what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 48 of 48 RSS Feed

Files Date: 2010-09-15 to 2010-09-16

Win32/XP SP3 MessageBoxA Shellcode
Posted Sep 15, 2010
Authored by ZoRLu

109 bytes small Win32/XP SP3 MessageBoxA shellcode.

tags | shellcode
systems | windows
SHA-256 | 0ed2099b633d110282863fb35b75d8cdca1df127bc151139482e822d62cf56bc
Zero Day Initiative Advisory 10-177
Posted Sep 15, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-177 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nrouter.exe service while processing a malformed e-mail. The process copies the contents of the MAILTO header within a calendar request into a fixed size stack buffer. By providing enough data this buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, code execution
SHA-256 | b38e9ed7898f15baadfb1def1048e9914a6679cba783785912c51d470e5427a1
Mandriva Linux Security Advisory 2010-182
Posted Sep 15, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-182 - Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified caches.

tags | advisory, remote, denial of service, arbitrary
systems | linux, apple, mandriva
advisories | CVE-2009-1709
SHA-256 | 1e1905c05b4a90241682a5f0ea5c934a704fe74008aab6e69eac64d99ac3577a
Flock 3 Same Origin Policy Violation
Posted Sep 15, 2010
Authored by Lostmon | Site lostmon.blogspot.com

Flock 3 versions prior to 3.0.0.4094 suffer from window.open() javascript same-origin policy violation vulnerability.

tags | advisory, javascript
advisories | CVE-2010-0661
SHA-256 | b574bdf3d4182b36514a97d68f2629ed85d6dfd05f81a790e169cee639a87e0b
Flock 3 Cross Origin Bypass
Posted Sep 15, 2010
Authored by Lostmon | Site lostmon.blogspot.com

Flock 3 versions prior to 3.0.0.4112 suffer from a javascript NULL byte cross-origin bypass vulnerability.

tags | advisory, javascript, bypass
advisories | CVE-2010-1236
SHA-256 | f2bd06f5631b9733bade200c8526d5ce251563d8b5aa09ae3a518724fe59ac2f
Flock 3 Cross Origin Bypass
Posted Sep 15, 2010
Authored by Lostmon | Site lostmon.blogspot.com

Flock 3 versions prior to 3.0.0.4114 suffer from a malicious RSS feed cross-origin bypass vulnerability.

tags | advisory, bypass
advisories | CVE-2010-3262
SHA-256 | 5fa12abdfe5bd4d2149de7987106352a8c4ddd329c6cf5fcd3ab7e2dc5124872
Flock 3 Cross-Origin Bypass
Posted Sep 15, 2010
Authored by Lostmon | Site lostmon.blogspot.com

Flock 3 versions prior to 3.0.0.4094 suffer from a malformed favourite cross-origin bypass vulnerability.

tags | advisory, bypass
advisories | CVE-2010-3202
SHA-256 | ab2be6f5a08a6b7db3f3bc431ca6f18806622ef35273d95b9e4c111ba5d65fed
Cross-Domain Information Leakage In Firefox
Posted Sep 15, 2010
Authored by Amit Klein | Site trusteer.com

Firefox versions 3.6.4 through 3.6.8, 3.5.10 through 3.5.11 and 4.0 Beta1 suffer from a cross-domain information leakage vulnerability.

tags | advisory
advisories | CVE-2010-3171
SHA-256 | 3f9728ea182855f9cdd648fafeb76095e6c17c0b99f95b7f9e956505654788c8
HP Security Bulletin HPSBMA02566 SSRT100045
Posted Sep 15, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP System Management

tags | advisory
advisories | CVE-2010-3009
SHA-256 | 74ee745970d33edd79ea12ae68bd77fb4e0ff90ebbbcaab2604d7168bebce473
Forensics - Analyzing An Unknown Image
Posted Sep 15, 2010
Authored by Praveen Darshanam

Whitepaper called Forensics - Analyzing an Unknown Image.

tags | paper
SHA-256 | 36de6ce51a69a816e886c9296c511866e2f97bb7638556bfd17b3df564fb23aa
Month Of Abysssec Undisclosed Bugs - Novell iPrint
Posted Sep 15, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - The Novell iPrint client browser plug-in suffers from a parameter stack overflow vulnerability.

tags | advisory, overflow
SHA-256 | cc9add2077fe5b99eb85ddb63789c32ba63040ac35c53aa2e16036e1f00b87cd
Month Of Abysssec Undisclosed Bugs - Free Discussion Forum
Posted Sep 15, 2010
Authored by Abysssec | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Free Discussion Forum version 1.0 suffers from administrative access and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | a9d43a832e2ba1fa8c7348c2fa9c25697d0ad8daa7d3d3e277cb3c69762309b0
OpenSCAP Libraries 0.6.3
Posted Sep 15, 2010
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, and CVSS.

