what you don't know can hurt you
Showing 1 - 25 of 42 RSS Feed

Files Date: 2008-10-31 to 2008-10-31

Secunia Security Advisory 32435
Posted Oct 31, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SuSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), conduct cross-site scripting attacks or potentially, to compromise a user's system.

tags | advisory, denial of service, vulnerability, xss
systems | linux, suse
MD5 | 400b629401a5ed04becfc2f364f1d4bb
Secunia Security Advisory 32498
Posted Oct 31, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in various SonicWALL products, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 98a5ef79c05ad4d5435da01ceb81972e
sfslinkdir-sql.txt
Posted Oct 31, 2008
Authored by BeyazKurt

SFS EZ Link Directory suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b271ceed4dc4c3675bc99a772d522915
sfsezhome-sql.txt
Posted Oct 31, 2008
Authored by BeyazKurt

SFS EZ Home Business Directory suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6b92f76e4c8d0aacb43094615cc353d9
sfsezgaming-sql.txt
Posted Oct 31, 2008
Authored by Hurley

SFS EZ Gaming Directory suffers from a remote SQL injection vulnerability in directory.php.

tags | exploit, remote, php, sql injection
MD5 | 081c97e36eb59198568e32a4e8d22891
sfsezhosting-sql.txt
Posted Oct 31, 2008
Authored by BeyazKurt

SFS EZ Hosting Directory suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 475b55d99bffc8a6e6c91c973df1af1c
sfsezadult-sql.txt
Posted Oct 31, 2008
Authored by Hurley

SFS EZ Adult Directory suffers from a remote SQL injection vulnerability in directory.php.

tags | exploit, remote, php, sql injection
MD5 | 6ddd59e9fa65bf277ab890a86312bb4d
logzpodcast-sql.txt
Posted Oct 31, 2008
Authored by ZoRLu

Logz Podcast CMS version 1.3.1 suffers from a remote SQL injection vulnerability in add_url.php.

tags | exploit, remote, php, sql injection
MD5 | ff681c55a31ccbc5d01ff29519cbe8c4
absolutenewsmanager-cookie.txt
Posted Oct 31, 2008
Authored by Hakxer

Absolute News Manager version 5.1 suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
MD5 | c226be9ff73272cfd4e4296067000274
alink-xsrfxss.xt
Posted Oct 31, 2008
Authored by Jussi Vuokko, Henri Lindberg | Site louhi.fi

A-Link WL54AP3 and WL54AP2 suffers from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 7ff53c928fdabaec0c61f51282483ef5
Secunia Security Advisory 32359
Posted Oct 31, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in Interact, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 49110b2642de8bdc245f7cd0545fcba0
Mandriva Linux Security Advisory 2008-121
Posted Oct 31, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered in FreeType's Printer Font Binary (PFB) font-file format parser. If a user were to load a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or potentially execute arbitrary code. The updated packages have been patched to prevent this issue. The patches used to correct the problem on Corporate Server 4.0 and Corporate 3.0 contained a problem where certain fonts would not be displayed and would cause applications, such as drakfont, to crash. This update corrects the regression.

tags | advisory, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2008-1806, CVE-2008-1807, CVE-2008-1808
MD5 | b5bbdc1f98fdef8437a222fdba1d0410
typo-sqlxss.txt
Posted Oct 31, 2008
Authored by L4teral

Typo versions 5.1.3 and below suffer from cross site scripting and SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
MD5 | 8221ac832c25b9830f22b83515f36688
iDEFENSE Security Advisory 2008-10-29.2
Posted Oct 31, 2008
Authored by iDefense Labs, Sean Larsson, Joshua J. Drake | Site idefense.com

iDefense Security Advisory 10.29.08 - Remote exploitation of a stack based buffer overflow vulnerability in Oracle Corp.'s WebLogic Server Apache Connector could allow an attacker to execute arbitrary code with the privileges of the affected service. A stack based buffer overflow vulnerability exists in the Apache Connector of Oracle (formerly BEA) WebLogic Server. When parsing a request with an invalid parameter the module uses a string without properly validating its length. This string is copied into a fixed sized stack buffer. This results in a stack based buffer overflow. iDefense has confirmed the existence of this vulnerability in WebLogic Server Apache Connector version 10.0. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2008-4008
MD5 | 6ff30a0d941f386bea95271534a16c5e
HS-P005_ReflectiveDllInjection.pdf
Posted Oct 31, 2008
Authored by Stephen Fewer | Site harmonysecurity.com

