what you don't know can hurt you
Showing 1 - 25 of 40 RSS Feed

Files Date: 2010-11-16 to 2010-11-17

HP Security Bulletin HPSBPI02575 SSRT090255
Posted Nov 16, 2010
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02575 SSRT090255 - A potential security vulnerability has been identified with HP LaserJet MFP printers, HP Color LaserJet MFP printers, and certain HP LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to files. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2010-4107
SHA-256 | 6956edfd9f21d6c9739fe6d6466c367970cc9982d249494bc188fb5add8fbe90
Mandriva Linux Security Advisory 2010-237
Posted Nov 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-237 - A new version of the CGI Perl module has been released to CPAN, which fixes several security bugs which directly affect Bugzilla (these two security bugs where first discovered as affecting Bugzilla, then identified as being bugs in CGI.pm itself).

tags | advisory, cgi, perl
systems | linux, mandriva
SHA-256 | 3ef96a09de4d9dbe3cb59f192284caa1d660bf21db9def55d0c1d49ba5859229
Mandriva Linux Security Advisory 2010-236
Posted Nov 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-236 - Multiple vulnerabilities were discovered and corrected in freetype2. An error within the "Ins_SHZ()" function in src/truetype/ttinterp.c when handling the "SHZ" bytecode instruction can be exploited to cause a crash and potentially execute arbitrary code via a specially crafted font. An error exists in the "ft_var_readpackedpoints()" function in src/truetype/ttgxvar.c when processing TrueType GX fonts and can be exploited to cause a heap-based buffer overflow via a specially crafted font.

tags | advisory, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2010-3814, CVE-2010-3855
SHA-256 | 082e3d14d51c0c4429d4ac6085aeee9d68bb604f0f963c33a896c08708daa057
VMware Security Advisory 2010-0016
Posted Nov 16, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory 2010-0016 - This patch updates the service console kernel to fix multiple security issues. Updates to the likewisekrb5, likewiseopenldap, likewiseopen, and pamkrb5 packages address several security issues.

tags | advisory, kernel
advisories | CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-4212, CVE-2010-0291, CVE-2010-0307, CVE-2010-0415, CVE-2010-0622, CVE-2010-1087, CVE-2010-1088, CVE-2010-1321, CVE-2010-1437
SHA-256 | 07d894e6a7a9e88a8d84a552ceb2b2d8a971a3c2b551994cd04d95e15402b1cc
R-U-Dead-Yet Denial Of Service Tool
Posted Nov 16, 2010
Authored by Raviv Raz | Site code.google.com

R-U-Dead-Yet is a universal DoS attack tool written in Python. It will attack all and any web applications / servers. Runs either in unattended mode using configuration file or in an interactive auto-discover-web-forms mode.

tags | web, denial of service, python
systems | unix
SHA-256 | 9f9da8c3e7d66dea4780fdadc6ac9a60664d42386837c1e7ed714dff93c9e186
openEngine 2.0 Cross Site Scripting / Local File Inclusion
Posted Nov 16, 2010
Site secpod.com

openEngine version 2.0 100226 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
SHA-256 | f75200a23655b3e99db0e2861974f6514710db7996e96d0457628afe625d925b
Joomla Maian Media SQL Injection
Posted Nov 16, 2010
Authored by v3n0m

The Joomla Maian Media component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f5b4f4fba5a6f76bb200d433b4f643780e73633c50e60434c4c112acc955e826
Furious CMS Local File Inclusion
Posted Nov 16, 2010
Authored by Cru3l.b0y

Furious CMS suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 25fb948204e2195bffcabf5e40ef4339648a697d189656d16c6db31a6e98404b
Axis2 / SAP BusinessObjects dswsbobje Upload Exec
Posted Nov 16, 2010
Authored by Joshua D. Abraham | Site metasploit.com

This Metasploit module logins to an Axis2 Web Admin Module instance using a specific user/pass and uploads and executes commands via deploying a malicious web service by using SOAP.

tags | exploit, web
advisories | CVE-2010-0219
SHA-256 | d25079aca4be2ff7c1b9c1e7d10524631a0690cd4f3947fe48034950306d88a5
NetWare 6.5 SunRPC Portmapper CALLIT Stack Buffer Overflow
Posted Nov 16, 2010
Authored by pahtzo | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in the NetWare PKERNEL.NLM driver's CALLIT procedure. PKERNEL.NLM is installed by default on all NetWare servers to support NFS. The PKERNEL.NLM module runs in kernel mode so a failed exploit attempt can cause the operating system to reboot.

