Security Advisory 50619
Posted Sep 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM AIX, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | aix
MD5 | a05fafaff956bdf0b128a24486703bc1
Page 1 of 2
Back12Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close