exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 45 of 45 RSS Feed

Files Date: 2008-12-10 to 2008-12-11

Pro Chat Rooms 3.0.2 XSS / XSRF
Posted Dec 10, 2008
Authored by ZynbER

Pro Chat Rooms version 3.0.2 suffers from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 5fd0b6e75aa088fe708a2b2c8e8751ba1c16646c57fa5f98d6e37045b8940139
Living Local 1.1 XSS / File Upload Vulnerabilities
Posted Dec 10, 2008
Authored by Bgh7

Living Local version 1.1 suffers from remote file upload and cross site scripting vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, file upload
SHA-256 | f3868c1baae9ae6c1c3efacf15f2474c8bcd417c69b48fe3544e56714bfcab3d
Webmaster Marketplace SQL Injection
Posted Dec 10, 2008
Authored by Hussin X | Site tryag.cc

Webmaster Marketplace suffers from a remote SQL injection vulnerability in member.php.

tags | exploit, remote, php, sql injection
SHA-256 | 0c0a07b3f53fa0581ee7c2da6b98f6f768276ae0a2d8effa328e88b08c8fdeae
HTMPL 1.11 Code Execution
Posted Dec 10, 2008
Authored by ZeN | Site dusecurity.com

HTMPL version 1.11 suffers from a remote command execution vulnerability in htmpl_admin.cgi.

tags | exploit, remote, cgi
SHA-256 | cb5b934e888731b0f2ebf5ef79d0bcd011de5efcf7dd671d777282e671fae2d7
Linux Kernel Denial Of Service Exploit
Posted Dec 10, 2008
Authored by Jon Oberheide

Linux kernel versions 2.6.27.8 and below ATMSVC local denial of service exploit.net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.

tags | exploit, denial of service, kernel, local
systems | linux
advisories | CVE-2008-5079
SHA-256 | 1ac5511bb7124a05d8d0461db2da89076c5d7276da1e422a0eed18b95223456a
eZ Publish Privilege Escalation
Posted Dec 10, 2008
Authored by s4avrd0w

eZ Publish versions below 3.9.5 / 3.10.1 / 4.0.1 privilege escalation exploit.

tags | exploit
SHA-256 | fca2f4728ec76cac85ca4284335bbbd8fbb63e685876a5c64b99479dbe77be7b
Facebook Cross Site Scripting
Posted Dec 10, 2008
Authored by Facebook IsBuggy

Facebook has been susceptible to reported cross site scripting vulnerabilities since August. It is stunning that they have not fixed this in this timeframe.

tags | exploit, vulnerability, xss
SHA-256 | 09ef1b5b6fb8ae84c27eadb08f71c7a69a2f6439925ed7f54ebbcc876832eb8c
Gentoo Linux Security Advisory 200812-10
Posted Dec 10, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200812-10 - A directory traversal vulnerability has been discovered in Archive::Tar. Jonathan Smith of rPath reported that Archive::Tar does not check for .. in file names. Versions less than 1.40 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-4829
SHA-256 | 2735121b1c06247892212422bdf8aa548600433ede2ff2886dae9ba5c4119526
Gentoo Linux Security Advisory 200812-9
Posted Dec 10, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200812-09 - Smart cards formatted using OpenSC do not sufficiently protect the PIN, allowing attackers to reset it. Chaskiel M Grundman reported that OpenSC uses weak permissions (ADMIN file control information of 00) for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4. Versions less than 0.11.6 are affected.

tags | advisory, cryptography
systems | linux, gentoo
advisories | CVE-2008-2235
SHA-256 | c6ee2a4b61e4dbad6fbde8d1cdb450da973718cd1afa12d10b3c625df252fae9
Debian Security Advisory 1684
Posted Dec 10, 2008
Site debian.org

Debian Security Advisory 1684 - Two vulnerabilities have been found in lcms, a library and set of commandline utilities for image color management.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2008-5316, CVE-2008-5317
SHA-256 | 2952c9357931b7c0048b563bbb72f0deffa1e8c321418f8151a582a9af5cc3d7
Secunia Security Advisory 33038
Posted Dec 10, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - G4N0K has reported a vulnerability in DL PayCart, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 7261b20121dbb96cc0790f3d0b560eb5e6e8d1ad1967c4bf63067edbb91a01b4
Secunia Security Advisory 33037
Posted Dec 10, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - G4N0K has reported a vulnerability in Bonza Cart, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 6f383178bdf23eb2dd9c1257ad160a71df5f37878c1049f0eebb9fdfa487ff42
Secunia Security Advisory 33066
Posted Dec 10, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for lcms. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | f4afde51eec894dfd5076ebef0f0fe2220da890c7c03478eb9b3e9157843c90c
Secunia Security Advisory 32885
Posted Dec 10, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Nenad Vijatov has discovered a vulnerability in MDaemon, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | a59b699497b1f49a6cc64fa2c6ffc9bb6da5ef1786d5d3a6c4016d199d2f303a
Secunia Security Advisory 33085
Posted Dec 10, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Avaya has acknowledged some vulnerabilities in Messaging Storage Server, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | adf1fa2d6ab55ce57d1ebc1874cc3d12c66f127bd1f853d7598c24aede8f1d4d
Secunia Security Advisory 33073
Posted Dec 10, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SuB-ZeRo has reported a vulnerability in Peel, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | b801cac2aa87252060fce0eb8ebcd253f8f4db0a459985ddf2cabc72ed20d135
Secunia Security Advisory 33095
Posted Dec 10, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 669e56cffcd9952077215855c7c79c0d8ad700c504471bfceabd3c01b43fdff7
Ubuntu Security Notice 678-2
Posted Dec 10, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-678-2 - USN-678-1 fixed a vulnerability in GnuTLS. The upstream patch introduced a regression when validating certain certificate chains that would report valid certificates as untrusted. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Martin von Gagern discovered that GnuTLS did not properly verify certificate chains when the last certificate in the chain was self-signed. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.

tags | advisory, remote
systems | linux, ubuntu
SHA-256 | cd5cd20b3a4bed05c5258f164bc821d426a546541e352c7b1df7b0f42f117abf
Ubuntu Security Notice 689-1
Posted Dec 10, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-689-1 - Alfredo Ortega discovered a flaw in Vinagre's use of format strings. A remote attacker could exploit this vulnerability if they tricked a user into connecting to a malicious VNC server, or opening a specially crafted URI with Vinagre. In Ubuntu 8.04, it was possible to execute arbitrary code with user privileges. In Ubuntu 8.10, Vinagre would simply abort, leading to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
SHA-256 | 687179c7ff2f3d8c3d0ba8d1cea02e0fb56b192c40b7427f449f28a024e4acef
Technical Cyber Security Alert 2008-344A
Posted Dec 10, 2008
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA08-344A - Microsoft has released updates that address vulnerabilities in Microsoft Windows, Internet Explorer, Word, Excel, SharePoint Server, Visual Basic 6 and related components.

tags | advisory, vulnerability
systems | windows
SHA-256 | 8883648b6f3e2c04e5be8f8603bfa8bc5bbdb6d8312fc76f60ab0b137ed930d2
Page 2 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close