what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Apple iTunes 9.00.70 / 9.2.15 Cross Site Scripting
Posted Aug 3, 2010
Authored by Ivan Sanchez

It appears that the Apple iTunes store suffers from some cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
systems | apple
SHA-256 | cea29e6f10dad1c17233c2a38a026ad5917bd5354aa1ce529ab4b1371f721548

Related Files

e-Biz Technocrats Pvt.Ltd SQL Injection
Posted May 29, 2023
Authored by K1LL3rB4LL

It appears that sites designed by e-Biz Technocrats Pvt.Ltd suffer from a remote SQL injection vulnerability. As they do not provide any sort of versioning with their offerings, the researcher was unable to provide affected versions. Versions as of May 11, 2023 were affected.

tags | exploit, remote, sql injection
SHA-256 | 92cf79073e5009f343666e2a43e0a350c61dd730a3d354ea6bc3bd1d42f1ee8d
Corona Exposure Notifications API Data Leakage
Posted Sep 30, 2020
Authored by Dirk-Willem van Gulik

It appears that the corona virus Exposure Notifications API for iOS and Android may have a data leakage issue.

tags | exploit, virus, info disclosure
systems | ios
advisories | CVE-2020-24721
SHA-256 | 8e18dbc56574e080e742895300d9e809339058ef58eb5d6a3369cb6d7a66780a
Tor Linux Sandbox Breakout Via X11
Posted Sep 7, 2017
Authored by Jann Horn, Google Security Research

It appears that you can still talk to X11 outside of the Tor sandbox.

tags | exploit
SHA-256 | 4c74b825d9915b9cc074df48d3f4271e40284d7921ed32acb27be0ca67936611
Unrar VMSF_DELTA Arbitrary Memory Write
Posted Jun 21, 2017
Authored by Thomas Dullien, Google Security Research

It appears that the VMSF_DELTA memory corruption that was reported to Sophos AV in 2012 (and fixed there) was actually inherited from upstream unrar. For unknown reasons, whoever fixed the bug did not report this to upstream unrar, and the bug seems to have persisted there to this day.

tags | exploit
SHA-256 | 3b8acd8becd11c0b8cca739d5aa19f140cbee2a41f1ddb62a46f97e63d344ea2
Mandriva Linux Security Advisory 2014-221
Posted Nov 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-221 - Although Mandriva forgot to include a problem description in this advisory, it appears that their latest packages for php-smarty may have address cross site scripting and code execution vulnerabilities.

tags | advisory, php, vulnerability, code execution, xss
systems | linux, mandriva
advisories | CVE-2012-4437, CVE-2014-8350
SHA-256 | 7cbd232472b3b573ab03123f0ac49ea2ed2fdb427ad187747ab9a0211410bd37
Oracle Enterprise Manager advReplicationAdmin Cross Site Scripting
Posted Feb 23, 2013
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - It appears that /em/console/database/dist/advRepl/advReplicationAdmin in Oracle Enterprise Manager suffers from multiple cross site scripting vulnerabilities. Versions affected include Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.2, 11.2.0.3.

tags | advisory, vulnerability, xss
advisories | CVE-2013-0355
SHA-256 | 2792aa7ae5419664ab0b71553d18effc0c29b4e0fc48bb1b6aed69cf14d1a326
Google EveryWhereReward.com Trust Issue
Posted Jan 9, 2013
Authored by Warning

It appears that Google Wallet may share you information with EveryWhereReward.com, who in turn keeps it eternally.

tags | advisory, info disclosure
SHA-256 | 5edf5546c420caa6f44f33049092f514cc7afff8025d13bb4f4f5990e6450979
PayPal Cross Site Scripting
Posted Oct 2, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

It appears that multiple cross site scripting vulnerabilities were discovered in PayPal.com.

