what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 56 RSS Feed

Files Date: 2010-06-04 to 2010-06-05

MP3 Studio 1.0 Buffer Overflow
Posted Jun 4, 2010
Authored by Sid3 effects

MP3 Studio version 1.0 .mpf file buffer overflow exploit.

tags | exploit, overflow
SHA-256 | fe32a2b2325bf452931bd210be4ce906bf7c5a1b388efcfbdcd54eb34c078b0e
Exim 4 Symlink / Race Condition Vulnerabilities
Posted Jun 4, 2010
Authored by Dan Rosenberg

Exim 4 suffers from local symlink and race condition vulnerabilites.

tags | advisory, local
advisories | CVE-2010-2023, CVE-2010-2024
SHA-256 | d894d9ac3680893c4de1df8deea0bb09c3c5f18e99348ec10bb3351fafdf3e38
Simple SQL Injection Vulnerability Scanner 0.3
Posted Jun 4, 2010
Authored by Valentin Hoebel

Simple SQL Injection Vulnerability Scanner is a tool that helps you find SQL injection vulnerabilities within your website. Simply provide an URL and let the tool do all the work. Written in Python.

tags | tool, scanner, vulnerability, sql injection, python
systems | unix
SHA-256 | 96063e29053ad04993390a1466220d3646a0934ad8abc17d8811741f2145659a
Ubuntu Security Notice 948-1
Posted Jun 4, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 948-1 - It was discovered that GnuTLS did not always properly verify the hash algorithm of X.509 certificates. If an application linked against GnuTLS processed a crafted certificate, an attacker could make GnuTLS dereference a NULL pointer and cause a DoS via application crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2006-7239
SHA-256 | 3f89a7e58b25d0ca2a69b8e7a813850ba5ef4abfa22b63427cdbf7a34299646a
Gentoo Linux Security Advisory 201006-20
Posted Jun 4, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201006-20 - Multiple vulnerabilities in Asterisk might allow remote attackers to cause a Denial of Service condition, or conduct other attacks. Versions less than 1.2.37 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2008-7220, CVE-2009-2346, CVE-2009-2726, CVE-2009-3727, CVE-2009-4055
SHA-256 | c4933913b3f7de08c2c9cdd1eaa67457d52f479496c2830a647cc345b7604953
Gentoo Linux Security Advisory 201006-19
Posted Jun 4, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201006-19 - Bugzilla is prone to multiple medium severity vulnerabilities. Multiple vulnerabilities have been reported in Bugzilla. Please review the CVE identifiers referenced below for details. Versions less than 3.2.6 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2008-4437, CVE-2008-6098, CVE-2009-0481, CVE-2009-0482, CVE-2009-0483, CVE-2009-0484, CVE-2009-0485, CVE-2009-0486, CVE-2009-1213, CVE-2009-3125, CVE-2009-3165, CVE-2009-3166, CVE-2009-3387, CVE-2009-3989
SHA-256 | 8bc8d5d14b76f0df7073a6835b0a2ff5f2bd13db23acc400fb9646c1ca17bcc2
Gentoo Linux Security Advisory 201006-18
Posted Jun 4, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201006-18 - The Oracle JDK and JRE are vulnerable to multiple unspecified vulnerabilities. Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below and the associated Oracle Critical Patch Update Advisory for details. Versions less than 1.6.0.20 are affected.

tags | advisory, java, vulnerability
systems | linux, gentoo
advisories | CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841
SHA-256 | 4af5cb5d0d925742eafb92ddd1aea2ad44ba2c08dad8357f9cdf1509b1f55dc5
DDL CMS 2.1 Remote File Inclusion
Posted Jun 4, 2010
Authored by eidelweiss

DDL CMS 2.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 6de1a42b8d03606b4f4058cd5affeecc3b09a6ff25dd105d4131b42e5a74c91c
RSA Key Manager 1.5.x SQL Injection
Posted Jun 4, 2010
Authored by Kyle Quest

RSA Key Manager version 1.5.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2010-1904
SHA-256 | 4b9c25669930914a9bfdbf4c094a8295e378a8eaa3f8d14fdfa1c8959bb50242
eFront Cross Site Scripting
Posted Jun 4, 2010
Authored by Mohammed Boumediane | Site vupen.com

VUPEN Web Vulnerability Research Team discovered multiple vulnerabilities in eFront. These issues are caused by input validation errors when processing the "remote_theme", "name", "system_email", "password_length", "math_server", "site_motto" and "site_name" parameters, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected Web site. Versions prior to 3.6.3 build 7400 are affected.

tags | advisory, web, arbitrary, vulnerability, xss
SHA-256 | 1104801d6660f352341d2255e224ec704f33018e832b6a8a32964aa0a77e692e
Joomla Lead SQL Injection
Posted Jun 4, 2010
Authored by ByEge

The Joomla Lead component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3488faef86d16f75e9d45ac8c03e01634034ed2fee824de2534bf033b786e631
HP Security Bulletin HPSBMA02538 SSRT100136
Posted Jun 4, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - HP Security Bulletin - A potential security vulnerability has been identified with HP ServiceCenter running on AIX, HP-UX, Linux, Solaris, and Windows. The vulnerability could be exploited remotely to allow cross site scripting (XSS).

tags | advisory, xss
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2010-1963
SHA-256 | 6a47c3a6581bc13261acad4b6a1c5b73ae62c609aca4e687a965f06999787d06
Motorola SURFBoard Cable Modem Directory Traversal
Posted Jun 4, 2010
Authored by S2 Crew

