exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 42 RSS Feed

Files Date: 2011-07-05 to 2011-07-06

ISC BIND 9 Magic Packet Denial Of Service
Posted Jul 5, 2011
Site isc.org

A defect in the affected BIND 9 versions allows an attacker to remotely cause the "named" process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured within named.conf or by disabling any features at compile-time or run-time. A remote attacker would need to be able to send a specially crafted packet directly to a server running a vulnerable version of BIND. There is also the potential for an indirect attack via malware that is inadvertently installed and run, where infected machines have direct access to an organization's nameservers. Versions affected are 9.6.3, 9.6-ESV-R4, 9.6-ESV-R4-P1, 9.6-ESV-R5b1 9.7.0, 9.7.0-P1, 9.7.0-P2, 9.7.1, 9.7.1-P1, 9.7.1-P2, 9.7.2, 9.7.2-P1, 9.7.2-P2, 9.7.2-P3, 9.7.3, 9.7.3-P1, 9.7.3-P2, 9.7.4b1 9.8.0, 9.8.0-P1, 9.8.0-P2, 9.8.0-P3, and 9.8.1b1.

tags | advisory, remote, denial of service
advisories | CVE-2011-2464
SHA-256 | 2fd13893122dc448b5db5225fe97b7626b7ee55edfa33dbb17024d926df11b52
Debian Security Advisory 2272-1
Posted Jul 5, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2272-1 - It was discovered that BIND, a DNS server, does not correctly process certain UPDATE requests, resulting in a server crash and a denial of service. This vulnerability affects BIND installations even if they do not actually use dynamic DNS updates.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2011-2464
SHA-256 | 4fc41ab8569b1044b0a213223ba1fa05b854a033fdac4fdc31d6fb27452031e6
Red Hat Security Advisory 2011-0920-01
Posted Jul 5, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0920-01 - The krb5-appl packages provide Kerberos-aware telnet, ftp, rcp, rsh, and rlogin clients and servers. While these have been replaced by tools such as OpenSSH in most environments, they remain in use in others. It was found that gssftp, a Kerberos-aware FTP server, did not properly drop privileges. A remote FTP user could use this flaw to gain unauthorized read or write access to files that are owned by the root group.

tags | advisory, remote, root
systems | linux, redhat
advisories | CVE-2011-1526
SHA-256 | 92eaf7d09061e8d6782fff5fc8afaf3e2839d6649eddf1a4cbabe01663326a44
Red Hat Security Advisory 2011-0919-01
Posted Jul 5, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0919-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. It was found that the virtio subsystem in qemu-kvm did not properly validate virtqueue in and out requests from the guest. A privileged guest user could use this flaw to trigger a buffer overflow, allowing them to crash the guest or, possibly, escalate their privileges on the host. It was found that the virtio_queue_notify() function in qemu-kvm did not perform sufficient input validation on the value later used as an index into the array of virtqueues. An unprivileged guest user could use this flaw to crash the guest or, possibly, escalate their privileges on the host. Various other issues were also addressed.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2011-2212, CVE-2011-2512
SHA-256 | 618f288e12fbda5483a5747741cf28e456411a05c89f0f05dca002132c56c20b
Red Hat Security Advisory 2011-0918-01
Posted Jul 5, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0918-01 - cURL provides the libcurl library and a command line tool for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. It was found that cURL always performed credential delegation when authenticating with GSSAPI. A rogue server could use this flaw to obtain the client's credentials and impersonate that client to other servers that are using GSSAPI. Users of curl should upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using libcurl must be restarted for the update to take effect. Various other issues were also addressed.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2011-2192
SHA-256 | 757ebdb8f6af6eba26dd318d53aed488e7fce3737ac0568add4ee65f5ac9bb7e
Ubuntu Security Notice USN-1163-1
Posted Jul 5, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1163-1 - It was discovered that Bind incorrectly handled certain specially crafted packets. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-2464
SHA-256 | 6e7229dccc1279bee85e6103721901ee0cc50fb917f227f17ad912e58d9bc76f
Ubuntu Security Notice USN-1162-1
Posted Jul 5, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1162-1 - Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec() calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not correctly handle certain configurations. If such a device was configured without VLANs, a remote attacker could crash the system, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4243, CVE-2010-4263, CVE-2010-4342, CVE-2010-4529, CVE-2010-4565, CVE-2011-0463, CVE-2011-0695, CVE-2011-0711, CVE-2011-0726, CVE-2011-1013, CVE-2011-1016, CVE-2011-1017, CVE-2011-1019, CVE-2011-1090, CVE-2011-1163, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495, CVE-2011-1593, CVE-2011-1598, CVE-2011-1745, CVE-2011-1746, CVE-2011-1747, CVE-2011-1748, CVE-2011-2022
SHA-256 | 5f9dbdee4c9cb66849ecb0fc61bcdea533d2e1379acc2d9161a3c99809f90f7e
Breaking The Links: Exploiting The Linker
Posted Jul 5, 2011
Authored by Tim Brown | Site nth-dimension.org.uk

