exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed


ESET 7.0 Kernel Memory Leak
Posted Oct 28, 2014
Authored by Kyriakos Economou | Site portcullis-security.com

ESET versions 5.0 through 7.0 suffer from a kernel memory leak vulnerability.

tags | advisory, kernel, memory leak
advisories | CVE-2014-4974
SHA-256 | 8b5888960f4d9b82098187fccdeffd23d87b222ac084d8ed2407392d581bf827

Related Files

Temenos T24 R07.03 Authentication Bypass
Posted Jul 31, 2012
Authored by Dionach

Temenos T24 R07.03 suffers from an authentication bypass vulnerability as it fails to properly enforce access control on the password reset functionality.

tags | exploit, bypass
SHA-256 | 02ff07cc29f837babb592db15e1183a5b60963952716001ea0a431f7960a4a04
Mandriva Linux Security Advisory 2012-094
Posted Jun 19, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-094 - This is a bugfix release that upgrades clamav to the latest version The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. The Microsoft CHM file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2012-1457, CVE-2012-1458, CVE-2012-1459
SHA-256 | 9d3c70ef74c52e6171f0b59d36ffcd805402309bc35d4dd9220758ef6d22659b
Microsoft MSN Hotmail Password Reset
Posted Apr 26, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Microsoft MSN Hotmail suffered from a password reset and setup vulnerability.

tags | exploit
SHA-256 | 49073ed7e6528aed6e2a1395224e58b80dc4adcd3daca681f9d673e3701cffb1
ArticleSetup 1.11 Cross Site Scripting / SQL Injection
Posted Mar 30, 2012
Authored by Antu Sanadi | Site secpod.com

ArticleSetup versions 1.11 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 9989e178ae23e232b3197892da9d4f97be442d52ccc77c18923483a98701abc4
Secunia Security Advisory 48613
Posted Mar 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Antu Sanadi has discovered multiple vulnerabilities in ArticleSetup, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | f732c0164c00edbcdaddc2fae2915561be17679c221d7caf3b8b276ea9de4fe0
Android Wipe Failure
Posted Mar 19, 2012
Site hatforce.com

Hatforce has discovered that the "wipe" function on Android does not reliably delete data on all devices. On a Nexus S running Android 2.3.6, they were able to recover user data after running a "wipe" both using the "factory data reset" from the menu and by wiping the device from recovery.

tags | advisory
SHA-256 | 59bc3a21027ec7b9d9d7d0f559c6aa74b0ff627bbfa549221a1f9ad1d3644ba5
Red Hat Security Advisory 2012-0137-01
Posted Feb 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0137-01 - TeX Live is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent file as output. The texlive packages provide a number of utilities, including dvips. TeX Live embeds a copy of t1lib. The t1lib library allows you to rasterize bitmaps from PostScript Type 1 fonts. The following issues affect t1lib code: Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics files. If a specially-crafted font file was opened by a TeX Live utility, it could cause the utility to crash or, potentially, execute arbitrary code with the privileges of the user running the utility.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2010-2642, CVE-2011-0433, CVE-2011-0764, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554
SHA-256 | b811af510a4450cdfa8f0478df6a3e2ec1303502c4a2f0b164a2de49291aa9d1
ShareCenter D-Link DNS-320 Denial Of Service
Posted Dec 5, 2011
Authored by rigan

ShareCenter D-Link DNS-32- remote reboot/shutdown/reset denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | c0fae690833217b6caeee7764101bc2567c68446ccbd6782a98f3549776d6aab
Secunia Security Advisory 46525
Posted Oct 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged a vulnerability in Oracle Waveset, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 7255b47ec73ec99b3e000a207b537ce26b4af5f3bb82ec171d5f809aab606992
Opera 10/11 Memory Corruption
Posted Oct 6, 2011
Authored by Jose Antonio Vazquez Gonzalez | Site metasploit.com

This Metasploit module exploits a vulnerability in the nesting of frameset and iframe tags as implemented within Opera Browser. A memory corruption is triggered and some pointers got corrupted with invalid addresses. Successfully exploiting leads to remote code execution or denial of service condition under Windows XP SP3 (DEP = off).

