exploit the possibilities
Showing 26 - 50 of 60 RSS Feed

Files Date: 2012-01-18 to 2012-01-19

PhpBridges Blog System SQL Injection
Posted Jan 18, 2012
Authored by 3spi0n

PhpBridges Blog System suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6362e761a3586ec32fcd239bedab9ed73acf99f59a8a9d5079bea3ffc10b29a5
Proof Cast Design SQL Injection
Posted Jan 18, 2012
Authored by 3spi0n

Proof Cast Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c7160db5a99b1b8e10a47a35d9382ea3a0b50351d712bdc34ac8a8ff1520e97a
Studio Manolibera - Milano SQL Injection
Posted Jan 18, 2012
Authored by 3spi0n

Studio Manolibera - Milano suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7259516f8bb4ecfe43682a310a6341d813dedbb6ad827a0e60f4a937b57f03c0
Secunia Security Advisory 47519
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Jenkins, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | c5fdc2c62c9e031ab454c0a9cd113983ea93ad449ed880dd8104c79bd9aad431
Secunia Security Advisory 47558
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in 7-Technologies Interactive Graphical SCADA System, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 33f5a27ba8dbd29615d82eab8eb6300acff39e27f0a95ed4397432f577cfae51
Secunia Security Advisory 47606
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged two weaknesses and two vulnerabilities in IBM HTTP Server, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

tags | advisory, web, denial of service, local, vulnerability
SHA-256 | 2f642bb39ebeaf489a9e22d9b02cc0c34484d225ef269fb3b1703c2fb0a8b488
Secunia Security Advisory 47548
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in spamdyke, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | efac53de21f852fdea9c94cd26dd2803f5ac4490230025b58458b3d634d9b531
Secunia Security Advisory 47601
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for openssl. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, suse
SHA-256 | adfde16518df240db88e2d47cbad314bbea2ff4fdc8f934f199bbf74db4e381f
Secunia Security Advisory 47557
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Application Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | bc89a8809225bdece16bf8572ae0f9316cfe4931bbc4c668f6103c986fa02f2b
Secunia Security Advisory 47607
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for OpenSSL. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, suse
SHA-256 | ef645393fac490d603dae54567e2a0cfd6d8ac20860f10b2af276d183694d154
Secunia Security Advisory 47597
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefan Schurtz has discovered some vulnerabilities in ATutor, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 2fd5b2d3baff5e98cd1607e4996f3e5326c9101aee3a0a2a5a5d007f5ed4d990
Secunia Security Advisory 47595
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefan Schurtz has discovered a vulnerability in Beehive Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 990f3d14a201be92b14663857490dde7ad569ab44a4aacfba377bd38b2647160
Secunia Security Advisory 47560
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has discovered two vulnerabilities in Rockwell Automation products, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 4ef215ff363ed34f797770def2d9abb67d7a3458ed8f76add09d003c49a300ca
Secunia Security Advisory 47565
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in IBM SPSS Data Collection, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 2caaaffe9b1a3f1bd4c4d227dbca52e5912ab8b76997fb6160398679886fd6b3
Secunia Security Advisory 47563
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Gamebase addon for deV!L'z Clanportal, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 95afebcc57615fdd4c484442dbdaee3b1c683ac015091545b78fff917e7b375d
Secunia Security Advisory 47530
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in pGB, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | cd2ed817d066d3759e378bbd873b0f6625affae1613c41563e5074fc31c916ff
Secunia Security Advisory 47509
Posted Jan 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in AccessData Forensic Toolkit, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | b2d034d96d2ec4be550f57d8bdbea049f609e4a3a06aac5c40df361f0cfe3030
HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution
Posted Jan 18, 2012
Authored by Andrea Micalizzi, juan vazquez | Site metasploit.com

This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "CacheDocumentXMLWithId" method from the "XMLCacheMgr" class in the HP Easy Printer HPTicketMgr.dll ActiveX Control (HPTicketMgr.dll 2.7.2.0). Code execution can be achieved by first uploading the payload to the remote machine embedding a vbs file, and then upload another mof file, which enables Windows Management Instrumentation service to execute the vbs. Please note that this module currently only works for Windows before Vista.

