what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 39 RSS Feed

Files Date: 2010-03-01 to 2010-03-02

Zero Day Initiative Advisory 10-023
Posted Mar 1, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-023 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of both IBM Informix Dynamic Server and EMC Legato Networker. User interaction is not required to exploit this vulnerability. The specific flaw exists within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper service (portmap.exe) bound by default to TCP port 36890. During authentication, a lack of a proper signedness check on a supplied parameter size can result in exploitable stack based buffer overflow leading to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, overflow, arbitrary, tcp, code execution, protocol
advisories | CVE-2009-2754
SHA-256 | aaeb74e2cc0ffffef2fdd611f181810d3fb06be0fc048c991c3f9b087c281335
Zero Day Initiative Advisory 10-022
Posted Mar 1, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-022 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of both IBM Informix Dynamic Server and EMC Legato Networker. User interaction is not required to exploit this vulnerability. The specific flaws exist within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper service (portmap.exe) bound by default to TCP port 36890. During authentication, a lack of proper sanity checking on supplied parameter sizes can result in exploitable stack and heap based buffer overflows leading to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, overflow, arbitrary, tcp, code execution, protocol
advisories | CVE-2009-2753
SHA-256 | b2cfcca980df20db137f44def916924293a9a434ac09aa8b97906454ed28d72f
Mandriva Linux Security Advisory 2010-052
Posted Mar 1, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-052 - sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command. The updated packages have been patched to correct this issue.

tags | advisory, local
systems | linux, mandriva
advisories | CVE-2010-0427
SHA-256 | 76f1e9f408dc7026f1f3164f9ef04641a98c14ea1373b28efa65c1dd1fbaee09
CMS By MyWorks SQL Injection / Cross Site Scripting
Posted Mar 1, 2010
Authored by Palyo34

CMS By MyWorks suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 5291bb167a3c4e36f5af3d5acc642b8d6f094baf3bbe4840f796a532f0841763
A Practical Attack To De-Anonymize Social Network Users
Posted Mar 1, 2010
Authored by Thorsten Holz, Engin Kirda, Christopher Kruegel, Gilbert Wondracek

Whitepaper called A Practical Attack to De-Anonymize Social Network Users.

tags | paper
SHA-256 | ed65dbead7899691dfc803c32908728c915afb3169557d59b69ac0326eea62aa
EC2ND 2010 Call For Papers
Posted Mar 1, 2010
Site 2010.ec2nd.org

Call For Papers for EC2ND - The sixth European Conference on Computer Network Defense (EC2ND) will be held at the Faculty of Electrical Engineering and Computer Science at Berlin Institute of Technology (TU Berlin). The conference brings together researchers from academia and industry within Europe and beyond to present and discuss current topics in applied network and systems security. It will occur from October 28th through the 29th, 2010 in Berlin, Germany.

tags | paper, conference
SHA-256 | fd08e991fc545b364b65fbd1dbf21a97cba4c85b5399c755e386b3c4b7320b30
phpTroubleTicket 2.0 SQL Injection
Posted Mar 1, 2010
Authored by kaMtiEz | Site indonesiancoder.com

phpTroubleTicket version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | efcad9c42ba5dd1fe85a3dd2dba9dc270990693c1bf2e967c1099f41e247f832
CONFidence 2010 Call For Practitioners
Posted Mar 1, 2010
Site 2010.confidence.org.pl

CONFidence 2010 Call For Papers - This conference will take place from May 25th through the 26th, 2010 in Krakow, Poland.

tags | paper, conference
SHA-256 | 61d7c1b17fd9b01b4fe569ec96e4fc380d72950c6d180da8a19ec52e67f97ead
RCA DCM425 Cable Modem Denial Of Service
Posted Mar 1, 2010
Authored by ad0nis

RCA DCM425 Cable Modem micro_httpd denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 0582961a302988fec1604ff0860df406edb69f9ae526e316d6f8a57c0e38be35
Debian Linux Security Advisory 2005-1
Posted Mar 1, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2005-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. Note that this advisory says DSA-2004-1 but it is actually DSA-2005-1.

tags | advisory, denial of service, kernel, vulnerability, memory leak
systems | linux, debian
advisories | CVE-2009-2691, CVE-2009-2695, CVE-2009-3080, CVE-2009-3726, CVE-2009-3889, CVE-2009-4005, CVE-2009-4020, CVE-2009-4021, CVE-2009-4138, CVE-2009-4308, CVE-2009-4536, CVE-2009-4538, CVE-2010-0003, CVE-2010-0007, CVE-2010-0291, CVE-2010-0410, CVE-2010-0415, CVE-2010-0622
SHA-256 | 4e91cfa025d3713c772ca08542d5fe2924c2840b742a5513213aa737787a70c7
Microsoft Windows XP SP3 Calc.exe Shellcode
Posted Mar 1, 2010
Authored by Hazem Mofeed

