exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 55 RSS Feed

Files Date: 2011-08-16 to 2011-08-17

Code Widgets Pop-Over Login Form SQL Injection
Posted Aug 16, 2011
Authored by L0rd CrusAd3r

Code Widgets Pop-Over Login Form suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | bdbf462c572d42d18b0dbe4c745bb4ef7bf3a9d17183ba7556dd3c0e21d31c13
ECHO Creative Company SQL Injection
Posted Aug 16, 2011
Authored by Ehsan_Hp200

ECHO Creative Company suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d12d5178f1c5b9a32f7a2e80b85bafaafa5af143bccdcffec03c47d53bfabaa0
Asotomotiv SQL Injection
Posted Aug 16, 2011
Authored by Skote Vahshat

Asotomotiv suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 35990f3fecfba45e3c1a57d47a5bdc5b7f525f0554b783a33e33d6501648f584
Red Hat Security Advisory 2011-1163-01
Posted Aug 16, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1163-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update includes backported fixes for two security issues. These issues only affected users of Red Hat Enterprise Linux 5.6 Extended Update Support, as they have already been addressed for users of Red Hat Enterprise Linux 5 in the 5.7 update, RHSA-2011:1065. A flaw was found in the way the Xen hypervisor implementation handled instruction emulation during virtual machine exits. A malicious user-space process running in an SMP guest could trick the emulator into reading a different instruction than the one that caused the virtual machine to exit. An unprivileged guest user could trigger this flaw to crash the host. This only affects systems with both an AMD x86 processor and the AMD Virtualization extensions enabled.

tags | advisory, x86, kernel
systems | linux, redhat
advisories | CVE-2011-1780, CVE-2011-2525
SHA-256 | 303a3ecb417ff2aea1d5fb21e19aaeb2898de66ab0083338f682f82189a3a67d
Comfortsuite SQL Injection
Posted Aug 16, 2011
Authored by Skote Vahshat

Comfortsuite suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c730dcc146ed1d629caa2c01e54a623f96cb767bd6a3ad8a533d70a9d67e3f85
Secunia Security Advisory 45629
Posted Aug 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for dhcp. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 1b5c1464e4e0c7d6eba971c081e4f9f4d95d184c75f133501077c22155d5f6ef
Secunia Security Advisory 45533
Posted Aug 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux
SHA-256 | 1102350095e406b75170661cdfded51007712d3a01ff4bb828762fa9f02e749b
Secunia Security Advisory 45639
Posted Aug 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for dhcp3. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
SHA-256 | 9b91216883d4513d88b450f85117250023f1b12cd8262fbd0d4c94d8c50c51c4
Secunia Security Advisory 45573
Posted Aug 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in MarkLogic Server, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | e43d3528289079947fda94471f06a7e367f77a1447b0842327231ea670638975
Secunia Security Advisory 45638
Posted Aug 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libxfont. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, ubuntu
SHA-256 | dbbdadd58aaf5425ac9fdba10d62f4a07ced0604e99c479fb4c0e36c778176c0
Secunia Security Advisory 45571
Posted Aug 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Prediction Football, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | b21978370a15de88e6747a7eb7bd3a77a92c6a75da9f65b4038e0b2e2bd6c252
Secunia Security Advisory 45630
Posted Aug 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.4.2-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 5e7dba1a5624b297953ba30a367b2fd35f2bff844ec15b920c1d25ee7876bbb9
Secunia Security Advisory 45604
Posted Aug 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Fofou, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | fd11ad7d8aaa9bc0dfa62cd5b04ddb6a8ba15f55de945f0824a18a91dc02e315
Secunia Security Advisory 45614
Posted Aug 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Kolay PageRank Sorgulama Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 46f2a1aa54c6cac15fcbc0782637f82892c898beab747e3260a3ea6de734b962
Secunia Security Advisory 45625
Posted Aug 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Aipo and Aipo ASP, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection, asp
SHA-256 | c501c6764d01ebcb985747c523d7ccb08fac485faff6d9af378a90fd48534a08
Secunia Security Advisory 45628
Posted Aug 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.

