exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

sa2003-08.txt
Posted Nov 14, 2003
Authored by NSFOCUS | Site nsfocus.com

NSFOCUS Security Advisory SA2003-08 - Do to a lack of input validation on the NLSPATH variable, libc on HP-UX is susceptible to a format string vulnerability that will allow a local attacker to gain root privileges.

tags | advisory, local, root
systems | hpux
advisories | CVE-2003-0090
SHA-256 | 7763824063b03d4c3ebd80f0f6e25b25ad766c35105b7d94923ec0e3e6a15b2b

Related Files

NSFOCUS Security Advisory 2011.1
Posted Jun 15, 2011
Authored by NSFOCUS | Site nsfocus.com

NSFOCUS Security Advisory - The NSFOCUS Security Team discovered a security vulnerability in Microsoft Internet Explorer. This flaw could be used to corrupt memory resulting in application crash and possible code execution by convincing users to open specially crafted HTML files.

tags | advisory, code execution
advisories | CVE-2011-1250
SHA-256 | 304ad6848efcde6c6b6b142064862fe425d9b17265e995651fed164dbf1712c1
NSFOCUS Security Advisory 2009.3
Posted Oct 16, 2009
Authored by NSFOCUS, Liu Yexin, Tan Jingli | Site nsfocus.com

The NSFOCUS Security Team discovered a remote DoS vulnerability in Microsoft Windows kernel. A carefully crafted PE file might crash the operating system.

tags | advisory, remote, denial of service, kernel
systems | windows
advisories | CVE-2009-2516
SHA-256 | 83bec49a4de3f4a653258a9bd7e85af622119532d20290f8a1c16db95ad42c23
NSFOCUS Security Advisory 2009.2
Posted Oct 16, 2009
Authored by NSFOCUS, Liu Yexin | Site nsfocus.com

The NSFOCUS Security Team discovered a remote DoS vulnerability in IBM DB2, which will cause IBM DB2 JDBC Applet Server to exit due to out-of-bound access by sending carefully crafted data to the Server.

tags | advisory, remote, denial of service
advisories | CVE-2009-2971
SHA-256 | f95c073409e963ee652e3791ebf0dc1dfa3d3aa8eb6e75386bec4224707968fd
NSFOCUS Security Advisory 2009.1
Posted Oct 16, 2009
Authored by NSFOCUS, Yu Yang | Site nsfocus.com

The NSFOCUS Security Team discovered a stack buffer overflow vulnerability in UiPlayer which allows remote attackers to run arbitrary code on user system by crafting a malicious webpage. UiTV UiPlayer UiCheck.dll versions 1.0.0.6 and below are affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2009-2970
SHA-256 | 29aa28c3e6795a7de36c986d330e876e65efa9aac9df5bf85f94d0d4dd022529
NextApp Echo XML Injection
Posted Mar 10, 2009
Site sec-consult.com

SEC Consult Security Advisory 20090305-0 - NextApp Echo2 versions below 2.1.1 suffer from a XML injection vulnerability.

tags | exploit, xxe
SHA-256 | e364a88c2cc90f61eeb02c0e5b44a6ff6992024991a758fa3a4903a2fe77a6b5
SEC-CONSULT Security Advisory 20081219-0
Posted Dec 30, 2008
Authored by Bernhard Mueller | Site sec-consult.com

SEC-CONSULT Security Advisory 20081219-0 - Fujitsu-Siemens WebTransactions is vulnerable to remote command injection due to insufficient input validation. Under certain conditions, WBPublish.exe passes unvalidated user input to the system() function when cleaning up temporary session data. This vulnerability allows an attacker to execute arbitrary commands on the affected system. The vulnerability does not require prior authentication and can be exploited from a web browser.

tags | advisory, remote, web, arbitrary
SHA-256 | 4fcccde253345cf5e3f0f4106c7f74d8b15fb08e20a6c514630001cb3f299309
SEC Consult Security Advisory 20081210-0
Posted Dec 10, 2008
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20081210-0 - By calling the extended stored procedure sp_replwritetovarbin, an attacker can write limited values to arbitrary locations in process memory. This vulnerability has been described in a prior security advisory for MS SQL Server 2000.