tags | exploit, vulnerability, xss
SHA-256 | f5239e9a4f5906c6ed51aa1c2f017f03fb91b576f0133a33b8ab8219f2ba8a70
iTunes Extended M3U Stack Buffer Overflow
Posted Jun 21, 2012
Authored by Rh0 | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in iTunes 10.4.0.80 to 10.6.1.7. When opening an extended .m3u file containing an "#EXTINF:" tag description, iTunes will copy the content after "#EXTINF:" without appropriate checking from a heap buffer to a stack buffer and write beyond the stack buffers boundary. This allows arbitrary code execution. The Windows XP target has to have QuickTime 7.7.2 installed for this module to work. It uses a ROP chain from a non safeSEH enabled DLL to bypass DEP and safeSEH. The stack cookie check is bypassed by triggering a SEH exception.

tags | exploit, overflow, arbitrary, code execution
systems | windows
SHA-256 | 9ae85a7f65f089284af05d455b2e76edf1411cf55e1aa37c56ec9d74328747ac
Ubuntu Security Notice USN-1475-1
Posted Jun 16, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1475-1 - Georgi Guninski discovered that APT relied on GnuPG argument order and did not check GPG subkeys when validating imported keyrings via apt-key net-update. While it appears that a man-in-the-middle attacker cannot exploit this, as a hardening measure this update adjusts apt-key to validate all subkeys when checking for key collisions.

tags | advisory
systems | linux, ubuntu
SHA-256 | c54f5098644121f79f786d26ee2e5582a8bb132ca826107fde250acc9dfdaa18
NEC Backdoor Administrative Account
Posted May 12, 2012
Authored by Djamshut Saarash

It appears that high performance servers from NEC suffer from a hard-coded administrative account that can manipulate memory.

tags | exploit
SHA-256 | eb4272908d1ad7c1709578a39de60f3cbe679c413cb078dd31662645958fdcb3
WordPress Dump Exposure
Posted May 14, 2011
Authored by John Jacobs

It appears that many WordPress instances may have publicly available dumps of their content due to the use of DB-XML.

tags | advisory
SHA-256 | 9e1622627609edfbfe1bc0d8c1e1634ca7e13cdb14ab9ad062d510e915277088
HP MSA2000 G3 Backdoor
Posted Dec 13, 2010

It appears that the HP MSA2000 G3 may have a hardcoded admin account backdoor.

tags | exploit
SHA-256 | 5693ad888ffbeb2a3080f85bf7cbfdabba3178387f4a6f8d1f51b2f6cd45aa25
Multiple Browser Wildcard Cerficate Validation Weakness
Posted Aug 28, 2010
Authored by Richard Moore

It appears that many browsers will gladly accept wildcard certificates for IP addresses versus expecting proper domain names for the CN. This is,.. well, very interesting and violates RFC 2818.

tags | advisory
SHA-256 | 469285a2d833d9b4bcd7b10c8a68f5c5ca09223404f03c1675b62b8780642ca2
Facebook Information Leak
Posted Aug 13, 2010
Authored by Atul Agarwal, Rishabh Singla

When providing a valid email address to Facebook, it appears that there are multiple ways to extract a person's real name and picture.

tags | exploit
SHA-256 | 10afb8696d72cbe51544584ade1e0b09ddb4013dba0b300b96a9dd0c78ef32fd
Samba chain_reply Memory Corruption (Linux x86)
Posted Jul 17, 2010
Authored by jduck | Site metasploit.com

This exploits a memory corruption vulnerability present in Samba versions prior to 3.3.13. When handling chained response packets, Samba fails to validate the offset value used when building the next part. By setting this value to a number larger than the destination buffer size, an attacker can corrupt memory. Additionally, setting this value to a value smaller than 'smb_wct' (0x24) will cause the header of the input buffer chunk to be corrupted. After close inspection, it appears that 3.0.x versions of Samba are not exploitable. Since they use an "InputBuffer" size of 0x20441, an attacker cannot cause memory to be corrupted in an exploitable way. It is possible to corrupt the heap header of the "InputBuffer", but it didn't seem possible to get the chunk to be processed again prior to process exit. In order to gain code execution, this exploit attempts to overwrite a "talloc chunk" destructor function pointer. This particular module is capable of exploiting the flaw on x86 Linux systems that do not have the nx memory protection. NOTE: It is possible to make exploitation attempts indefinitely since Samba forks for user sessions in the default configuration.

