what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

Open-Xchange App Suite / Documents Server-Side Request Forgery
Posted Feb 21, 2020
Authored by Martin Heiland

Open-Xchange App Suite and Documents versions 7.10.2 and below suffer from multiple server-side request forgery vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2019-18846, CVE-2019-9853
MD5 | 43acfce60891d606ddbc7bb9726ef5ad

Related Files

Jackin' TOR Users Via Evil Proxies And The BeEF Framework
Posted Aug 14, 2012
Authored by evell | Site recursive-descent.net

This paper documents step by step instructions for intercepting TOR users via proxies and using the BeEF framework. It takes injection and proxying attacks on TOR to another level and is a very useful read.

tags | paper
MD5 | 36c7fedcbd07be678550e31f031d444a
Ubuntu Security Notice USN-1526-1
Posted Aug 9, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1526-1 - It was discovered that KOffice incorrectly handled certain malformed MS Word documents. If a user or automated system were tricked into opening a crafted MS Word file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-3455
MD5 | aed7b601ce56b38198498e9998f0b1d4
Ubuntu Security Notice USN-1525-1
Posted Aug 9, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1525-1 - It was discovered that Calligra incorrectly handled certain malformed MS Word documents. If a user or automated system were tricked into opening a crafted MS Word file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-3456
MD5 | b07c5ce7eeeb8b339682784a075b2c9e
Debian Security Advisory 2506-1
Posted Jul 3, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2506-1 - Qualys Vulnerability and Malware Research Labs discovered a vulnerability in ModSecurity, a security module for the Apache webserver. In situations where present in HTTP headers, the vulnerability could allow an attacker to bypass policy and execute cross-site script (XSS) attacks through properly crafted HTML documents.

tags | advisory, web
systems | linux, debian
advisories | CVE-2012-2751
MD5 | 67bc8a94713ca7a4762bfdb257d83e24
Red Hat Security Advisory 2012-1043-01
Posted Jun 26, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1043-01 - libwpd is a library for reading and converting Corel WordPerfect Office documents. A buffer overflow flaw was found in the way libwpd processed certain Corel WordPerfect Office documents. An attacker could provide a specially-crafted .wpd file that, when opened in an application linked against libwpd, such as OpenOffice.org, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All libwpd users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications that are linked against libwpd must be restarted for this update to take effect.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-2149
MD5 | 23d54f6ef012863525d390cb4daf6532
Mandriva Linux Security Advisory 2012-091
Posted Jun 14, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-091 - An integer overflow vulnerability in the libreoffice graphic loading code could allow a remote attacker to cause a denial of service or potentially execute arbitrary code. An integer overflow flaw, leading to buffer overflow, was found in the way libreoffice processed invalid Escher graphics records length in PowerPoint documents. An attacker could provide a specially-crafted PowerPoint document that, when opened, would cause libreoffice to crash or, potentially, execute arbitrary code with the privileges of the user running libreoffice. libreoffice for Mandriva Linux 2011 has been upgraded to the 3.5.4 version which is not vulnerable to these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-1149, CVE-2012-2334
MD5 | 45be5b3cd4db2c86982ed5df74b78bcf
Mandriva Linux Security Advisory 2012-090
Posted Jun 14, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-090 - An integer overflow vulnerability in the openoffice.org graphic loading code could allow a remote attacker to cause a denial of service or potentially execute arbitrary code. An integer overflow flaw, leading to buffer overflow, was found in the way openoffice.org processed invalid Escher graphics records length in PowerPoint documents. An attacker could provide a specially-crafted PowerPoint document that, when opened, would cause openoffice.org to crash or, potentially, execute arbitrary code with the privileges of the user running openoffice.org. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-1149, CVE-2012-2334
MD5 | a8acc2ca8f4da43f72a3d59eb86893bb
Red Hat Security Advisory 2012-0731-01
Posted Jun 13, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0731-01 - Expat is a C library written by James Clark for parsing XML documents. A denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially-crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. A memory leak flaw was found in Expat. If an XML file processed by an application linked against Expat triggered a memory re-allocation failure, Expat failed to free the previously allocated memory. This could cause the application to exit unexpectedly or crash when all available memory is exhausted.

