exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

G-Parted 0.14.1 Command Execution
Posted Dec 19, 2014
Authored by Wolfgang Ettlinger | Site sec-consult.com

G-Parted versions 0.14.1 and below suffer from a root privilege escalation command execution vulnerability.

tags | exploit, root
advisories | CVE-2014-7208
SHA-256 | 22d59ee6ab3ecbc032151958235d46b8b87c383d2fc085ccae3a73125bc45eb5

Related Files

IBM Director Privilege Escalation
Posted Mar 10, 2009
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20090305-2 - IBM Director for Windows versions 5.20.3 Service Update 2 and below suffer from a local privilege escalation vulnerability.

tags | exploit, local
systems | windows
SHA-256 | 2c4bdf15757ef2a4d79baa1f93e9076442d2eb8f9826084c908501199c234703
IBM Directory CIM Denial Of Service
Posted Mar 10, 2009
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20090305-1 - IBM Director for Windows versions 5.20.3 Service Update 2 and below suffer from a remote denial of service vulnerability.

tags | advisory, remote, denial of service
systems | windows
SHA-256 | 6ec03fbbc9d5a504fb1686b5770ec4c08945779d3dfcac2447a621f6e80a6a21
NextApp Echo XML Injection
Posted Mar 10, 2009
Site sec-consult.com

SEC Consult Security Advisory 20090305-0 - NextApp Echo2 versions below 2.1.1 suffer from a XML injection vulnerability.

tags | exploit, xxe
SHA-256 | e364a88c2cc90f61eeb02c0e5b44a6ff6992024991a758fa3a4903a2fe77a6b5
SEC-CONSULT Security Advisory 20081219-0
Posted Dec 30, 2008
Authored by Bernhard Mueller | Site sec-consult.com

SEC-CONSULT Security Advisory 20081219-0 - Fujitsu-Siemens WebTransactions is vulnerable to remote command injection due to insufficient input validation. Under certain conditions, WBPublish.exe passes unvalidated user input to the system() function when cleaning up temporary session data. This vulnerability allows an attacker to execute arbitrary commands on the affected system. The vulnerability does not require prior authentication and can be exploited from a web browser.

tags | advisory, remote, web, arbitrary
SHA-256 | 4fcccde253345cf5e3f0f4106c7f74d8b15fb08e20a6c514630001cb3f299309
SEC Consult Security Advisory 20081210-0
Posted Dec 10, 2008
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20081210-0 - By calling the extended stored procedure sp_replwritetovarbin, an attacker can write limited values to arbitrary locations in process memory. This vulnerability has been described in a prior security advisory for MS SQL Server 2000.

tags | advisory, arbitrary
SHA-256 | 35360a7acfa1a99b8a092110b58250c85ed5ca8c4ccd0d0b760cbb8a46b38a39
SEC Consult Security Advisory SA-20081109-0
Posted Dec 9, 2008
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20081209-0 - Microsoft SQL Server suffers from a limited memory overwrite vulnerability.By calling the extended stored procedure sp_replwritetovarbin, and supplying several uninitialized variables as parameters, it is possible to trigger a memory write to a controlled location. Depending on the underlying Windows version, it is / may be possible to use this vulnerability to execute arbitrary code in the context of the vulnerable SQL server process. In a default configuration, the sp_replwritetovarbin stored procedure is accessible by anyone. The vulnerability can be exploited by an authenticated user with a direct database connection, or via SQL injection in a vulnerable web application. Versions 8.00.2039 and below are affected.

tags | advisory, web, arbitrary, sql injection
systems | windows
SHA-256 | a3cd08ebd8f3b29b9b481794aeae14f29fef4640ab1d53fdd05d480b010bfc47
SA-20081016-0.txt
Posted Oct 17, 2008
Authored by D. Matscheko | Site sec-consult.com

SEC Consult Security Advisory 20081016-0 - Instant Expert Analysis uses a signed Java applet for Firefox or Netscape browsers and a signed ActiveX plugin for Internet Explorer. Both applets allow an attacker to download and execute arbitrary applications when the user visits an infected website.

