what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 41 of 41 RSS Feed

Files Date: 2011-05-10 to 2011-05-11

Secunia Security Advisory 44534
Posted May 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for Kerberos in OpenVMS. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, spoof, vulnerability
SHA-256 | 5f518788656b8c278ed1f6efb70d22d0abb1909323c7d4df46ddc8fdd9ae1a5e
Secunia Security Advisory 44537
Posted May 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Office PowerPoint, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 581763160f403c7cb77cebe5ca37e912f870dde8af8fb40d993187c2a655f4a2
Secunia Security Advisory 44539
Posted May 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Office for Mac, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 63dc0d27bd41ead9b550b7ba4dda7b6a6f118aeee44d4e8f9c5f816e3a158774
Secunia Security Advisory 44538
Posted May 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | windows
SHA-256 | ab39d4d1501aae1192a88ba3ad33b10905069d516200ebde86bc88d123bede57
Secunia Security Advisory 44532
Posted May 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for Secure Web Server in OpenVMS. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to conduct cross-site scripting attacks, manipulate certain data, cause a DoS (Denial of Service), bypass certain security restrictions, and compromise a vulnerable system.

tags | advisory, web, denial of service, local, vulnerability, xss
SHA-256 | a6a2658ece9e58267f30c1acb621699314a7e3a42c1c240c0c443ab0caed682c
Zero Day Initiative Advisory 11-157
Posted May 10, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-157 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Firefox handles user defined functions of a nsTreeSelection element. When executing the function invalidateSelection it is possible to free the nsTreeSelection object that the function operates on. Any further operations on the freed object can result in remote code execution.

tags | advisory, remote, arbitrary, code execution
SHA-256 | 766e4f1bea6c57dd6abff97f2c936258d3c2a92aab1a04dbdb224fc0df554a53
Zero Day Initiative Advisory 11-156
Posted May 10, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-156 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sybase M-Business Anywhere. Authentication is not required to exploit this vulnerability. The specific flaw exists within agsync.dll, which listens for SOAP and sync (HTTP) requests on ports 80 and 443 (HTTPS). When handling a supplied username parameter the process fails to verify the string length. This user-supplied data is then copied to a static sized buffer on the heap. A remote attacker could use this flaw to inject arbitrary code into the agd.exe process, which runs by default under the SYSTEM context.

tags | advisory, remote, web, arbitrary
SHA-256 | b53828c6edcdfd2192b06d6d280ef057b3483af55ad1c2aa33de7d13444ce4fe
KeyFax Response Management System 3.2.2.6 XSS / Information Disclosure
Posted May 10, 2011
Authored by ProCheckUp, Richard Brain | Site procheckup.com

KeyFax Response Management System version 3.2.2.6 suffers from cross site scripting and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | a61a149c3434df8b6fdb5b0b31cf5a857eaa9a52d5b3e26a7f96a758867acfd8
Peepdf PDF Analyzer 0.1
Posted May 10, 2011
Authored by Jose Miguel Esparza | Site peepdf.eternal-todo.com

peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it's possible to see all the objects in the document showing the suspicious elements, supports all the most used filters and encodings, it can parse different versions of a file, object streams and encrypted files. With the installation of Spidermonkey and Libemu it provides Javascript and shellcode analysis wrappers too. It's also able to create new PDF files and to modify existent ones.

tags | tool, javascript, shellcode, python, forensics
SHA-256 | d33183f26435322007fe6f34df27b06941c7bd1ea2307d6311f0d0bca46042eb
Zero Day Initiative Advisory 11-155
Posted May 10, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-155 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sybase MBusiness Anywhere. Authentication is not required to exploit this vulnerability. The flaw exists within the agd.exe component which listens by default on TCP port 80 and 443. When calling agd!encodeUsername the process creates a 100 byte buffer on the heap. The process then blindly copies user supplied data into that fixed-length buffer without verifying that the size of the destination buffer is adequately sized. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | 8d52dac8f61fda31f32be72c774a67dc768b8f5c94d3397fc6617b6985a43db0
Postfix SMTP Server Memory Corruption
Posted May 10, 2011
Authored by Wietse Venema

The Postfix SMTP server has a memory corruption error when the Cyrus SASL library is used with authentication mechanisms other than PLAIN and LOGIN (the ANONYMOUS mechanism is unaffected but should not be enabled for different reasons).

tags | advisory
advisories | CVE-2011-1720
SHA-256 | 701d670361d261d971bf5cb536af214e19dc67b4b2410370bfd209a2bf95cc86
HP Security Bulletin HPSBOV02683 SSRT090208
Posted May 10, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02683 SSRT090208 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. Revision 1 of this advisory.

tags | advisory, web, denial of service, php, vulnerability
advisories | CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010
SHA-256 | a7638da01e18d2a3d9c6e84728556bb08fdb00082b9c904826eb85aa31a5870d
HP Security Bulletin HPSBOV02670 SSRT100475
Posted May 10, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02670 SSRT100475 - Potential vulnerabilities have been identified with HP OpenVMS running SSL. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS) or unauthorized disclosure of information, or by a remote unauthorized user to modify data, prompts, or responses. Revision 1 of this advisory.

tags | advisory, remote, denial of service, vulnerability
advisories | CVE-2010-3864, CVE-2010-4180, CVE-2010-4252, CVE-2011-0014
SHA-256 | 1580382bbf55fde0f91e439f0d90c3aff5767f568e5cc0fa24c41bb05a7b36a4
Joomla Hello SQL Injection
Posted May 10, 2011
Authored by g3mbeLz_YCL

The Joomla Hello component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e405f95a160d67a8855eaec197928ff6c5e345599a15c3e4ffe6a91cca4ab733
ZAPms 1.22 SQL Injection
Posted May 10, 2011
Authored by KedAns-Dz

ZAPms version 1.22 (19.04.2011) suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b38e59e6828623fff4a93f37127a464434074f640eab744c31bdb0d797c4c2dc
Nuke Evolution Xtreme 2.0.x SQL Injection
Posted May 10, 2011
Authored by KedAns-Dz

Nuke Evolution Xtreme version 2.0.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2e61d497ea6f217955c9f47f9961e0d86036698229b83020a806ffe0ba41f1c5
Page 2 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close