exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

n.runs-SA-2007.027.txt
Posted Aug 25, 2007
Authored by Sergio Alvarez | Site nruns.com

A remotely exploitable vulnerability has been discovered in the file parsing engine of Sophos AntiVirus versions prior to 2.48.0. The bug exists during the file parsing of UPX packed files.

tags | advisory
SHA-256 | f395eb9a9a434a0d7874ad93774918496b0153b1768bc41f0d455f7356e396cc

Related Files

Asterisk Project Security Advisory - AST-2012-007
Posted May 29, 2012
Authored by Richard Mudgett | Site asterisk.org

Asterisk Project Security Advisory - A remotely exploitable crash vulnerability exists in the IAX2 channel driver if an established call is placed on hold without a suggested music class.

tags | advisory
advisories | CVE-2012-2947
SHA-256 | 58df312830538efb7064340b0ec5a2811f9dbc943e1ac2e4e461efa35a6bc391
Asterisk Project Security Advisory - AST-2012-006
Posted Apr 23, 2012
Authored by Matt Jordan | Site asterisk.org

Asterisk Project Security Advisory - A remotely exploitable crash vulnerability exists in the SIP channel driver if a SIP UPDATE request is processed within a particular window of time.

tags | advisory
SHA-256 | 2f5947f61b2053c1b2b1488965d4ff29d455c8f4c71b6f1e91940a3f62d70d5f
Procyon Core Server 1.06 Code Execution
Posted Oct 13, 2011
Authored by Knud | Site nsense.fi

nSense Vulnerability Research Security Advisory - The coreservice.exe process in Procyon core server versions 1.06 and below contains a remotely exploitable memory corruption flaw which allows for remote code execution. The affected component is coreservice.exe, which listens on port 23, running as SYSTEM. Sending a long string will trigger the overflow.

tags | advisory, remote, overflow, code execution
SHA-256 | 922acef938ae8deb176229f5e0792d09103f2de6f8e5b7312b17de91b92ff373
Adobe Reader U3D CLODMeshDeclaration Shading Count Buffer Overflow
Posted Apr 16, 2010
Authored by TELUS Security Labs | Site telussecuritylabs.com

A remotely exploitable vulnerability has been discovered in Adobe Acrobat Reader for Linux. Specifically, the vulnerability is due to an integer overflow when processing the "Shading Count" field in the CLOD Mesh Declaration block, which may lead to a heap based buffer overflow and execution of arbitrary code. Adobe Systems Acrobat Reader versions 8.1.6, 9.2 and 9.3 for Linux are all affected.

tags | advisory, overflow, arbitrary
systems | linux
advisories | CVE-2010-0196
SHA-256 | f385ef95e1573ac6a4f3c822fd3e9df546151e7422ff23e8cba084c3366032a6
Motorola Milestone (Droid) Smartphone Denial Of Service
Posted Feb 8, 2010
Authored by David "Aesthetico" Vieira-Kurz | Site majorsecurity.de

A remotely exploitable vulnerability has been found in the JavaScript Engine of the MobileSafari Browser(based on Webkit Engine) used on the Motorola Milestone(droid) smartphone. Proof of concept code included.

tags | exploit, javascript, proof of concept
SHA-256 | 3941ff0ec4b456ffb326af42a123bd9dc562135996b539830bbc13b661f15ffe
Apple Safari 4.0.4 Denial Of Service
Posted Feb 5, 2010
Authored by David "Aesthetico" Vieira-Kurz | Site majorsecurity.de

A remotely exploitable denial of service vulnerability has been found in the JavaScript Engine of the Apple Safari Browser (based on Webkit Engine). Versions 4.0.4 and below are affected.

tags | exploit, denial of service, javascript
systems | apple
SHA-256 | 2ba0632affdabfa20b35111f8625aedb43e2d6d6e35ec2a3b193de81c3c476b8
Debian Linux Security Advisory 1970-1
Posted Jan 14, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1970-1 - It was discovered that a significant memory leak could occur in openssl, related to the reinitialization of zlib. This could result in a remotely exploitable denial of service vulnerability when using the Apache httpd server in a configuration where mod_ssl, mod_php5, and the php5-curl extension are loaded.

tags | advisory, denial of service, memory leak
systems | linux, debian
advisories | CVE-2009-4355
SHA-256 | 9749f4b5342fe7276702d2012abb05c19cc70639bcbead7ea8ba625ddd558a15
ACDSee XBM File Buffer Overflow
Posted Jan 9, 2010
Authored by TELUS Security Labs | Site telussecuritylabs.com

A remotely exploitable vulnerability has been discovered in multiple ACDSee Systems products. Specifically, the vulnerability is due to a boundary errorwhen processing XBM image files and can lead to a buffer overflow condition. This boundary error can allow attackers to inject and execute arbitrary code on the target host with the privileges of the logged-on user.

