exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 53 RSS Feed

Files Date: 2011-09-13 to 2011-09-14

Microsoft WINS Service 5.2.3790.4520 Memory Corruption
Posted Sep 13, 2011
Authored by Luigi Auriemma | Site aluigi.org

Microsoft WINS service versions 5.2.3790.4520 and below suffer from a memory corruption vulnerability.

tags | exploit
SHA-256 | 84385a490b727e9d04e9626854b82614cbe512ecafb6f93a84f0f8991c067a96
FortiMail Messaging Security Appliance 4.0 Cross Site Scripting
Posted Sep 13, 2011
Authored by Stefan Schurtz

FortiMail Messaging Security Appliance version 4.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | be546ae6f0c8d5fa8dbeae37a31bcb5ee98757b246b536fc5a2faf03ab620c4f
Core Security Technologies Advisory 2011.0526
Posted Sep 13, 2011
Authored by Core Security Technologies, Nicolas A. Economou | Site coresecurity.com

Core Security Technologies Advisory - A security vulnerability was discovered in the Windows Internet Name Service (WINS). The vulnerability could allow elevation of privilege if a user receives a specially crafted WINS replication packet on an affected system running the WINS service. An attacker must have valid logon credentials and be able to log on locally in order to exploit this vulnerability.

tags | exploit
systems | windows
advisories | CVE-2011-1984
SHA-256 | 63a99e0648400fc4a825807649566b16a5329ecd24004648e3f3de7fcc0edde8
Red Hat Security Advisory 2011-1282-01
Posted Sep 13, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1282-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority issued fraudulent HTTPS certificates. This update renders any HTTPS certificates signed by that CA as untrusted. This covers all uses of the certificates, including SSL, S/MIME, and code signing.

tags | advisory, web
systems | linux, redhat
SHA-256 | a884a607ae27878afcfbd52fadabd7a11a89958104794a34bd7e1ee987079abe
Procyon Core Server HMI 1.13 Buffer Overflow
Posted Sep 13, 2011
Authored by Knud Erik Hojgaard, mr_me | Site metasploit.com

This Metasploit module exploits a vulnerability in the coreservice.exe component of Proycon Core Server versions 1.13 and below. While processing a password, the application fails to do proper bounds checking before copying data into a small buffer on the stack. This causes a buffer overflow and allows it to overwrite a structured exception handling record on the stack, allowing for unauthenticated remote code execution. Also, after the payload exits, Coreservice.exe should automatically recover.

tags | exploit, remote, overflow, code execution
advisories | CVE-2011-3322, OSVDB-75371
SHA-256 | 6b02358e406abc5384ec6cc6943c4b62bf2bebc540cf1b912151572b9b5615e2
La Poste FR Website Local File Inclusion
Posted Sep 13, 2011
Authored by Alexander Fuchs, Vulnerability Laboratory | Site vulnerability-lab.com

La Poste FR Website suffers from a local file inclusion vulnerability.

tags | advisory, local, file inclusion
SHA-256 | 2a168f784c9464df5bb15e19a372edbdac4d31039925360d71f5cf61a759807f
La Poste FR Website SQL Injection
Posted Sep 13, 2011
Authored by Alexander Fuchs, Chokri Ben Achor, Vulnerability Laboratory | Site vulnerability-lab.com

La Poste FR Website suffers from multiple remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, sql injection
SHA-256 | 7c8e34b62e4ba7fd750f0084274abb7e5f8b0698ecf0711af8f650dfbda886cb
Barack Obama Website Service Mail Spoof
Posted Sep 13, 2011
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Barack Obama Website Service suffers from an input validation vulnerability that allows for manipulation of mails from info@barackobama.com.

tags | advisory
SHA-256 | aff76b30114d96a540f6ee6845fbdec7314be58af23fce558803643e14e5b451
FBI Jobs Center Website Cross Site Scripting
Posted Sep 13, 2011
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

FBI Jobs Center Website suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 3abb1ead492c78b9457df4f09133c25846f197813da7e63fa40db9ce2a818de7
FortiAnalyzer Appliance Cross Site Scripting
Posted Sep 13, 2011
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