tags | advisory, arbitrary
SHA-256 | 35360a7acfa1a99b8a092110b58250c85ed5ca8c4ccd0d0b760cbb8a46b38a39
SEC Consult Security Advisory SA-20081109-0
Posted Dec 9, 2008
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20081209-0 - Microsoft SQL Server suffers from a limited memory overwrite vulnerability.By calling the extended stored procedure sp_replwritetovarbin, and supplying several uninitialized variables as parameters, it is possible to trigger a memory write to a controlled location. Depending on the underlying Windows version, it is / may be possible to use this vulnerability to execute arbitrary code in the context of the vulnerable SQL server process. In a default configuration, the sp_replwritetovarbin stored procedure is accessible by anyone. The vulnerability can be exploited by an authenticated user with a direct database connection, or via SQL injection in a vulnerable web application. Versions 8.00.2039 and below are affected.

tags | advisory, web, arbitrary, sql injection
systems | windows
SHA-256 | a3cd08ebd8f3b29b9b481794aeae14f29fef4640ab1d53fdd05d480b010bfc47
SA-20081016-0.txt
Posted Oct 17, 2008
Authored by D. Matscheko | Site sec-consult.com

SEC Consult Security Advisory 20081016-0 - Instant Expert Analysis uses a signed Java applet for Firefox or Netscape browsers and a signed ActiveX plugin for Internet Explorer. Both applets allow an attacker to download and execute arbitrary applications when the user visits an infected website.

tags | advisory, java, arbitrary, activex
SHA-256 | 4389e14bdabddae18e2fd1658419cc963957c03ba043729d6ea732a805c3413c
NSFOCUS Security Advisory 2007.2
Posted Dec 7, 2007
Authored by NSFOCUS | Site nsfocus.com

The NSFOCUS Security Team has discovered a remote buffer overflow vulnerability in the Cisco Security Agent for Windows which allows remote code execution by sending a malicious SMB request. Cisco Security Agent for Windows versions below 4.5.1.672, 5.0.0.225, 5.1.0.106, and 5.2.0.238 are affected.

tags | advisory, remote, overflow, code execution
systems | cisco, windows
advisories | CVE-2007-5580
SHA-256 | 9ef2052ed0feac6a9b02205d8939b2c0d2731983696db52d924b4105a07d1cc5
SA-20071204-0.txt
Posted Dec 6, 2007
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20071204-0 - SonicWALL Global VPN Client suffers from a format string vulnerability that can be triggered by supplying a specially crafted configuration file. Versions below 4.0.0.830 are vulnerable.

tags | advisory
SHA-256 | b97b54d87bbc935b01eccf81c297be574aecaedace6de6a4b4127979150d7bba
SA-20071101-0.txt
Posted Nov 1, 2007
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20071101-0 - The SonicWALL SSL-VPN solution comes with various ActiveX Controls which allows users to access the VPN with Internet Explorer. These controls contain various vulnerabilities. Some details provided. Vulnerable versions include SonicWALL SSL-VPN 1.3.0.3, WebCacheCleaner ActiveX Control 1.3.0.3, and NeLaunchCtrl ActiveX Control 2.1.0.49.

tags | exploit, vulnerability, activex
SHA-256 | b43c0aec3d769dbce9e0724d5a99830b17f328ef1c8aa8f7aaea4b93f308d5cd
SA-20071031-0.txt
Posted Oct 31, 2007
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20071031-0 - The Perdition Mail Retrieval Proxy versions 1.17 and below suffer from a format string vulnerability.

tags | advisory
SHA-256 | 4efe9018c77b580c8c0bdf7897b14f170b94aec142d3cc6dc57eb1e1f9e4d1f1
SA-20071012-0.txt
Posted Oct 13, 2007
Authored by Clemens Kolbitsch, Sylvester Keil | Site sec-consult.com

SEC Consult Security Advisory 20071012-0 - A specially crafted beacon frame can cause MadWifi to crash and cause a kernel panic on the affected machine. Versions 0.9.3.2 and below are affected.

tags | advisory, kernel
SHA-256 | 2883ff9ab631d2d6a0fab31e709208bd4004c0c1c42c5cdd645102b1ba2f8088
NSFOCUS-0701.txt
Posted Aug 16, 2007
Authored by Hu Qianwei | Site nsfocus.com

The NSFocus Security Team has discovered a memory corruption vulnerability in Internet Explorer 5 that allows arbitrary code execution when parsing a malicious CSS file.

tags | advisory, arbitrary, code execution
advisories | CVE-2007-0943
SHA-256 | 45a8f9aa9d38c801d412958f23324ee611836a6bd70dbf3506a5804651ce34bd
SA-20070722-0.txt
Posted Jul 23, 2007
Authored by Johannes Greil | Site sec-consult.com

SEC Consult Security Advisory - SEC Consult has discovered an arbitrary code execution flaw in Joomla! version 1.5 beta 2.

