Zero Day Initiative Advisory 10-023 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of both IBM Informix Dynamic Server and EMC Legato Networker. User interaction is not required to exploit this vulnerability. The specific flaw exists within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper service (portmap.exe) bound by default to TCP port 36890. During authentication, a lack of a proper signedness check on a supplied parameter size can result in exploitable stack based buffer overflow leading to arbitrary code execution under the context of the SYSTEM user.
aaeb74e2cc0ffffef2fdd611f181810d3fb06be0fc048c991c3f9b087c281335Zero Day Initiative Advisory 10-022 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of both IBM Informix Dynamic Server and EMC Legato Networker. User interaction is not required to exploit this vulnerability. The specific flaws exist within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper service (portmap.exe) bound by default to TCP port 36890. During authentication, a lack of proper sanity checking on supplied parameter sizes can result in exploitable stack and heap based buffer overflows leading to arbitrary code execution under the context of the SYSTEM user.
b2cfcca980df20db137f44def916924293a9a434ac09aa8b97906454ed28d72fMandriva Linux Security Advisory 2010-052 - sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command. The updated packages have been patched to correct this issue.
76f1e9f408dc7026f1f3164f9ef04641a98c14ea1373b28efa65c1dd1fbaee09CMS By MyWorks suffers from cross site scripting and remote SQL injection vulnerabilities.
5291bb167a3c4e36f5af3d5acc642b8d6f094baf3bbe4840f796a532f0841763Whitepaper called A Practical Attack to De-Anonymize Social Network Users.
ed65dbead7899691dfc803c32908728c915afb3169557d59b69ac0326eea62aaCall For Papers for EC2ND - The sixth European Conference on Computer Network Defense (EC2ND) will be held at the Faculty of Electrical Engineering and Computer Science at Berlin Institute of Technology (TU Berlin). The conference brings together researchers from academia and industry within Europe and beyond to present and discuss current topics in applied network and systems security. It will occur from October 28th through the 29th, 2010 in Berlin, Germany.
fd08e991fc545b364b65fbd1dbf21a97cba4c85b5399c755e386b3c4b7320b30phpTroubleTicket version 2.0 suffers from a remote SQL injection vulnerability.
efcad9c42ba5dd1fe85a3dd2dba9dc270990693c1bf2e967c1099f41e247f832CONFidence 2010 Call For Papers - This conference will take place from May 25th through the 26th, 2010 in Krakow, Poland.
61d7c1b17fd9b01b4fe569ec96e4fc380d72950c6d180da8a19ec52e67f97eadRCA DCM425 Cable Modem micro_httpd denial of service proof of concept exploit.
0582961a302988fec1604ff0860df406edb69f9ae526e316d6f8a57c0e38be35Debian Linux Security Advisory 2005-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. Note that this advisory says DSA-2004-1 but it is actually DSA-2005-1.
4e91cfa025d3713c772ca08542d5fe2924c2840b742a5513213aa737787a70c737 bytes small Microsoft Windows XP Home Edition SP3 English calc.exe shellcode.
dfb12892aa925e3ef94e1c01ecd5d8aa7b240a7f187a308a907a9b6bcbd8973cInternet Exploiter II version 3.0 DHTML memory corruption proof of concept exploit that bypasses DEP.
8d79ef782e79343218a4752b8edf2781a2dc684a0214bce8d86443e1e017905dDebian Linux Security Advisory 2004-1 - Two local vulnerabilities have been discovered in samba, a SMB/CIFS file, print, and login server for Unix.
da19232c162776c736a03d1a16ac798f1539e38b97c6a1ae2359ab73c0156ab0Oracle Siebel CRM version 7.x suffers from a cross site scripting vulnerability.
d9b8d785baaec4c817bb1fc5be6e354ef43d9a6c8da1f1bffdc2b704fbf65d0bEasy FTP Server version 1.7.0.2 remote buffer overflow RET overwrite exploit.
35d27eb6cda7ed96990aebb92e2bf405de86118170a839bfb80142b000f807cfiPhone / iTouch FTPDisc version 1.0 3 exploits-in-one buffer overflow denial of service exploit.
62779e7dd76b73933c43b13f505afa537707af0e057f00a738627738ffd11eadThis archive contains all of the 396 exploits added to Packet Storm in February, 2010.
beaa6e3c403f9909b6e8bf88d9a40459b90717b258a821f33e3fe6a594f075f9Uiga Church Portal suffers from a remote SQL injection vulnerability.
a70ab20bd3b0e710e1c1d2297210025aa7018c0d2071391b152e900d46c8752aMandriva Linux Security Advisory 2010-051 - Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
9161b7c55f138a603afbdc8c394e09baa1144b47e34cf2fa7b04047346825ed1Secunia Security Advisory - Maurycy Prodeus has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
01ef87c3cb97a500864823b3c6866d202122dbae32c0bf7ca68ea603fe5b5f2dSecunia Security Advisory - Some vulnerabilities have been discovered in Uiga FanClub, which can be exploited by malicious people to conduct SQL injection and cross-site scripting attacks.
0efbadbd61a7cf200c038e27f4ec6d27d18b41ea8c300e7b2c61cd5a46bceb6dSecunia Security Advisory - Multiple vulnerabilities have been reported in Pre Classified Listings ASP, which can be exploited by malicious people to conduct script insertion and SQL injection attacks.
189511825db34116df56d4a6263a846fbf047efb5ae178e06ea4428176359c61Secunia Security Advisory - Debian has issued an update for linux-2.6.24. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges, and by malicious people to cause a DoS.
1e89b7e0f3c3f5cc571c6ed3903d40e522a66a1ff289d2bc0b8982b82263abbfSecunia Security Advisory - Some vulnerabilities have been reported in ScriptsFeed Business Directory Software, which can be exploited by malicious people to conduct SQL injection attacks.
477c87c3e1f862cc145b16a7e202b1ba03c1464d0696274cc03d7796aaccaca4Secunia Security Advisory - Some vulnerabilities have been reported in ScriptsFeed Dating Software, which can be exploited by malicious people to conduct SQL injection attacks.
270c404e91628e7e7d96aaff7c127e8a26ee2f7dfc737fca07fad16565dc7ad8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed