what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

School Dormitory Management System 1.0 SQL Injection
Posted May 9, 2022
Authored by Saud Alenazi

School Dormitory Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 35eface303d338348fb6d3c2744228b1f44d4ff33f83a1ac39f419a593227e06

Related Files

Secunia Security Advisory 50296
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in GIMP, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 1f1316645df5df97210bf9e034d33467b589eb48f5f02f67b1c02dc2bd26ca62
Secunia Security Advisory 50275
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in McAfee Security for Microsoft SharePoint and McAfee Security for Microsoft Exchange, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 1b96f725cd09e98614ef2fed1a60e7ca3ccba63efe4b7157ef2246e75849b23d
Secunia Security Advisory 50304
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in McAfee SmartFilter Administration, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | a703b1a95357d6c56e78153fecfe2423f047d759e2a36648b9be443b22464153
Secunia Security Advisory 50318
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, suse
SHA-256 | 6cefeb9d53564ddd95662c3efb212b82978bad23acf898881484202536c67aa9
Zero Day Initiative Advisory 12-144
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-144 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.

tags | advisory, remote, overflow, arbitrary, tcp, code execution, protocol
advisories | CVE-2012-0409
SHA-256 | 6b5f97b1c544b37daf25f97b0b52fcbb7493e4537b578d0236271819a3ac573e
Zero Day Initiative Advisory 12-141
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within Microsoft .NET XAML Browser Application (XBAP) handling of Clipboard object data. It is possible to cause unsafe memory access within System.Windows.Forms.Clipboard, allowing an attacker to control the memory used by an object's native code. This unsafe access allows for control of a function pointer, which can be exploited to remotely execute code. In the case of Internet Explorer, execution of attacker code occurs outside of the Protected Mode sandbox.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2012-1855
SHA-256 | 8a9c280b793fd5689ee6d1eab372451da1a6ddfa522f51fffe5b3eeaf469a90f
Zero Day Initiative Advisory 12-140
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-140 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of McAfee SmartFilter Administration Server. Authentication is not required to exploit this vulnerability. The flaw exists within the Remote Method Invocation (RMI) component which is exposed by SFAdminSrv.exe process. This process exposes various RMI services to TCP ports 4444 (JBoss RMI HTTPInvoker), 1098 (rmiactivation), 1099 (rmiregistry). Requests to these services are not authenticated and can be used to instantiate arbitrary classes or to upload and execute arbitrary archives. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | 6d44dbf9f816ae47b69459fc6a3ae55af8b47454af0c493a2b31bcdd640effcb
Zero Day Initiative Advisory 12-139
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-139 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Crystal Reports. Authentication is not required to exploit this vulnerability. The flaw exists within the ebus-3-3-2-7.dll component which is used by the crystalras.exe service. This process listens on a random TCP port. When unmarshalling GIOP ORB encapsulated data the process invokes a memcpy constrained by a user controlled value. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | b5cd95c093a6d7c698cda8f5b0501a67a51fa6615c044079dd187f2f91b82aa0
GIMP 2.6 Script-Fu Command Execution
Posted Aug 17, 2012
Site reactionpenetrationtesting.co.uk

There is an arbitrary command execution vulnerability in the scriptfu network server console in the GIMP 2.6 branch. It is possible to use a python scriptfu command to run arbitrary operating-system commands and potentially take full control of the host.

tags | advisory, arbitrary, python
advisories | CVE-2012-4245
SHA-256 | 6bb8abc35df548c551fcf9ff102ee8db444b1e273993fe8a725e91885c36da04
Mandriva Linux Security Advisory 2012-135
Posted Aug 17, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-135 - The DCP ETSI dissector could trigger a zero division. The MongoDB dissector could go into a large loop. The XTP dissector could go into an infinite loop. The AFP dissector could go into a large loop. The RTPS2 dissector could overflow a buffer. The CIP dissector could exhaust system memory. The STUN dissector could crash. The EtherCAT Mailbox dissector could abort. The CTDB dissector could go into a large loop. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4296, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4290
SHA-256 | ed1f626a9ec66091da1ced33f9dcf94853900a07685bff02a384520cb736cdfc
Mandriva Linux Security Advisory 2012-134
Posted Aug 17, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-134 - The DCP ETSI dissector could trigger a zero division. The MongoDB dissector could go into a large loop. The XTP dissector could go into an infinite loop. The AFP dissector could go into a large loop. The RTPS2 dissector could overflow a buffer. The GSM RLC MAC dissector could overflow a buffer. The CIP dissector could exhaust system memory. The STUN dissector could crash. The EtherCAT Mailbox dissector could abort. The CTDB dissector could go into a large loop. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4296, CVE-2012-4297, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4290
SHA-256 | e7a2ce0735205d049fc69106cd58cf7bc1f4cbae6e55ed2fc256e52ad05d4759
Samsung Galaxy S2 World Writeable Directories
Posted Aug 17, 2012
Authored by Alexander R. Pruss