The Motorola SURFBoard cable modem suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 5c07009c0f30c859702d6704922a47dd4e158dda1eabb9073711e4e0d78deda8
K9 Kreativity Design SQL Injection
Posted Jun 4, 2010
Authored by Newbie_Campuz

K9 Kreativity Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ca9de72191267989ecadbc49ef47a6abf4f4635a70711c50d5aa81a5e3cc60b7
ClickArtWeb Design SQL Injection
Posted Jun 4, 2010
Authored by cyberlog

ClickArtWeb Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c9e13ab1569c4e77b7ebcd20cd3561b9558690ecbced93d0a5d602c255f53666
Solaris / x86 System-V killall Shellcode
Posted Jun 4, 2010
Authored by Jonathan Salwan | Site shell-storm.org

39 bytes small Solaris / x86 System-V killall command shellcode.

tags | x86, shellcode
systems | solaris
SHA-256 | 4cd6049a4a3017fb6f91c14fe3f6708294aa747f1774b2e8e88ebcd7f06afbae
phpBazar 2.1.1 Remote File Inclusion
Posted Jun 4, 2010
Authored by Sid3 effects

phpBazar version 2.1.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 929583e27d1b46b5b61c3306d04478de276377bfaa87c9eaec8a528e29cd83f5
Spiderpig PDF Fuzzer
Posted Jun 4, 2010
Authored by cons0ul

Spiderpig is a PDF fuzzing utility written in python.

tags | python, fuzzer
SHA-256 | eb4561c3095ec8870ccb83e8a9d8b30853581c6d9f25f9ca1d5c4ef9db399fda
HP Security Bulletin HPSBST02536 SSRT100057
Posted Jun 4, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP StorageWorks Storage Mirroring. This vulnerability could be exploited remotely to gain unauthorized access.

tags | advisory
advisories | CVE-2010-1962
SHA-256 | 04e3ff047f7fc77294406ef7e7b7db8b6231401fc400e30f764e9d4c36b19b5c
TomatoCMS Arbitrary File Upload
Posted Jun 4, 2010
Site secunia.com

Secunia Research has discovered a vulnerability in TomatoCMS, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused by an error in the validation of uploaded image files while adding a new article. This can be exploited to upload arbitrary files inside the webroot and e.g. execute arbitrary PHP code. Successful exploitation requires "Add new article", "Upload file to server", and "Browse uploaded files" permissions. Version 2.0.6 is affected.

tags | advisory, arbitrary, php
advisories | CVE-2010-1514
SHA-256 | 5e6a7845dcce13483a097aa6b25b598b7ced6a5132b245b40d780046872c4bdd
Gentoo Linux Security Advisory 201006-17
Posted Jun 4, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201006-17 - A processing error in lighttpd might result in a Denial of Service condition. Li Ming reported that lighttpd does not properly process packets that are sent overly slow. Versions less than 1.4.25-r1 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2010-0295
SHA-256 | b2e132b9a332e4addc4cc5c950b02a9ac12e11a4cbb8b90dddeac80c341ad61b
Gentoo Linux Security Advisory 201006-16
Posted Jun 4, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201006-16 - The GD library is prone to a buffer overflow vulnerability. Tomas Hoger reported that the _gdGetColors() function in gd_gd.c does not properly verify the colorsTotal struct member, possibly leading to a buffer overflow. Versions less than 2.0.35-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2009-3546
SHA-256 | f15e70e876491f7bf8e23cee721cf1c166d52c93737ac4c893872594c0c94ea4
TomatoCMS Eight Cross Site Scripting
Posted Jun 4, 2010
Site secunia.com

Secunia Research has discovered some vulnerabilities in TomatoCMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "keyword" and "article-id" parameters to index.php/admin/news/article/list, the "keyword" parameter to index.php/admin/multimedia/set/list, the "keyword" and "fileId" parameters to index.php/admin/multimedia/file/list, and the "name", "email", and "address" parameters to index.php/admin/ad/client/list is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in the users browser in context of the affected site.

tags | advisory, arbitrary, php, vulnerability, xss
advisories | CVE-2010-1515
SHA-256 | b08aeb40643c7328f71315e0658ec49b7c143d96320d7228e2baa16637965e20
PHP SETI@Home Web Monitor Local File Inclusion / Remote File Inclusion
Posted Jun 4, 2010
Authored by eidelweiss

PHP SETI@Home Web Monitor suffers from local file inclusion and remote file inclusion vulnerabilities.

tags | exploit, remote, web, local, php, vulnerability, code execution, file inclusion
SHA-256 | 57cb167db3c7de71923a458570488b65ab3fcc4696682ad723d7d1a95a234a14
Gentoo Linux Security Advisory 201006-15
Posted Jun 4, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201006-15 - Multiple integer overflow errors in XEmacs might allow remote, user-assisted attackers to execute arbitrary code. Tielei Wang reported multiple integer overflow vulnerabilities in the tiff_instantiate(), png_instantiate() and jpeg_instantiate() functions in glyphs-eimage.c, all possibly leading to heap-based buffer overflows. Versions less than 21.4.22-r1 are affected.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-2688
SHA-256 | b21c8c449d9386faf4e7a6161f56e55833b7d9fa29a25a4f472765a70cb7a5e9
Page 2 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close