exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files Date: 2010-09-18 to 2010-09-19

Joomla Restaurant Guide Cross Site Scripting / Local File Inclusion / SQL Injection
Posted Sep 18, 2010
Authored by Valentin Hoebel

The Joomla Restaurant Guide component version 1.0.0 suffers from cross site scripting, local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
SHA-256 | d00ec099221f493dc999b3a2f3953d7bb9c694088a81a3a26e0827e0d9be13fc
Wi-fEye Wireless Pentesting Tool 0.5
Posted Sep 18, 2010
Authored by Zaid Al-Quraishi | Site wi-feye.za1d.com

Wi-fEye is designed to help with network penetration testing. It allows the user to perform a number of powerful attack automatically including WEP/WPA cracking, session hijacking and more.

tags | tool, wireless
SHA-256 | 4dd51d239b2fa42d5f7a934a2fc179c42c3d1d7659fa11057f34b2cc4bd616ba
Ubuntu Security Notice 988-1
Posted Sep 18, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 988-1 - Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-3081, CVE-2010-3301
SHA-256 | 3292bde8e4e5b048589c79d2d8ad3262fbd351a7707fb46c64c98ef65a7d9b66
Tenshi Log Monitoring Program 0.12
Posted Sep 18, 2010
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: FIFO read bugfix and opensuse rpm spec, see Changelog.
tags | system logging
systems | unix
SHA-256 | 953bbad01cb03674ab6135b70f707467ccd55dd1b8cb7257f1f49473d7767920
Win32/XP SP3 Create New File Shellcode
Posted Sep 18, 2010
Authored by ZoRLu

74 bytes small Win32/XP SP3 (Tr) create new file (zrl.txt) shellcode.

tags | shellcode
systems | windows
SHA-256 | b18181efb4254751939c3371c6813db9adfc1999627afbbf951700281a814304
Win32/XP SP3 Cmd.exe Shellcode
Posted Sep 18, 2010
Authored by ZoRLu

52 bytes small Win32/XP SP3 (Tr) cmd.exe shellcode.

tags | shellcode
systems | windows
SHA-256 | a97dcdacf92839454c7f72dd9e9f67e65e9c22ea250741dd75c4bd4213e68c78
Win32/XP SP3 Calc.exe Shellcode
Posted Sep 18, 2010
Authored by ZoRLu

53 bytes small Win32/XP SP3 (Tr) calc.exe shellcode.

tags | shellcode
systems | windows
SHA-256 | 9f24dce28c28b8e8d5838b436907cecd6a08996d76e88c123afadcb9add422b7
Open Source CERT Security Advisory 2010.3
Posted Sep 18, 2010
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

Free Simple CMS versions 1.0 and below suffer from a remote file inclusion vulnerability.

tags | advisory, remote, file inclusion
SHA-256 | 1f0bab6915c38374d04f3409e9cca75897c9d33487ecd6ea9df084d256e824ca
Ubuntu Security Notice 978-2
Posted Sep 18, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 978-2 - USN-978-1 fixed vulnerabilities in Thunderbird. Some users reported stability problems under certain circumstances. This update fixes the problem. Several dangling pointer vulnerabilities were discovered in Thunderbird. It was discovered that the XPCSafeJSObjectWrapper (SJOW) security wrapper did not always honor the same-origin policy. Matt Haggard discovered that Thunderbird did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Thunderbird processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the <object> tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Thunderbird when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.

tags | advisory, overflow, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2760, CVE-2010-2763, CVE-2010-2764, CVE-2010-2765, CVE-2010-2766, CVE-2010-2767, CVE-2010-2768, CVE-2010-2769, CVE-2010-3166, CVE-2010-3167, CVE-2010-3168, CVE-2010-3169
SHA-256 | 279e9c9f571dc9eb648f55303ef86819aa3f9ac4e057095049c812b308770b96
Month Of Abysssec Undisclosed Bugs - Apple QuickTime FLI
Posted Sep 18, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Apple QuickTime player version 7.6.5 suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
systems | apple
advisories | CVE-2010-0520
SHA-256 | 755e32b54edf09bcc945c50382e1d9793c0e29cc4fd76dbedb13e82a13390a94
Month Of Abysssec Undisclosed Bugs - CMSimple 3.2
Posted Sep 18, 2010
Authored by Abysssec | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - CMSimple versions 3.2 and below suffer from a cross site request forgery vulnerability.

tags | advisory, csrf
SHA-256 | 00143e8015eab234d038859a285d41990e8f2abf0b8a617cc23af65126cf065a
Month Of Abysssec Undisclosed Bugs - Firefox Plugin Parameter
Posted Sep 18, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - The Parameter plugin in Firefox 3.6.4 suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2010-1214
SHA-256 | 06e291aca17db5db59743c6b31ae519234f925b5af49376333a3f0097075b146
Month Of Abysssec Undisclosed Bugs - phpmyfamily 1.4.2
Posted Sep 18, 2010
Authored by Abysssec | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - phpmyfamily versions 1.4.2 and below suffer from cross site request forgery, cross site scripting, information disclosure and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, xss, sql injection, info disclosure, csrf
SHA-256 | 0cf085558e72559231041b49f9c308bfb70b5a11f00884515f90cf2919070c96
xt:Commerce Gambio 2008 - 2010 SQL Injection
Posted Sep 18, 2010
Authored by secret

xt:Commerce Gambio 2008 - 2010 suffers from an ERROR based SQL injection vulnerability in reviews.php.

