what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 74 of 74 RSS Feed

Files Date: 2010-02-24 to 2010-02-25

Secunia Security Advisory 38682
Posted Feb 24, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for krb5. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | c65f0f1bd60926705d9bcc4b13a2fc16cb536b6fb9b4fe5f43df4032bf0b96a4
TinyPug Cross Site Request Forgery
Posted Feb 24, 2010
Authored by ViRuSMaN

TinyPug suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 0708377b9c58799c6cba394d0e8c610c9002204922dc1b9fed0077d1fd4aa235
GNUnet P2P Framework 0.8.1b
Posted Feb 24, 2010
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: This release fixes two issues that could result in the loss of content in the local data store under certain circumstances.
tags | tool, web, udp, tcp, peer2peer
SHA-256 | 7c854d2ef5ee592193bb04d8746a8b0ffc20f568674145a1f9a2e8f2bbced64c
Joomla SQL Report Blind SQL Injection
Posted Feb 24, 2010
Authored by Snakespc

The Joomla SQL Report component suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bc02017323da06859f6b06d19ba7a5337c09bf1fccb42b6d94548b9df07140b8
OIBlogs Local File Inclusion
Posted Feb 24, 2010
Authored by jiko

OIBlogs suffers from local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
SHA-256 | 25edf971feaca9030f3386892c3d7dd04c3dfe36d6d5182ec41cc9e2e07c4b5f
Zero Day Initiative Advisory 10-021
Posted Feb 24, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-021 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell NetStorage. Authentication is not required to exploit this vulnerability. The specific flaws exists within the xsrvd process during the wide character conversion of requested file paths. In conjunction with a long username value the file path conversion will result in a heap overflow corrupting a chunk that will be immediately freed. This can be leveraged by remote attackers to compromise the NetStorage server.

tags | advisory, remote, overflow, arbitrary
SHA-256 | 86505f34da0ba244fc5a53e391d9c482ced37a1f06a9ea9729dafd66600e35c5
CA eHealth Performance Manager Security Notice
Posted Feb 24, 2010
Authored by Kevin Kotas | Site www3.ca.com

CA's support is alerting customers to a security risk with CA eHealth Performance Manager. A cross-site scripting vulnerability exists that can allow a remote attacker to potentially gain sensitive information. CA has provided guidance to remediate the vulnerability.

tags | advisory, remote, xss
advisories | CVE-2010-0640
SHA-256 | 39d84995aec8b0cb22c76241f4147383e8b61c3f330f9f6678b33fe9bd42b489
Joomla Ice Blind SQL Injection
Posted Feb 24, 2010
Authored by Snakespc

The Joomla Ice component suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f18bcd874d8de343dabbe4fa1555eea9129fca94024105a342ad3a142543ddd0
Mandriva Linux Security Advisory 2010-047
Posted Feb 24, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-047 - A race condition has been found in fuse that could escalate privileges for local users and lead to a DoS (Denial of Service). The updated packages have been patched to correct this issue.

tags | advisory, denial of service, local
systems | linux, mandriva
advisories | CVE-2009-3297
SHA-256 | 5496a7be3557bf95039baacc383fe0397de4ec0b2e027ce7564be91becfda6f2
Mandriva Linux Security Advisory 2010-046
Posted Feb 24, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-046 - A vulnerability has been found in ncpfs which can be exploited by local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

tags | advisory, denial of service, local
systems | linux, mandriva
advisories | CVE-2009-3297
SHA-256 | c108ed4df6585f5e3cdddb5770d4b2bf29a048d9140b0b94f6ac40e25242e1c4
Top Auktion SQL Injection
Posted Feb 24, 2010
Authored by Easy Laster

Top Auktion suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 689affc6bbbe5a84a7fa90ef58b66eb5ea608faeed0ee6dd10a26ebf762cb0be
PHP Auktion Pro SQL Injection
Posted Feb 24, 2010
Authored by Easy Laster

PHP Auktion Pro suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | dbf5a2666f633b3b6c5949ef66b9a8677cb26a2ba68c4e56a3d0805dab678eb5
Mandriva Linux Security Advisory 2010-045
Posted Feb 24, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-045 - PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

tags | advisory, php
systems | linux, mandriva
advisories | CVE-2009-4143
SHA-256 | 5e1d79fbc714c342600f61a55faaf39702ec104c83371e68e25ff475aa0b22d2
WorkSimple 1.3.2 Shell Upload / Password Disclosure
Posted Feb 24, 2010
Authored by jiko