tags | exploit, remote, denial of service, code execution
systems | windows
advisories | CVE-2011-2628, OSVDB-72406
SHA-256 | cca2c04d9608cabd67212e6b6de6f391c4ae540b9386fc4c1e27694218c8edb5
Dell IT Assistant detectIESettingsForITA.ocx Remote Registry Dump
Posted Jul 16, 2011
Authored by rgod | Site retrogod.altervista.org

Dell IT Assistant detectIESettingsForITA.ocx Active-X control readRegVal() remote registry dump exploit.

tags | exploit, remote, registry, activex
SHA-256 | 972fe47b27217c4fe43b9ab5056484e368ca06d298659a3290fa514440134e4e
2Wire Password Reset
Posted Jun 28, 2011
Authored by Travis Phillips | Site metasploit.com

This Metasploit module will reset the admin password on a 2wire wireless router. This works by using a setup wizard page that fails to check if a user is authenticated and doesn't remove or block after first access.

tags | exploit
SHA-256 | 91af7c5cfe8ce35ecd823c6e368888d7bb8600a2aae160caf061754e6ac544da
Insomnia Security Vulnerability Advisory 110427.2
Posted Apr 27, 2011
Authored by James Burton | Site insomniasec.com

Insomnia Security Vulnerability Advisory - One of the pages included in the admin interface of Up.time Systems Management software contains a function designed to set the administrator password when the interface is loaded for the first time. After this task has been completed the code which processes this request is left in the page. By sending a specially crafted request a remote attacker can abuse this functionality to bypass the servers authentication mechanism and reset the password for any account.

tags | advisory, remote
SHA-256 | 6c9f9fe29a5db7bd0c9e35ad56265abf778b16ff07e28d1298796b7d1a51ecf2
Old Dogs And New Tricks: Do You Know Where Your Handles Are?
Posted Apr 19, 2011
Authored by Brooke Stephens, Jeffrey Walton

This paper offers incremental research in the area of untrusted program input via synchronization handle manipulations. Unlike the Michal Zalewski paper on Delivering Signals for Fun and Profit, this paper focuses on the source of the Unix signal handlers. Tested were personal computers running Windows XP and Vista. The synchronization objects were mutexes and events, and the security software included products from AVG, Avast, Avira, BitDefender, BullGuard, CheckPoint, Eset, F-Prot, F-Secure, Kaspersky, McAfee, Microsoft (Security Essentials), Nor- man, Norton, Panda, PC Tools, Quick Heal, Symantec, and Trend Micro.

tags | paper
systems | windows, unix
SHA-256 | 18409a8b03683d7197b587b4852f899980f92cd46bb417ee6903700ce8d70d62
Ubuntu Security Notice USN-1095-1
Posted Mar 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1095-1 - It was discovered that Quagga incorrectly parsed certain malformed extended communities. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. It was discovered that Quagga resets BGP sessions when encountering malformed AS_PATHLIMIT attributes. A remote attacker could use this flaw to disrupt BGP sessions, resulting in a denial of service. This update removes AS_PATHLIMIT support from Quagga. This issue only affected Ubuntu 8.04 LTS, 9.10, 10.04 LTS and 10.10.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2010-1674, CVE-2010-1675
SHA-256 | ace92018aca8cb5f956fcdd7df537578af7168e4da59950e1a0e8cf32c374692
Debian Security Advisory 2197-1
Posted Mar 21, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2197-1 - It has been discovered that the Quagga routing daemon contains two denial-of-service vulnerabilities in its BGP implementation. A crafted Extended Communities attribute triggers a null pointer dereference which causes the BGP daemon to crash. The BGP daemon resets BGP sessions when it encounters malformed AS_PATHLIMIT attributes, introducing a distributed BGP session reset vulnerability which disrupts packet forwarding.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2010-1674, CVE-2010-1675
SHA-256 | 7b7212876c0dc85a313a39760b58246048b833cdff698a6fde7789df6595bc40
Sagan Rules 03172011-r1
Posted Mar 17, 2011
Authored by Champ Clark III | Site sagan.softwink.com

