what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 43 RSS Feed

Files Date: 2009-07-23 to 2009-07-24

Ubuntu Security Notice 806-1
Posted Jul 23, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-806-1 - It was discovered that Python incorrectly handled certain arguments in the imageop module. If an attacker were able to pass specially crafted arguments through the crop function, they could execute arbitrary code with user privileges. For Python 2.5, this issue only affected Ubuntu 8.04 LTS. Multiple integer overflows were discovered in Python's stringobject and unicodeobject expandtabs method. If an attacker were able to exploit these flaws they could execute arbitrary code with user privileges or cause Python applications to crash, leading to a denial of service.

tags | advisory, denial of service, overflow, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2008-4864, CVE-2008-5031
SHA-256 | c8fae5e6de505386b8a8bf4f7a7ec80d7d5ec6659c0974814d50ac793bc6138d
Technical Cyber Security Alert 2009-204A
Posted Jul 23, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-204A - Adobe has released Security advisory APSA09-03, which describes a vulnerability affecting Adobe Flash. Other Adobe applications that include the Flash runtime, such as Adobe Reader 9, are also affected.

tags | advisory
SHA-256 | 8ff12095356d939f20d9b9628c3aa12c061184870a1b8c5909d5e22e66a4d540
Communigate Pro Cross Site Scripting
Posted Jul 23, 2009
Authored by Andrea Purificato | Site rawlab.mindcreations.com

Communigate Pro versions 5.2.14 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4e0228d024901ce8166756271e48ce39e5ac78dcf8b1da33e12d5ccc94c661ee
Botan C++ Crypto Algorithms Library
Posted Jul 23, 2009
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: This release fixes build problems affecting SPARC, HP-PA, and ARM processors. The Python configure script now supports stock CPython 2.4. A bug causing Skein-512 to crash if given a zero-length input vector was fixed.
tags | library
SHA-256 | 6370f819a2d31421a297ab65cd4b65434207b3d34db73fa45a59da790210b9dc
Joomla Joomloads SQL Injection
Posted Jul 23, 2009
Authored by Mr.tro0oqy

The Joomla Joomloads component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 106f4d5ed140559da25bb2b51e24d7fb1867e902430965e5171dfa6dae003c25
PHP Melody 1.5.3 File Upload
Posted Jul 23, 2009
Authored by Chip D3 Bi0s

PHP Melody version 1.5.3 suffers from a remote file upload and SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, sql injection, file upload
SHA-256 | 578183abffa2b682eadaf863479e76409411940b1fbf01c875cb6b8a274a1947
PowerTM 1.0 SQL Injection / XSS
Posted Jul 23, 2009
Authored by Moudi

PowerTM version 1.0 suffers from remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | cf9d8aa96b9dee35f949deadafdd0f12129a470db3d5d28fa16abf040af5c175
WINMOD 1.4 Stack Overflow
Posted Jul 23, 2009
Authored by CWH Underground | Site citecclub.org

WINMOD version 1.4 local stack overflow exploit that creates a malicious .lst file.

tags | exploit, overflow, local
SHA-256 | 580ca793824f61c7250c938f1c46d7e88a0d41e7e9e4e5c32cc127a5ec257b61
AWCM 2.1 Local File Inclusion / SQL Injection
Posted Jul 23, 2009
Authored by SwEET-DeViL

AWCM version 2.1 suffers from local file inclusion and remote SQL injection vulnerabilities. The SQL injection vulnerability allows for authentication bypass.

tags | exploit, remote, local, vulnerability, sql injection, bypass, file inclusion
SHA-256 | 185edd6e46fc0fc5bfb95531fe5ce93b2cf011506c6c3f2ab72ee190f1290894
e107 my_gallery 2.4.1 File Disclosure
Posted Jul 23, 2009
Authored by Vrs-hCk

The my_gallery version 2.4.1 plugin for e107 suffers from a local file disclosure vulnerability in readfile().

tags | exploit, local, info disclosure
SHA-256 | cfc848134d90297d8b1e87adcfb56229a852765353221339c2b362ae6383cdcd
Adobe Flash In PDF File Malware
Posted Jul 23, 2009

The pdf in this tarball takes advantage of an Adobe Flash vulnerability. This is real malware and should only be used for analysis purposes. Be careful and do not view this unless you want to get rooted.

