what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 62 RSS Feed

Files Date: 2009-08-11 to 2009-08-12

Zero Day Initiative Advisory 09-056
Posted Aug 11, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-056 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists in the OWC10.Spreadsheet.10 ActiveX control installed by Microsoft Office. By accessing specific methods in a certain order heap corruption occurs leading to remote code execution. If exploited, complete control of the affected system can be achieved under the rights of the currently logged in user.

tags | advisory, remote, arbitrary, code execution, activex
advisories | CVE-2009-2496
SHA-256 | e92fccf22af688163d767248670bb42419de15c7fcab666839cd9f33be715a3f
Easy Music Player 1.0.0.2 Buffer Overflow
Posted Aug 11, 2009
Authored by ThE g0bL!N | Site h4ckf0ru.com

Easy Music Player version 1.0.0.2 universal local buffer overflow exploit that creates a malicious wav file.

tags | exploit, overflow, local
SHA-256 | b32540a997bd55516376e13e27b2fe53406ff1c4c3fc97cea656a64e32fbca61
Easy Music Player 1.0.0.2 Buffer Overflow
Posted Aug 11, 2009
Authored by ahwak2000

Easy Music Player version 1.0.0.2 universal local buffer overflow exploit that creates a malicious wav file.

tags | exploit, overflow, local
SHA-256 | b40b3541032328b2a569a4af39927811e7ce2bc01d7bff45ecfc6f4834da3719
Microsoft Windows 2003 EOT File BSOD Crash Exploit
Posted Aug 11, 2009
Authored by webDEViL

Microsoft Windows 2003 EOT file BSOD crash exploit.

tags | exploit
systems | windows
SHA-256 | 514c42533cf5970170afb6c5ce199f2f1f171f1e7825a7d778f2d2819af3fc7d
Zero Day Initiative Advisory 09-057
Posted Aug 11, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-057 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft's Remote Desktop Client. Authentication is not required to exploit this vulnerability. The specific flaw exists within mstscax.dll when parsing packets from an RDP server. A design flaw in the client allows a malicious RDP server to write to arbitrary memory inside the connecting processes memory space. By hosting a malicious RDP server, an attacker can execute arbitrary code on any client that attempts to connect to it. Privileges gained depend on which user is running the client.

tags | advisory, remote, arbitrary
advisories | CVE-2009-1133
SHA-256 | ea19b712b96a7f21f8e3c4697f846c1191bccad1db97ef99978a72212d85bfda
Zero Day Initiative Advisory 09-055
Posted Aug 11, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-055 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when loading and unloading the vulnerable control (0002E543-0000-0000-C000-000000000046) and results in transfer of control to unallocated memory. This issue can be exploited to execute arbitrary code under the context of the currently logged in user user.

tags | advisory, arbitrary
advisories | CVE-2009-0562
SHA-256 | c672c40273674168a900ee8b128c1fd852f58d21791047755a699339c155912f
Zero Day Initiative Advisory 09-054
Posted Aug 11, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-054 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the processing of malicious parameters to the routine msDataSourceObject() and results in transfer of control to unallocated memory. This issue can be exploited to execute arbitrary code under the context of the currently logged in user.

tags | advisory, arbitrary
advisories | CVE-2009-1136
SHA-256 | 6f40fa8d7176ee796ea4df869b27744542a68bea5a6da7913295f6a0d2f6dcea
Zero Day Initiative Advisory 09-053
Posted Aug 11, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-053 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WINS.exe process which provides name resolution services for NetBIOS networks. While parsing a push request the WINS service copies packet data to a static heap buffer while within a controlled loop. By providing a specially crafted request an attacker can overflow this heap buffer leading to arbitrary code execution under the SYSTEM context.

tags | advisory, remote, overflow, arbitrary, code execution
systems | windows
advisories | CVE-2009-1923
SHA-256 | 2e68161a299337b26b5fcfeb6f94d50d1c6f0669f38457bcd4c04277d37c5cf5
Technical Cyber Security Alert 2009-223A
Posted Aug 11, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-223A - Microsoft has released updates to address vulnerabilities in Microsoft Windows, Windows Server, Office Web Components and Remote Desktop Connection for Mac.

tags | advisory, remote, web, vulnerability
systems | windows
SHA-256 | 12aaf66e60d9ddd7cee826233bce282a3902f69343e419758ab5b2ff1b881fc0
Ubuntu Security Notice 815-1
Posted Aug 11, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-815-1 - It was discovered that libxml2 did not correctly handle root XML document element DTD definitions. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. It was discovered that libxml2 did not correctly parse Notation and Enumeration attribute types. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. It was discovered that libxml2 did not correctly handle long entity names. If a user were tricked into processing a specially crafted XML document, a remote attacker could execute arbitrary code with user privileges or cause the application linked against libxml2 to crash, leading to a denial of service.

tags | advisory, remote, denial of service, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2008-3529, CVE-2009-2414, CVE-2009-2416
SHA-256 | ada06af85bd2937d29ebaacad566ced0f560d6260b3ec68450b71b0c4ab7aac0
IPS Building Script
Posted Aug 11, 2009
Authored by Augusto Pereyra | Site code.google.com

This script provides an all-in-one easy installation of Snort in a box in bridge mode with a complex configuration.

