exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 37 of 37 RSS Feed

Files Date: 2011-07-14 to 2011-07-15

Secunia Security Advisory 45244
Posted Jul 14, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Xmap component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 4ad827d7506e3fc9d3e1ea56f21dcab4ecb74d2d7e0c363357b7c0ad42f06384
Secunia Security Advisory 45209
Posted Jul 14, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in PG Newsletter, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | bff7b9250d632d13d086411613b6593b56532d4531b9625bc3c75eedeac1ca53
Tenshi Log Monitoring Program 0.13
Posted Jul 14, 2011
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: Added threshold feature for discarding logs with count below specified value. Fixed broken queue flushing on exit. Various other improvements.
tags | system logging
systems | unix
SHA-256 | a0b9e0ca95eec52b9bbf0c29529435da64af9b3dfa943dbeca0cd77bf223edf2
Ubuntu Security Notice USN-1167-1
Posted Jul 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1167-1 - Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Dan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local, root, protocol
systems | linux, ubuntu
advisories | CVE-2010-3859, CVE-2010-3874, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4158, CVE-2010-4162, CVE-2010-4163, CVE-2010-4164, CVE-2010-4165, CVE-2010-4169, CVE-2010-4175, CVE-2010-4243, CVE-2010-4248, CVE-2010-4249, CVE-2010-4256, CVE-2010-4258, CVE-2010-4342, CVE-2010-4346, CVE-2010-4527, CVE-2010-4529, CVE-2010-4565, CVE-2010-4649, CVE-2010-4668, CVE-2011-0463, CVE-2011-0521, CVE-2011-0695
SHA-256 | 8526a398ece12352476245b529d050abf1036c6d1dbd6b2e79564438cb5f197c
Arachni Web Application Security Scanner Framework 0.2.4
Posted Jul 14, 2011
Authored by Tasos Laskos | Site arachni.segfault.gr

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process. Unlike other scanners, Arachni takes into account the dynamic nature of web applications and can detect changes caused while travelling through the paths of a web application's cyclomatic complexity. This way attack/input vectors that would otherwise be undetectable by non-humans are seamlessly handled by Arachni.

Changes: HTTP 10s timeout implemented. CLI now allows report generation in mid-scan. WebUI updates.
tags | tool, web, scanner, ruby
systems | unix
SHA-256 | df5eb52282bc9cda9dccf0b49d00bc607b71300cc080cc1a667823a19d6f4889
TCExam 11.2.011 SQL Injection
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

TCExam versions 11.2.011 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 914e1468f043c743fbcb3539d34a062ed28fec35ba1be0ed6dab33cd0deb9e05
Torque Server Buffer Overflow
Posted Jul 14, 2011
Authored by Adam Zabrocki, Bartlomiej Balcerek, Maciej Kotowicz

Torque Server versions prior to 2.4.1.4 and 3.0.[0,1] suffer from a buffer overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2011-2193
SHA-256 | d42dea2627d928ed2511106108e44d93bc90572f0feebc4a43a5e9fbfbcc8c7b
Ubuntu Security Notice USN-1161-1
Posted Jul 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1161-1 - Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. Various other issues were also addressed.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-3881, CVE-2011-1017, CVE-2011-1090, CVE-2011-1163, CVE-2011-1494, CVE-2011-1495, CVE-2011-1593, CVE-2011-1598, CVE-2011-1745, CVE-2011-1746, CVE-2011-1747, CVE-2011-1748, CVE-2011-1770, CVE-2011-2022
SHA-256 | 7fa90836e44442172cf8b1b95f7fecc0dda61b8fd76a598bf22b7b31c19adb0b
Openslaed 1.2 Remote Shell Upload
Posted Jul 14, 2011
Authored by eidelweiss

Openslaed version 1.2 remote shell upload exploit.

tags | exploit, remote, shell
SHA-256 | f958405e55ca4fd70ead2309add9fa2c4402678aaee4dae8a0db1c250d66e191
TCExam 11.2.011 Cross Site Scripting
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

TCExam versions 11.2.011 and below suffer from multiple pre and post auth cross site scripting vulnerabilities when parsing user input to multiple parameters via GET and POST method in multiple scripts. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary, vulnerability, xss
SHA-256 | 124989b21ffded644a3bd7fb5253e0bf4a9f3a0f8cf17bb80608ab44fd14748f
Ubuntu Security Notice USN-1169-1
Posted Jul 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1169-1 - William Grant discovered that APT incorrectly validated inline GPG signatures. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2011-1829
SHA-256 | 150a4d5e8373a702f1e498d0038f36ca9c06e6efaa0ad13e86d4ab73f648a48d
Ubuntu Security Notice USN-1159-1
Posted Jul 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1159-1 - Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec() calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not correctly handle certain configurations. If such a device was configured without VLANs, a remote attacker could crash the system, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4243, CVE-2010-4263, CVE-2010-4342, CVE-2010-4529, CVE-2010-4565, CVE-2011-0463, CVE-2011-0695, CVE-2011-0711, CVE-2011-0726, CVE-2011-1013, CVE-2011-1016, CVE-2011-1017, CVE-2011-1019, CVE-2011-1090, CVE-2011-1163, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1173, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495, CVE-2011-1593, CVE-2011-1598, CVE-2011-1745, CVE-2011-1746, CVE-2011-1747, CVE-2011-1748
SHA-256 | b846a972a635d2f4929093c13ed01b597ac9a45ad66ad9a96e3d4bd83abe9d31
Page 2 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close