exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Linux 2.4 / 2.6 Privilege Escalation / Denial Of Service
Posted Feb 23, 2011
Site pre-cert.de

PRE-CERT Security Advisory - Both the 2.4 and 2.6 Linux kernels have multiple vulnerabilities. A buffer overflow bug in mac_partition in fs/partitions/mac.c (for MAC partition tables) allows for a denial-of-service (kernel panic) condition via a corrupted MAC partition table. A division-by-zero bug in ldm_get_vblks in fs/partitions/ldm.c (for LDM partition tables) allows a denial-of-service (kernel oops) condition via a corrupted LDM partition table. A buffer overflow bug in ldm_frag_add in fs/partitions/ldm.c (for LDM partition tables) may allow escalation of privileges or disclosure of sensitive information via a corrupted LDM partition table.

tags | advisory, overflow, kernel, vulnerability
systems | linux
advisories | CVE-2011-1010
SHA-256 | ab0fe6ff6bc31bbaf5cc7f9b68d64070079062a5c296c403ff5d0954e13058cc

Related Files

Zero Day Initiative Advisory 12-138
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-138 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Business Objects Financial Consolidation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within CtAppReg.dll. In the Check function, there is a vulnerability in the handling of the username parameter. If an overly long string is used as the username, it can overwrite heap memory. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.

tags | advisory, remote, arbitrary
SHA-256 | 71f5cfb590cb170041ac772bc7eb8657757c72abff12510ade4581f83a51f776
Internet Explorer Script Interjection Code Execution
Posted Aug 17, 2012
Authored by Derek Soeder

The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.

tags | advisory, web, arbitrary, code execution, protocol
systems | windows
SHA-256 | 96288d159c287c058009d8e91825a92c22beb920a6169e740a20af44b919357b
Zero Day Initiative Advisory 12-136
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-136 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within how the application handles a malformed atom type when playing a movie encoded with uncompressed audio. When decoding the audio sample the application will use a 16-bit length for allocating a buffer, and a different one for initializing it. This can cause memory corruption which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-3220
SHA-256 | 279769476bb55b52fb4a1cfea0a3fa4d6c15f5a797a70b8f549cd186ec7efd2d
ICS-CERT Advisory - Tridium Niagara Issues
Posted Aug 17, 2012
Authored by ICS-CERT | Site ics-cert.org

ICS-CERT Advisory ICSA-12-228-01 - Independent security researchers Billy Rios and Terry McCorkle have identified multiple vulnerabilities in the Tridium Niagara AX Framework software. The vulnerabilities include directory traversal, weak credential storage, session cookie weaknesses, and predictable session IDs, all of which can be exploited remotely. All known versions of the Tridium Niagara AX Framework software products are susceptible to these vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-4027, CVE-2012-4028, CVE-2012-3025, CVE-2012-3024
SHA-256 | a321597efe4a62df5a3a2266cf1f16eb392c55adffe8c8fa35b7747b79ea649b
ShopperPress WordPress Theme 2.7 Cross Site Scripting
Posted Aug 17, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

ShopperPress WordPress theme version 2.7 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 491c4ea2642b413280ac3851a6e53813f20e256059abdc11931d3d115eea5543
ShopperPress WordPress Theme 2.7 SQL Injection
Posted Aug 17, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

The ShopperPress WordPress theme version 2.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ed35edb8650c19623a01a17b915ca31339739c6d58d3e1a859b296896830b99d
Secunia Security Advisory 50289
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the RSVPMaker plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 1308c5365a8a6322182004b702e1cffdb5aa396feec096ae18a853239f2a9478
Windows Service Trusted Path Privilege Escalation
Posted Aug 15, 2012
Authored by sinn3r | Site metasploit.com

This Metasploit module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:\program files\hello.exe; The Windows API will try to interpret this as two possible paths: C:\program.exe, and C:\program files\hello.exe, and then execute all of them. To some software developers, this is an unexpected behavior, which becomes a security problem if an attacker is able to place a malicious executable in one of these unexpected paths, sometimes escalate privileges if run as SYSTEM. Some softwares such as OpenVPN 2.1.1, or OpenSSH Server 5, etc... all have the same problem.

tags | exploit
systems | windows
SHA-256 | 13ee2928c651d3a5639e180e5f2cafa4d077977aeeeb2da9a34de919ec969a8e
Sydbox Sandbox 0.7.6
Posted Aug 14, 2012
Authored by Ali Polatel | Site projects.0x90.dk

Sydbox is a ptrace-based sandbox implementation. It intercepts system calls, checks for allowed filesystem prefixes, and denies them when checks fail. It has basic support for disallowing network connections. It has basic support to sandbox execve calls. It is based in part on catbox and strace.