This is the Sagan ruleset released 03/17/2011 to coincide with the 0.1.8 release.

tags | tool, sniffer
systems | unix
SHA-256 | 708dc4808d89d346c0e53785b4d92f180cfc650c3e5b735abfddcbea11948233
xt:Commerce 3.x Second Order SQL Injection
Posted Feb 17, 2011
Authored by Felix

xt:Commerce 3 suffers from a second order SQL injection vulnerability that can be leveraged to reset passwords of arbitrary users and administrators.

tags | exploit, arbitrary, sql injection
SHA-256 | 9e3a37b7a87b6f0a5036cf569879b12c6788f73c69e4a9ca19a78276984e9a6f
Zero Day Initiative Advisory 11-060
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-060 - This vulnerability allows attackers to deny services on vulnerable installations of Novell eDirectory. Authentication is not required in order to trigger this vulnerability. The flaw exists within Novell's eDirectory Server's NCP implementation. Novell's eDirectory Server binds to port 524 for processing NCP requests. When the application processes a malformed FileSetLock request, the service will become unresponsive resulting in an inability to authenticate to that server.

tags | advisory
advisories | CVE-2010-4327
SHA-256 | f9b4dd357b9df9d544c79f8fab909f05fa55ef4a038f6ea6ed83c6cf6ed6ca94
Mandriva Linux Security Advisory 2011-015
Posted Jan 21, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-015 - Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-4531
SHA-256 | 33f548308b4805323bbf19456b5f977a0d2f8ce2608d54d6b298f21d40bc7dec
Ubuntu Security Notice USN-1040-1
Posted Jan 7, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1040-1 - Adam Baldwin discovered that Django did not properly validate query string lookups. This could be exploited to provide an information leak to an attacker with admin privileges. Paul McMillan discovered that Django did not validate the length of the token used when generating a password reset. An attacker could exploit this to cause a denial of service via resource exhaustion.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2010-4534, CVE-2010-4535
SHA-256 | 380e6e5bf43c96aadf5739aaae8af09bf90d5a3e03bd88223ce714c1a51cbbb9
Ubuntu Security Notice USN-1033-1
Posted Dec 16, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1033-1 - It was discovered that Eucalyptus did not verify password resets from the Admin UI correctly. An unauthenticated remote attacker could issue password reset requests to gain admin privileges in the Eucalyptus environment.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2010-3905
SHA-256 | aa93d4e58bf0f16527a4bd871d05ccec8f42aa8838181244caa4e816a8a2e784
SweetRice 0.6.7 Cross Site Scripting / SQL Injection
Posted Nov 5, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

SweetRice version 0.6.7 suffers from cross site scripting, administrative password reset and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 0ab2fe7c511214ff04fe9f816522960faf1718a26a41d04b68df17390a450d45
Ubuntu Security Notice 978-2
Posted Sep 18, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 978-2 - USN-978-1 fixed vulnerabilities in Thunderbird. Some users reported stability problems under certain circumstances. This update fixes the problem. Several dangling pointer vulnerabilities were discovered in Thunderbird. It was discovered that the XPCSafeJSObjectWrapper (SJOW) security wrapper did not always honor the same-origin policy. Matt Haggard discovered that Thunderbird did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Thunderbird processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the <object> tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Thunderbird when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.

tags | advisory, overflow, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2760, CVE-2010-2763, CVE-2010-2764, CVE-2010-2765, CVE-2010-2766, CVE-2010-2767, CVE-2010-2768, CVE-2010-2769, CVE-2010-3166, CVE-2010-3167, CVE-2010-3168, CVE-2010-3169
SHA-256 | 279e9c9f571dc9eb648f55303ef86819aa3f9ac4e057095049c812b308770b96
Mandriva Linux Security Advisory 2010-180
Posted Sep 14, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-180 - lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable setgid file. The updated packages have been patched to correct this issue.

tags | advisory, local
systems | linux, mandriva
advisories | CVE-2005-4889, CVE-2010-2059
SHA-256 | 3ea35b697264e2934832f4e356c4542b2ed7f7794a7923baba03fd859a6fe8af
Page 1 of 4

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    20 Files
  • 29
    Nov 29th
    9 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By