Whitepaper on reflective DLL injection. Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process. As such the library is responsible for loading itself by implementing a minimal Portable Executable (PE) loader.

tags | paper
MD5 | 9dcfe4b1a13f2b6430c44bf6ea224287
iDEFENSE Security Advisory 2008-10-29.1
Posted Oct 31, 2008
Authored by iDefense Labs, Sebastian Apelt, Code Audit Labs | Site idefense.com

iDefense Security Advisory 10.29.08 - Remote exploitation of multiple integer overflow vulnerabilities in OpenOffice versions 2.4.1 and earlier could allow an attacker to execute arbitrary code with the privileges of the current user. Integer overflow issues exist within the code responsible for parsing multiple EMR records within an EMF file. This allows an attacker to overflow heap memory with data they supplied. iDefense has confirmed the existence of this vulnerability in OpenOffice version 2.4.1.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2008-2238
MD5 | d171510742688331e37fb3cc9eb6cf1a
secunia-interact.txt
Posted Oct 31, 2008
Site secunia.com

Secunia Research has discovered two vulnerabilities in Interact, which can be exploited by malicious people to conduct cross-site request forgery and SQL injection attacks. Version 2.4.1 is affected.

tags | advisory, vulnerability, sql injection, csrf
advisories | CVE-2008-3867, CVE-2008-3868
MD5 | 50d4f22f625ff21b334f039cc07ea0a5
cpanel-lfixss.txt
Posted Oct 31, 2008
Authored by IRCRASH | Site ircrash.com

Cpanel version 11.x suffers from local file inclusion and cross site scripting vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
MD5 | b2620f52e382ae9d00f9164d327f0f19
VMware Security Advisory 2008-0017
Posted Oct 31, 2008
Authored by VMware | Site vmware.com

VMware Security Advisory - A denial of service flaw was found in the way libxml2 processes certain content. If an application that is linked against libxml2 processes malformed XML content, the XML content might cause the application to stop responding. A flaw was found in the way ucd-snmp checks an SNMPv3 packet's Keyed-Hash Message Authentication Code. An attacker could use this flaw to spoof an authenticated SNMPv3 packet. Multiple uses of uninitialized values were discovered in libtiff's Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could create a carefully crafted LZW-encoded TIFF file that would cause an application linked with libtiff to crash or, possibly, execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof
advisories | CVE-2008-3281, CVE-2008-0960, CVE-2008-2327
MD5 | a65a9972a55e92b7b25ec9b7e2f267a0
opera962-exec.txt
Posted Oct 31, 2008
Authored by NeoCoderz

Opera version 9.62 remote code execution proof of concept exploit.

tags | exploit, remote, code execution, proof of concept
MD5 | fe97e37781c936be7d29de0109258749
absolutecontrol-cookie.txt
Posted Oct 31, 2008
Authored by EgY Coders Team

Absolute Control Panel XE version 1.5 suffers from a remote cookie handling vulnerability.

tags | exploit, remote
MD5 | 5d6dc5cc8c5335d52758c367e517c7b0
absolutelive-cookie.txt
Posted Oct 31, 2008
Authored by EgY Coders Team

Absolute Live Support version 5.1 suffers from a remote cookie handling vulnerability.

tags | exploit, remote
MD5 | e7d6d924c56acf14b57e6f5aed7cd799
absoluteform-cookie.txt
Posted Oct 31, 2008
Authored by EgY Coders Team

Absolute Form Processor version 4.0 suffers from a remote cookie handling vulnerability.

tags | exploit, remote
MD5 | c6c49e85837f60319c902d5286c42d3f
absolutebanner-cookie.txt
Posted Oct 31, 2008
Authored by EgY Coders Team

Absolute Banner Manager suffers from a remote cookie handling vulnerability.

tags | exploit, remote
MD5 | 1dc78e136b1542a0e4620842317a0dde
absolutecontent-cookie.txt
Posted Oct 31, 2008
Authored by EgY Coders Team

Absolute Content Rotator version 6.0 suffers from a remote cookie handling vulnerability.

tags | exploit, remote
MD5 | c185bfd36d4c7a7378aa42dc211a3eef
Page 1 of 2
Back12Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    11 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close