37 bytes small Microsoft Windows XP Home Edition SP3 English calc.exe shellcode.

tags | shellcode
systems | windows
SHA-256 | dfb12892aa925e3ef94e1c01ecd5d8aa7b240a7f187a308a907a9b6bcbd8973c
Internet Exploiter II 3.0 With DEP Bypass
Posted Mar 1, 2010
Authored by SkyLined

Internet Exploiter II version 3.0 DHTML memory corruption proof of concept exploit that bypasses DEP.

tags | exploit, proof of concept
SHA-256 | 8d79ef782e79343218a4752b8edf2781a2dc684a0214bce8d86443e1e017905d
Debian Linux Security Advisory 2004-1
Posted Mar 1, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2004-1 - Two local vulnerabilities have been discovered in samba, a SMB/CIFS file, print, and login server for Unix.

tags | advisory, local, vulnerability
systems | linux, unix, debian
advisories | CVE-2009-3297, CVE-2010-0547
SHA-256 | da19232c162776c736a03d1a16ac798f1539e38b97c6a1ae2359ab73c0156ab0
Oracle Siebel 7.x CRM Cross Site Scripting
Posted Mar 1, 2010
Authored by Yaniv Miron

Oracle Siebel CRM version 7.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d9b8d785baaec4c817bb1fc5be6e354ef43d9a6c8da1f1bffdc2b704fbf65d0b
Easy FTP Server 1.7.0.2 Return Overwrite Exploit
Posted Mar 1, 2010
Authored by Paul Makowski

Easy FTP Server version 1.7.0.2 remote buffer overflow RET overwrite exploit.

tags | exploit, remote, overflow
SHA-256 | 35d27eb6cda7ed96990aebb92e2bf405de86118170a839bfb80142b000f807cf
iPhone / iTouch FTPDisc 1.0 Buffer Overflow
Posted Mar 1, 2010
Authored by Alberto Ortega | Site pentbox.net

iPhone / iTouch FTPDisc version 1.0 3 exploits-in-one buffer overflow denial of service exploit.

tags | exploit, denial of service, overflow
systems | apple, iphone
SHA-256 | 62779e7dd76b73933c43b13f505afa537707af0e057f00a738627738ffd11ead
Packet Storm New Exploits For February, 2010
Posted Mar 1, 2010
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 396 exploits added to Packet Storm in February, 2010.

tags | exploit
SHA-256 | beaa6e3c403f9909b6e8bf88d9a40459b90717b258a821f33e3fe6a594f075f9
Uiga Church Portal SQL Injection
Posted Mar 1, 2010
Authored by Easy Laster

Uiga Church Portal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a70ab20bd3b0e710e1c1d2297210025aa7018c0d2071391b152e900d46c8752a
Mandriva Linux Security Advisory 2010-051
Posted Mar 1, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-051 - Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2009-1571
SHA-256 | 9161b7c55f138a603afbdc8c394e09baa1144b47e34cf2fa7b04047346825ed1
Secunia Security Advisory 38727
Posted Mar 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Maurycy Prodeus has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | windows
SHA-256 | 01ef87c3cb97a500864823b3c6866d202122dbae32c0bf7ca68ea603fe5b5f2d
Secunia Security Advisory 38756
Posted Mar 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been discovered in Uiga FanClub, which can be exploited by malicious people to conduct SQL injection and cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 0efbadbd61a7cf200c038e27f4ec6d27d18b41ea8c300e7b2c61cd5a46bceb6d
Secunia Security Advisory 38768
Posted Mar 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Pre Classified Listings ASP, which can be exploited by malicious people to conduct script insertion and SQL injection attacks.

tags | advisory, vulnerability, sql injection, asp
SHA-256 | 189511825db34116df56d4a6263a846fbf047efb5ae178e06ea4428176359c61
Secunia Security Advisory 38810
Posted Mar 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for linux-2.6.24. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges, and by malicious people to cause a DoS.

tags | advisory, denial of service, local, vulnerability
systems | linux, debian
SHA-256 | 1e89b7e0f3c3f5cc571c6ed3903d40e522a66a1ff289d2bc0b8982b82263abbf
Secunia Security Advisory 38771
Posted Mar 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in ScriptsFeed Business Directory Software, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 477c87c3e1f862cc145b16a7e202b1ba03c1464d0696274cc03d7796aaccaca4
Secunia Security Advisory 38767
Posted Mar 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in ScriptsFeed Dating Software, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 270c404e91628e7e7d96aaff7c127e8a26ee2f7dfc737fca07fad16565dc7ad8
Page 1 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close