WorkSimple version 1.3.2 suffers from shell upload and password disclosure vulnerabilities.

tags | exploit, shell, vulnerability, info disclosure
SHA-256 | 195de0afbe6ded78e131bd70e0706ac4d0e5e039013fb543b22f45967ea93f42
Debian Linux Security Advisory 2003-1
Posted Feb 24, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2003-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2009-3080, CVE-2009-3726, CVE-2009-4005, CVE-2009-4020, CVE-2009-4021, CVE-2009-4536, CVE-2010-0007, CVE-2010-0410, CVE-2010-0415, CVE-2010-0622
SHA-256 | 190008779715122c274b3af16405f0cf335d68634de01dbd876c3af3c9e0c4ac
Softbiz Jobs SQL Injection
Posted Feb 24, 2010
Authored by Easy Laster

Softbiz Jobs suffers from remote SQL injection vulnerabilities in searchresult.php and moredetails.php.

tags | exploit, remote, php, vulnerability, sql injection
SHA-256 | 9db7ceb7eb9a6f58979a562cc32174a0f0d6d171ef0804fba523f74cfa1f4a69
Softbiz Jobs Cross Site Scripting
Posted Feb 24, 2010
Authored by Pratul Agrawal

Softbiz Jobs suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 44c658d5f2b7f79a33ff992eb6f94e231f074342080fbcb6736e3d251cb2544f
Softbiz Jobs Cross Site Request Forgery
Posted Feb 24, 2010
Authored by Pratul Agrawal

Softbiz Jobs suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | fc1d87799052dcc5aa9cbfc7263e61cbbe44ee69f2b17ebd4e1e6a9015fab702
QuickDev 4 PHP Database Disclosure
Posted Feb 24, 2010
Authored by ViRuSMaN

QuickDev 4 PHP suffers from a database disclosure vulnerability.

tags | exploit, php, info disclosure
SHA-256 | 9631af5d6e5e9259a494df177276ef5522590e781c1e7bbe03d4bfa533fe49bc
Bispage SQL Injection
Posted Feb 24, 2010
Authored by SaMir-BonD

Bispage suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 08da5d96c93dd04f77131601237b2524d8b3b3f32a08fdbd41c48add142b62c8
Bournal Insecure Temporary Files
Posted Feb 24, 2010
Site secunia.com

Secunia Research has discovered a security issue in Bournal, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The script uses temporary files in an insecure manner, which can be exploited to e.g. overwrite arbitrary files via symlink attacks when running the update check via the "--hack_the_gibson" parameter. Version 1.4 is affected.

tags | advisory, arbitrary, local
advisories | CVE-2010-0118
SHA-256 | a3704c22bb29dbe74497c72e16245dccd303f51f27b7e0ceadaa0047b32b368b
Bournal ccrypt Information Disclosure
Posted Feb 24, 2010
Site secunia.com

Secunia Research has discovered a security issue in Bournal, which can be exploited by malicious, local users to disclose sensitive information. The script uses e.g. the insecure "-K" command line parameter to pass the key to the ccrypt utilities, which can be exploited to obtain the key from the list of running processes. Note: This may not affect recent Linux versions, but is confirmed for FreeBSD 8.0. Other systems may also be affected. Version 1.4 is affected.

tags | advisory, local
systems | linux, freebsd
advisories | CVE-2010-0119
SHA-256 | 28a7ae6c7e9250897654b9dd6ec9de66b67ea1f3c9d8407ce433899cb325f213
Novell iPrint Client ActiveX Control target-frame Buffer Overflow
Posted Feb 24, 2010
Authored by jduck | Site metasploit.com

This Metasploit module exploits a stack overflow in Novell iPrint Client 5.30. When passing an overly long string via the "target-frame" parameter to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-1568
SHA-256 | ae1b4e13c905b8425b4ceb4cfcccf97150708024a6a4da135697c9050553c2a0
jQuery Validate 1.6.0 Cross Site Scripting
Posted Feb 24, 2010
Authored by CodeScan Labs

jQuery Validate version 1.6.0 and SilverStripe versions 2.3.x through 2.3.5 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b58bbf653f67c61d7ea82576ebcc408159863ba80fa9cc12afb1990ab6a1b478
Page 3 of 3
Back123Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close