what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 86 RSS Feed

Files Date: 2010-04-01 to 2010-04-02

DynPG CMS 4.1.0 Remote File Inclusion
Posted Apr 1, 2010
Authored by eidelweiss

DynPG CMS version 4.1.0 suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | 859380d29c660d18752dc837ccaa0dbb525851bf1b39108d2eef7f9d3416f598
Joomla Network SQL Injection
Posted Apr 1, 2010
Authored by DevilZ TM

The Joomla Network component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d9ba6346b690f973d2abd9dba2bdf969a7e6cf8ced2cd592ad6c2ae5f6b88b9c
Joomla Tour SQL Injection
Posted Apr 1, 2010
Authored by DevilZ TM

The Joomla Tour component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 076bfb80874e3bc0d8c39a803263627885c1cfaa562d8ed90fdbbf3ca08d21de
Joomla Trading Blind SQL Injection
Posted Apr 1, 2010
Authored by DevilZ TM

The Joomla Trading component suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8dfcdb059dc806db66c5ef80558028df74b5a4cb845b8f8e62e212678a66213a
Simply Sites RGV Local File Inclusion
Posted Apr 1, 2010
Authored by DevilZ TM

Simply Sites RGV suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 6c0ff8818ecdcd22813e8b7ba0118c3d56492ea6be7d0b241ae0d6a0ddf7f4fe
Apache CouchDB Timing Attack
Posted Apr 1, 2010
Authored by Jason Davies | Site couchdb.apache.org

Apache CouchDB versions prior to version 0.11.0 are vulnerable to timing attacks, also known as side-channel information leakage, due to using simple break-on-inequality string comparisons when verifying hashes and passwords.

tags | advisory
advisories | CVE-2010-0009
SHA-256 | bbe4edeb361a96c9e551e286e2cd996324760c3fa8fc5cad42081d50e8efd871
Easy-Clanpage 2.2 SQL Injection
Posted Apr 1, 2010
Authored by Easy Laster

Easy-Clanpage versions 2.2 and below Gallery SQL injection exploit.

tags | exploit, sql injection
SHA-256 | 5810ec00df041e1f5ea588586321b4a8e6124ff9c101cab4f0ad9b7f73ddb5c5
Centreon IT And Network Monitoring 2.1.5 SQL Injection
Posted Apr 1, 2010
Authored by Jonathan Salwan

Centreon IT and Network Monitoring version 2.1.5 remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 4553234f18b52c174d2dee239d2fa79608be2fba9fedd7cec5b2a07fe0c9b911
Escape From PDF
Posted Apr 1, 2010
Authored by Didier Stevens

PDF hack that demonstrates how to execute an embedded executable.

tags | exploit
SHA-256 | 210679723fb461545cbf20e0f88717eb3f49856def8b6a1dc62a64f16049f8ac
Clam AntiVirus Toolkit 0.96
Posted Apr 1, 2010
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: This release introduces new malware detection mechanisms and other significant improvements to the scan engine. Key features include the bytecode interpreter, heuristic improvements, signature improvements, support for new archives, support for new executable file formats, support for UPX 3.0, performance improvements and memory optimizations, and native Windows support.
tags | virus
systems | unix
SHA-256 | 7b0b6e67c87d43b04ce3beceaecddfaf344499f0ee45e9568df6be16808879d2
CDTrustee Crash Proof Of Concept
Posted Apr 1, 2010
Authored by chap0

CDTrustee version 2.06 local crash proof of concept exploit that creates a malicious .bak file.

tags | exploit, local, proof of concept
SHA-256 | fdf8fd0795930a92a6cf578592f6c1147debe8f5f3bd12a258716a38426efc32
TOR Virtual Network Tunneling Tool 0.2.1.25
Posted Apr 1, 2010
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release fixes a regression introduced in 0.2.1.23 that could prevent relays from guessing their IP address correctly. It also fixes several minor potential security bugs.
tags | tool, remote, local, peer2peer
SHA-256 | 8758b489ea5686fa09cdc50850116031178fa7429b63d3f37d74d588e9b6179e
Sun Java JDK/JRE Soundbank Resource Name Buffer Overflow
Posted Apr 1, 2010
Site secunia.com

Secunia Research has discovered a vulnerability in Sun Java JDK/JRE, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a sign-extension error when parsing the length of a resource name in a Soundbank file and can be exploited to cause a stack-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Sun Java JDK/JRE 1.6 Update 17 is affected.

tags | advisory, java, overflow, arbitrary
SHA-256 | 8dec758bd05e09255310908caee81ca57294e5838db04bd1710b8f3a771dd7df
Sun Java JDK/JRE Soundbank Resource Parsing Buffer Overflow
Posted Apr 1, 2010
Site secunia.com

