exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 44 of 44 RSS Feed

Files Date: 2010-01-27 to 2010-01-28

Basmi Okul Scripti Database Disclosure / Shell Upload
Posted Jan 27, 2010
Authored by LionTurk

Basmi Okul Scripti suffers from shell upload and database disclosure vulnerabilities.

tags | exploit, shell, vulnerability, info disclosure
SHA-256 | 4862a4f33b48b143c77d2cf8b1b48377ec8d80bb4ea2eef7e2809cb304ab5dd3
Discuz! 6.0.0 Cross Site Scripting
Posted Jan 27, 2010
Authored by s4r4d0

Discuz! version 6.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bc946b356870b8085d969310360a71bc24171d2134452572fcd12fdece9df47a
Mandriva Linux Security Advisory 2010-026
Posted Jan 27, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-026 - libraries/libldap/tls_o.c in OpenLDAP, when OpenSSL is used, does not properly handle a \\'\\0\\' (NUL) character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

tags | advisory, arbitrary, spoof
systems | linux, mandriva
advisories | CVE-2009-3767
SHA-256 | d24aa6b26a33a379ee5a3aeb6a16a1856818804de3fa37eae392f97c6825290a
Ubuntu Security Notice 890-4
Posted Jan 27, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 890-4 - USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for PyXML. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-3560, CVE-2009-3720
SHA-256 | 42a2daccd8cc1406010126b963ee66d202639413a9de1bb48654443115f644d7
UGiA PHP Uploader 0.2 Shell Upload
Posted Jan 27, 2010
Authored by indoushka

UGiA PHP Uploader version 0.2 suffers from a shell upload vulnerability.

tags | exploit, shell, php
SHA-256 | f8b27d4b44d0f381b3a521dd8e4bb36a8ac5308048e9d8bf34b12f6a9990bde6
South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation
Posted Jan 27, 2010
Authored by Trancer | Site metasploit.com

This Metasploit module exploits a privilege escalation vulnerability in South River Technologies WebDrive. Due to an empty security descriptor, a local attacker can gain elevated privileges. Tested on South River Technologies WebDrive 9.02 build 2232 on Microsoft Windows XP SP3.

tags | exploit, local
systems | windows
advisories | CVE-2009-4606
SHA-256 | d1b1cd0b24c521c3ac658150a5658356bf2ad8fce479a3690ef93ddb1ce99210
KOL WaveIOX 1.04 Buffer Overflow
Posted Jan 27, 2010
Authored by cr4wl3r

KOL WaveIOX version 1.04 .wav local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | 4c9d7c267dc16e081588cd99eab9a6bc279c175609e568fe2dc4497dc8f21c51
KOL Wave Player 1.0 Local Buffer Overflow
Posted Jan 27, 2010
Authored by cr4wl3r

KOL Wave Player version 1.0 .wav local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | a8ef8bc0c251dbfab265c626b091962902c509e4cad875f7b9efb517bd032906
Simple Encoding Utility
Posted Jan 27, 2010
Authored by MDH3LL

This perl script is a simple encoding utility that converts data to Hex, Unicode, etc.

tags | tool, perl
systems | unix
SHA-256 | 2b30fb69bb60fef848c4afa61d58fad18d20e6e793de647d90fe8fd5c59c4af2
IBM DataPower XS40 Security Gateway Denial Of Service
Posted Jan 27, 2010
Authored by Erik

The IBM DataPower XS40 Security Gateway suffers from a malformed packet denial of service vulnerability.

tags | advisory, denial of service
SHA-256 | 22f95689d88e5a8859a94456da4be2b3876d90089600c32767be934074c15957
Microsoft Internet Explorer 6 / 7 Local Crash
Posted Jan 27, 2010
Authored by Pouya Daneshmand

Microsoft Internet Explorer versions 6 and 7 local crash exploit.

tags | exploit, local
SHA-256 | 4919b1da84a18ee8dd1946be9767fbd69d36552aef4bed91d749811ec7aa7886
Secunia Security Advisory 38255
Posted Jan 27, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Trancer has reported a vulnerability in cPanel, which can be exploited by malicious people to conduct HTTP response splitting attacks.

tags | advisory, web
SHA-256 | a7c37a1685d9a31cc59ef4367bb453cb4f7de21dd5869597f71ee3e509b6f7f3
Secunia Security Advisory 38344
Posted Jan 27, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in yaSSL, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

tags | advisory, denial of service
SHA-256 | bb7784179150a0693fe149a19bfe158575e7985a64d4f6d3afaf6563bf408ff9
Secunia Security Advisory 38306
Posted Jan 27, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP OpenView Storage Data Protector, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
SHA-256 | f71dd45568764812b2462e52e2193e8989f5193f8d943c2b8c21305b7a18e79b
Mozilla Firefox 3.6 Setting Personas
Posted Jan 27, 2010
Authored by Artur Janc

Mozilla Firefox version 3.6 suffers from an arbitrary setting of Personas without user interaction.

tags | advisory, arbitrary
SHA-256 | c0a381292581d3fcf994fd260f74219521dc77f1c33df1488cff34970457cc73
Google Chrome Pop-Up Block Menu Handling
Posted Jan 27, 2010
Authored by Carsten Eiram, Jakob Balle | Site secunia.com

Secunia Research has discovered a vulnerability in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by a use-after-free error when trying to display a blocked pop-up window while navigating away from the current site. Successful exploitation may allow execution of arbitrary code. Version 3.0.195.38 is affected.

tags | advisory, arbitrary
SHA-256 | ca51a53be3e2be60a135aef75af0e1b2b44ab80b91e0ccfa337b8c33ef7be350
Joomla 1.5.12 Remote File Execution
Posted Jan 27, 2010
Authored by Nikola Petrov

Joomla version 1.5.12 suffers from remote file execution / local file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion
SHA-256 | a835dff9a8ce1c69ba0f9042398b4a9f1c7a7e1357438f432017e7ac275354b2
Joomla 1.5.12 Path Disclosure / Local File Inclusion
Posted Jan 27, 2010
Authored by Nikola Petrov

Joomla version 1.5.12 suffers from path disclosure and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
SHA-256 | 34c9c59dbb357a2b1cbbbe48015e34d9b35753de40daafbf09042cabbfe2a13f
Debian Linux Security Advisory 1977-1
Posted Jan 27, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1977-1 - Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that the embedded Expat copy in the interpreter for the Python language, does not properly process malformed or crafted XML files. This vulnerability could allow an attacker to cause a denial of service while parsing a malformed XML file. In addition, this update fixes an integer overflow in the hashlib module in python2.5. This vulnerability could allow an attacker to defeat cryptographic digests. It only affects the oldstable distribution (etch).

tags | advisory, denial of service, overflow, python
systems | linux, debian
advisories | CVE-2008-2316, CVE-2009-3560, CVE-2009-3720
SHA-256 | 28197fcb1e4306a91d0fa3becafcfc0ced03343e6c675879be0de7506a38c77d
Page 2 of 2
Back12Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close