Some system directories on the Samsung Galaxy S2 for Sprint-US (Epic 4G Touch) are world-writable and allow for information disclosure, modification, and may lead to local root compromise of the device.

tags | exploit, local, root, info disclosure
SHA-256 | 9f06ef12f388247b4f5396e78958861f0d2d299cd6eda363dcfb33d724706997
Secunia Security Advisory 50218
Posted Aug 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in PostgreSQL, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 5f6689ccbd14a11663edb78085fd876cc43a1e16c7541f749a3e943476d61261
Secunia Security Advisory 50287
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in TYPO3, which can be exploited by malicious users to conduct script insertion attacks, disclose sensitive information, and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | a8da39ec795d458b751baf8f596c08c5b8787657117a6a3448e652865893bd96
Secunia Security Advisory 50298
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for opera. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.

tags | advisory, vulnerability, xss
systems | linux, suse
SHA-256 | 4a0a1b4903894469bff498da1a1de032a7ea6158e3482a326613ddf0ff53b8a1
Secunia Security Advisory 50276
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 50783ebab1cb45ed05a070b36da381fc543a4816f9bb5d478a3c15d4709f658f
Secunia Security Advisory 50307
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for chromium and v8. This fixes some vulnerabilities, where one has an unknown impact and others can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | e70dc3c6cc08a72002560df72da99fdc06ff124863fbd4ef3398adf7d7e15630
Secunia Security Advisory 50305
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, redhat
SHA-256 | e49512d4b1183a2b7f7d1e89472e2bc893629bbfad4358cdbeb4e99198996262
Secunia Security Advisory 50255
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Performance Co-Pilot, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 958e27438a16ed8a1d50ff43fd51ed396f51b0c01c95c9f5d128ce2a04075c45
Secunia Security Advisory 50241
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM Hardware Management Console (HMC) and IBM Systems Director Management Console (SDMC), which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | ad291daf2f590e8e133fc0ae3133eb5a7bee2aea4dfa2c0a92ce907b62295500
Secunia Security Advisory 50252
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for icedove. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system.

tags | advisory, spoof, vulnerability
systems | linux, debian
SHA-256 | 5ec1c68c93f00219e1f1b2bbd9542b170fa1d6f461e06858784b810db2c1c9c9
Secunia Security Advisory 50290
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | c54216312e8a1c614c987aa7867e162c73407e99718aaab381cde6c9f03c31ed
Cisco Security Advisory 20120530-iosxr-2
Posted Aug 15, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS XR Software contains a vulnerability when handling crafted packets that may result in a denial of service condition. The vulnerability only exists on Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP-4G and RSP-8G), Route Switch Processor 440 (RSP440), and Cisco Carrier Routing System (CRS) Performance Route Processor (PRP). The vulnerability is a result of improper handling of crafted packets and could cause the route processor, which processes the packets, to be unable to transmit packets to the fabric. Cisco has released free software updates that address this vulnerability.

tags | advisory, denial of service
systems | cisco, osx
SHA-256 | bc07f2e416a80379a131e30d960f750f093f1907368c5841670468346b98ce8e
Windows Service Trusted Path Privilege Escalation
Posted Aug 15, 2012
Authored by sinn3r | Site metasploit.com

This Metasploit module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:\program files\hello.exe; The Windows API will try to interpret this as two possible paths: C:\program.exe, and C:\program files\hello.exe, and then execute all of them. To some software developers, this is an unexpected behavior, which becomes a security problem if an attacker is able to place a malicious executable in one of these unexpected paths, sometimes escalate privileges if run as SYSTEM. Some softwares such as OpenVPN 2.1.1, or OpenSSH Server 5, etc... all have the same problem.

tags | exploit
systems | windows
SHA-256 | 13ee2928c651d3a5639e180e5f2cafa4d077977aeeeb2da9a34de919ec969a8e
Secunia Security Advisory 50239
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for Java in HP-UX. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, local, vulnerability, xss
systems | hpux
SHA-256 | 64a709b58b6ee61639d0b91751fa1370fb95af75e8e2c731bae64a2534aa2be5
Page 1 of 4
Back1234Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    7 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close