exploit the possibilities
Showing 1 - 17 of 17 RSS Feed

Files Date: 2012-11-19

Zero Day Initiative Advisory 12-187
Posted Nov 19, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-187 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a particular array contained within a Real Media file and then uses the data. When allocating and reading frame size information, the application will fail to check the bounds of how this array is used. The application will use results in this array as an allocation for the size of a buffer. When initializing this new buffer, the application can then write outside it's bounds which will lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2012-0923
MD5 | caf9795079d80e997299543e119f22d0
Belkin Insecure Default WPA2 Passphrase
Posted Nov 19, 2012
Authored by Jakob Lell

Having a preconfigured randomly generated WPA2-PSK passphrase for wireless routers is basically a good idea since a vendor-generated passphrase can be much more secure than most user-generated passwords. However, in the case of Belkin the default password is calculated solely based on the MAC address of the device. Since the MAC address is broadcasted with the beacon frames sent out by the device, a wireless attacker can calculate the default passphrase and then connect to the wireless network. Vulnerable versions include, but are not limited to, Belkin Surf N150 Model F7D1301v1, Belkin N900 Model F9K1104v1, Belkin N450 Model F9K1105V2, and possibly Belkin N300 Model F7D2301v1.

tags | advisory
advisories | CVE-2012-4366
MD5 | 44b1ab86b2820727ed3c030ed172a0ff
Splunk 4.x Denial Of Service
Posted Nov 19, 2012
Authored by Alexander Klink | Site nruns.com

Splunk versions 4.0 through 4.3.4 suffer from an unauthenticated remote denial of service vulnerability against splunkd.

tags | advisory, remote, denial of service
MD5 | 77701ef13cf8f0205b69ae5bc03f88df
Mandriva Linux Security Advisory 2012-172
Posted Nov 19, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-172 - Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file. The updated packages have been patched to correct this issue.

tags | advisory, remote, overflow
systems | linux, mandriva
advisories | CVE-2012-4504
MD5 | bb6cff786629c6331f3a41019af956b8
Akeni LAN 1.2.118 Filter Bypass
Posted Nov 19, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

A filter bypass vulnerability in Akeni LAN (LE) Messenger version 1.2.118 allows for malicious script insertion / cross site scripting attacks.

tags | exploit, xss, bypass
MD5 | 2ced5a10e9c4f6158009523f2b58bf82
Manage Engine Exchange Reporter 4.1 Cross Site Scripting
Posted Nov 19, 2012
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

Manage Engine Exchange Reporter version 4.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | cf2327d6861e783bd8e15ca7659e3654
Omni-Secure 5 / 6 / 7 Remote File Disclosure
Posted Nov 19, 2012
Authored by HaCkeR_EgY

Omni-Secure versions 5, 6, and 7 suffer from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 28afbca05bd6a5d26e97284c907178e2
Skype Account Service Reset Credentials
Posted Nov 19, 2012
Authored by Benjamin Kunz Mejri, Chokri Ben Achor | Site vulnerability-lab.com

The Skype Account Service application suffered from a reset password/username vulnerability.

tags | exploit
MD5 | 1b8b33483a64506397dd6c9489db51fd
Skype Account Service Session Token Bypass
Posted Nov 19, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

The Skype Account Service application suffered from a session token bypass vulnerability.

tags | exploit, bypass
MD5 | b127e8c3a17d8efff34a737b0d0f894a
HostBox SSH 0.1
Posted Nov 19, 2012
Authored by Oskar Stridsman | Site stridsmanIT.wordpress.com

HostBox SSH is a python script will scan servers and routers for insecure SSH configurations.

tags | tool, scanner, python
systems | unix
MD5 | 00486f309358c2af448eade6dbecb752
WeBid 1.0.5 Directory Traversal
Posted Nov 19, 2012
Authored by loneferret

WeBid versions 1.0.5 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 31ed75fecbce02be4931928c1382a5e4
Debian Security Advisory 2575-1
Posted Nov 19, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2575-1 - It was discovered that ppm2tiff of the tiff tools, a set of utilities for TIFF manipulation and conversion, is not properly checking the return value of an internal function used in order to detect integer overflows. As a consequence, ppm2tiff suffers of a heap-based buffer overflow. This allows attacker to potentially execute arbitrary code via a crafted ppm image, especially in scenarios in which images are automatically processed.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2012-4564
MD5 | 09747e61881552acf5e73d9adfddaa2e
Microsoft Office OneNote 2010 Memory Corruption
Posted Nov 19, 2012
Authored by coolkaveh

Microsoft Office OneNote 2010 suffers from a WriteAV memory corruption vulnerability.

tags | exploit
systems | linux
MD5 | 778501e23876cf312063c696dd2186c3
Secunia Security Advisory 51333
Posted Nov 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the jNews component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 593d6812c922b09ee94e9d20f296b04d
Secunia Security Advisory 51339
Posted Nov 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Sophos UTM, which can be exploit by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.

tags | advisory, vulnerability, xss
MD5 | 7a82acc4baafbc38fe4f7c066b3a20bb
Secunia Security Advisory 51294
Posted Nov 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in WeeChat, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
MD5 | 1aaf7663079ca182f946fd8cd0699e5c
Secunia Security Advisory 51349
Posted Nov 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in RSA Data Protection Manager, where some have an unknown impact and others can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks.

tags | advisory, local, vulnerability, xss
MD5 | c64247139b708e972c4bbc99da51b23d
Page 1 of 1
Back1Next

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    13 Files
  • 28
    May 28th
    18 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close