tags | advisory
systems | linux, redhat
SHA-256 | 55bafa007a77a66691c38d933db8d977316248403a6c8e97581f2534a5c2c881
Secunia Security Advisory 45642
Posted Aug 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two weaknesses have been discovered in NetSaro Enterprise Messenger, which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
SHA-256 | 0ec510e8c8447bf9d4530afe5205f79b5e2a0d52def23dbe84bacee38176c48b
Flash Cookies And Privacy II: Now With HTML5 And ETag Respawning
Posted Aug 16, 2011
Authored by Nathaniel Good, Mika D. Ayenson, Chris Jay Hoofnagle, Ashkan Soltani, Dietrich J. Wambach

Whitepaper called Flash Cookies And Privacy II: Now With HTML5 And ETag Respawning. This is a follow-up study that reassesses the flash cookie landscape and examines a new tracking vector, HTML5 local storage, and cache-cookies via ETags.

tags | paper, local
SHA-256 | d034027c4b2e69e75390f976a780e8fc1fab1ac887010dcf7e3bc3bc82d11ac4
NetSaro Enterprise Messenger Server Plaintext Password Storage
Posted Aug 16, 2011
Authored by Rob Kraus | Site solutionary.com

A vulnerability exists in the NetSaro Enterprise Messenger Server application allowing an attacker to obtain access to plaintext usernames and passwords. The stored passwords are used to authenticate users running the NetSaro Enterprise Client connecting to the server. This is a second level attack that requires access to the password files stored within the application root directory. An attacker who has previously compromised the host operating system or gained direct access to the NetSaro.fdb database file found in the "NetSaro Enterprise ServerDb" directory can obtain the user credentials using readily available tools.

tags | advisory, root
SHA-256 | 5cbcfb103f656ef50499195011ab3f297cb4532d146aa664ccd91c09612fe813
Red Hat Security Advisory 2011-1161-01
Posted Aug 16, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1161-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. These packages provide both the FreeType 1 and FreeType 2 font engines. A buffer overflow flaw was found in the way the FreeType library handled malformed font files compressed using UNIX compress. If a user loaded a specially-crafted compressed font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat, unix
advisories | CVE-2011-2895
SHA-256 | 04ed50d2699e967580278e471ecab2dc7b5369ea394c6249975889b8aeb7bf76
PHP Vulnerability Hunter 1.1.3.1
Posted Aug 16, 2011
Authored by AutoSec Tools | Site autosectools.com

PHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.

tags | arbitrary, local, php, vulnerability, file inclusion, fuzzer
SHA-256 | add28806781ecf08f8b6dd125cf3fe1ef7b0857f91e72062ae1768273680e1fe
EvilQR - When QR Code Goes Bad
Posted Aug 16, 2011
Authored by Chilik Tamir | Site appsec-labs.com

Whitepaper called EvilQR – When QR Code Goes Bad . This is a security assessment of mobile QR readers.

tags | paper, java
SHA-256 | 7b3b37a824d45432f4d5dca8cf6fa59589898640f214c2a42d3938d5a4f243fd
Surge-FTP 23b6 Cross Site Scripting
Posted Aug 16, 2011
Authored by Houssam Sahli

Surge-FTP version 23b6 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | c4cac949fe0724969f92b678d5000ab08b6fa1d2d6bd11b348a7070098990d47
Elgg 1.8 beta2 SQL Injection
Posted Aug 16, 2011
Authored by Lostmon | Site lostmon.blogspot.com

Elgg version 1.8 beta2 and versions prior to 1.7.11 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c950639fc029e83218a2070a2423cbfcde8e8fa6a471276241db1b8f809a07dc
NetSaro Enterprise Manager Server Weak Cryptographic Storage
Posted Aug 16, 2011
Authored by Rob Kraus | Site solutionary.com

A vulnerability exists in the NetSaro Enterprise Messenger Server application allowing an attacker to easily decrypt passwords used to authenticate to the application. The application implements Base64 encoding to obfuscate the values of plaintext passwords used for logging into the server administration console. This is a second level attack that requires access to the password files stored within the application root directory. An attacker who has previously compromised the host operating system or achieved direct access to the configuration.xml file found in the "NetSaro Enterprise Server" directory can obtain the encoded user credentials and decrypt them using readily available Base64 decoding tools.

tags | advisory, root
SHA-256 | 1e5e9c85c5226e719db82524ba8e52dd4a1526c77d534b61ca30a522f9e623ab
Page 2 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close