exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 50 RSS Feed

Files Date: 2009-02-03 to 2009-02-04

Core Security Technologies Advisory 2008.1009
Posted Feb 3, 2009
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - Multiple integer overflow vulnerabilities have been discovered in UltraVNC and TightVNC, two (open source) remote control applications derived from the popular VNC software. The vulnerabilities cause a miscalculation of a buffer size on the heap, allowing an attacker to corrupt a VNC client heap and can probably allow code execution (exploitation is very likely). Affected packages include UltraVNC versions 1.0.2, 1.0.5, and TightVNC version 1.3.9.

tags | advisory, remote, overflow, vulnerability, code execution
advisories | CVE-2009-0388
SHA-256 | 27ab44936ddd8eacf7dda098842026d7f58dc3335367e99f73723c3a8cc516dd
Euphonics Audio Player 1.0 Buffer Overflow
Posted Feb 3, 2009
Authored by h4ck3r#47 | Site arab4services.net

Euphonic Audio Player version 1.0 local buffer overflow exploit that creates a malicious .pls file.

tags | exploit, overflow, local
SHA-256 | da56d96008c755e43aa711c77120a49effcc286093eab1d7c2de4fbfd44a36bf
WEBalbum 2.4b SQL Injection
Posted Feb 3, 2009
Authored by XORON

WEBalbum version 2.4b remote blind SQL injection exploit that leverages photo.php.

tags | exploit, remote, php, sql injection
SHA-256 | d7ca1aa02c5273038ee9b6ec42eeecb08d78c6771b8f839cc998f1d883d9e289
Oracle 9iR2 Buffer Overflow
Posted Feb 3, 2009
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Database Server version 9iR2 suffers from a buffer overflow vulnerability in SYS.OLAPIMPL_T.ODCITABLESTART.

tags | advisory, overflow
advisories | CVE-2008-3974
SHA-256 | a39843ad1978417ac2d1d54f77d7f550dd386455ba1250f2d7c1ff55526f2b6f
Oracle Enterprise Manager SQL Injection
Posted Feb 3, 2009
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - The Oracle Enterprise Manager TARGET parameter suffers from a remote SQL injection vulnerability. Oracle Enterprise Manager 10g Grid Control 10.2.0.4 and previous patchsets are vulnerable.

tags | advisory, remote, sql injection
advisories | CVE-2008-5447
SHA-256 | acd32ba3a38a84b9fa838e17fd50d867609b311ce99bfa68d4c094796de222a7
MyDesign Sayac 2.0 SQL Injection
Posted Feb 3, 2009
Authored by Kacak

MyDesign Sayac version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 73b1aacbc867b53e8cc4b71b02b1ac0e0550aa66d9a14aefa4464eb203a102d0
SMF Cookie Stealing
Posted Feb 3, 2009
Authored by Xianur0

Simple Machines Forums suffers from a cookie stealing vulnerability.

tags | exploit
SHA-256 | 45d1e2fac01c0acc368d3ef2dd2a067a08acdf318adb7dd89188262cbd8afb18
Online Game Script XSRF
Posted Feb 3, 2009
Authored by S1B3RK4N

Online Game Script cross site request forgery exploit.

tags | exploit, csrf
SHA-256 | 4ff0591169ce61b96b2a1e3790fcf168f8f48bab91d8b58b7a62921166236dab
Jaws 0.8.8 Local File Inclusion
Posted Feb 3, 2009
Authored by fuzion

Jaws version 0.8.8 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | d57aee98010c3af35c615027fc193282257a906aff816b1b2cfa53e2f2fa806a
AJA Modules Rapidshare 1.0.0 Shell Upload
Posted Feb 3, 2009
Authored by Hussin X | Site tryag.cc

AJA Modules Rapidshare version 1.0.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
SHA-256 | dc7805c549a659de27d5e17449057fadcb8c4dd6ae18868de9b1b453118cd429
Phormer PhotoGallery 3.3.1 Insecure Cookie
Posted Feb 3, 2009
Authored by Hussin X | Site tryag.cc

Phormer PhotoGallery version 3.3.1 suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
SHA-256 | 724b69ccd70353a15db42838c86a1d9079030ed993a40f926c283456ae143897
Technote 7.2 Remote File Inclusion
Posted Feb 3, 2009
Authored by make0day

Technote 7.2 suffers from the same remote file inclusion vulnerability as Technote 7.0. Obviously, the authors did not feel this was an important fix for the following release.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 40e818cbaba512214e4d4af00accf91a1cb42379a7f1d13442171d00dd83760e
BlazeVideo HDTV Player 3.5 Overflow
Posted Feb 3, 2009
Authored by LiquidWorm | Site zeroscience.mk

