exploit the possibilities
Showing 1 - 25 of 36 RSS Feed

Files Date: 2012-11-30

BlazeVideo HDTV Player Pro 6.6 Filename Handling
Posted Nov 30, 2012
Authored by sinn3r, b33f | Site metasploit.com

This Metasploit module exploits a vulnerability found in BlazeVideo HDTV Player's filename handling routine. When supplying a string of input data embedded in a .plf file, the MediaPlayerCtrl.dll component will try to extract a filename by using PathFindFileNameA(), and then copies whatever the return value is on the stack by using an inline strcpy. As a result, if this input data is long enough, it can cause a stack-based buffer overflow, which may lead to arbitrary code execution under the context of the user.

tags | exploit, overflow, arbitrary, code execution
advisories | OSVDB-80896
MD5 | 18479af99cd876aea7ca8d3a6f0c35fb
Axis Commerce 0.8.7.2 Cross Site Scripting
Posted Nov 30, 2012
Authored by LiquidWorm | Site zeroscience.mk

Axis Commerce version 0.8.7.2 suffers from multiple stored cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 881fe5f6ef6e5dbec355493c0d924fe3
SysAid Helpdesk 8.5 Pro SQL Injection
Posted Nov 30, 2012
Authored by Daniel Compton | Site nccgroup.com

SysAid Helpdesk version 8.5 Pro suffers from multiple remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 9f07d639148cb86bf1c1ef207e3d8be8
Squiz CMS 11654 File Path Traversal
Posted Nov 30, 2012
Authored by Robert Ray | Site nccgroup.com

Squiz CMS version 11654 suffers from a directory traversal vulnerability.

tags | exploit
MD5 | 20777e9c1618a11616598ae7f13aabab
Nagios XI Network Monitor 2011R1.9 SQL Injection
Posted Nov 30, 2012
Authored by Daniel Compton | Site nccgroup.com

Nagios XI Network Monitor version 2011R1.9 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 31235d7bde61608ca3ebf88ad44f4c7c
Nagios XI Network Monitor 2011R1.9 OS Command Injection
Posted Nov 30, 2012
Authored by Daniel Compton | Site nccgroup.com

Nagios XI Network Monitor version 2011R1.9 suffers from OS command injection vulnerabilities.

tags | exploit, vulnerability
MD5 | 8282d53e99b1e8dbcb80909ec38492d2
Oracle Gridengine sgepasswd Buffer Overflow
Posted Nov 30, 2012
Authored by Edward Torkington | Site ngssoftware.com

Oracle Gridengine's sgepasswd suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | dc278ebed50251a0deb5698d833767cc
DataArmor / DriveArmor Privilege Escalation / Decryption
Posted Nov 30, 2012
Authored by Stuart Passe | Site ngssoftware.com

DataArmor and DriveArmor versions prior to 3.0.12.861 suffer from restricted environment breakout, privilege escalation, and full disk decryption vulnerabilities.

tags | exploit, vulnerability
MD5 | 0419d05b8467d22e94ea40d4bec34572
jsupload.cgi.pl 0.6.4 Directory Traversal
Posted Nov 30, 2012
Authored by Sean de Regge

jsupload.cgi.pl versions 0.6.4 and below suffer from a directory traversal vulnerability.

tags | exploit, cgi, file inclusion
MD5 | 0373f395b175a1ebb55509a6d8d4603d
Apple Security Advisory 2012-11-29-1
Posted Nov 30, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-11-29-1 - Apple TV 5.1.1 is now available and addresses information disclosure and code execution vulnerabilities.

tags | advisory, vulnerability, code execution, info disclosure
systems | apple
advisories | CVE-2012-3749, CVE-2012-3748
MD5 | f7ab96621e126a3cafec299fec4f014e
PayPal Persistent Listing Cross Site Scripting
Posted Nov 30, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

PayPal suffered from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3e5e7d726ff45caa32c8441e05e68b0c
Safend Data Protector 3.4.5586.9772 Privilege Escalation
Posted Nov 30, 2012
Authored by Joseph Sheridan | Site reactionpenetrationtesting.co.uk

Safend Data Protector suffers from multiple privilege escalation vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-4767, CVE-2012-4760, CVE-2012-4760, CVE-2012-4761, CVE-2012-4761
MD5 | 358e671a42d55ceea1aee1012ae2ec19
Mozilla Firefox "imgRequestProxy" Class Remote Use-After-Free
Posted Nov 30, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error within the "imgRequestProxy::OnStopRequest()" function, which could allow remote attackers to execute arbitrary code via a specially crafted web page.

tags | advisory, remote, web, arbitrary
MD5 | 883db1fa9cce75266023399dd2ef60f2
Ubuntu Security Notice USN-1430-5
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1430-5 - USN-1430-3 fixed vulnerabilities in Thunderbird. This update provides an updated mozilla-devscripts which produces packaged addons compatible with the latest thunderbird packaging.

tags | advisory, vulnerability
systems | linux, ubuntu
MD5 | e4525152b736a64571cfe4d017b17e04
Ubuntu Security Notice USN-1643-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1643-1 - It was discovered that the decode_xs function in the Encode module is vulnerable to a heap-based buffer overflow via a crafted Unicode string. An attacker could use this overflow to cause a denial of service. It was discovered that the 'new' constructor in the Digest module is vulnerable to an eval injection. An attacker could use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-2939, CVE-2011-3597, CVE-2012-5195, CVE-2012-5526, CVE-2011-2939, CVE-2011-3597, CVE-2012-5195, CVE-2012-5526
MD5 | 715fe6e311970516fe1cd1842f38a8f5
Debian Security Advisory 2579-1
Posted Nov 30, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2579-1 - A vulnerability has been found in the Apache HTTPD Server.

tags | advisory
systems | linux, debian
advisories | CVE-2012-4557, CVE-2012-4929
MD5 | 67a85ba61ddfb3f26b1eb9b16db42ffa
Ubuntu Security Notice USN-1652-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1652-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
MD5 | a16eb73a5bd3c36bbf6d17623c3fdeda
Ubuntu Security Notice USN-1651-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1651-1 - Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-4565
MD5 | ee33568063200090945b0d819176d01e
Ubuntu Security Notice USN-1650-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1650-1 - Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-4565
MD5 | 854b8b47a5fdc897ebe16070a3e4676c
Ubuntu Security Notice USN-1649-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1649-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
MD5 | 14264958db6c580c168e9c52add81ebb
Ubuntu Security Notice USN-1648-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1648-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
MD5 | 2a28082bb1636da0749c84985d175606
Ubuntu Security Notice USN-1647-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1647-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
MD5 | f01b7bd517617dc00d7e3e8c8cf22f3f
Ubuntu Security Notice USN-1646-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1646-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
MD5 | 858c6e3864c4022b133dd0649302b446
Ubuntu Security Notice USN-1645-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1645-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
MD5 | 6183c5fa69699ff34b662708e1fff52a
Ubuntu Security Notice USN-1644-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1644-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
MD5 | c1adb988e46f5612a943270fa81f87e0
Page 1 of 2
Back12Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close