exploit the possibilities
Showing 26 - 40 of 40 RSS Feed

Files Date: 2011-05-25 to 2011-05-26

Secunia Security Advisory 44624
Posted May 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in IBM Lotus Notes, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | aabb5407425201c9ccb0e98f1f45b1d1
Secunia Security Advisory 44666
Posted May 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sybase EAServer, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | a8cb20f0d0af9954f2c76bea8e7f323d
7T Interactive Graphical SCADA System Memory Corruption
Posted May 25, 2011
Authored by Sebastien Renaud, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in 7T Interactive Graphical SCADA System (IGSS). The vulnerability is caused by a memory corruption error in the Open Database Connectivity (ODBC) component when processing packets sent to port 20222/TCP, which could result in an invalid structure being used, leading to an exploitable condition. Versions prior to 9.0.0.11143 are affected.

tags | advisory, tcp
MD5 | bbd0bbcc5fff965573b0db11ccf5a22a
ExtCalendar 2.0b2 SQL Injection
Posted May 25, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

ExtCalendar version 2.0b2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 03830d1903660dea6713a41e5a647617
Ubuntu Security Notice USN-1133-1
Posted May 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1133-1 - Nelson Elhage discovered that Econet did not correctly handle AUN packets over UDP. Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. Dan Carpenter discovered that the TTPCI DVB driver did not check certain values during an ioctl.

tags | advisory, udp
systems | linux, ubuntu
advisories | CVE-2010-4342, CVE-2010-4527, CVE-2010-4529, CVE-2011-0521, CVE-2011-0711
MD5 | ca93b4b9fc1777dc7c5de9255dd11bcd
Mandriva Linux Security Advisory 2011-100
Posted May 25, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-100 - The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a plaintext command injection attack, a similar issue to CVE-2011-0411.

tags | advisory, imap
systems | linux, mandriva
advisories | CVE-2011-1926
MD5 | 1840529d0f345fdcab76b0cbc09137de
Joomla Shop SQL Injection
Posted May 25, 2011
Authored by ThunDEr HeaD

The Joomla Shop component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 897adedd20b253af9ec00a38c5dc1ee3
Gadu-Gadu Code Execution / Cross Site Scripting
Posted May 25, 2011
Authored by Kacper Szczesniak

Gadu Gadu suffers from code execution and cross site scripting vulnerabilities.

tags | exploit, vulnerability, code execution, xss
MD5 | 3356579b6ad6bcfbdfba5bc2310fdf6e
MidiCMS-WB 2011 Shell Upload / Local File Inclusion
Posted May 25, 2011
Authored by KedAns-Dz

MidiCMS-WB 2011 suffers from shell upload and local file inclusion vulnerabilities.

tags | exploit, shell, local, vulnerability, file inclusion
MD5 | ba4b1a917a3ef9fb01a3322b5dc2a274
Lumension Device Control Memory Corruption
Posted May 25, 2011
Site ngssecure.com

Lumension Device Control (formerly Sanctuary) versions 4.4 SR6 and below suffer from a remote memory corruption vulnerability.

tags | advisory, remote
MD5 | 53f1f9bd1d4d2204a73825d3e06da0a7
Mandriva Linux Security Advisory 2011-099
Posted May 25, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-099 - The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service via an empty ZIP archive that is processed with a statName operation.

tags | advisory, denial of service, php
systems | linux, mandriva
advisories | CVE-2011-0421
MD5 | 566e8c85e3d620c5c8dd46cd2bd08dbf
phpScheduleIt 1.2.12 Cross Site Scripting
Posted May 25, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

phpScheduleIt version 1.2.12 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | d447aebded1b590770cecfcd5c322433
Ajax Chat 1 Cross Site Scripting
Posted May 25, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Ajax Chat version 1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 61f2573079cde03f6c18d6965831643d
NNT Change Tracker Enterprise 4.7 Weak Encryption
Posted May 25, 2011
Authored by Dennis Brunnen

NNT Change Tracker Enterprise version 4.7 suffers from a weak encryption vulnerability.

tags | advisory
MD5 | 5941856ee630ec382ad84de5ee5420c0
VisiWave VWR File Parsing Buffer Overflow
Posted May 25, 2011
Authored by mr_me, TecR0c | Site metasploit.com

This Metasploit module exploits a vulnerability found in VisiWave's Site Survey Report application. When processing .VWR files, VisiWave.exe attempts to match a valid pointer based on the 'Type' property (valid ones include 'Properties', 'TitlePage', 'Details', 'Graph', 'Table', 'Text', 'Image'), but if a match isn't found, the function that's supposed to handle this routine ends up returning the input as a pointer, and later used in a CALL DWORD PTR [EDX+10] instruction. This allows attackers to overwrite it with any arbitrary value, and results code execution. This Metasploit module was built to bypass ASLR and DEP. NOTE: During installation, the application will register two file handle's, VWS and VWR and allows a victim user to 'double click' the malicious VWR file and execute code.

tags | exploit, arbitrary, code execution
advisories | OSVDB-72464
MD5 | 71310cd3b031f3ad565ea7b5e2e84948
Page 2 of 2
Back12Next

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    9 Files
  • 29
    Jul 29th
    12 Files
  • 30
    Jul 30th
    9 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close