seeing is believing
Showing 1 - 14 of 14 RSS Feed

Files Date: 2012-10-06

Blog Mod 0.1.9 SQL Injection
Posted Oct 6, 2012
Authored by WhiteCollarGroup

Blog Mod versions 0.1.9 and below suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 98db8e57adf93afd0fe35441caa72b10
Rubilyn 0.0.1
Posted Oct 6, 2012
Authored by prdelka | Site nullsecurity.net

This is a 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion and below. It uses a combination of syscall hooking and DKOM to hide activity on a host. String resolution of symbols no longer works on Mountain Lion as symtab is destroyed during load, this code is portable on all Lion and below but requires re-working for hooking under Mountain Lion.

tags | tool, kernel, rootkit
systems | unix, bsd, apple, osx
MD5 | 4e8726f077ff7d1b0a761ab15d4d8bc9
Utempter Fake Entry Manipulation
Posted Oct 6, 2012
Authored by Paul Szabo

Utempter allows for utmp manipulation that can deceive any software depending on it.

tags | exploit
MD5 | 27c0beebeceea0e7594d9a60568aaa93
MySQL Login Scanner
Posted Oct 6, 2012
Authored by Kingcope, mu-b, John Anderson

This is a modified version of synscan that checks credentials against MySQL instances and logs the output to mysqljack.pot.

tags | tool, scanner, sql injection
systems | unix
MD5 | fe55343706fa009391b9f7a53f5f36c2
et-chat SQL Injection
Posted Oct 6, 2012
Authored by Am!r | Site irist.ir

et-chat suffers from a remote blind SQL injection vulnerability. Note that these findings house site-specific data.

tags | exploit, remote, sql injection
MD5 | 1a9a06aa25437656c6c67a309e2897b2
MyAuth3 Blind SQL Injection
Posted Oct 6, 2012
Authored by Marcio Almeida

MyAuth3 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ffaaaa49b865ca1ce8499801dd8d67d3
Open-Realty 2.5.6 Local File Inclusion
Posted Oct 6, 2012
Authored by L0n3ly-H34rT

Open-Realty version 2.5.6 suffers from a local file inclusion vulnerability. Please note that local file inclusion issues have already been found in this software in versions up to 2.5.8.

tags | exploit, local, file inclusion
MD5 | 6e31d4b99a6a02a77596db530651c1c1
Windows Escalate UAC Protection Bypass
Posted Oct 6, 2012
Authored by David Kennedy, mitnick, mubix | Site metasploit.com

This Metasploit module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off.

tags | exploit, shell
systems | windows
MD5 | 2b6b2e7db0a6aa65dcb9f93cd5f565d5
Mandriva Linux Security Advisory 2012-160
Posted Oct 6, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-160 - The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service via a crafted PNG file that triggers incorrect memory allocation. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-3437
MD5 | ca023a989a2439499f06cddb46dac5ce
Mandriva Linux Security Advisory 2012-150-1
Posted Oct 6, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-150 - Multiple security issues were identified and fixed in OpenJDK (icedtea6). Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited. The updated packages provides icedtea6-1.11.4 which is not vulnerable to these issues.

tags | advisory, java, remote, vulnerability
systems | linux, mandriva
advisories | CVE-2012-0547, CVE-2012-1682
MD5 | 01498a7ea9f2a79ee3ac76ce9b470fa4
Mandriva Linux Security Advisory 2012-151-1
Posted Oct 6, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-151 - An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially-crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. The updated packages have been patched to correct this issue.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-4405
MD5 | 476cc8f015bc569cfc758ce59fa095a7
VMware Security Advisory 2012-0014
Posted Oct 6, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0014 - VMware has provided an upgrade path for vCenter Operations and CapacityIQ and an update for Movie Decoder. These updates address multiple security vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-4897, CVE-2012-5050, CVE-2012-5051
MD5 | 93a9b4b1093d4c00d57220308635f7ec
Debian Security Advisory 2555-1
Posted Oct 6, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2555-1 - Nicholas Gregoire and Cris Neckar discovered several memory handling bugs in libxslt, which could lead to denial of service or the execution of arbitrary code if a malformed document is processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2012-2870, CVE-2012-2871, CVE-2012-2893
MD5 | 8560fe186962474f5ad05f5b635da65c
Ubuntu Security Notice USN-1597-1
Posted Oct 6, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1597-1 - A flaw was found in how the Linux kernel passed the replacement session keyring to a child process. An unprivileged local user could exploit this flaw to cause a denial of service (panic).

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-2745
MD5 | 1c7adac3f824a1bfbacefccd198a2032
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close