tags | exploit, overflow, kernel
advisories | OSVDB-58447
SHA-256 | c27652aa07753a297590881df248cfadef324fbc2d9a80e2d259ef4293acfa99
Eclipse IDE Cross Site Scripting
Posted Nov 16, 2010
Authored by Aung Khant | Site yehg.net

The Help Content web application that is part of Eclipse IDE suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
SHA-256 | 663095f547ed049ec6ba3194586a14fe83c9890890dab3127058ee28eda5f13c
Mandriva Linux Security Advisory 2010-235
Posted Nov 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-235 - An error exists in the "ft_var_readpackedpoints()" function in src/truetype/ttgxvar.c when processing TrueType GX fonts and can be exploited to cause a heap-based buffer overflow via a specially crafted font. The updated packages have been patched to correct these issues.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2010-3855
SHA-256 | 513e57f39a0528458ed28074ae028710308370fd51826b6bada5e299dfb1ea87
BPRealestate Real Estate SQL Injection
Posted Nov 16, 2010
Authored by v3n0m

BPRealestate Real Estate suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 89fbe8de0f9f7dcc2ae31f188cd1ac020dfd0f3cc1fb26d2cd1d360fbe8b10ff
BPConferenceReporting Web Reporting SQL Injection
Posted Nov 16, 2010
Authored by v3n0m

BPConferenceReporting Web Reporting suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, web, sql injection
SHA-256 | b103247cd396176b4e5a7709d24641039da55644863a5b78a2ff43d920625af2
BPDirectory Business Directory SQL Injection
Posted Nov 16, 2010
Authored by v3n0m

BPDirectory Business Directory suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 89385a9feb2ad3d713c2a9a31c6e391b8a58ca03a891f51139c7765f3711d487
BPAffiliate Affiliate Tracking SQL Injection
Posted Nov 16, 2010
Authored by v3n0m

BPAffiliate Affiliate Tracking suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 5fa7348efa0b0b0d05ee4768fa72c5c4e17ae747927ca2538ac36095e4bc5834
Secunia Security Advisory 42243
Posted Nov 16, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in OpenSSL, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service
SHA-256 | 4fb6213f5b46e363cae70109159818dfcc47e29a4283633657582e73640cfe1a
Secunia Security Advisory 42279
Posted Nov 16, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LuCI, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | baac9b18f3829ae144cbb2bd4faf5d52c5c894ba0a8ef6ce0efe51a284ac7eff
Secunia Security Advisory 42230
Posted Nov 16, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LuCI, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 073826d61517f8a3613cc180728714f01379f756757325a4fa63528bc193349e
Secunia Security Advisory 42265
Posted Nov 16, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Event Registration plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 871c2ae92a319683809d1aa217c515336b97bef853f7be8022eb3ba130a3d98f
Secunia Security Advisory 42273
Posted Nov 16, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for moodle. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, fedora
SHA-256 | 0e6823661aaa1f4eeffc37b4d72bd6335be56c853c378379a502fc9a82019bab
Secunia Security Advisory 42204
Posted Nov 16, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in 6kbbs, which can be exploited by malicious users to conduct script insertion and SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 30ace8a52de72c7841302f22b05197182c353958fcdc5d9e8a20f2b68f117aaf
Secunia Security Advisory 42271
Posted Nov 16, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for bugzilla. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct HTTP response splitting and cross-site scripting attacks.

tags | advisory, web, vulnerability, xss
systems | linux, fedora
SHA-256 | 262bb21c6a547e5bb715e160cdb7525f75e835700ba92021826353b66a22e3d5
Secunia Security Advisory 42222
Posted Nov 16, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in multiple Fujitsu Interstage products, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | b34ba8c8556ef54d5a2e40c9c48c768badfd435ed2d571f1440a925dea0acdd4
Realtek Audio Control Panel 1.0.1.65 Buffer Overflow
Posted Nov 16, 2010
Authored by BraniX

Realtek Audio Control Panel version 1.0.1.65 buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | 9e15a98de6170f3d174b736d1a92339ae03ce65b6fa5369e26af7bcb539acb29
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close