tags | exploit, arbitrary, code execution
SHA-256 | 27257772ee84bdb082f3c8d0b36b605e8ca0215067cd5b2505a0b873391955c4
SA-20070509-0.txt
Posted May 10, 2007
Authored by Johannes Greil | Site sec-consult.com

SEC Consult Security Advisory 20070509-0 - The Nokia Intellisync Mobile Suite is susceptible to cross site scripting, source code disclosure, and denial of service vulnerabilities. Details provided. Versions known vulnerable include 6.4.31.2, 6.6.0.107, and 6.6.2.2.

tags | exploit, denial of service, vulnerability, xss
SHA-256 | 51a25ba5752d84a5e2041a75ccb577608b5f1dc5ff208d33097a57a267d97907
SA-20070314-0.txt
Posted Mar 20, 2007
Authored by D. Matscheko | Site sec-consult.com

SEC Consult Security Advisory 20070314-0 - If the Apache HTTP Server and Tomcat are configured to interoperate with the common proxy modules (mod_proxy, mod_rewrite, mod_jk), an attacker might be able to break out of the intended destination path up to the webroot in Tomcat.

tags | exploit, web
advisories | CVE-2007-0450
SHA-256 | ae0accd7dd41279f8531f981d7995776526f842a5d6e404b34ae2a7019a86a97
SA-20070309-0.txt
Posted Mar 13, 2007
Authored by Bernhard Mueller, S.Streichbier | Site sec-consult.com

SEC-CONSULT Security Advisory 20070309-0 - Starting with version 5, MySQL provides access to the database metadata. When using functions that operate on strings in combination with subselects on information_schema tables and additional sorting of the results with the ORDER BY clause, a null-pointer dereferencation takes place causing a segmentation fault. This allows an attacker to crash the MySQL database. Versions below 5.0.37 are affected.

tags | advisory
SHA-256 | d00c6845f154920b81fdf6e0a349fb00b0670947308e18f0a2d4970997894dbb
SA-20070226-0.txt
Posted Mar 6, 2007
Authored by D. Matscheko | Site sec-consult.com

SEC Consult Security Advisory 20070226-0 - The 3rd party module Pagesetter for PostNuke is susceptible to a local file inclusion vulnerability. Versions 6.2.0 and 6.3.0 beta 5 are affected.

tags | exploit, local, file inclusion
SHA-256 | 575fbb65bb1e067007269f53fe512d45d47ee97dd535d2999d2ace632822781a
NSFOCUS-SA2006-08.txt
Posted Aug 28, 2006
Authored by Hu Qianwei | Site nsfocus.com

The NSFocus Security Team has discovered a buffer overflow in Internet Explorer 6.0SP1 which allows for remote code execution via an overly-long URL.

tags | advisory, remote, overflow, code execution
advisories | CVE-2006-3869
SHA-256 | 31fc275e9263e8f91f3d87e178c5156ac1db384edfb575d3dd5c89172145c2ef
NSFOCUS Security Advisory 2006.7
Posted Jul 28, 2006
Authored by NSFOCUS, Chen Qing | Site nsfocus.com

The NSFocus Security Team discovered a remote denial of service vulnerability in ISS RealSecure/BlackICE product lines' detection of the MailSlot Heap Overflow as discussed in MS06-035.

tags | advisory, remote, denial of service, overflow
advisories | CVE-2006-3840
SHA-256 | 5dfdf3223765450a2bdc73337631272e27ef28cafd53ac721bfcaa511b04ccf4
Secunia Security Advisory 21219
Posted Jul 28, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - NSFocus Security Team has reported a vulnerability in various RealSecure/BlackICE products, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | cc3d8fff0cd269c06cf032c90d12771b3062cded6170fd0ff17c287b51d8e768
NSFOCUS Security Advisory 2006.5
Posted Jul 13, 2006
Authored by NSFOCUS | Site nsfocus.com

NSFOCUS Security Advisory (SA2006-05) Microsoft Excel SELECTION Record Memory Corruption Vulnerability

tags | advisory
SHA-256 | 20fa71506e9a522ca77b91f7935e9f6ec81a7f164a36f14b2b8a997524831ec6
NSFOCUS Security Advisory 2006.6
Posted Jul 13, 2006
Authored by NSFOCUS | Site nsfocus.com

NSFOCUS Security Advisory (SA2006-06) Microsoft Excel COLINFO Record Buffer Overflow Vulnerability

tags | advisory, overflow
SHA-256 | c22fd01b6c574e789afe39373dcac66cd697690b15ce3a7a1c12b75d1fe25e72
Page 1 of 4
Back1234Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close