tags | advisory, denial of service, memory leak
systems | linux, redhat
advisories | CVE-2012-0876, CVE-2012-1148
MD5 | 6b0cea5917b20b83910735f2c3072852
Alphanumeric Shellcode
Posted Jun 12, 2012
Authored by hatter of BHA | Site blackhatacademy.org

Alphanumeric shellcode is similar to ascii shellcode in that it is used to bypass character filters and evade intrusion-detection during buffer overflow exploitation. This article documents alphanumeric code on multiple architectures, but primarily the 64 bit x86 architecture. Alphanumeric shellcode requires a basic understanding of bitwise math, assembly and shellcode.

tags | paper, overflow, x86, shellcode
MD5 | 173b9826b754e13f6f9f58c6e4cc4501
Red Hat Security Advisory 2012-0705-01
Posted Jun 5, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0705-01 - OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer overflow flaw, leading to a buffer overflow, was found in the way OpenOffice.org processed an invalid Escher graphics records length in Microsoft Office PowerPoint documents. An attacker could provide a specially-crafted Microsoft Office PowerPoint document that, when opened, would cause OpenOffice.org to crash or, potentially, execute arbitrary code with the privileges of the user running OpenOffice.org.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-1149, CVE-2012-2334
MD5 | 2b488e5a4f1a6c07613cd269959708c0
PDFResurrect PDF Analyzer 0.11
Posted May 31, 2012
Authored by enferex | Site 757labs.com

PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.

Changes: This is a bugfix release.
tags | tool, forensics
systems | unix
MD5 | fb18831369d07a98ac96e7a4d9314b53
Browser Navigation Download Trick
Posted May 31, 2012
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

It is an important and little-known property of web browsers that one document can always navigate other, non-same-origin windows to arbitrary URLs. Perhaps more interestingly, you can also navigate third-party documents to resources served with Content-Disposition: attachment, in which case, you get the original contents of the address bar, plus a rogue download prompt attached to an unsuspecting page that never wanted you to download that file. Proof of concept code included.

tags | exploit, web, arbitrary, proof of concept
systems | windows
MD5 | b7f9bc36728ff78b7ddc61970f1e20a5
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
Posted May 24, 2012
Site metasploit.com

This Metasploit module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.

tags | exploit, arbitrary, code execution
systems | windows, xp
advisories | CVE-2008-0320, OSVDB-44472
MD5 | c768b9282de90ed20180d7ae12452941
libwpd WPXContentListener::_closeTableRow() Memory Overwrite
Posted May 18, 2012
Authored by Kestutis Gudinavicius | Site sec-consult.com

OpenOffice.org includes the customized libwpd version 0.8.8 library for parsing WordPerfect documents. The used version of the libwpd library suffers from a memory overwrite vulnerability when reading a specially crafted WPD file. Successful exploitation of this vulnerability could result in an arbitrary code execution within the OpenOffice.org software suite.

tags | advisory, arbitrary, code execution
advisories | CVE-2012-2149
MD5 | 3ccebc2967c3d54458d31d8698a6518d
OpenOffice.org vclmi.dll Integer Overflow
Posted May 16, 2012
Authored by TieLei Wang

A vulnerability is caused due to an integer overflow error in the vclmi.dll module when allocating memory for an embedded image object. This can be exploited to cause a heap-based buffer overflow via, for example using a specially crafted JPEG object within a DOC file. OpenOffice.org 3.3.0 and 3.4 beta users are advised to upgrade to Apache OpenOffice 3.4. Users who are unable to upgrade immediately should be cautious when opening untrusted documents.