FortiAnalyzer Appliance suffers from cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | c0e3048326f3314f8001e5a5642d92e40a25d98ed6db5d39e9a82a38198bc72f
GeoVision DVR Remote View Session Fixation
Posted Sep 13, 2011
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

GeoVision DVR Remote View suffers from a session fixation vulnerability.

tags | advisory, remote
SHA-256 | f04da1deb03e3114795c239f85ef99722474d30bc05424836a67cd05331dcb7a
Argus Surveillance DVR 2.3 / 4.x Cross Site Scripting
Posted Sep 13, 2011
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Argus Surveillance DVR versions 2.3 and 4.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | da784bc012cf322758517e53752c04359280bad3f4d550294f5bc1439906a0f1
Google SketchUp 8.x Memory Corruption
Posted Sep 13, 2011
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Google SketchUp version 8.x suffers from a memory corruption vulnerability when processing malformed DAE files.

tags | advisory
SHA-256 | 3411767536cf9d6b2fb7141188de04b80de60ea989af8ff7a0b822590f2074a8
Using QR Tags To Attack Smart Phones
Posted Sep 13, 2011
Authored by Augusto Pereyra

Whitepaper called Using QR Tags to Attack Smart Phones (Attaging). It discusses the threatscape related to arbitrary scanning of these tags and using Metasploit to exploit them.

tags | paper, arbitrary
SHA-256 | 5aeb974041271775d2797f33f606f42ebe41ac2480ecbba6cd286c2ec7fba100
YouGetSignal.com Cross Site Scripting
Posted Sep 13, 2011
Authored by Silic0n

YouGetSignal.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 34bf13ec227983c6394fc8060dbd73bf805c842f30fefb4921e8536455eb2050
Hook Analyser Malware Tool
Posted Sep 13, 2011
Authored by Beenu Arora | Site hookanalyser.blogspot.com

Hook analyser is a hook tool which can be potentially helpful in reversing applications and analysing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer.

SHA-256 | 5c11c01a960f568a12c3f67e3d3a95b84fe85db2801fc75ceaea8e5ad67ce77d
dotProject 2.1.5 SQL Injection
Posted Sep 13, 2011
Authored by sherl0ck_

dotProject version 2.1.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 72adfd5adfa50ebc3ab3d5d1b82701adfe9057bb3be66bdaa0e8df3fc5a84fe1
Secunia Security Advisory 45975
Posted Sep 13, 2011
Site secunia.com

Secunia Security Advisory - SUSE has issued an update for cyrus-imapd. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system.

SHA-256 | ce8413382f7685bb6e016daa8adae3df156da735252be165b4b29073099bcdd7
Secunia Security Advisory 45950
Posted Sep 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in ScadaTec ModbusTagServer and ScadaTec ScadaPhone, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 21828bb4c1318143fa873847f650747346c3db318c835a0d3af1863502b709bf
Secunia Security Advisory 45980
Posted Sep 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in PlantVisor Enhanced, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 3e2a6423fd0d51c70b885f808e0ae34f9d955e6071f246b75b9b96b65be4467d
Secunia Security Advisory 45988
Posted Sep 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in EMC Avamar, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | 66016be58a440c209facade213ddf273a159104aaa1d7e0316e17b24a857c9fc
Secunia Security Advisory 45998
Posted Sep 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has discovered a vulnerability in the HB-Cumulus plugin for Habari, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | e44b4f499d4c9f4d48a0ca7499c3cf87803f418e73e558676ce4a5121689cbe8
Secunia Security Advisory 45961
Posted Sep 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for mantis. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information and by malicious users to compromise a vulnerable system.

tags | advisory, vulnerability, xss
systems | linux, debian
SHA-256 | b7239b6c4e769843041672d71baf072c50f67fc4b84e0b0b7d70b0407e5491e9
Secunia Security Advisory 45969
Posted Sep 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in Movicon, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | a795c24794f61fd294a083d207eb76d0cf96f1945cc53504c35231286259d4e3
Secunia Security Advisory 45975
Posted Sep 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for cyrus-imapd. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
systems | linux, suse
SHA-256 | ce8413382f7685bb6e016daa8adae3df156da735252be165b4b29073099bcdd7
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close