tags | advisory, overflow, arbitrary
SHA-256 | 8aaace2e9bab5ab6a9e82b4fcf0560c7187f33c5aaa7c2f48503f4c3e335d130
Mercur v5.0 IMAP SP3 SELECT Buffer Overflow
Posted Nov 26, 2009
Authored by Jacopo Cervini | Site metasploit.com

Mercur v5.0 IMAP server is prone to a remotely exploitable stack-based buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed size memory buffer. Credit to Tim Taylor for discover the vulnerability.

tags | exploit, overflow, imap
advisories | CVE-2006-1255
SHA-256 | c2b10d51d7fe81041b5773f98702a25cb43650d4819457d1ebaa769257273fc3
Core Security Technologies Advisory 2009.1027
Posted Nov 19, 2009
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - A remotely exploitable vulnerability was found in the database server core component of IBM SolidDB. Exploitation of this bug does not require authentication and will lead to a remotely triggered denial of service of the database service.

tags | exploit, denial of service
advisories | CVE-2009-3840
SHA-256 | d60d3c2c38ac6ce3b4aefe7d471cb28d7e8c9c48ff97cecb711f736e13685b6a
Core Security Technologies Advisory 2009.0814
Posted Nov 18, 2009
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - HP Openview Network Node Manager is one of the most widely-deployed network monitoring and management platforms used throughout enterprise organizations today. The platform includes many server and client-side core components with a long list of previously disclosed security bugs. In this case, a remotely exploitable vulnerability was found in the database server core component used by NNM. Exploitation of the bug does not require authentication and will lead to a remotely triggered denial of service of the internal database service. HP Openview NNM version 7.53 is affected.

tags | exploit, denial of service
advisories | CVE-2009-3840
SHA-256 | 7d534a7b0dbe0cbc5abd0d58b4d34abfed0c6b32115eace7c6021c6659df10e8
Adobe Acrobat Code Execution
Posted Oct 17, 2009
Authored by Alexios Fakos | Site nruns.com

A remotely exploitable vulnerability has been found in Adobe Acrobat Reader/Acrobat Firefox plugin. Versions 8.1.3 through 8.1.6 are affected.

tags | advisory
advisories | CVE-2009-2991
SHA-256 | 02dfa8f527d8d6db4d18a0236b10c85a02cc3272c626c753553d001851062481
Gentoo Linux Security Advisory 200909-13
Posted Sep 15, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200909-13 - A remotely exploitable off-by-one error leading to a heap overflow was found in irssi which might result in the execution of arbitrary code. Nemo discovered an off-by-one error leading to a heap overflow in irssi's event_wallops() parsing function. Versions less than 0.8.13-r1 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2009-1959
SHA-256 | 8c30e7cf2a056028c56305ab17916314108087e5d5877977b9da2741d2cb9a3f
Core Security Technologies Advisory 2009.0519
Posted Jul 8, 2009
Authored by Core Security Technologies, Diego Juarez | Site coresecurity.com

Core Security Technologies Advisory - Awakening's Winds3D Viewer, which runs as a plugin within most popular web browsers, is vulnerable to a remotely exploitable arbitrary command execution vulnerability which can be triggered by making the user visit a malicious link/website. Versions 3.5.0.0 and 3.0.0.5 are vulnerable.

tags | exploit, web, arbitrary
advisories | CVE-2009-2386
SHA-256 | 9678ea739c83991289267c1a44276a19199e2657a49fbf488df9eccc5dd96d31
CFNetwork Heap Buffer Overflow
Posted May 15, 2009
Authored by Moritz Jodeit | Site nruns.com

A remotely exploitable vulnerability has been found in the HTTP header parsing code of the CFNetwork framework.

tags | advisory, web
advisories | CVE-2009-0157
SHA-256 | 3cd844ab4b16ffea30d4bf56950667b6ccf6b6b2a12354c933cb59ebebbbebe9
IBM Tivoli Storage Manager Express Backup Heap Corruption
Posted Mar 11, 2009
Site assurent.com

A remotely exploitable vulnerability has been discovered in the backup service of IBM Tivoli Storage Manager server. Specifically, the vulnerability is due to improper memory handling when processing incoming client requests and can lead to heap corruption. This vulnerability can allow attackers to inject and execute arbitrary code on the target host with System or root privileges. The vulnerability has been confirmed in IBM Tivoli Storage Manager Express version 5.3.7.3.

tags | advisory, arbitrary, root
SHA-256 | d443091d0ed515e079807a635ea0ae6f542074d84d3ba127f39996a4cb60b047
Novell eDirectory Accept-Language Buffer Overflow
Posted Mar 2, 2009
Site assurent.com

A remotely exploitable vulnerability has been discovered in the iMonitor component of Novell eDirectory. Specifically, the vulnerability is due to a boundary error when processing incoming HTTP requests and can lead to a buffer overflow condition. This boundary error can allow attackers to inject and execute arbitrary code on the target host with System or root privileges.

tags | advisory, web, overflow, arbitrary, root
SHA-256 | 077aceb320e67ce659ef5fd16c675b9a733f6c13a16131a79e46761045a9364d
Oracle BEA WebLogic Server Apache Connector Buffer Overflow
Posted Jan 14, 2009
Site assurent.com