tags | advisory, java, arbitrary, activex
SHA-256 | 4389e14bdabddae18e2fd1658419cc963957c03ba043729d6ea732a805c3413c
SA-20071204-0.txt
Posted Dec 6, 2007
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20071204-0 - SonicWALL Global VPN Client suffers from a format string vulnerability that can be triggered by supplying a specially crafted configuration file. Versions below 4.0.0.830 are vulnerable.

tags | advisory
SHA-256 | b97b54d87bbc935b01eccf81c297be574aecaedace6de6a4b4127979150d7bba
SA-20071101-0.txt
Posted Nov 1, 2007
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20071101-0 - The SonicWALL SSL-VPN solution comes with various ActiveX Controls which allows users to access the VPN with Internet Explorer. These controls contain various vulnerabilities. Some details provided. Vulnerable versions include SonicWALL SSL-VPN 1.3.0.3, WebCacheCleaner ActiveX Control 1.3.0.3, and NeLaunchCtrl ActiveX Control 2.1.0.49.

tags | exploit, vulnerability, activex
SHA-256 | b43c0aec3d769dbce9e0724d5a99830b17f328ef1c8aa8f7aaea4b93f308d5cd
SA-20071031-0.txt
Posted Oct 31, 2007
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20071031-0 - The Perdition Mail Retrieval Proxy versions 1.17 and below suffer from a format string vulnerability.

tags | advisory
SHA-256 | 4efe9018c77b580c8c0bdf7897b14f170b94aec142d3cc6dc57eb1e1f9e4d1f1
SA-20071012-0.txt
Posted Oct 13, 2007
Authored by Clemens Kolbitsch, Sylvester Keil | Site sec-consult.com

SEC Consult Security Advisory 20071012-0 - A specially crafted beacon frame can cause MadWifi to crash and cause a kernel panic on the affected machine. Versions 0.9.3.2 and below are affected.

tags | advisory, kernel
SHA-256 | 2883ff9ab631d2d6a0fab31e709208bd4004c0c1c42c5cdd645102b1ba2f8088
SA-20070722-0.txt
Posted Jul 23, 2007
Authored by Johannes Greil | Site sec-consult.com

SEC Consult Security Advisory - SEC Consult has discovered an arbitrary code execution flaw in Joomla! version 1.5 beta 2.

tags | exploit, arbitrary, code execution
SHA-256 | 27257772ee84bdb082f3c8d0b36b605e8ca0215067cd5b2505a0b873391955c4
SA-20070509-0.txt
Posted May 10, 2007
Authored by Johannes Greil | Site sec-consult.com

SEC Consult Security Advisory 20070509-0 - The Nokia Intellisync Mobile Suite is susceptible to cross site scripting, source code disclosure, and denial of service vulnerabilities. Details provided. Versions known vulnerable include 6.4.31.2, 6.6.0.107, and 6.6.2.2.

tags | exploit, denial of service, vulnerability, xss
SHA-256 | 51a25ba5752d84a5e2041a75ccb577608b5f1dc5ff208d33097a57a267d97907
SA-20070314-0.txt
Posted Mar 20, 2007
Authored by D. Matscheko | Site sec-consult.com

SEC Consult Security Advisory 20070314-0 - If the Apache HTTP Server and Tomcat are configured to interoperate with the common proxy modules (mod_proxy, mod_rewrite, mod_jk), an attacker might be able to break out of the intended destination path up to the webroot in Tomcat.

tags | exploit, web
advisories | CVE-2007-0450
SHA-256 | ae0accd7dd41279f8531f981d7995776526f842a5d6e404b34ae2a7019a86a97
SA-20070309-0.txt
Posted Mar 13, 2007
Authored by Bernhard Mueller, S.Streichbier | Site sec-consult.com

SEC-CONSULT Security Advisory 20070309-0 - Starting with version 5, MySQL provides access to the database metadata. When using functions that operate on strings in combination with subselects on information_schema tables and additional sorting of the results with the ORDER BY clause, a null-pointer dereferencation takes place causing a segmentation fault. This allows an attacker to crash the MySQL database. Versions below 5.0.37 are affected.

tags | advisory
SHA-256 | d00c6845f154920b81fdf6e0a349fb00b0670947308e18f0a2d4970997894dbb
SA-20070226-0.txt
Posted Mar 6, 2007
Authored by D. Matscheko | Site sec-consult.com