Changes: In OVAL - optimization of memory consumption, reporting correct results on unsupported objects, a fix for directory traversals, and Python API improvements. Updated Fedora content was added and XSLT transforms were improved.
tags | protocol, library
SHA-256 | dc8e32f1fcdf41de7ef3f5866b3a69bddd1bfedc665e1d9775384b47a02f27e9
IBM Lotus Domino iCalendar Stack Buffer Overflow
Posted Sep 15, 2010
Authored by A. Plaskett

IBM Lotus Domino iCalendar suffers from an email address stack buffer overflow vulnerability. Versions 8.0 and 8.5 are affected.

tags | exploit, overflow
SHA-256 | 16535cd708efaec4cc2eb1ff7547ec73bf0cd92eaab823f875f7a249ef6fe6b8
Mandriva Linux Security Advisory 2010-181
Posted Sep 15, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-181 - The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an Authorization HTTP header that lacks a : character in the base64-decoded string. The updated packages have been patched to correct this issue.

tags | advisory, remote, web, denial of service
systems | linux, mandriva
advisories | CVE-2009-2732
SHA-256 | c602d8f54fa47e35711d72b52f0cf0b553abf275217bd0dd15d924c27cd7465c
E-Xoopport - Samsara 3.1 Blind SQL Injection
Posted Sep 15, 2010
Authored by Dante90, _mRkZ_ | Site warwolfz.org

E-Xoopport - Samsara versions 3.1 and below suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5a161f64103a1904ad4980ffefa02e1b3c638e7dd94c6375785551c87317c3f2
Ubuntu Security Notice 987-1
Posted Sep 15, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 987-1 - Andrew Bartlett discovered that Samba did not correctly validate the length when parsing SIDs. A remote attacker could send a specially crafted request to the server and cause a denial of service, or possibly execute arbitrary code with the privileges of the Samba service (smbd). The default compiler options for Ubuntu 8.04 LTS and newer should reduce the vulnerability to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-3069
SHA-256 | 19db9738598a1b3493ca3c23f4ff085f57eac151d5d3636c6bb47e8d6f6a5c71
Debian Linux Security Advisory 2108-1
Posted Sep 15, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2108-1 - It has been discovered that in cvsnt, a multi-platform version of the original source code versioning system CVS, an error in the authentication code allows a malicious, unprivileged user, through the use of a specially crafted branch name, to gain write access to any module or directory, including CVSROOT itself. The attacker can then execute arbitrary code as root by modifying or adding administrative scripts in that directory.

tags | advisory, arbitrary, root
systems | linux, debian
advisories | CVE-2010-1326
SHA-256 | 7623474b1fe54003086c479731f96f4ee473a959445a4829f6ccb20db4409622
Microsoft Word 2003 MSO Null Pointer Dereference
Posted Sep 15, 2010
Authored by Aditya K Sood

A null pointer dereference vulnerability has been noticed in Microsoft Word. The exception results in the MSO.dll library failing to handle the specially crafted buffer in a file. The issue can be potentially triggered by opening a malicious word file which results in a null pointer exception due to invalid memory read.

tags | advisory
advisories | CVE-2010-3200
SHA-256 | 4c01a6e8fca0e345ca53ec2236511ab85597f7b4fcdd81dc24841e0f52f6773f
Month Of Abysssec Undisclosed Bugs - Novell iPrint
Posted Sep 15, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - The Novell iPrint client browser plug-in suffers from a parameter stack overflow vulnerability.

tags | exploit, overflow
SHA-256 | dd737bde8415b87650489f93bc877b5818c8df50c8c4b2c35f369008ca968b8b
Month Of Abysssec Undisclosed Bugs - Free Discussion Forum
Posted Sep 15, 2010
Authored by Abysssec | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Free Discussion Forum version 1.0 suffers from administrative access and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | b1a3225e61c9434202ec35356638d8259b05495467bb2ea1dfb8ec4b1e214663
Joomla JGen 0.9.33 SQL Injection
Posted Sep 15, 2010
Authored by RoAd_KiLlEr

The Joomla JGen component version 0.9.33 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bbdfaf340e952328a60e41a7c4da7e888c4266e1048235fe82fdc9166b741ec4
Nokia E72 Keyboard Password Bypass
Posted Sep 15, 2010
Authored by Ewerson Guimaraes | Site dclabs.com.br

The Nokia E72 suffers from a keyboard password bypass vulnerability.

tags | advisory, bypass
SHA-256 | e0d3e77ef2980214ddfbaeb2672917af8f4b395eba4c0311e807ad3d3183a7dc
Page 2 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close