Showing 51 - 57 of 57

Files Date: 2009-02-25 to 2009-02-26

Mandriva Linux Security Advisory 2009-048: Posted Feb 25, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-048-1 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory. This update provides fix for that vulnerability. The previous update package was not built against the correct (latest) libxulrunner-1.9.0.6 library (fixes #48163); tags | advisory, arbitrary, local, python; systems | linux, mandriva; advisories | CVE-2008-5985; SHA-256 | 8f10e474b35d037306a6f4098b2632f5760950215e3ed5ab286da21879ce1b2d; Download | Favorite | View

Mandriva Linux Security Advisory 2009-047: Posted Feb 25, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-047-1 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Vim working directory. This update provides fix for that vulnerability. This update also provides updated packages for Mandriva Linux 2008.0.; tags | advisory, arbitrary, local, python; systems | linux, mandriva; advisories | CVE-2009-0316; SHA-256 | b38f622d9ccbd3e8fe45e71819802256bd08748d4fc5df23ee370c5822ece7b1; Download | Favorite | View

QWERTY CMS SQL Injection: Posted Feb 25, 2009; Authored by TurkGuvenligi | Site turkguvenligi.info; QWERTY CMS suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 35408a70ab9a43cff23216a1557e4f89c5c2fc2fb90af53091b634023c1ca8f4; Download | Favorite | View

User-land Solaris 10 libc accept() Call Rootkit: Posted Feb 25, 2009; Authored by Subere, C Papathanasiou; This user-land rootkit hijacks the libc accept() call via LD_PRELOAD and yields back a non-interactive shell on the remote host. The .so file is placed under the trusted library path. This has been written to specifically target sshd on Solaris, although other daemons (e.g. bind, sendmail, apached) can also be targeted. It has been tested on Solaris 10. Read the files inside for comments on further shell interaction.; tags | tool, remote, shell, rootkit; systems | unix, solaris; SHA-256 | 7987443dddeca5ef652aa2a782472ce53514e94d8e6bc5c72c114202001251b2; Download | Favorite | View

XGuestBook 2.0 SQL Injection: Posted Feb 25, 2009; Authored by Fireshot; XGuestBook version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.; tags | exploit, remote, sql injection; SHA-256 | 0532bfa977c8a5f49e2bcd69ed28835dd3ed1cffba0ab695ad58a888a2576f5a; Download | Favorite | View

Magento 1.2.0 Cross Site Scripting: Posted Feb 25, 2009; Authored by Loukas Kalenderidis | Site senseofsecurity.com.au; Magento version 1.2.0 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2009-0541; SHA-256 | 2437f6782e27c4fe4c042e239451d8b56521dca911f052617ef89739401e3b4b; Download | Favorite | View

Counter Strike Overflow Proof Of Concept: Posted Feb 25, 2009; Authored by M4rt1n; Counter Strike Source ManiAdminPlugin version 1.x remote buffer overflow proof of concept exploit.; tags | exploit, remote, overflow, proof of concept; SHA-256 | bf6e50d59fff08ea7e9392732f913d5007678ebb718145ffebc636029bde7eff; Download | Favorite | View

Page 3 of 3 Back 1 2 3 Next

Top Authors In Last 30 Days