SEC Consult Security Advisory 20070226-0 - The 3rd party module Pagesetter for PostNuke is susceptible to a local file inclusion vulnerability. Versions 6.2.0 and 6.3.0 beta 5 are affected.

tags | exploit, local, file inclusion
SHA-256 | 575fbb65bb1e067007269f53fe512d45d47ee97dd535d2999d2ace632822781a
SA-20060613-0.txt
Posted Jun 29, 2006
Site sec-consult.com

Microsoft Outlook Web Access is vulnerable to an HTML code injection/cross site scripting attack. A malicous user could craft a mail containing HTML and Javascript code. Such code could be used to steal session information from the victims cookies, and thus enable the attacker to get access to the victim's emails.

tags | advisory, web, javascript, xss
SHA-256 | dccfbc946917b8c4d45a7217924d48a440d871a4d69d0cbdf997231cd6903b20
SA-03.txt
Posted Apr 28, 2006
Site pinkhat.org

An example of a return into libc exploit that possibly works though grsecurity patch protection.

tags | exploit
SHA-256 | 3d52d2bc3578ca63d91d157654640485e25d9bb02f962aa6d3f5f5cfb99a6f01
SA-20060413-0.txt
Posted Apr 19, 2006
Authored by Bernhard Mueller | Site sec-consult.com

SEC-CONSULT Security Advisory 20060413-0 title: Opera Browser versions less than or equal to 8.52 CSS Attribute Integer Wrap and buffer overflow

tags | advisory, overflow
SHA-256 | dcd897dcb4d39d9b5637377385db693ba270ea31b7ef988a7b4ecf1ccb586ecb
SA-0001.txt
Posted Jan 1, 2006
Authored by Blackfile

PTnet IRCD v1.5 and 1.6 contain a heap overflow which can crash the IRC server.

tags | advisory, overflow
SHA-256 | a67d409ce4af132e56bbc17ae8518e16d584382d15ed3e1b1d192cd4d5877019
SA-20051223-1.txt
Posted Dec 29, 2005
Authored by SEC Consult | Site sec-consult.com

SEC Consult Security Advisory 20051223-1 - It is possible to read arbitrary files of the system such as the WEB-INF directory through the OracleAS discussion forum portlet. An attacker needs to know the file names.

tags | advisory, web, arbitrary
SHA-256 | 775697c50859caa89bbb921a8a51d9bd892979eb7a28b8ba315d443a6c2d066a
SA-20051223-0.txt
Posted Dec 29, 2005
Authored by SEC Consult | Site sec-consult.com

SEC Consult Security Advisory 20051223-0 - OracleAS Discussion Forum Portlet suffers from multiple Cross Site Scripting vulnerabilities. E.g. it is possible to create relogin trojans, steal session cookies, alter the content of the site or hide articles which don't show up in the overview page.

tags | advisory, trojan, vulnerability, xss
SHA-256 | d04346051912499b9c28f07d881f6390328e316d05d29a873a9d1b5b4f88b1a6
SA-20040802.txt
Posted Aug 5, 2004
Authored by Patrik Hornik | Site hornik.sk

A denial of service vulnerability exists in GnuTLS versions prior to 1.0.17. The flaw lies in a failure to handle overly long RSA keys.

tags | advisory, denial of service
SHA-256 | ba19a812a7cc901aba7111f7eaffd6b809286bc9e0333cbf2a17e986bcd6ceec
sa-2003-04-myclassified.pdf
Posted Nov 4, 2003
Authored by Ezhilan | Site sintelli.com

MyClassifieds SQL Versions below 2.13 are vulnerable to a SQL injection attack. The problem is due to improper sanitization of user input for the email variable. A remote attacker could insert arbitrary SQL code in the email variable. The passwords of the users can be written into a file and made world readable.

tags | advisory, remote, arbitrary, sql injection
SHA-256 | 04c3f8142c6f5e430a1e163f919eff03fe8721fc45a531812584a2ec6b4a31ca
SA-20031006.txt
Posted Oct 15, 2003
Authored by Patrik Hornik

slocate package version 2.6 has a heap overflow that can be used to escalate privileges.

tags | exploit, overflow
SHA-256 | 6ba8b2301f291c7b2a07530eefefa4b0453357391429f5eb3cd5ef3de679a744
Page 2 of 4
Back1234Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close