what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 50 RSS Feed

Files Date: 2009-09-22

Hackers 2 Hackers Conference 6 Edition Call For Papers
Posted Sep 22, 2009
Site h2hc.com.br

Call For Papers for the Hackers to Hackers Conference - 6th Edition. It will take place in Sao Paulo, Brazil from November 28th through the 29th, 2009.

tags | paper, conference
SHA-256 | 469ae3fe29af2c91dd66d41da6e7fb6c1dc937e12ff729ef5fed2063e86a4e9f
SQL Injection Write Up In Indonesian
Posted Sep 22, 2009
Authored by Gonzhack

Brief whitepaper discussing SQL injection in MySQL. Written in Indonesian.

tags | paper, sql injection
SHA-256 | 19938f7e92bbeb6464cfd177e05a082c218aaa070c80f9de4fbf08073411fca5
Mambo / Joomla Tupinambis SQL Injection
Posted Sep 22, 2009
Authored by Don Tukulesto | Site indonesiancoder.com

The Tupinambis component for Joomla and Mambo suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8f9c47b107ef570f6821b127b73431516d3c15a9c8dc08abffedd56918eb7599
Joomla Facebook SQL Injection
Posted Sep 22, 2009
Authored by kaMtiEz | Site indonesiancoder.com

The Joomla Facebook component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3026069aa6ec898323f8e84927c491d17895b18a68998a3280e9c5fd4ae6e6c9
Share Zone SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

Share Zone suffers from a remote blind SQL injection vulnerability in view_news.php.

tags | exploit, remote, php, sql injection
SHA-256 | 386564f5996ff3a932fe3e634d35316e3125da0b59c9fdbda69641e3db52dd41
Mandriva Linux Security Advisory 2009-242
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-242-1 - Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632. This update provides a solution to this vulnerability. Packages for Enterprise 5 i586 were missing with the previous update. This update corrects this.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-3235
SHA-256 | 3ff703ae3b6e20dd33a5d12e7051dc9c952cc03eb15b2ecbb3c0c5bfeb7bb118
Toner Cart SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

Toner Cart suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2276d4722de39dbf5101ef6b72c84ccc1dbc8ea818fcefee966a073d818a95fc
Cosmetics Zone SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

Cosmetics Zone suffers from a remote blind SQL injection vulnerability in view_products.php.

tags | exploit, remote, php, sql injection
SHA-256 | 6df3f0628264641eeb879dae8555e2e94085cf17c72e227208c389ecf45f8d17
Mandriva Linux Security Advisory 2009-242
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-242 - Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632. This update provides a solution to this vulnerability.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-3235
SHA-256 | 80f351c6a3b26822c8b61e57555dc19e23273967fdd3cb21f93b646faea72c11
HP Security Bulletin HPSBUX02457 SSRT090174
Posted Sep 22, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Role-Based Access Control (RBAC). The vulnerability could be exploited locally to gain unauthorized access.

tags | advisory
systems | hpux
advisories | CVE-2009-2682
SHA-256 | 019989b49ce6e9db761784d54b631a10f8a2210a5c016c8697fe794a05e9f05a
MS-SQL Injection Tutorial
Posted Sep 22, 2009
Authored by Inj3ct0r | Site Inj3ct0r.com

MS-SQL injection tutorial written in Albanian.

tags | paper, sql injection
SHA-256 | 8ef07e5e29143b5b33639b6747fb8fc4954afc7a82ec26965349ba787f70a703
Mandriva Linux Security Advisory 2009-241
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-241 - The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function. This update provides a solution to this vulnerability.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-2855
SHA-256 | 623eaf0006230b0c85b75973d1611fb7bca874c479e83596a0129baf497e83cb
Mandriva Linux Security Advisory 2009-240
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-240 - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. This update provides a solution to these vulnerabilities.

tags | advisory, remote, web, denial of service, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-3094, CVE-2009-3095
SHA-256 | 0b99eeb4e7b9d6cf93ee6299bc687952ecf00f5bed79960082460b9c5160e084
BPLawyerCaseDocument 1.0 SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

BPLawyerCaseDocument version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 391bff34f543720222ec7510bdd4a27098efdd94f2cae7a0e058fceb593ef480
MMORPG Zone SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

MMORPG Zone suffers from remote blind SQL injection vulnerabilities in view_news.php and game.php.

tags | exploit, remote, php, vulnerability, sql injection
SHA-256 | 8e0578735d3bf7170d6e5f72a11adb0894967917d283555e2f7e02418aa86593
DVD Zone SQL Injection / Cross Site Scripting
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

DVD Zone suffers from remote blind SQL injection and cross site scripting vulnerabilities in view_mag.php.

tags | exploit, remote, php, vulnerability, xss, sql injection
SHA-256 | 0e9c99001e1b92819b3915f76dae3c93a5b8537b8b45263456c1584c048efadb
Joomla Sport Fusion 0.2.3 SQL Injection
Posted Sep 22, 2009
Authored by kaMtiEz | Site indonesiancoder.com

Joomla Sport Fusion component versions 0.2.2 through 0.2.3 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 820419e882fb63ce348cd32d832f13ea2aeba73056bf466dfab4e5939cb6413b
Alibaba Clone 3.0 SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

Alibaba Clone version 3.0 suffers from remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 199f65b87150b54348f0224b21c1b67478eead489ebf73ecf7ea9b059cb4f90d
GRAudit Grep Auditing Tool 1.2
Posted Sep 22, 2009
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Default signatures are now aimed at low hanging fruit. Documentation was improved. Bugs in graudit and signatures were fixed.
systems | unix
SHA-256 | fd668294add7e92f0178994cd6b27f09d6fabef89a1daf7529eb87bd31f18a0a
MaxWebPortal SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

MaxWebPortal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b708f460c07569f194cdec1a8415bb9900a06fea299f8919599c9247ab7e6730
Mandriva Linux Security Advisory 2009-239
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-239 - Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a fragment bug. The NSS library library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws the scope of this issue is currently limited because the amount of computation required is still large. This update provides a solution to these vulnerabilities.

tags | advisory, remote, denial of service, spoof, vulnerability
systems | linux, mandriva
advisories | CVE-2009-1379, CVE-2009-1387, CVE-2009-2409
SHA-256 | 93d724150f498b44ab15ee712c7c6741e7048e4a11d86450fd84461bd468cda1
Real Estate Script For Realtors SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

The Real Estate Script for Realtors suffers from a blind SQL injection vulnerability in view_listing.php.

tags | exploit, php, sql injection
SHA-256 | e3a5e2640e350cebea66c868f62a169cb9da91196389648db8766b5e9b82f162
HB CMS 1.7 SQL Injection
Posted Sep 22, 2009
Authored by Securitylab Security Research | Site securitylab.ir

HB CMS version 1.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | da268a8b9eaf5e7dcb12e250b564ac5e73451561cfacc11fa511335ad352de4f
BPMusic 1.0 SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

BPMusic version 1.0 suffers from blind SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
SHA-256 | 06122095d935d51585628722bf6a4659ea02c077d1ad3a816b81d5928f1e1a22
BPStudent 1.0 SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

BPStudent version 1.0 suffers from blind SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
SHA-256 | 37d2996ae18203d76573c4494295a36e4ab31f8ed3b038fb44fd3e9f145c1e4e
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close