The recent discussion relating to insecure library loading on the Microsoft Windows platform provoked a significant amount of debate as to whether GNU/Linux and UNIX variants could be vulnerable to similar attacks. Whilst the general consensus of the Slashdot herd appeared to be that this was just another example of Microsoft doing things wrong, the author felt this was unfair and responded with a blog post that sought to highlight an example of where POSIX style linkers get things wrong. Based on the feedback received to that post, the author decided to investigate the issue a little further. This paper is an amalgamation of what was learnt.

tags | paper
systems | linux, windows, unix, osx
SHA-256 | 38725ccf48a81f4e7da57a4196862e45b938f1fbb3f88bb603cf2a91867ab832
Defeating Data Execution Prevention And ASLR In Windows XP SP3
Posted Jul 5, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Whitepaper called Defeating Data Execution Prevention and ASLR in Windows XP SP3. Data prevention Execution (DEP) and Address space layout randomization (ASLR) are two protection mechanisms integrated in Windows operating system to make more complicated the task of exploiting software. This document show how these two features can be bypassed using different techniques.

tags | paper
systems | windows
SHA-256 | f469442a5a92bed1a1086a83f8aebc86f786d426e10337f16a54d94b71969b8e
Structured Exception Handler Exploitation
Posted Jul 5, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Whitepaper called Structured Exception Handler Exploitation. The SEH exploitation technique was publicly documented by David Litchfield September, 2003. At a high-level, the SEH overwrite technique uses a software vulnerability to execute arbitrary code by abusing the 32-bit exception dispatching facilities provided by Windows. At a functional level, an SEH overwrite is generally accomplished by using a stack-based buffer. This document explains SEH details while exploiting a real case.

tags | paper, arbitrary
systems | windows
SHA-256 | 6e3042b60dc7dac5ac44837519701c34752fa6f26c6addfd50be7b699eb1b3b2
Fake Malware And Virus Scanners
Posted Jul 5, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Whitepaper called Fake Malware and Virus Scanners. Rogue security software reports a virus infection, even if your computer is clean. This kind of "software" could also fail to report viruses when your computer is infected. This document show what are the mechanisms to obfuscate this process.

tags | paper, virus
SHA-256 | 0305582fef0a334d0098bff6db770a8a71c665735a44588fdd53e7b219351d8c
Potential Dangers Of Active-X Attacks
Posted Jul 5, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Whitepaper called Become Fully Aware of the Potential Dangers of Active-X Attacks. Exploiting Active-X components vulnerabilities in Windows has become a favored method of attackers aiming to compromise specific computers. Such targeted attacks have increasingly become a threat to companies and government agencies. This talk will explain this kind of attack and show how this flaw could be discovered while going through exploitation.

tags | paper, vulnerability, activex
systems | windows
SHA-256 | 9eeb90330cfbccc1cd8f8478aef2e4c16a609d57f5f1172310f841fe03112f37
Client-Side Threats - Anatomy Of Reverse Trojan Attacks
Posted Jul 5, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Whitepaper called Client-Side Threats - Anatomy of Reverse Trojan Attacks. Client-side vulnerabilities are among the biggest threats facing users. Attackers are going after weaknesses in desktop applications such as browsers, media players, common office applications and e-mail clients to install malicious software, often Trojan horses and rootkits. This document explains in detail these threats while how to prevent them.

tags | paper, trojan, vulnerability, virus
SHA-256 | 2c1afb10f1f364d84902aa704ae75b54b7d538279adb0348248fba3c6e22acf9
Apple Security Advisory 2011-06-28-2
Posted Jul 5, 2011
Authored by Apple | Site apple.com

Apple Security Advisory 2011-06-28-2 - Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user.

