what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

Broadcom UPnP Remote Preauth Root Code Execution
Posted Jan 31, 2013
Authored by Leon Juranic, DefenseCode, Vedran Kajic

A critical security vulnerability that allows a remote unauthenticated attacker to remotely execute arbitrary code under root privileges has been discovered in Broadcom's UPnP software.

tags | exploit, remote, arbitrary, root
SHA-256 | a9af7d158bb390ad756245dc9d569c020c94e28b5576407cf6cf4b7fe4378cd8

Related Files

Tor Browser 7.0.8 IP Address Leak
Posted Nov 3, 2017
Authored by Filippo Cavallarin

TorBrowser versions 7.0.8 and below for Mac OS X and Linux are affected by a critical security issue. According to the Tor Project, further details will be released in the near future. Due to a Firefox bug in handling file:// URLs it is possible on both systems that users leak their IP address. Once an affected user navigates to a specially crafted web page, the operating system may directly connect to the remote host, bypassing Tor Browser.

tags | advisory, remote, web
systems | linux, apple, osx
SHA-256 | 98ad8fa1e2be0c10bbbb3b46fcb9cb4ff3e65dec0ce7c05e95e2dbb0691343c0
VMware Security Advisory 2016-0004
Posted Apr 15, 2016
Authored by VMware | Site vmware.com

VMware Security Advisory 2016-0004 - VMware vCenter Server, vCloud Director (vCD), vRealize Automation (vRA) Identity Appliance, and the Client Integration Plugin (CIP) updates address a critical security issue.

tags | advisory
advisories | CVE-2016-2076
SHA-256 | bd56155a16a9898620437b43f01ad1f323acba62d3f1fc3b322b4be0caad980b
HP Security Bulletin HPSBMU03190 1
Posted Nov 12, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03190 1 - A potential security vulnerability has been identified with HP Helion Cloud Development Platform Community Edition and HP Helion Cloud Development Platform Commercial Edition. The vulnerability could be exploited remotely to allow Unauthenticated access. Note: On October 28, 2014, HP identified a critical security vulnerability in the v1.0 release of the HP Helion Development Platform. The vulnerability is in our Application Lifecycle Service (ALS) and requires immediate attention. Vulnerability background: During the development process, valid user and host security keys were unintentionally left on the ALS Seed Node image. These keys are thus universal on all virtual machines created using the ALS Seed Node image. If an attacker has a virtual machine (VM) created from the ALS seed node image, they could potentially use that VM to connect (without giving a password) to any other VM in any ALS cluster (including ones the attacker does not own) if the attacker obtains a valid cluster VM IP address and the cluster was created with an ALS seed node image containing the vulnerability. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-7878
SHA-256 | 38dde2ca0ee61192adb6609d5eba20d0a98df126cf600057924d3e3c114e5f51
VMware Security Advisory 2009-0006
Posted Apr 11, 2009
Authored by VMware | Site vmware.com

VMware Security Advisory - Updated VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability. A critical vulnerability in the virtual machine display function might allow a guest operating system to run code on the host.

tags | advisory
advisories | CVE-2009-1244
SHA-256 | ded0d04acbe4c8b889c0e5575d735098c83e86bfdfa2bfcf6b60809b3bf1577e
VMware Security Advisory 2008-0019
Posted Dec 4, 2008
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2.

tags | advisory
advisories | CVE-2008-4917, CVE-2008-1372
SHA-256 | 31c6abc34ab54b63be1f222d1e69ab8c92a9f8ac0630c89314450bdf34c106c2
winntcomp.txt
Posted Jan 4, 2007
Authored by sapheal

A critical security vulnerability has been found in the Windows NT Message compiler. Arbitrary code execution might be possible.

tags | advisory, arbitrary, code execution
systems | windows
SHA-256 | 24b0f5f728cee15387b8047715df914ab990567e58c6afa386a553921a92bc84
freeradius113.txt
Posted Jan 3, 2007
Authored by sapheal

A critical security vulnerability has been found in FreeRadius version 1.1.3. Arbitrary code execution is possible due to improper bounds-checking.

tags | advisory, arbitrary, code execution
SHA-256 | ef790c0434ea07cb947825b2c0788c76495d888a8818315d76eb07a0583c5e04
SUSE-SA-2006-015.txt
Posted Mar 21, 2006
Site suse.com