A remotely exploitable vulnerability has been discovered in the Apache Connector component of Oracle BEA WebLogic Server. Specifically, the vulnerability is due to a boundary error when processing incoming HTTP requests and can lead to a buffer overflow condition. This boundary error can lead to a Denial of Service (DoS) condition for the Apache HTTP server.

tags | advisory, web, denial of service, overflow
advisories | CVE-2008-5457
SHA-256 | c7c339b930f23c13f36b9129cc242c833a7716780cfe759fd4104eaed9ad7d62
Pardus Linux Security Advisory 2008.67
Posted Nov 8, 2008
Authored by Pardus Linux, Pardus

Pardus Linux Security Advisory 2008-67 - A remotely exploitable heap-based buffer overflow exists in libcaudio versions prior to 0.99.12-2-2.

tags | advisory, overflow
systems | linux
SHA-256 | 6273274b35ca23a850c3df31e3310cf18e41dbdfa85a0db467c45b6b489785d3
n.runs-SA-2008.004.txt
Posted Jul 29, 2008
Authored by Sergio Alvarez | Site nruns.com

A remotely exploitable vulnerability has been found in the files parsing engine of AVG Anti-Virus that allows for a denial of service condition.

tags | advisory, denial of service, virus
SHA-256 | f8e2a7eb9a49fe4f8b79d61199b96c1b7b9d40bb66a745ea0e808ffb49f17b4b
n.runs-SA-2007.026.txt
Posted Aug 25, 2007
Authored by Sergio Alvarez | Site nruns.com

A remotely exploitable vulnerability has been discovered in the file parsing engine of Sophos AntiVirus versions prior to 2.48.0. The bug exists during the file parsing of GZIP packed files.

tags | advisory
SHA-256 | a50fbe83aff42fb435ffdeec6ac4df970243b0ffb080ecbdcb6a6d6bb7f76910
ASA-2007-019.txt
Posted Aug 8, 2007
Authored by Wei Wang, Jason Parker | Site asterisk.org

Asterisk Project Security Advisory - The Asterisk Skinny channel driver, chan_skinny, has a remotely exploitable crash vulnerability. A segfault can occur when Asterisk receives a "CAPABILITIES_RES_MESSAGE" packet where the capabilities count is greater than the total number of items in the capabilities_res_message array. Note that this requires an authenticated session.

tags | advisory
SHA-256 | 6782bf2d6ac72f8bab74a44c546cf27f72e55a525d134e95c06a05a5ff82cc07
ASA-2007-017.txt
Posted Jul 18, 2007
Authored by Joshua Colp | Site asterisk.org

Asterisk Project Security Advisory - The Asterisk STUN implementation in the RTP stack has a remotely exploitable crash vulnerability. A pointer may run past accessible memory if Asterisk receives a specially crafted STUN packet on an active RTP port. The code that parses the incoming STUN packets incorrectly checks that the length indicated in the STUN attribute and the size of the STUN attribute header does not exceed the available data. This will cause the data pointer to run past accessible memory and when accessed will cause a crash.

tags | advisory
advisories | CVE-2007-3765
SHA-256 | bc0c39530df4dd18a6dbdcdc793f1561ba085d70afb011dfde1d4bdcb5f322af
ASA-2007-016.txt
Posted Jul 18, 2007
Authored by Jason Parker | Site asterisk.org

Asterisk Project Security Advisory - The Asterisk Skinny channel driver, chan_skinny, has a remotely exploitable crash vulnerability. A segfault can occur when Asterisk receives a packet where the claimed length of the data is between 0 and 3, followed by length + 4 or more bytes, due to an overly large memcpy. The side effects of this extremely large memcpy have not been investigated.

tags | advisory
advisories | CVE-2007-3764
SHA-256 | 950ae078a58d7241a19dc7a251b19e77edd52fcfa03de8eed1f658bf4850424b
ASA-2007-015.txt
Posted Jul 18, 2007
Authored by Russell Bryant | Site asterisk.org

Asterisk Project Security Advisory - The Asterisk IAX2 channel driver, chan_iax2, has a remotely exploitable crash vulnerability. A NULL pointer exception can occur when Asterisk receives a LAGRQ or LAGRP frame that is part of a valid session and includes information elements. The session used to exploit this issue does not have to be authenticated. It can simply be a NEW packet sent with an invalid username. The code that parses the incoming frame correctly parses the information elements of IAX frames. It then sets a pointer to NULL to indicate that there is not a raw data payload associated with this frame. However, it does not set the variable that indicates the number of bytes in the raw payload back to zero. Since the raw data length is non-zero, the code handling LAGRQ and LAGRP frames tries to copy data from a NULL pointer, causing a crash.

tags | advisory
advisories | CVE-2007-3763
SHA-256 | 82005035f0af5942ecb9961ae6e9407bfeadba79e2de888767b6b9905cdf838f
Page 1 of 4
Back1234Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close