tags | advisory, java, web, arbitrary, vulnerability, code execution
systems | apple
advisories | CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863, CVE-2011-0864, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0873
SHA-256 | ac17f9a66569c15aa5a3005b935ebd8f244216344adfa4e88ff8858841e3d68b
FlatPress 0.1010.1 Cross Site Scripting
Posted Jul 5, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

FlatPress version 0.1010.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 156e35a641b41edf78ba633dd306e6c81d81b83382ecc5115b126f90b9f07374
CoolPlayer 2.19 Buffer Overflow
Posted Jul 5, 2011
Authored by X-h4ck

CoolPlayer version 2.19 buffer overflow exploit that spawns calc.exe.

tags | exploit, overflow
SHA-256 | e322e99bb4418635af8df36fe49a1e7a39fffd5fa6db61b39fb1876c8807afe9
a-Tech SQL Injection
Posted Jul 5, 2011
Authored by Bl4ck.Viper

a-Tech suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 421d2e11992e003d069df03832ed887636c5e0d501ea09670c5ddbf891fa21ff
Open-Realty 3.1.5 Cross Site Scripting / SQL Injection
Posted Jul 5, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Open-Realty version 3.1.5 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | e0bc18dbde6cc2bf1528cf84d03fe9e43b02f03c04a394af0f07f2ad8bb0950c
Apple Mac OS X ImageIO TIFF Integer Overflow
Posted Jul 5, 2011
Authored by Dominic Chell | Site ngssoftware.com

A heap overflow is caused by a signedness vulnerability within copyImageBlockSetTiff(). The crash occurs within any application using the framework, including Preview, QuickLook, Safari and Mail.

tags | advisory, overflow
SHA-256 | 147af24c2d70bdedd1b38ad38463143eddc00aaf8190e135935aa9b337388a4a
Mac OS X 10.6.6 Camera Raw Library Memory Corruption
Posted Jul 5, 2011
Authored by Paul Harrington | Site ngssecure.com

A corrupt Canon Camera RAW file (.CR2) can cause a crash in the RawCamera library. This affects viewing files in both the Preview.app application or via Quick Look. Mac OS X 10.6.6 with RawCamera.bundle versions prior to 3.6 are affected.

tags | advisory
systems | apple, osx
SHA-256 | bfa974140fd1bf14906e974ca1afd9e9e4884f61c2b178a9aa19ede528e993e7
Cisco VPN Client Privilege Escalation
Posted Jul 5, 2011
Authored by Gavin Jones | Site ngssecure.com

The 64 Bit Cisco VPN Client for Windows 7 is affected by a local privilege escalation vulnerability that allows non-privileged users to gain administrative privileges.

tags | advisory, local
systems | cisco, windows
SHA-256 | 08f5570d4c6be54c002cfa145af36178430faf32f06ff0356ead9ce97f74e70d
Apple Mac OS X ImageIO TIFF Heap Overflow
Posted Jul 5, 2011
Authored by Dominic Chell | Site ngssoftware.com

Dominic Chell of NGS Secure has discovered a High risk vulnerability in Mac OS X ImageIO. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | apple, osx
advisories | CVE-2011-0204
SHA-256 | 215fdcdc27bc0af91ed31034d3dcfaac9d2c8dc0daf9e1f8e21a6270bff6a628
Adobe Reader 5.1 XFDF Buffer Overflow
Posted Jul 5, 2011
Authored by extraexploit

Adobe Reader version 5.1 XFDF buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2004-0194
SHA-256 | ae8711f6100a886b8ad9d69109dcdeffc8d7f2351b0bb884eeed4152a0e596d9
Word Builder 1.0 (DIC File) Stack Buffer Overflow
Posted Jul 5, 2011
Authored by James Fitts, h1ch4m | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in Word Builder 1.0. An attacker must send the file to the victim and the victim must open the file.

tags | exploit, overflow
SHA-256 | 4f09a8ce134a573e331adcdbf613031d7114055b816c39ca90f77e2dcf04af54
WordTrainer v3.0 (ORD File) Stack Buffer Overflow
Posted Jul 5, 2011
Authored by James Fitts, C4SS!0 G0M3S | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in WordTrainer v3.0. An attacker must send the file to the victim and the victim must open the file.

tags | exploit, overflow
SHA-256 | 4b130c06b595a1aebefacbea1f6ece05881fbb447f2e8142076d4f04b9a70ea4
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close