exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2011-03-25 to 2011-03-26

Unidesk Management Administrative Bypass
Posted Mar 25, 2011
Authored by Nathan Power

The Unidesk Management Console versions 1.3 and below suffer from a direct access vulnerability that allows an attacker direct access to administrative resources.

tags | exploit, bypass
SHA-256 | 0d22cc882b3d6c110e94623b1274d806e3e68239274da8ea4c92fd017f31ea87
Ubuntu Security Notice USN-1093-1
Posted Mar 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1093-1 - Joel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. Eric Dumazet discovered that many network functions could leak kernel stack contents. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A large number of additional vulnerabilities have also been address.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2478, CVE-2010-2942, CVE-2010-2943, CVE-2010-2954, CVE-2010-2955, CVE-2010-2960, CVE-2010-2962, CVE-2010-2963, CVE-2010-3067, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3084, CVE-2010-3296, CVE-2010-3297, CVE-2010-3298, CVE-2010-3310, CVE-2010-3432, CVE-2010-3437, CVE-2010-3442, CVE-2010-3477, CVE-2010-3705, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3858, CVE-2010-3859, CVE-2010-3861
SHA-256 | c0782ec52287eab8561329a78cec59713d72aef79fd6b9dd6d11304a47144159
Artefact St. CMS Cross Site Scripting / Path Disclosure
Posted Mar 25, 2011
Authored by MustLive

Artefact St. CMS suffers from cross site scripting and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | bd742a848904e41ba30a9ee0514b6c35ea3c4121d94a1515731a52804716edf3
Family Connections CMS 2.3.2 XSS / XML Injection
Posted Mar 25, 2011
Authored by LiquidWorm | Site zeroscience.mk

Family Connections CMS version 2.3.2 suffers from stored cross site scripting and XML injection vulnerabilities.

tags | exploit, vulnerability, xss, xxe
SHA-256 | 560b3b3d4d08ff3156aae5a09cf91b31f8fe7ef39a5cb6cabff71d7f147a2fbf
Ubuntu Security Notice USN-1092-1
Posted Mar 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1092-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. Alan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. A local attacker could exploit this flaw to gain root privileges.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-4076, CVE-2010-4077, CVE-2010-4158, CVE-2010-4162, CVE-2010-4163, CVE-2010-4242
SHA-256 | e4e95c3ce708ccee60c69142d9b8f3a021508dda6126580ad7d0f318105c5ded
EMC Data Protection Advisor Collector Arbitrary Code Execution
Posted Mar 25, 2011
Site emc.com

EMC Data Protection Advisor Collector for Solaris SPARC contains a potential security vulnerability that can be exploited to execute malicious code with elevated privileges on the affected system. EMC Data Protection Advisor Collector for Solaris SPARC versions 5.7 earlier than build 5833 and 5.7.1 earlier than build 5833 are affected.

tags | advisory
systems | solaris
advisories | CVE-2011-1420
SHA-256 | 00472255871cf6439ec8d34024b0182cd32bf08db9cecfa4c6e34e199da974b9
Parallels Plesk 8.2 URL Redirection
Posted Mar 25, 2011
Authored by Aung Khant | Site yehg.net

Parallels Plesk versions 7.0 through 8.2 suffer from an open URL redirection vulnerability.

tags | exploit
SHA-256 | e82c4eede93f6f4c23ff261011ee5bf01469c81b640ce2339d9a14906d8eeeb6
FXRecruiter Shell Upload
Posted Mar 25, 2011
Authored by Ashiyane Digital Security Team

FXRecruiter suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 2e0b852e7bcf48c3e7e34a2e6d42d11674e790de7bf3337b4114e1f2dc06e87a
HP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow
Posted Mar 25, 2011
Authored by MC | Site metasploit.com

This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted Hostname parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, cgi
advisories | CVE-2010-1555, OSVDB-64976
SHA-256 | 02e35aef4d2704a877aaa34534a7c31d092c5935e1f8e3a97604db506cae3315
Secunia Security Advisory 43865
Posted Mar 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - AutoSec Tools has discovered multiple vulnerabilities in openC, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | dbdf55345b6f7d043fd86bb9c83e8552aef403da44194cd00746d9b5c2a94ba3
Secunia Security Advisory 43866
Posted Mar 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - AutoSec Tools has discovered a vulnerability in openC, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | 83ff41efd3e3765dfdb26228900cae6af243e7fba1d8c65f1ea71973f43cff7c
Secunia Security Advisory 43571
Posted Mar 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for pywebdav. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
systems | linux, debian
SHA-256 | 8d38d533407bad97f3ba59677b323427ffaa25364ae04c4a17102adb18633657
Secunia Security Advisory 43608
Posted Mar 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the Spaces module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 15a088574db579d48412da42b25ef30c5236dbe7cd16605784fe64f715b4db8e
Secunia Security Advisory 43612
Posted Mar 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - AutoSec Tools has discovered multiple vulnerabilities in Support Incident Tracker, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 8b38d4cbcd0c1eb0938e1a653ca5e9f9111288d8e3f5c04549aaa7a3ec3cb2a9
Turkish Aybulut Portal 1.3 Cross Site Scripting
Posted Mar 25, 2011
Authored by kurdish hackers team | Site kurdteam.org

Turkish Aybulut Portal version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1ee4d39d0eaac7b5af96215135928732606380a903117bae0ee0cd13696c8564
Ubuntu Security Notice USN-1091-1
Posted Mar 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1091-1 - It was discovered that several invalid HTTPS certificates were issued and revoked. An attacker could use these to perform a man-in-the-middle attack. These were placed on the certificate blacklist to prevent their misuse.

tags | advisory, web
systems | linux, ubuntu
SHA-256 | 9d997fd1dc5b1db8c58570b121a52741aeebed05a884b64d8071a28909e56804
Secunia Security Advisory 43881
Posted Mar 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for krb5. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
systems | linux, fedora
SHA-256 | 149eaf22b54b35091085b29f4318a67611268441d85539d480fdda79f328f24b
Secunia Security Advisory 43868
Posted Mar 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - AutoSec Tools has discovered a vulnerability in netjukebox, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 284f1ddd77704fd02a45f4e032b0cf305a117ae783edb9b13aedc6ba7665ff98
Secunia Security Advisory 43858
Posted Mar 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Mahara, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
SHA-256 | c6dbcc08d5158a7ea6bea6a8b7ee455a8393da447c7d66bd512ac2cac6b52c94
Secunia Security Advisory 43869
Posted Mar 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - AutoSec Tools has discovered a vulnerability in Group-Office, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | ff49f8b829b1ec4d8769e44c068fe7afb91da71e49a0518af63d5af4d612d3f5
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close