tags | exploit, remote, arbitrary, code execution, activex
systems | windows
advisories | CVE-2011-4786
SHA-256 | c66cbdd79894baf457dc97ef60cf3e98f8679bc1cdd968b80f389d4705ee544f
BS.Player 2.57 Buffer Overflow Exploit (Unicode SEH)
Posted Jan 18, 2012
Authored by Chris Gabriel, C4SS!0 G0M3S | Site metasploit.com

This Metasploit module exploits a buffer overflow in BS.Player 2.57. When the playlist import is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.

tags | exploit, overflow, arbitrary, code execution
SHA-256 | 68ebe76c4a4336498d6613a83e8970ae062cd723584b5b6e76c16784d938d326
McAfee SaaS MyCioScan ShowReport Remote Command Execution
Posted Jan 18, 2012
Authored by rgod, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in McAfee Security-as-a-Service. The ShowReport() function (located in the myCIOScn.dll ActiveX component) fails to check the FileName argument, and passes it on to a ShellExecuteW() function, therefore allows any malicious attacker to execute any process that's on the local system. However, if the victim machine is connected to a remote share (or something similar), then it's also possible to execute arbitrary code. Please note that a custom template is required for the payload, because the default Metasploit template is detectable by McAfee -- any Windows binary, such as calc.exe or notepad.exe, should bypass McAfee fine.

tags | exploit, remote, arbitrary, local, activex
systems | windows
advisories | OSVDB-78310
SHA-256 | debeb437470fa8e3b3a3c92cf587bcdbed8db74bfac9bf2f8a818ac7dc6ffb9d
Linux Search Shellcode
Posted Jan 18, 2012
Authored by rigan

This shellcode writes down your code in the end of found files. Your code will be added only .html and .php files. Search for files is carried out recursively.

tags | php, shellcode
SHA-256 | 8c618ade2e8e0d28c057139097aaa69a682f6fa5ffedd4dac01f8f3adfba7245
Linux IGMP Remote Denial Of Service
Posted Jan 18, 2012
Authored by Kingcope, Ben Hutchings, Firestorm

Remote Linux IGMP denial of service exploit for a vulnerability introduced in kernel 2.6.36.

tags | exploit, remote, denial of service, kernel
systems | linux
advisories | CVE-2012-0207
SHA-256 | 3f774420cceb820eadca2d64adb8e8aef38d2ecaaf08171ea9586e48b2e73616
EMC SourceOne Web Search Sensitive Information Disclosure
Posted Jan 18, 2012
Site emc.com

EMC SourceOne Web Search contains a vulnerability that may, under certain circumstances, log sensitive user credential information in plain text to the OS log of the web server. This can potentially be exploited by an unprivileged user with access to log information to gain access to the protected SourceOne components.

tags | advisory, web
advisories | CVE-2011-4142
SHA-256 | a20358ddd82913b5ef03b2c91d8ddbc986fe4b397263b780c91a7e8644021396
Ubuntu Security Notice USN-1333-1
Posted Jan 18, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1333-1 - Steve Manzuik discovered that Libav incorrectly handled certain malformed Matroska files. If a user were tricked into opening a crafted Matroska file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 11.04. Phillip Langlois discovered that Libav incorrectly handled certain malformed QDM2 streams. If a user were tricked into opening a crafted QDM2 stream file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-3504, CVE-2011-4351, CVE-2011-4352, CVE-2011-4353, CVE-2011-4364, CVE-2011-4579
SHA-256 | d72c0cb6ecb9c5d8aee62bb0bd3a0486372898d42b6c4fd7b02edaeee790870f
Apache Tomcat Large Number Denial Of Service
Posted Jan 18, 2012
Authored by Mark Thomas | Site tomcat.apache.org

Apache Tomcat versions 7.0.0 through 7.0.22, 6.0.0 through 6.0.33 and 5.5.0 through 5.5.34 suffer from a denial of service vulnerability. Analysis of the recent hash collision vulnerability identified unrelated inefficiencies with Apache Tomcat's handling of large numbers of parameters and parameter values. These inefficiencies could allow an attacker, via a specially crafted request, to cause large amounts of CPU to be used which in turn could create a denial of service. The issue was addressed by modifying the Tomcat parameter handling code to efficiently process large numbers of parameters and parameter values.

tags | advisory, denial of service
advisories | CVE-2011-0022
SHA-256 | 91683493631ac17694efb967a6ef7a95ecd52cfe845509e1adf11897be5f34ba
Page 2 of 3
Back123Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close