tags | exploit, php, sql injection
SHA-256 | a4508f4f4991a110085c2b7958c4494d63ccd9cbd55d957928a0d8488fdcaff1
Ubuntu Security Notice 975-2
Posted Sep 18, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 975-2 - USN-975-1 fixed vulnerabilities in Firefox and Xulrunner. Some users reported stability problems under certain circumstances. This update fixes the problem. Several dangling pointer vulnerabilities were discovered in Firefox. Blake Kaplan and Michal Zalewski discovered several weaknesses in the XPCSafeJSObjectWrapper (SJOW) security wrapper. Various other issues were addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2760, CVE-2010-2762, CVE-2010-2764, CVE-2010-2765, CVE-2010-2766, CVE-2010-2767, CVE-2010-2768, CVE-2010-2769, CVE-2010-3166, CVE-2010-3167, CVE-2010-3168, CVE-2010-3169
SHA-256 | d4f8fe00ff4692cdae02e6e9d2e61d82d7c87effedee8fa5741315f6628f0279
MediaHuman Music COnverter 1.0.1 Denial Of Service
Posted Sep 18, 2010
Authored by modpr0be

MediaHuman Music Converter version 1.0.1 suffers from .wav and .mp3 denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
SHA-256 | 49de5f7d7f2ab9b63ac7c0a0f944ab60335f419fbb054e0cf33fa66a6a0e606d
Microsoft DRM Technology Active-X Overflow / Denial Of Service
Posted Sep 18, 2010
Authored by Asheesh Kumar Mani Tripathi

Microsoft DRM technology suffers from Active-x related buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability, activex
SHA-256 | c67e4e09d51917b4d4a68cf3c3fcbc0e03bc502047d6cba23d4185432556f03f
Debian Linux Security Advisory 2110-1
Posted Sep 18, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2110-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2010-2492, CVE-2010-2954, CVE-2010-3078, CVE-2010-3080, CVE-2010-3081
SHA-256 | e25b6491aff8c3f5313eb5b89eb84002884efc169a59c3cd5dd92e86cb26502d
HP Security Bulletin HPSBUX02546 SSRT100159
Posted Sep 18, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to create a Denial of Service (DoS) and permit unauthorized disclosure of information.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2009-4022, CVE-2010-0290, CVE-2010-0382
SHA-256 | bd8b17704deb1ab7649c91532d1c94ef776dd4816a7809ba4ddc9d701b153d10
Month Of Abysssec Undisclosed Bugs - Apple QuickTime FLI
Posted Sep 18, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Apple QuickTime player version 7.6.5 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
systems | apple
advisories | CVE-2010-0520
SHA-256 | bfafaebfaff6cd46b5c1fdee36d35413dda174b2f09f7738e05a56d5be3855d7
Month Of Abysssec Undisclosed Bugs - Firefox Plugin Parameter
Posted Sep 18, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - The Parameter plugin in Firefox 3.6.4 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2010-1214
SHA-256 | 59044f65786070ffa2cc012fdbc684d9a6add3b705bb14b9d14f2f1ccaa453a6
Month Of Abysssec Undisclosed Bugs - CMSimple 3.2
Posted Sep 18, 2010
Authored by Abysssec | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - CMSimple versions 3.2 and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 222618d51aabdb031a7b98ec991aa0c5bd04539cebaa77f999e66cb8f96a26a7
Month Of Abysssec Undisclosed Bugs - phpmyfamily 1.4.2
Posted Sep 18, 2010
Authored by Abysssec | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - phpmyfamily versions 1.4.2 and below suffer from cross site request forgery, cross site scripting, information disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, info disclosure, csrf
SHA-256 | 5abd8f12eb03d51ee727684ae4038c351d3b500291f64361b147f169eb74333b
A-PDF All To MP3 Coverter 1.1.0 Universal Exploit
Posted Sep 18, 2010
Authored by modpr0be

A-PDF All to MP3 Converter version 1.1.0 universal SEH overwrite exploit.

tags | exploit
SHA-256 | 3f2a1e14578e7f0b16bdaf7c345ff3f4e5b23a857542542f9875c0de6d4f9e47
DJ Studio Pro 8.1.3.2.1 SEH Overwrite
Posted Sep 18, 2010
Authored by Abhishek Lyall | Site aslitsecurity.com

DJ Studio Pro version 8.1.3.2.1 SEH overwrite exploit.

tags | exploit
SHA-256 | e954495a7ea7efc7bae3651a28925b06ca5231857084af17012e62369912cd46
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close