BlazeVideo HDTV Player versions 3.5 and below remote heap overflow exploit that generates a malicious .plf playlist file.

tags | exploit, remote, overflow
SHA-256 | 4b4c1558e7f56d01f5235ad5b66a61db0081bd3af414422f76a4c97100c66ee6
Web Hacking Incidents Database Update
Posted Feb 3, 2009
Authored by Ofer Shezaf

This file documents recent incidents that have been reported to the Web Hacking Incidents Database (WHID).

tags | advisory, web
SHA-256 | ff786846a4d8dd673858a1ce9d94bf2333c7eea65387c85272d128241904ae96
DreamPics Photo/Video Gallery SQL Injection
Posted Feb 3, 2009
Authored by XORON

DreamPics Photo/Video Gallery remote blind SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | dcd35707c99ed13667bc2b8b0d7b08aa1be8cceeaff98981f98cb2f6efa71db6
Free Download Manager 3.0 Buffer Overflow
Posted Feb 3, 2009
Authored by SkD

Free Download Manager versions 3.0 Build 844 and below buffer overflow exploit that creates a malicious .torrent file.

tags | exploit, overflow
SHA-256 | d12f4e089445b1376e418c8bb42e9ae29a3e9f38e422a24c6d2d91e761df72a5
4Site CMS 2.6 SQL Injection
Posted Feb 3, 2009
Authored by D.Mortalov | Site wsec.ru

4Site CMS versions 2.6 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 5317adad68f2d338b11b78fefffa8de75b0297f4a64f2c516ec4c0de39dbbf9d
Groone's Guestbook 2.0 Remote File Inclusion
Posted Feb 3, 2009
Authored by k3vin mitnick

Groone's Guestbook version 2.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | c68c5ee7af85f17e26685180f3bd7c7f1a95c6f7dbe63633c395ca1a679dcd8b
Groone GLinks 2.1 Remote File Inclusion
Posted Feb 3, 2009
Authored by k3vin mitnick

Groone GLinks version 2.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 2ae8d59b547f45d8a319290094a0dda4c3cf1b3f16af3311e91ca4f91a5c5bea
Hex Workshop 6 .cmap Crash Exploit
Posted Feb 3, 2009
Authored by DATA_SNIPER

Hex Workshop version 6 invalid memory reference crash proof of concept exploit that makes a malicious .cmap file.

tags | exploit, denial of service, proof of concept
SHA-256 | 212e459b6da6a635f8b5e94175e3a442aa2bd9e90775f4d992e14e9c63dbe9f0
TxtBlog 1.0 Command Execution
Posted Feb 3, 2009
Authored by Osirys | Site y-osirys.com

TxtBlog version 1.0 Alpha remote command execution exploit.

tags | exploit, remote
SHA-256 | 77e92d48c77613b107ba5d46abc7a9bd0872d369378d3087044beccf42731f66
HP Security Bulletin 2008-01.7
Posted Feb 3, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running IPv6. This vulnerability could be exploited remotely resulting in a Denial of Service (DoS) and unauthorized access.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2008-2476, CVE-2008-4404
SHA-256 | c027f5f7923cfc1e981596de9960ed7850def908f33cb8be259a2eca6f7da276
Nokia Multimedia Player 1.1 Heap Overflow
Posted Feb 3, 2009
Authored by 0in | Site dark-coders.4rh.eu

Nokia Multimedia Player version 1.1 heap overflow proof of concept exploit that creates a malicious .m3u file.

tags | exploit, overflow, proof of concept
SHA-256 | 8a08979b49561cbf9812489de3f19650fe0061fbf344556ab2403791bdab1f43
Bugzilla XSRF Randomization Vulnerability
Posted Feb 3, 2009
Site bugzilla.org

Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, generated insufficiently random numbers, resulting in all random tokens being the same, all CSRF protection being defeated, and the new attachment_base functionality being compromised.

tags | advisory, csrf
SHA-256 | 242b54b1cddc091b8ac840990a5715422764ecd5ea5df5950cbb65e6eccd8af5
WholeHogSoftware Password Protect Insecure Cookie
Posted Feb 3, 2009
Authored by Stack | Site v4-team.com

WholeHogSoftware Password Protect suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
SHA-256 | 879dcb888bd7acc1a852549d9d2bc10d3e78da75248890919d6c01b2efb8061c
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close