tags | advisory, overflow
advisories | CVE-2012-1149
MD5 | 0d853304d9491d0cb7d8fb6c76e96fe2
Debian Security Advisory 2468-1
Posted May 10, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2468-1 - It was discovered that Apache POI, a Java implementation of the Microsoft Office file formats, would allocate arbitrary amounts of memory when processing crafted documents. This could impact the stability of the Java virtual machine.

tags | advisory, java, arbitrary
systems | linux, debian
advisories | CVE-2012-0213
MD5 | ddde46e5da9cd9d0934b27e3bfb06604
iOS Application (In)Security
Posted May 6, 2012
Authored by Dominic Chell | Site mdsec.co.uk

This whitepaper details some of the vulnerabilities observed over the past year while performing regular security assessments of iPhone and iPad applications. MDSec documents some of the vulnerabilities identified as well as the methods to exploit them, and recommendations that developers can adopt to protect their iOS applications. It covers not only the security features of the platform, but provides in depth information on how to perform both black box and white box iOS penetration tests, along with suggested methodologies and compliance.

tags | paper, vulnerability
systems | cisco, apple, iphone
MD5 | 8527c3e88bfed9bdffcf0bcf1dbd7036
Red Hat Security Advisory 2012-0469-01
Posted Apr 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0469-01 - Adobe Reader allows users to view and print documents in Portable Document Format. This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB12-08, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.5.1, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2012-0774, CVE-2012-0775, CVE-2012-0777
MD5 | bc8eab399d8e0bb8c6baabec8556da80
Drupal Activity 6.x XSS Proof Of Concept
Posted Mar 29, 2012
Authored by Justin C. Klein Keane | Site drupal.org

This file documents a proof of concept to demonstrate the cross site scripting vulnerability in the Drupal Activity module version 6.x.

tags | exploit, xss, proof of concept
MD5 | 06f0f6c9900b8d2e1c30702167cfbae9
OpenOffice.org Data Leakage
Posted Mar 23, 2012
Authored by Timothy D. Morgan | Site apache.org

An XML External Entity (XXE) attack is possible in OpenOffice.org versions 3.3 and 3.4 Beta. This vulnerability exploits the way in which external entities are processed in certain XML components of ODF documents.

tags | advisory, xxe
advisories | CVE-2012-0037
MD5 | 151237e4e5475ac81f0b89e30fba0e55
Oracle Web Logic Node Manager UNC Path Remote File Execution
Posted Mar 20, 2012
Authored by Darren McDonald

This advisory documents the Oracle Web Logic Node Manager UNC path remote file execution exploitation details.

tags | exploit, remote, web
MD5 | 0397cdbf0f4b9e0235c45f6b90d0137c
D-Link ShareCenter Remote Code Execution
Posted Feb 8, 2012
Authored by Roberto Paleari

This advisory expands on a previously known authentication bypass issue in D-Link ShareCenter products. It documents how the vulnerability can also be leveraged to execute arbitrary commands.

tags | exploit, arbitrary
MD5 | 06fa0d9c39511097e8437a93c0612c60
Apache protocol.c Cookie Disclosure
Posted Jan 31, 2012
Authored by pilate

Proof of concept code for a vulnerability in protocol.c from Apache versions 2.2.x through 2.2.21. The issue is that it does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies.

tags | exploit, remote, protocol, proof of concept, info disclosure
advisories | CVE-2012-0053
MD5 | 657f1bf4056ef716235936fdcd302d24
Ubuntu Security Notice USN-1334-1
Posted Jan 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1334-1 - It was discovered that libxml2 contained an off by one error. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libxml2 is vulnerable to double-free conditions when parsing certain XML documents. This could allow a remote attacker to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-0216, CVE-2011-2821, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919
MD5 | d35688e59e6cb186155a63ae04e731e5
Red Hat Security Advisory 2012-0011-01
Posted Jan 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0011-01 - Adobe Reader allows users to view and print documents in Portable Document Format. This update fixes two security flaws in Adobe Reader. All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.7, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-2462, CVE-2011-4369
MD5 | 945a0369b3849a0599a2e9b11a577423
Page 1 of 4
Back1234Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close