SUSE Security Announcement - SUSE-SA:2006:015 - A critical security vulnerability has been identified in the Adobe Macromedia Flash Player that allows an attacker who successfully exploits these vulnerabilities to take control of the application running the flash player.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | f186d9f33539a24b0938e1c3428dc4538701eb0fa381bcf2354d6acba542c975
dc_metacart_sqling.txt
Posted May 7, 2005
Authored by Diabolic Crab | Site hackerscenter.com

Multiple SQL injection vulnerabilities in metacart2 for payflow. Example exploit URL included in advisory.

tags | exploit, vulnerability, sql injection
SHA-256 | 91a62b15583088eafdf55e57ac53a4580189ef41a7ca845c6184ff7996ea6447
dc_metabid_sqlinj.txt
Posted May 7, 2005
Authored by Diabolic Crab | Site hackerscenter.com

Metabid contains multiple SQL injection vulnerabilities. Username / Password verification can be bypassed via SQL injection, and more issues exist. Advisory contains example exploit URL.

tags | exploit, vulnerability, sql injection
SHA-256 | 67ee02e0b5694b14f0011efc0a8cb3134f865a21e9fd86180e92abd4be94ca7a
dc_BKForum_4.txt
Posted May 7, 2005
Authored by Diabolic Crab | Site digitalparadox.org

BK Forum v.4 is vulnerable to multiple SQL injection vulnerabilities. Advisory includes example exploit URL.

tags | advisory, vulnerability, sql injection
SHA-256 | 88e22bd5f279a93f88df060dd312cb550288bf0e52da84bda4720bf69379b432
dc_phpbb_xss_sql.txt
Posted Apr 19, 2005
Authored by Diabolic Crab | Site digitalparadox.org

Multiple SQL injection and Cross-site Scripting issues in phpBB versions 1.52 and below. Example exloit URLs included in advisory.

tags | exploit, xss, sql injection
SHA-256 | 9ed61fb9b6bddef6a6fbcc172a966e32b1952757835f428dc9b3ec91afbb9023
dcrab-e-xoops.txt
Posted Mar 28, 2005
Authored by Diabolic Crab | Site icis.digitalparadox.org

Easy Community Management System Forum (E-XOOPS) contains multiple SQL injection and cross-site scripting vulnerabilities. Some of these may not be exploitable depending on how PHP, Apache, and MySQL have been configured. Advisory contains proof-of-concept exploit URLs.

tags | exploit, php, vulnerability, xss, sql injection
SHA-256 | 383b99f55a4400a2bec840c614876918516b6901632de122f0ebc7126617cb4f
dcrab-estore.txt
Posted Mar 25, 2005
Authored by Diabolic Crab | Site icis.digitalparadox.org

E-Store Kit-2 PayPal Edition is susceptible to file include and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | ac872074f1d371f1d96de015fc38c149d3b951e1b6eb8d240882fa2604fa3f38
dcrab-paypal.txt
Posted Mar 25, 2005
Authored by Diabolic Crab | Site icis.digitalparadox.org

Various cross-site scripting and (possible) SQL injection vulnerabilities exist in ESMIstudio's PayPal storefront scripts. It may not always be possible to exploit some of these depending on how PHP, Apache, and MySQL have been configured, however.

tags | exploit, php, vulnerability, xss, sql injection
SHA-256 | d03061ea7d5a7ea3eb1416dbdfa817a53389af20ae542ec03be5886d095afffa
dcl15.txt
Posted Mar 7, 2005
Authored by Filip Groszynski

Download Center Lite (DCL) versions 1.5 and below are susceptible to remote file inclusion.

tags | exploit, remote, file inclusion
SHA-256 | 43f57b913db929992724eae47a2728e399d2130c988a03d52f0a704688c56390
dc_iwconfig.c
Posted Oct 26, 2004
Authored by Diabolic Crab | Site hackerscenter.com

Local root exploit for /usr/sbin/iwconfig.

tags | exploit, local, root
SHA-256 | 10b71b48cb5e4b165f212352a02ef424f83595d0dcaf1c2619779a0133ef61f9
dc_ifenslave.c
Posted Oct 26, 2004
Authored by Diabolic Crab | Site hackerscenter.com