Secunia Research has discovered a vulnerability in Sun Java JDK/JRE, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a sign-extension error when parsing the length of a resource in a Soundbank file and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Sun Java JDK/JRE 1.6 Update 17 is affected.

tags | advisory, java, overflow, arbitrary
SHA-256 | 7d87820c079f661519dec2809651c7e5860de57169dceabbdc743b7267772403
Apple iTunes Privilege Escalation
Posted Apr 1, 2010
Authored by Jason Geffner | Site ngssoftware.com

This paper discusses how an unprivileged local attacker can elevate their privileges during an initial installation or update of iTunes for Windows. This vulnerability was responsibly disclosed to Apple Inc. and this advisory was not released until a fixed build of iTunes was released.

tags | advisory, local
systems | windows, apple
advisories | CVE-2010-0532
SHA-256 | 08157a8dd7cfd5cb407ffa0138623559421da7fed35cdf32b494e3edc81120bf
BitComet 1.19 Remote Denial Of Service
Posted Apr 1, 2010
Authored by Pierre Nogues | Site indahax.com

BitComet versions 1.19 and below remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 7c7f351180729ed29e9a2bd0c5f28888de8584470cd4a5be74b4598958d117f7
Debian Linux Security Advisory 2025-1
Posted Apr 1, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2025-1 - Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2009-2408, CVE-2009-2404, CVE-2009-2463, CVE-2009-3072, CVE-2009-3075, CVE-2010-0163
SHA-256 | 5ccd1a2ad93d249d46e731464cdcc802a972eeda3800afed3825af7057dffa07
Debian Linux Security Advisory 2024-1
Posted Apr 1, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2024-1 - Jamie Strandboge discovered that moin, a python clone of WikiWiki, does not sufficiently sanitize the page name in "Despam" action, allowing remote attackers to perform cross-site scripting (XSS) attacks.

tags | advisory, remote, xss, python
systems | linux, debian
advisories | CVE-2010-0828
SHA-256 | df816b8afbf70c2954a08251cfd6d16c462747e1df0f6748278ddd52d3b1433b
Joomla DW Graph Local File Inclusion
Posted Apr 1, 2010
Authored by Chip D3 Bi0s

The Joomla DW Graph component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 12cced99b788e75168e848407d504c3f3ffdf3be53c344704c880029d369f8c5
Exploitation With WriteProcessMemory() - Yet Another DEP Trick
Posted Apr 1, 2010
Authored by Spencer Pratt

Whitepaper called Exploitation With WriteProcessMemory() - Yet Another DEP Trick.

tags | paper
SHA-256 | 1652f3773f25200d646b0477e5a31535e06bc7fad3add54a1a0a29fa8eaa6d84
Introduction To PHP Trojans
Posted Apr 1, 2010
Authored by seth

Whitepaper called Introduction to PHP Trojans. Written in Spanish.

tags | paper, trojan, php
SHA-256 | 8fcdc63bcd4fb561d922607d7923a7e2ab2bb726e95df7dc775a0befac9ff31d
Hping kullanarak TCP/IP Paketleriyle Oyanama
Posted Apr 1, 2010
Authored by Huzeyfe ONAL

Whitepaper called Hping kullanarak TCP/IP Paketleriyle Oynama. Written in Turkish.

tags | paper, tcp
SHA-256 | c2f31fc6584d688b2dd6c520126c877ba3775708ae5816d3845a1b3fd1307b5e
Hping ile IP, ICMP ve UDP Paketleri Olusturma
Posted Apr 1, 2010
Authored by Huzeyfe ONAL

Whitepaper called Hping ile IP, ICMP ve UDP Paketleri Olusturma. Written in Turkish.

tags | paper, udp
SHA-256 | 9958b3c881d042b77cbb659d95622ed2a2bb699e9e5afe04feedd1c92f43dd22
Hping ile Ag Kesif Calismalari
Posted Apr 1, 2010
Authored by Huzeyfe ONAL

Whitepaper called Hping ile Ag kesif Calismalari. Written in Turkish.

tags | paper
SHA-256 | e283a5aa6c1023dc960b0c2d4392785d6d932b4c6433f18bd3bc00467d23ae44
Apache ActiveMQ Persistent Cross-Site Scripting
Posted Apr 1, 2010
Authored by Rajat Swarup | Site activemq.apache.org

Remote unauthenticated exploitation of an input validation vulnerability in Apache Software Foundation's ActiveMQ server could allow an attacker to perform a stored or persistent cross-site scripting (XSS) attack.

tags | advisory, remote, xss
advisories | CVE-2010-0684
SHA-256 | a93c7b1bf48d73b062e00b4bcc020d13797e54a1c0439e6efadd535c2fdb2b1b
Page 3 of 4
Back1234Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close