what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 86 of 86 RSS Feed

Files Date: 2010-04-01 to 2010-04-02

SQL Injection And Authentication Bypass
Posted Apr 1, 2010
Authored by novacaine

Brief whitepaper detail authentication bypass using SQL injection. The paper also discusses how to get around magic_quotes.

tags | paper, sql injection, bypass
SHA-256 | 40067ef97854c2d161d11307a2778c478ab760099a9a4acb512ebea16bb98bb5
iDEFENSE Security Advisory 2010-03-30.2
Posted Apr 1, 2010
Authored by iDefense Labs, regenrecht | Site idefense.com

iDefense Security Advisory 03.30.10 - Remote exploitation of a buffer overflow vulnerability in Oracle Corp.'s (formerly Sun Microsystems Inc.) Java Runtime Environment (JRE) could allow an attacker to execute arbitrary code with the privileges of the current user. The JRE is a platform that supports the execution of programs that are developed using the Java programming language. It is available for multiple platforms, including Windows, Linux and MacOS. The JRE platform also supports Java Applets, which can be loaded from Web pages. During the processing of an image file, user-controlled data is trusted and can result in an undersized allocation of a heap buffer. A copy operation into the heap buffer can lead to a heap overflow condition within the JRE. This condition may allow a remote attacker to subvert execution control and execute arbitrary code.

tags | advisory, java, remote, web, overflow, arbitrary
systems | linux, windows
SHA-256 | c8136fdeea2fd3eee123f117e7725124c2bbfe3eb2d36469fe6bc5b899969b0f
Web Service Hijacking In VMWare WebAccess
Posted Apr 1, 2010
Authored by Trustwave | Site trustwave.com

The Struts-based web application uses the server-side session sattribute "context_vmdirect" to store various settings, including the URL to the XML web service backend. By default, the URL is http://localhost/sdk, but the web service URL can be manually set from a client browser in several locations. If wsUrl is changed to point at an external server, all SOAP calls for that session are sent to the specified server. This includes plaintext authentication credentials. An attacker could exploit this by tricking a user into following a link to /ui/vmDirect.do, with an attacker-controlled server passed in the "view" parameter.

tags | advisory, web
advisories | CVE-2009-2277
SHA-256 | fd01d4172df55b8994b34803311ab871ff8630ad51141bd4511fe4f4065759a2
Optimal Archive 1.38 Buffer Overflow
Posted Apr 1, 2010
Authored by TecR0c

Optimal Archive version 1.38 SEH buffer overflow exploit that creates a malicious .zip file.

tags | exploit, overflow
SHA-256 | 77fb9e0ccf1cd252328edffbde84cb2651b0590f09bd2094e6bb90bf409e62d3
OSSIM 2.2.1 Cross Site Scripting
Posted Apr 1, 2010
Authored by CONIX Security | Site conix.fr

OSSIM version 2.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6e4c14c8aec37791b959d328a1ff9ea0a8783eb80875f32046ccca8bb2a4c4ef
OpenDcHub 0.8.1 Code Execution
Posted Apr 1, 2010
Authored by Pierre Nogues | Site indahax.com

OpenDcHub version 0.8.1 remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 52bac409f84810190d80d37762eff34565f4eb33694b323fd7d5ea0083b1640b
Internet Explorer DTHML Behaviors Use After Free
Posted Apr 1, 2010
Authored by Nanika, Trancer | Site metasploit.com

This Metasploit module exploits a use-after-free vulnerability within the DTML behaviors functionality of Microsoft Internet Explorer versions 6 and 7. This bug was discovered being used in-the-wild and was previously known as the "iepeers" vulnerability. The name comes from Microsoft's suggested workaround to block access to the iepeers.dll file. According to Nico Waisman, "The bug itself is when trying to persist an object using the setAttribute, which end up calling VariantChangeTypeEx with both the source and the destination being the same variant. So if you send as a variant an IDISPATCH the algorythm will try to do a VariantClear of the destination before using it. This will end up on a call to PlainRelease which decref the reference and clean the object." NOTE: Internet Explorer 8 and Internet Explorer 5 are not affected.

tags | exploit
advisories | CVE-2010-0806
SHA-256 | 2050b221f455e1fa58a8d196ecf708064b18b0b04314d24c17d3d8356494d06e
HP OpenView Network Node Manager OvWebHelp.exe CGI Buffer Overflow
Posted Apr 1, 2010
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in HP OpenView Network Node Manager 7.50. By sending a specially crafted CGI request to OvWebHelp.exe, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, cgi
advisories | CVE-2009-4178
SHA-256 | 55d170104143bc443ef2724ff037c2b870160add006e6725a9d78d69fe2baffb
Piwik 0.5.5 Cross Site Scripting
Posted Apr 1, 2010
Authored by garwga

Piwik version 0.5.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bfbc6eea5c3aa09e5746fdb11074f52035f786fa423cc75268c0130bc26f8546
WM Downloader 3.0.0.9 Buffer Overflow
Posted Apr 1, 2010
Authored by b0telh0

WM Downloader version 3.0.0.9 local buffer overflow exploit that creates a malicious .asx file.

tags | exploit, overflow, local
SHA-256 | ff70b99a932f338633be021295aaad315a7a44f58125671ca2fbc692f8ef14d3
Huron CMS SQL Injection
Posted Apr 1, 2010
Authored by mat

Huron CMS suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 18769d2bd41023b4c1d8863856e891e5fa6030aec380cadb3f8618fc4ca823cc
Page 4 of 4
Back1234Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close