tags | tool, sniffer
SHA-256 | 527e35e81c79071a3170ba4bc5d9b499b0471717e931e65c8d776e9950ba2744
Elicio Idea Management Software SQL Injection
Posted Aug 11, 2009
Authored by S3T4N | Site sux0r.net

Elicio Idea Manager Software suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b1cde55e6ac916f4660153a402f1670a33c454f4622c6bd0f5a4edced807b025
OCS Inventory NG Server 1.2.1 SQL Injection
Posted Aug 11, 2009
Authored by Guilherme Marinheiro

The OCS Inventory NG Server version 1.2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7f7b3f552864176202fce85cdbbbb082d53aa44191cb7702fd8f03f3c564ad03
NetrGetJoinInformation Heap Corruption
Posted Aug 11, 2009
Authored by Cody Pierce | Site tippingpoint.com

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Valid user credentials are required to exploit this vulnerability. The specific flaw exists in the Workstation RPC Service. When handling the arguments for the NetrGetJoinInformation function, memory is improperly freed and can lead to remote code execution. Successful exploitation can lead to a remote system compromise under SYSTEM credentials.

tags | advisory, remote, arbitrary, code execution
systems | windows
advisories | CVE-2009-1544
SHA-256 | 5393183c36ea88d2139644a6de4145537f2757f69041687b605c096b7e348484
Asterisk Project Security Advisory - Driver Crash
Posted Aug 11, 2009
Authored by Tilghman Lesher | Site asterisk.org

Asterisk Project Security Advisory - On certain implementations of libc, the scanf family of functions uses an unbounded amount of stack memory to repeatedly allocate string buffers prior to conversion to the target type. Coupled with Asterisk's allocation of thread stack sizes that are smaller than the default, an attacker may exhaust stack memory in the SIP stack network thread by presenting excessively long numeric strings in various fields.

tags | advisory
advisories | CVE-2009-2726
SHA-256 | b1dc46b65ba0899d179d5df802c216ac411cd9b7c37c701cd854541313c4d1e2
HP Security Bulletin HPSBUX02450 SSRT090141
Posted Aug 11, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability have been identified with HP-UX programs using the ttrace(2) system call. The vulnerability could be exploited locally to create a Denial of Service (DoS).

tags | advisory, denial of service
systems | hpux
advisories | CVE-2009-1427
SHA-256 | 56785d56968f7dbe900fa5995cce5636bbf13fa9e900d38589b999ad13fe222f
/bin/sh Polymorphic Shellcode For Linux/x86
Posted Aug 11, 2009
Authored by Jonathan Salwan | Site shell-storm.org

48 bytes small /bin/sh polymorphic shellcode for Linux/x86.

tags | x86, shellcode
systems | linux
SHA-256 | 1dcd3596a16e9e685f114d0880a46aac2878699f4546df0cae7e3adea919c423
killall5 Polymorphic Shellcode For Linux/x86
Posted Aug 11, 2009
Authored by Jonathan Salwan | Site shell-storm.org

61 bytes small killall5 polymorphic shellcode for Linux/x86.

tags | x86, shellcode
systems | linux
SHA-256 | af2c1334a03c4ca897aa504dbdff10da3c95a320eded32e64ae6b63401b6ed71
Embedthis Appweb 3.0b.2-4 Buffer Overflow
Posted Aug 11, 2009
Authored by fl0 fl0w | Site fl0-fl0w.docspages.com

Embedthis Appweb remote stack buffer overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
SHA-256 | 51a292dc00016f0c7562cc29590b5051749c2170a4b6e61f9648b6687d2f2194
Ubuntu Security Notice 814-1
Posted Aug 11, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-814-1 - A substantial amount of vulnerabilities in openjdk-6 have been addressed and fixed. These issues range from denial of service to code execution vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, ubuntu
advisories | CVE-2009-0217, CVE-2009-2475, CVE-2009-2476, CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2674, CVE-2009-2675, CVE-2009-2676, CVE-2009-2690
SHA-256 | 8d697a9751f57fbe8413cde8fc1c7dc6b4cc1de4d608811d3f65cf6b190ea1d8
Joomla IDOBlog 1.1b30 SQL Injection
Posted Aug 11, 2009
Authored by kkr

The Joomla IDOBlog component version 1.1b30 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ddddb686ef477a901ca4af9a77d0a108557463c0367b3af08a62aa2e4d3013ea
Secunia Security Advisory 36266
Posted Aug 11, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in GnuTLS, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | b610961bdc83120e8a331d6e5bafc52feaa38c394d012d1151828f4c1289c0b7
Secunia Security Advisory 36229
Posted Aug 11, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Windows and Microsoft Remote Desktop Connection Client for Mac, which can be exploited by malicious people to compromise a user's system.

tags | advisory, remote, vulnerability
systems | windows
SHA-256 | 30013980977566f17260f32ba9df386dd0888c76f32d935f1cae3a7f8ff0afbd
Secunia Security Advisory 36187
Posted Aug 11, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in various Windows components, which can be exploited by malicious people to bypass security features or compromise a user's system.

tags | advisory, vulnerability
systems | windows
SHA-256 | d3de1ebc4d618202b3bef8f0b385c564afeeb7719daa3e19889879ae0b72483c
Secunia Security Advisory 36206
Posted Aug 11, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | windows
SHA-256 | b8dfda450dcfc69f66c73d901cbba13b096783a71bcfc0a4bef7854259845703
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close