what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 86 of 86 RSS Feed

Files Date: 2010-04-01 to 2010-04-02

SQL Injection And Authentication Bypass
Posted Apr 1, 2010
Authored by novacaine

Brief whitepaper detail authentication bypass using SQL injection. The paper also discusses how to get around magic_quotes.

tags | paper, sql injection, bypass
SHA-256 | 40067ef97854c2d161d11307a2778c478ab760099a9a4acb512ebea16bb98bb5
iDEFENSE Security Advisory 2010-03-30.2
Posted Apr 1, 2010
Authored by iDefense Labs, regenrecht | Site idefense.com

iDefense Security Advisory 03.30.10 - Remote exploitation of a buffer overflow vulnerability in Oracle Corp.'s (formerly Sun Microsystems Inc.) Java Runtime Environment (JRE) could allow an attacker to execute arbitrary code with the privileges of the current user. The JRE is a platform that supports the execution of programs that are developed using the Java programming language. It is available for multiple platforms, including Windows, Linux and MacOS. The JRE platform also supports Java Applets, which can be loaded from Web pages. During the processing of an image file, user-controlled data is trusted and can result in an undersized allocation of a heap buffer. A copy operation into the heap buffer can lead to a heap overflow condition within the JRE. This condition may allow a remote attacker to subvert execution control and execute arbitrary code.

tags | advisory, java, remote, web, overflow, arbitrary
systems | linux, windows
SHA-256 | c8136fdeea2fd3eee123f117e7725124c2bbfe3eb2d36469fe6bc5b899969b0f
Web Service Hijacking In VMWare WebAccess
Posted Apr 1, 2010
Authored by Trustwave | Site trustwave.com

The Struts-based web application uses the server-side session sattribute "context_vmdirect" to store various settings, including the URL to the XML web service backend. By default, the URL is http://localhost/sdk, but the web service URL can be manually set from a client browser in several locations. If wsUrl is changed to point at an external server, all SOAP calls for that session are sent to the specified server. This includes plaintext authentication credentials. An attacker could exploit this by tricking a user into following a link to /ui/vmDirect.do, with an attacker-controlled server passed in the "view" parameter.

tags | advisory, web
advisories | CVE-2009-2277
SHA-256 | fd01d4172df55b8994b34803311ab871ff8630ad51141bd4511fe4f4065759a2
Optimal Archive 1.38 Buffer Overflow
Posted Apr 1, 2010
Authored by TecR0c

Optimal Archive version 1.38 SEH buffer overflow exploit that creates a malicious .zip file.

tags | exploit, overflow
SHA-256 | 77fb9e0ccf1cd252328edffbde84cb2651b0590f09bd2094e6bb90bf409e62d3
OSSIM 2.2.1 Cross Site Scripting
Posted Apr 1, 2010
Authored by CONIX Security | Site conix.fr

OSSIM version 2.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6e4c14c8aec37791b959d328a1ff9ea0a8783eb80875f32046ccca8bb2a4c4ef
OpenDcHub 0.8.1 Code Execution
Posted Apr 1, 2010
Authored by Pierre Nogues | Site indahax.com

OpenDcHub version 0.8.1 remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 52bac409f84810190d80d37762eff34565f4eb33694b323fd7d5ea0083b1640b
Internet Explorer DTHML Behaviors Use After Free
Posted Apr 1, 2010
Authored by Nanika, Trancer | Site metasploit.com

This Metasploit module exploits a use-after-free vulnerability within the DTML behaviors functionality of Microsoft Internet Explorer versions 6 and 7. This bug was discovered being used in-the-wild and was previously known as the "iepeers" vulnerability. The name comes from Microsoft's suggested workaround to block access to the iepeers.dll file. According to Nico Waisman, "The bug itself is when trying to persist an object using the setAttribute, which end up calling VariantChangeTypeEx with both the source and the destination being the same variant. So if you send as a variant an IDISPATCH the algorythm will try to do a VariantClear of the destination before using it. This will end up on a call to PlainRelease which decref the reference and clean the object." NOTE: Internet Explorer 8 and Internet Explorer 5 are not affected.

tags | exploit
advisories | CVE-2010-0806
SHA-256 | 2050b221f455e1fa58a8d196ecf708064b18b0b04314d24c17d3d8356494d06e
HP OpenView Network Node Manager OvWebHelp.exe CGI Buffer Overflow
Posted Apr 1, 2010
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in HP OpenView Network Node Manager 7.50. By sending a specially crafted CGI request to OvWebHelp.exe, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, cgi
advisories | CVE-2009-4178
SHA-256 | 55d170104143bc443ef2724ff037c2b870160add006e6725a9d78d69fe2baffb
Piwik 0.5.5 Cross Site Scripting
Posted Apr 1, 2010
Authored by garwga

Piwik version 0.5.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bfbc6eea5c3aa09e5746fdb11074f52035f786fa423cc75268c0130bc26f8546
WM Downloader Buffer Overflow
Posted Apr 1, 2010
Authored by b0telh0

WM Downloader version local buffer overflow exploit that creates a malicious .asx file.

tags | exploit, overflow, local
SHA-256 | ff70b99a932f338633be021295aaad315a7a44f58125671ca2fbc692f8ef14d3
Huron CMS SQL Injection
Posted Apr 1, 2010
Authored by mat

Huron CMS suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 18769d2bd41023b4c1d8863856e891e5fa6030aec380cadb3f8618fc4ca823cc
Page 4 of 4

File Archive:

September 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    2 Files
  • 2
    Sep 2nd
    21 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    17 Files
  • 5
    Sep 5th
    34 Files
  • 6
    Sep 6th
    29 Files
  • 7
    Sep 7th
    11 Files
  • 8
    Sep 8th
    25 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    26 Files
  • 12
    Sep 12th
    23 Files
  • 13
    Sep 13th
    17 Files
  • 14
    Sep 14th
    22 Files
  • 15
    Sep 15th
    16 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    19 Files
  • 19
    Sep 19th
    60 Files
  • 20
    Sep 20th
    23 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    8 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By