seeing is believing
Showing 26 - 41 of 41 RSS Feed

Files Date: 2011-05-10 to 2011-05-11

Secunia Security Advisory 44534
Posted May 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for Kerberos in OpenVMS. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, spoof, vulnerability
MD5 | 65bc5934f9125b411eb82b136f735d46
Secunia Security Advisory 44537
Posted May 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Office PowerPoint, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 97d73c58a3fbbf21edbd37d691d1079f
Secunia Security Advisory 44539
Posted May 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Office for Mac, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 99f4f39d8c814d6b7fbbcd7cb0e1274e
Secunia Security Advisory 44538
Posted May 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | windows
MD5 | fb2f32d016d91b50e91e33267e2666eb
Secunia Security Advisory 44532
Posted May 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for Secure Web Server in OpenVMS. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to conduct cross-site scripting attacks, manipulate certain data, cause a DoS (Denial of Service), bypass certain security restrictions, and compromise a vulnerable system.

tags | advisory, web, denial of service, local, vulnerability, xss
MD5 | fa890d0cb0b235e9741be5cb4de25b17
Zero Day Initiative Advisory 11-157
Posted May 10, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-157 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Firefox handles user defined functions of a nsTreeSelection element. When executing the function invalidateSelection it is possible to free the nsTreeSelection object that the function operates on. Any further operations on the freed object can result in remote code execution.

tags | advisory, remote, arbitrary, code execution
MD5 | 240156476ab1688aa49bdf39aefd95b7
Zero Day Initiative Advisory 11-156
Posted May 10, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-156 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sybase M-Business Anywhere. Authentication is not required to exploit this vulnerability. The specific flaw exists within agsync.dll, which listens for SOAP and sync (HTTP) requests on ports 80 and 443 (HTTPS). When handling a supplied username parameter the process fails to verify the string length. This user-supplied data is then copied to a static sized buffer on the heap. A remote attacker could use this flaw to inject arbitrary code into the agd.exe process, which runs by default under the SYSTEM context.

tags | advisory, remote, web, arbitrary
MD5 | 441c2685c4b5e0863bcaa8bf022b0d6a
KeyFax Response Management System 3.2.2.6 XSS / Information Disclosure
Posted May 10, 2011
Authored by ProCheckUp, Richard Brain | Site procheckup.com

KeyFax Response Management System version 3.2.2.6 suffers from cross site scripting and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
MD5 | d5dcaaaacbbd4a51109ebc026a82bf8f
Peepdf PDF Analyzer 0.1
Posted May 10, 2011
Authored by Jose Miguel Esparza | Site peepdf.eternal-todo.com

peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it's possible to see all the objects in the document showing the suspicious elements, supports all the most used filters and encodings, it can parse different versions of a file, object streams and encrypted files. With the installation of Spidermonkey and Libemu it provides Javascript and shellcode analysis wrappers too. It's also able to create new PDF files and to modify existent ones.

tags | tool, javascript, shellcode, python, forensics
MD5 | 909ee1c709777ceb96241334657a60a3
Zero Day Initiative Advisory 11-155
Posted May 10, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-155 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sybase MBusiness Anywhere. Authentication is not required to exploit this vulnerability. The flaw exists within the agd.exe component which listens by default on TCP port 80 and 443. When calling agd!encodeUsername the process creates a 100 byte buffer on the heap. The process then blindly copies user supplied data into that fixed-length buffer without verifying that the size of the destination buffer is adequately sized. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
MD5 | 78ea905fd97ae252ffa1c696cb3d2bbe
Postfix SMTP Server Memory Corruption
Posted May 10, 2011
Authored by Wietse Venema

The Postfix SMTP server has a memory corruption error when the Cyrus SASL library is used with authentication mechanisms other than PLAIN and LOGIN (the ANONYMOUS mechanism is unaffected but should not be enabled for different reasons).

tags | advisory
advisories | CVE-2011-1720
MD5 | aa20352e228c35364fc0a75c88bd5667
HP Security Bulletin HPSBOV02683 SSRT090208
Posted May 10, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02683 SSRT090208 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. Revision 1 of this advisory.

tags | advisory, web, denial of service, php, vulnerability
advisories | CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010
MD5 | 018c2ab61a3b27c26435b260817377c5
HP Security Bulletin HPSBOV02670 SSRT100475
Posted May 10, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02670 SSRT100475 - Potential vulnerabilities have been identified with HP OpenVMS running SSL. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS) or unauthorized disclosure of information, or by a remote unauthorized user to modify data, prompts, or responses. Revision 1 of this advisory.

tags | advisory, remote, denial of service, vulnerability
advisories | CVE-2010-3864, CVE-2010-4180, CVE-2010-4252, CVE-2011-0014
MD5 | 2cd4ea2d2b86d9c3511aa0ba7e3d5f22
Joomla Hello SQL Injection
Posted May 10, 2011
Authored by g3mbeLz_YCL

The Joomla Hello component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3cd433314ee437e0708416dc8b103457
ZAPms 1.22 SQL Injection
Posted May 10, 2011
Authored by KedAns-Dz

ZAPms version 1.22 (19.04.2011) suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | de246b93081c8ea9af5acd0ec888beca
Nuke Evolution Xtreme 2.0.x SQL Injection
Posted May 10, 2011
Authored by KedAns-Dz

Nuke Evolution Xtreme version 2.0.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9e729a4e56a5668d002e37da562fcb3e
Page 2 of 2
Back12Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close