Changes: This is a maintenance release addressing a few issues. Note that no few features are going to be added to sydbox-0.
tags | tool
systems | unix
SHA-256 | 3c758c94c86c4ac72895c9fdaefa767f6b9256d8e658c5b70a850133a119c72b
Entropy Broker RNG 1.0.1
Posted Aug 14, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: This is an important bugfix release. This version replaces the ivec initializer code with something more sensible.
tags | encryption
systems | linux
SHA-256 | e505291a3ada9f1ba3928113fa70f9f79bfc771b2fe8e20560d612d5c64beb5b
Ubuntu Security Notice USN-1527-1
Posted Aug 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1527-1 - It was discovered that Expat computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources. Tim Boddy discovered that Expat did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. This issue only affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04 and 11.10. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2012-0876, CVE-2012-1148, CVE-2012-0876, CVE-2012-1148
SHA-256 | c3584e3aa4d3cbb82dcc486580cc91f457a48e7ca032d71f17b0d2dc8c8edb29
Passwords^12 Call For Presentations
Posted Aug 13, 2012
Authored by Per Thorsheim

The Passwords^12 Call For Presentations has been announced. It will be held at the University of Oslo (Norway) December 3rd through the 5th, 2012.

tags | paper, conference
SHA-256 | b22177219b2df9e74a0cd122fe1ebfc286c7578564e0f26ab3dbfd71aab4ac78
Secunia Security Advisory 50217
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Mz-jajak plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | ce183014f7a7034ef08b820c44de5dba4b085aa24a0e0ecc694575a83631fcac
WordPress Mz-Jajak 2.1 SQL Injection
Posted Aug 11, 2012
Authored by StRoNiX

WordPress third party plugin Mz-jajak versions 2.1 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 51b5a3e5fbb049ef9ed0a0da87e3242197a6526dbb1c51c5fa9bb3f9b7d8d988
Mandriva Linux Security Advisory 2012-129-1
Posted Aug 11, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-129 - The decompress function in ncompress allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. A missing DHCP option checking / sanitization flaw was reported for multiple DHCP clients. This flaw may allow DHCP server to trick DHCP clients to set e.g. system hostname to a specially crafted value containing shell special characters. Various scripts assume that hostname is trusted, which may lead to code execution when hostname is specially crafted. Additionally for Mandriva Enterprise Server 5 various problems in the ka-deploy and uClibc packages was discovered and fixed with this advisory. The updated packages have been patched to correct these issues. The wrong set of packages was sent out with the MDVSA-2012:129 advisory that lacked the fix for CVE-2006-1168. This advisory provides the correct packages.

tags | advisory, remote, denial of service, arbitrary, shell, code execution
systems | linux, mandriva
advisories | CVE-2006-1168, CVE-2011-2716
SHA-256 | c7875eb533c9d6beb3425c1a97fe6ed841b9a1c6086b68f13fd555c85ebb7760
Mandriva Linux Security Advisory 2012-129
Posted Aug 11, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-129 - The decompress function in ncompress allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. A missing DHCP option checking / sanitization flaw was reported for multiple DHCP clients. This flaw may allow DHCP server to trick DHCP clients to set e.g. system hostname to a specially crafted value containing shell special characters. Various scripts assume that hostname is trusted, which may lead to code execution when hostname is specially crafted. Additionally for Mandriva Enterprise Server 5 various problems in the ka-deploy and uClibc packages was discovered and fixed with this advisory. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, arbitrary, shell, code execution
systems | linux, mandriva
advisories | CVE-2006-1168, CVE-2011-2716
SHA-256 | 741a2545d765d1e9854cdcbf178dc20b6ca0f8fc1357ad76b6a268fa5cadabc4
WordPress Quick Post Widget 1.9.1 Cross Site Scripting
Posted Aug 10, 2012
Authored by Stefan Schurtz

WordPress Quick Post Widget version 1.9.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2012-4226
SHA-256 | c53903954e7e0f91b85b053b9af5e6097aaa459c1caeadd1de76de9bde6c66de
Mandriva Linux Security Advisory 2012-128
Posted Aug 9, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-128 - A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names and evaluating /dev/fd file names in conditional command expressions. A remote attacker could provide a specially-crafted Bash script that, when executed, would cause the bash executable to crash. Additionally the official patches 011 to 037 for bash-4.2 has been applied which resolves other issues found, including the CVE-2012-3410 vulnerability.

tags | advisory, remote, overflow, shell, bash
systems | linux, mandriva
advisories | CVE-2012-3410
SHA-256 | ded651ae3fb8a40f05143e18cd58c2e666fadd104e5caa2a2f8e3f23bba5151f
Secunia Security Advisory 50207
Posted Aug 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - loneferret has reported a vulnerability in the Postie plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 9104eb2fe16306c11ec227c41c5d34b5455bd5076fcbee6902d7b238037f7853
Secunia Security Advisory 50208
Posted Aug 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - loneferret has reported some vulnerabilities in the SimpleMail plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | f83e5e65043670becdc42a9b437540aa6f27a980121590167a6dcb2bdef541bf
WooPress 1 Cross Site Scripting
Posted Aug 9, 2012
Authored by HTTPCS

WooPress version 1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7d829316b32e0a714755ff85554d5e49923fa765127f8b35008b849edfe43107
Entropy Broker RNG 1.0
Posted Aug 7, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: EGD client now fully implements the EGD protocol. A network protocol fix was implemented.
tags | encryption
systems | linux
SHA-256 | 76ca25d4f7c84938b67595662b7b2a2ccc1f026c5fd38878da67d399c829206c
Secunia Security Advisory 50176
Posted Aug 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the Vitamin plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.

tags | advisory, vulnerability
SHA-256 | 1e6925f6212da54846413366e7e3b4d07d6ebfec345eb2ac14ed9d043180c5dd
Secunia Security Advisory 50161
Posted Aug 6, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in the Featured Post with thumbnail plugin for WordPress.

tags | advisory
SHA-256 | 8fe95c8e80b2cecde85a6e3478176cfe6c1c0058ba329781caa0c0e302963b58
Secunia Security Advisory 50166
Posted Aug 6, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in the WP Lead Management plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | 621e4d11e8f52beb3c8001b1ec8daf4dad03ba1d03e991be2502975091df60c9
Page 1 of 4
Back1234Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close