tags | exploit, x86, code execution
systems | linux
advisories | CVE-2010-2063
SHA-256 | 62e4dbdef10ca045ef1ec88681d7b84288ebd9bf3ef44718fc8ad5724142a978
Facebook App TVShowChat SQL Injection
Posted Apr 6, 2010
Authored by Inj3ct0r

It appears that the TVShowChat application on Facebook.com suffered from a remote SQL injection vulnerability. The application has since been taken down.

tags | exploit, remote, sql injection
SHA-256 | fdd4d3bc9a22def962946d4743f10de1c591f2da9a57ada4f9a7ed4b2a433b70
Apple iTunes Privilege Escalation
Posted Apr 1, 2010
Authored by Jason Geffner | Site ngssoftware.com

This paper discusses how an unprivileged local attacker can elevate their privileges during an initial installation or update of iTunes for Windows. This vulnerability was responsibly disclosed to Apple Inc. and this advisory was not released until a fixed build of iTunes was released.

tags | advisory, local
systems | windows, apple
advisories | CVE-2010-0532
SHA-256 | 08157a8dd7cfd5cb407ffa0138623559421da7fed35cdf32b494e3edc81120bf
ACM.org Information Disclosure
Posted Feb 19, 2010
Authored by the hacker

It appears that acm.org suffers from a serious data leak and may be ignoring it.

tags | advisory, info disclosure
SHA-256 | 8e6b09b62e771606ad867f018b1b74c049773aab72fa56fc8c39418f207a5b4e
iTunes 9.0 Buffer Overflow
Posted Feb 17, 2010
Authored by S2 Crew

iTunes file handling local buffer overflow exploit that creates a malicious .pls file. Affects version 9.0 on Mac OS X.

tags | exploit, overflow, local
systems | apple, osx
advisories | CVE-2009-2817
SHA-256 | 0d3d25fbf64ab5c281bc87376978e384c6e0c60f12194baa9a83445c36bdde3f
Apple iTunes 8.1.x Buffer Overflow
Posted Jan 14, 2010
Authored by His0k4, Simo36

Apple iTunes 8.1.x (daap) remote buffer overflow exploit that binds a shell to port 4444.

tags | exploit, remote, overflow, shell
systems | apple
advisories | CVE-2009-0950
SHA-256 | 2bb5bfe2e71d4174f29903dbbe4432af6a53097f6a819366afce1e705044cd72
VMWare Insecure Permissions
Posted Jan 7, 2010
Authored by dd

It appears that the VMWare server installer may fail to set the umask and/or file permissions upon installation.

tags | advisory
SHA-256 | ab3baa2673ce5d2da033a24d3862de9f64c2ea0e93bffed05160a6e08193f759
Invision Power Board Attachment Cross Site Scripting
Posted Dec 15, 2009
Authored by MustLive

It appears that additional cross site scripting vulnerabilities exist in Invision Power Board using attachments as the attack vector.

tags | exploit, vulnerability, xss
SHA-256 | 0410b79cf1637134c338f223f7f5300378581aaf14f4b5f5ec19b70839c13d75
GeN3 1.4 SQL Injection
Posted Dec 10, 2009
Authored by u.f

It appears that the recently discovered vulnerability in GeN3 version 1.3 also works against GeN3 version 1.4.

tags | exploit, sql injection
SHA-256 | f129b156270f9e9b305e018efa6a922f749a8f8c21c27ca416a0d76f8945d15c
/proc Filesystem Directory Permission Bypass
Posted Oct 23, 2009
Authored by Pavel Machek

It appears that manipulation of file descriptors via /proc can circumvent permissions on parent directories of the file.

tags | exploit
SHA-256 | 1154b08bf5a16a661c449cdcc6299271c9f319623fdee15cd66341aec640f300
Page 1 of 4
Back1234Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close