tags | exploit, root
SHA-256 | 1b26e4edbd7653713594a900e85c2c30331824e2b87505c5f7cf3c1389153470
Samhain File Integrity Checker 2.5.7
Posted Jul 23, 2009
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: A potential deadlock has been fixed along with a configuration reload bug in the \'userfiles\' module. C99-style comments have been removed to improve portability, and the format of the date header of emails has been corrected.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 6396eb5f7f6cfaac1d8b3df0b2b8c0e9e3a83d9051e53cc4dbb90b0f7df26e86
Secunia Security Advisory 35938
Posted Jul 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in The BLOB Blog System, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | a239582cb53c247fd011376282e63bb2f6db1ae75746af9bf5ec177cc561b49c
Secunia Security Advisory 35952
Posted Jul 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MizoZ has reported some vulnerabilities in Clone2009, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 468d30205ebe376629d6fca9366d015561579417e013397862c9db2fdcd0c7ab
Secunia Security Advisory 35899
Posted Jul 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness and a vulnerability have been discovered in Joomla!, which can be exploited by malicious people to disclose certain system information and compromise a vulnerable system.

tags | advisory
SHA-256 | 50b80bca2f0292c26a79b1a74f59690a0e8f170ded6a7198d5fdec11c5075716
Secunia Security Advisory 35951
Posted Jul 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Akamai Download Manager, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 58699ad8d59354a6ad14499e7a94577168d423f05774ba43ca6dc8e99afdd22b
Secunia Security Advisory 35959
Posted Jul 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in the Bubbletimer module for Drupal, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site request forgery attacks, and by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability, csrf
SHA-256 | 6c587d4dcf3097c24bf96d481ddc2c9ee3ede67e765669b067c04e5f90fc1693
Wmshop Premium Database Config Disclosure
Posted Jul 23, 2009
Authored by Septemb0x | Site cyber-warrior.org

Wmshop Premium versions 8.1, 12.0, and 13.0 suffer from a database configuration disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 1c6f8d36ee0db9125d251d6b4b76c53cb8e69ff8d38f2279852c7a88bc6595b5
Wmshop 6.0 Password Disclosure
Posted Jul 23, 2009
Authored by Septemb0x | Site cyber-warrior.org

Wmshop versions 5.08 through 6.0 suffers from a forum password disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 89cb14e32960a3458fafac4dd59f0424e691ec4c65d6db751af09fb2539bb992
Valentina Database Config Disclosure
Posted Jul 23, 2009
Authored by Septemb0x | Site cyber-warrior.org

Valentina suffers from a database configuration disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 3244696757bac2ee26830bd88712890ccbd1f0c363127d4ae8325530d4685563
Valentina Cookie Handling Privilege Escalation
Posted Jul 23, 2009
Authored by Septemb0x | Site cyber-warrior.org

Valentina suffers from a cookie handling vulnerability that allows for privilege escalation and a shell upload.

tags | exploit, shell
SHA-256 | 14a549b7355f6602692da4dfd32c3ac09737b0f82c5eec644aa9dfcfcd8418cd
iPhone / iTouch Code Execution
Posted Jul 23, 2009
Authored by Thierry Zoller

Calling the CSS attr() attribute with a large number leads to memory corruption, heap spraying allows execution of code. Arbitrary remote code execution can be achieved by creating a special website and enticing the victim into visiting that site. iPhone OS versions 1.x through 2.2.1 and iPhone OS for iPod Touch versions 1.x through 2.2.1 are affected.

tags | advisory, remote, arbitrary, code execution
systems | apple, iphone
advisories | CVE-2009-1698
SHA-256 | 133f492014f2bfbfa80c0caa0d28b13729b130a662880909a1e4dec7f7c492d9
Debian Linux Security Advisory 1840-1
Posted Jul 23, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1840-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2009-2462, CVE-2009-2463, CVE-2009-2464, CVE-2009-2465, CVE-2009-2466, CVE-2009-2467, CVE-2009-2469, CVE-2009-2471, CVE-2009-2472
SHA-256 | 06bec18fe61ea63a11f102981e53bbd0c64e40a1fd5f1ef0e72bd54842fa19bf
Windows x86 Null-Free Bindshell Code
Posted Jul 23, 2009
Authored by SkyLined

Microsoft Windows x86 null-free bindshell shellcode for Windows 5.0 through 6.0 all service packs.

tags | x86, shellcode
systems | windows
SHA-256 | e30984bbffd193b9456095ecf59c11dc4559ea1dda013038d818184452fc953f
Secunia Security Advisory 35948
Posted Jul 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 98d694aceb19dc6548cb50a8c834af1197dc89de39aa73c9f8588b65a86e6c69
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close