Local root exploit for /sbin/ifenslave.

tags | exploit, local, root
SHA-256 | 8fbd7a93da6b7b610698f7b15ec38201522ff308b0dee9883544408815519bfc
isec-0016-procleaks.txt
Posted Aug 5, 2004
Authored by Paul Starzetz | Site isec.pl

A critical security vulnerability has been found in the Linux kernel code handling 64bit file offset pointers. Successful exploitation allows local users to have access to kernel memory. Kernel series affected are 2.4.26 and below and 2.6.7 and below. Full exploit provided.

tags | exploit, kernel, local
systems | linux
advisories | CVE-2004-0415
SHA-256 | 92706af943a287522ac0045554f0149a454453a2c0f2f0482f4e4f98d714283a
isec-0014-mremap-unmap.v2.txt
Posted Mar 2, 2004
Authored by Paul Starzetz | Site isec.pl

A critical security vulnerability has been found in the Linux kernel memory management code inside the mremap(2) system call due to missing function return value check. This bug is completely unrelated to the mremap bug disclosed on 05-01-2004 except concerning the same internal kernel function code. Versions affected: 2.2 up to 2.2.25, 2.4 up to 2.4.24, 2.6 up to 2.6.2.

tags | exploit, kernel
systems | linux
advisories | CVE-2004-0077
SHA-256 | 483ed3b485fe72175ca9d4f6e07e3c8cc8998ed7ee2f98e6a72a1016b9373ac3
isec-0014-mremap-unmap.txt
Posted Feb 18, 2004
Authored by Paul Starzetz | Site isec.pl

A critical security vulnerability has been found in the Linux kernel memory management code inside the mremap(2) system call due to missing function return value check. This bug is completely unrelated to the mremap bug disclosed on 05-01-2004 except concerning the same internal kernel function code. Versions affected: 2.2 up to 2.2.25, 2.4 up to 2.4.24, 2.6 up to 2.6.2.

tags | advisory, kernel
systems | linux
advisories | CVE-2004-0077
SHA-256 | 15e57e93f04e6f6e219e6d6e4da2f41a33f772b68029df65fa0dcaf3e0bde0a7
isec-0013v2-mremap.txt
Posted Jan 15, 2004
Authored by Wojciech Purczynski, Paul Starzetz | Site isec.pl

The mremap system call in the Linux kernel memory management code has a critical security vulnerability due to incorrect bounds checking. Proper exploitation of this vulnerability may lead to local privilege escalation including execution of arbitrary code with kernel level access. Updated version of the original release of this document.

tags | advisory, arbitrary, kernel, local
systems | linux
advisories | CVE-2003-0985
SHA-256 | 0a4e3c81dc818181f880893f3f4e1c339b5517ada7d7b0d09c8ac1ddf34cbe95
isec-0013-mremap.txt
Posted Jan 5, 2004
Authored by Wojciech Purczynski, Paul Starzetz | Site isec.pl

The mremap system call in the Linux kernel memory management code has a critical security vulnerability due to incorrect bounds checking. Proper exploitation of this vulnerability may lead to local privilege escalation including execution of arbitrary code with kernel level access.

tags | advisory, arbitrary, kernel, local
systems | linux
advisories | CVE-2003-0985
SHA-256 | 1f3565207e96102d6a63c660b43ba3e8e06061f744c34c3ff6a6df7a1d02e5ef
dcamwebcam.txt
Posted Dec 23, 2003
Authored by Luigi Auriemma | Site aluigi.altervista.org

DCAM webcam versions 8.2.5 and below suffer from a directory traversal attack that allow a remote attacker to access any file available to the webserver uid.

tags | exploit, remote
SHA-256 | 3100d7453b6443b31ae5e4981c57020c628cd6fe3e5be2d1e7ef034ab11dcc3e
dcomrpc_magickey_win.c
Posted Dec 15, 2003

Dcom RPC remote win32 exploit, ported to Windows for compilation with VC++ 6. Uses "magic keys" to find the offset. Ported by Lordy

tags | exploit, remote
systems | windows
SHA-256 | 132c24caa22412268215f455fb5e2eb14b4e96dd8f2b7f5f467245ef0395479e
Page 1 of 4
Back1234Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close