what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 1,147 RSS Feed

Files Date: 2010-01-01 to 2010-01-31

Debian Linux Security Advisory 1978-1
Posted Jan 27, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1978-1 - Several remote vulnerabilities have been discovered in phpgroupware, a Web based groupware system written in PHP.

tags | advisory, remote, web, php, vulnerability
systems | linux, debian
advisories | CVE-2009-4414, CVE-2009-4415, CVE-2009-4416
SHA-256 | 69f85bade634aaa80b3a1ffe6f5ddcafd82e697ba944c468ffbf9fa38537dbdd
Methods Of Quick Exploitation Of Blind SQL Injection
Posted Jan 27, 2010
Authored by Dmitriy Evteev | Site securitylab.ru

Whitepaper called Methods Of Quick Exploitation Of Blind SQL Injection.

tags | paper, sql injection
SHA-256 | c69a4c103d432b2d88223df4dc98088b20c316605edf6809bd15d959593d2fd5
LookMer Music Portal Database Disclosure
Posted Jan 27, 2010
Authored by LionTurk

LookMer Music Portal suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | a3ee94babad164467618891403ee460acf6ea0ce265ec1b2dc0617c058fd9c7b
Basmi Okul Scripti Database Disclosure / Shell Upload
Posted Jan 27, 2010
Authored by LionTurk

Basmi Okul Scripti suffers from shell upload and database disclosure vulnerabilities.

tags | exploit, shell, vulnerability, info disclosure
SHA-256 | 4862a4f33b48b143c77d2cf8b1b48377ec8d80bb4ea2eef7e2809cb304ab5dd3
Discuz! 6.0.0 Cross Site Scripting
Posted Jan 27, 2010
Authored by s4r4d0

Discuz! version 6.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bc946b356870b8085d969310360a71bc24171d2134452572fcd12fdece9df47a
Mandriva Linux Security Advisory 2010-026
Posted Jan 27, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-026 - libraries/libldap/tls_o.c in OpenLDAP, when OpenSSL is used, does not properly handle a \\'\\0\\' (NUL) character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

tags | advisory, arbitrary, spoof
systems | linux, mandriva
advisories | CVE-2009-3767
SHA-256 | d24aa6b26a33a379ee5a3aeb6a16a1856818804de3fa37eae392f97c6825290a
Ubuntu Security Notice 890-4
Posted Jan 27, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 890-4 - USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for PyXML. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-3560, CVE-2009-3720
SHA-256 | 42a2daccd8cc1406010126b963ee66d202639413a9de1bb48654443115f644d7
UGiA PHP Uploader 0.2 Shell Upload
Posted Jan 27, 2010
Authored by indoushka

UGiA PHP Uploader version 0.2 suffers from a shell upload vulnerability.

tags | exploit, shell, php
SHA-256 | f8b27d4b44d0f381b3a521dd8e4bb36a8ac5308048e9d8bf34b12f6a9990bde6
South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation
Posted Jan 27, 2010
Authored by Trancer | Site metasploit.com

This Metasploit module exploits a privilege escalation vulnerability in South River Technologies WebDrive. Due to an empty security descriptor, a local attacker can gain elevated privileges. Tested on South River Technologies WebDrive 9.02 build 2232 on Microsoft Windows XP SP3.

tags | exploit, local
systems | windows
advisories | CVE-2009-4606
SHA-256 | d1b1cd0b24c521c3ac658150a5658356bf2ad8fce479a3690ef93ddb1ce99210
KOL WaveIOX 1.04 Buffer Overflow
Posted Jan 27, 2010
Authored by cr4wl3r

KOL WaveIOX version 1.04 .wav local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | 4c9d7c267dc16e081588cd99eab9a6bc279c175609e568fe2dc4497dc8f21c51
KOL Wave Player 1.0 Local Buffer Overflow
Posted Jan 27, 2010
Authored by cr4wl3r

KOL Wave Player version 1.0 .wav local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | a8ef8bc0c251dbfab265c626b091962902c509e4cad875f7b9efb517bd032906
Simple Encoding Utility
Posted Jan 27, 2010
Authored by MDH3LL

This perl script is a simple encoding utility that converts data to Hex, Unicode, etc.

tags | tool, perl
systems | unix
SHA-256 | 2b30fb69bb60fef848c4afa61d58fad18d20e6e793de647d90fe8fd5c59c4af2
IBM DataPower XS40 Security Gateway Denial Of Service
Posted Jan 27, 2010
Authored by Erik

The IBM DataPower XS40 Security Gateway suffers from a malformed packet denial of service vulnerability.

