exploit the possibilities
Showing 1 - 25 of 28 RSS Feed

Files Date: 2012-10-05

FastStone Image Viewer 4.6 Arbitrary Code Execution
Posted Oct 5, 2012
Authored by Jean Pascal Pereira

FastStone Image Viewer version 4.6 suffers from an arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
MD5 | 4b66f73257ae013039d76fd10c358d59
WordPress Shopp 1.0.17 XSS / Shell Upload / Disclosure
Posted Oct 5, 2012
Authored by T0x!c

WordPress Shopp eCommerce plugin version 1.0.17 suffers from cross site scripting, sensitive information disclosure, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, info disclosure
MD5 | 1ffd184016416a67b0383ee0d136dcaf
Et-Chat Rank SQL Injection
Posted Oct 5, 2012
Authored by Ashiyane Digital Security Team

Et-Chat Rank suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | 59d441df19a6435f489b6ba8ff01d66a
Secunia Security Advisory 50794
Posted Oct 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has reported a weakness and some vulnerabilities in IBM Lotus Notes Traveler, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks.

tags | advisory, spoof, vulnerability, xss
MD5 | 6824a966e2227f1c8d8bd4c6162650aa
Secunia Security Advisory 50869
Posted Oct 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libxslt. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
MD5 | 712fae781086ac03145b375742eca518
Secunia Security Advisory 50797
Posted Oct 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Novell Sentinel Log Manager, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
MD5 | afb3b6338d9b2557468db0bee9664976
Secunia Security Advisory 50886
Posted Oct 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ERPScan has reported a vulnerability in SAP NetWeaver Process Integration, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | d744f12415f083a380671223120d581b
Secunia Security Advisory 50853
Posted Oct 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued and update for kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
MD5 | 68a0b0ace8ede50b70a7cd8e5f80102d
Secunia Security Advisory 50883
Posted Oct 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ERPScan has reported a vulnerability in SAP NetWeaver Business Warehouse, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
MD5 | 1e3c81499894a297aa4e94123d28e765
Secunia Security Advisory 50795
Posted Oct 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VMware vCenter Operations, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | ec58e92a05699c754b5ff3598e73f64a
Secunia Security Advisory 50858
Posted Oct 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for python. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to potentially disclose sensitive information and malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability, xss, python
systems | linux, ubuntu
MD5 | e1db381abddda715bdfdaf953374c565
Secunia Security Advisory 50866
Posted Oct 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities with an unknown impact have been reported in LetoDMS.

tags | advisory, vulnerability
MD5 | 297c0223e3648d75a7afff3d6b197c2e
Secunia Security Advisory 50882
Posted Oct 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ERPScan has reported two vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 331bc9237216191000ebbace3e733416
Secunia Security Advisory 50884
Posted Oct 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ERPScan has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | f3a6b52af5f9aa2bbd7cf521ba55e1a1
Secunia Security Advisory 50798
Posted Oct 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VMware vCenter CapacityIQ, which can be exploited by malicious people to disclose potentially sensitive system information.

tags | advisory
MD5 | 46a8628918b6a08a1e1a73f8435e38ab
Secunia Security Advisory 50868
Posted Oct 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities with an unknown impact have been reported in the Pinterest Pin It Button Lite plugin for WordPress.

tags | advisory, vulnerability
MD5 | 9e9ea5e9ecb37513b7cbe421a59e2a85
QNX QCONN Remote Command Execution
Posted Oct 5, 2012
Authored by David Odell | Site metasploit.com

This Metasploit module exploits a vulnerability in the qconn component of QNX Neutrino which can be abused to allow unauthenticated users to execute arbitrary commands under the context of the 'root' user.

tags | exploit, arbitrary, root
MD5 | 5e32b032fe2d358a064a90b9d74409d0
strongSwan IPsec Implementation 5.0.1
Posted Oct 5, 2012
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.

Changes: The leftsourceip option now accepts a comma separated combination of %config4, %config6, or fixed IP addresses to request from the responder. Likewise, the rightsourceip option accepts multiple explicitly specified or referenced named address pools. TPM-based remote attestation has been extended to verify the complete measurements done by the Linux Integrity Measurement Architecture (IMA). Reference hash values of up to 10'000 Linux system files are stored in an SQLite database.
tags | tool, encryption, protocol
systems | linux, freebsd, apple, osx
MD5 | 950228bfb2972b76af4e65e2071d0417
Suricata IDPE 1.3.2
Posted Oct 5, 2012
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Several accuracy issues were fixed. HTTP multipart parsing bugs were fixed. Several packet acquisition bugs were fixed. A stream engine bug was fixed.
tags | tool, intrusion detection
systems | unix
MD5 | a0032049bc3082bfa8ac568ad6647b17
Sybase ASE 15.x Java Command Execution
Posted Oct 5, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - It is possible to execute Operating System commands using the Java call Runtime.getRuntime().exec() in Sybase ASE versions 15.0, 15.5, and 15.7.

tags | advisory, java
MD5 | 073d67fecbc454f2729aefc03761b75a
Sybase ASE 15.x Role Elevation
Posted Oct 5, 2012
Authored by Martin Rakhmanov | Site appsecinc.com

Authenticated users can elevate privileges to any role via SQL injection in one of the DBCC commands in Sybase ASE versions 15.0, 15.5, and 15.7.

tags | advisory, sql injection
MD5 | 89cf24303931b2526933a2c73bee2759
Oracle Enterprise Manager 11.x SQL Injection
Posted Oct 5, 2012
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - There are multiple SQL Injection vulnerabilities in components of SQL Tunning Sets that can be abused to perform attacks to execute SQL statements with elevated privileges in Oracle Enterprise Manager Database Control versions 11.1.07, 11.2.0.3, and previous patch sets.

tags | advisory, vulnerability, sql injection
advisories | CVE-2012-1737
MD5 | 52447a9179053286d9a3d997d40eb14a
IBM DB2 LUW 9.x / 10.1 XML File Disclosure
Posted Oct 5, 2012
Authored by Martin Rakhmanov | Site appsecinc.com

Team SHATTER Security Advisory - Two system stored procedures executable by PUBLIC allow reading of files with xml extensions in IBM DB2 LUW versions 9.1, 9.5, 9.7, and 10.1.

tags | advisory, info disclosure, xxe
advisories | CVE-2012-2196
MD5 | 22348b5f5f6c82baa53aef48d5ff8eb8
IBM DB2 LUW 9.x / 10.1 JAR File Overwrite
Posted Oct 5, 2012
Authored by Martin Rakhmanov | Site appsecinc.com

Team SHATTER Security Advisory - System stored procedure SQLJ.DB2_INSTALL_JAR executable by PUBLIC allows JAR file overwrite to any authenticated user in IBM DB2 LUW versions 9.1, 9.5, 9.7, and 10.1.

tags | advisory, code execution, file inclusion
advisories | CVE-2012-2194
MD5 | 9b9a380aeb8f8e0c9ded079e06a51cd0
Hardcorereview WriteAV Arbitrary Code Execution
Posted Oct 5, 2012
Authored by Jean Pascal Pereira

Hardcorereview suffers from a WriteAV arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
MD5 | 2de5ccb831a6fc3d8998c56b4827e3c3
Page 1 of 2
Back12Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    7 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close