tags | advisory, denial of service
SHA-256 | 22f95689d88e5a8859a94456da4be2b3876d90089600c32767be934074c15957
Microsoft Internet Explorer 6 / 7 Local Crash
Posted Jan 27, 2010
Authored by Pouya Daneshmand

Microsoft Internet Explorer versions 6 and 7 local crash exploit.

tags | exploit, local
SHA-256 | 4919b1da84a18ee8dd1946be9767fbd69d36552aef4bed91d749811ec7aa7886
Secunia Security Advisory 38255
Posted Jan 27, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Trancer has reported a vulnerability in cPanel, which can be exploited by malicious people to conduct HTTP response splitting attacks.

tags | advisory, web
SHA-256 | a7c37a1685d9a31cc59ef4367bb453cb4f7de21dd5869597f71ee3e509b6f7f3
Secunia Security Advisory 38344
Posted Jan 27, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in yaSSL, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

tags | advisory, denial of service
SHA-256 | bb7784179150a0693fe149a19bfe158575e7985a64d4f6d3afaf6563bf408ff9
Secunia Security Advisory 38306
Posted Jan 27, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP OpenView Storage Data Protector, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
SHA-256 | f71dd45568764812b2462e52e2193e8989f5193f8d943c2b8c21305b7a18e79b
Mozilla Firefox 3.6 Setting Personas
Posted Jan 27, 2010
Authored by Artur Janc

Mozilla Firefox version 3.6 suffers from an arbitrary setting of Personas without user interaction.

tags | advisory, arbitrary
SHA-256 | c0a381292581d3fcf994fd260f74219521dc77f1c33df1488cff34970457cc73
Google Chrome Pop-Up Block Menu Handling
Posted Jan 27, 2010
Authored by Carsten Eiram, Jakob Balle | Site secunia.com

Secunia Research has discovered a vulnerability in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by a use-after-free error when trying to display a blocked pop-up window while navigating away from the current site. Successful exploitation may allow execution of arbitrary code. Version 3.0.195.38 is affected.

tags | advisory, arbitrary
SHA-256 | ca51a53be3e2be60a135aef75af0e1b2b44ab80b91e0ccfa337b8c33ef7be350
Joomla 1.5.12 Remote File Execution
Posted Jan 27, 2010
Authored by Nikola Petrov

Joomla version 1.5.12 suffers from remote file execution / local file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion
SHA-256 | a835dff9a8ce1c69ba0f9042398b4a9f1c7a7e1357438f432017e7ac275354b2
Joomla 1.5.12 Path Disclosure / Local File Inclusion
Posted Jan 27, 2010
Authored by Nikola Petrov

Joomla version 1.5.12 suffers from path disclosure and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
SHA-256 | 34c9c59dbb357a2b1cbbbe48015e34d9b35753de40daafbf09042cabbfe2a13f
Debian Linux Security Advisory 1977-1
Posted Jan 27, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1977-1 - Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that the embedded Expat copy in the interpreter for the Python language, does not properly process malformed or crafted XML files. This vulnerability could allow an attacker to cause a denial of service while parsing a malformed XML file. In addition, this update fixes an integer overflow in the hashlib module in python2.5. This vulnerability could allow an attacker to defeat cryptographic digests. It only affects the oldstable distribution (etch).

tags | advisory, denial of service, overflow, python
systems | linux, debian
advisories | CVE-2008-2316, CVE-2009-3560, CVE-2009-3720
SHA-256 | 28197fcb1e4306a91d0fa3becafcfc0ced03343e6c675879be0de7506a38c77d
Publique! Framework 2.3 SQL Injection
Posted Jan 26, 2010
Authored by Christophe de la Fuente, Gustavo Pimentel Bittencourt

Publique! Framework version 2.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b5c3513c8949c151cfc05bdfe1cd8973445f1bbc09b6cebdbedbef350dbaac2d
Status2k Add Administrator
Posted Jan 26, 2010
Authored by alnjm33

Status2k remote add administrator exploit.

tags | exploit, remote, add administrator
SHA-256 | 0963d7f0df034726c05cd0e475a5566182a77d8c09f06d0ec2194f29055d6b8c
Digital Defense VRT Advisory 2009.27
Posted Jan 26, 2010
Authored by Digital Defense, r@b13$, Chris Graham, Rob Kraus

The login page of the F2L-3000 version 4.0.0 is vulnerable to SQL Injection. Exploitation of the vulnerability may allow attackers tobypass authentication and access sensitive information stored on the device.

tags | advisory, sql injection
SHA-256 | 0aa31d61a17571c0fb1db50bfa89f614672ac6e1de71f37e6ea906313453af1b
Page 5 of 46
Back34567Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close