exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 47 RSS Feed

Files Date: 2011-03-30

Cisco Security Advisory 20110330-acs
Posted Mar 30, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability exists in some Cisco Secure Access Control System (ACS) versions that could allow a remote, unauthenticated attacker to change the password of any user account to any value without providing the account's previous password. Successful exploitation requires the user account to be defined on the internal identity store. This vulnerability does not allow an attacker to perform any other changes to the ACS database. That is, an attacker cannot change access policies, device properties, or any account attributes except the user password. Cisco has released free software updates that address this vulnerability. There is no workaround for this vulnerability.

tags | advisory, remote
systems | cisco
advisories | CVE-2011-0951
SHA-256 | 6b27a6d0350503c5eb2d868879d677892bb126cfaeb81bd45854c169f2040d76
iCloudCenter JobSite PHP Script SQL Injection
Posted Mar 30, 2011
Authored by RoAd_KiLlEr

iCloudCenter JobSite PHP Script version 1.1 suffers from a remote SQL injection vulnerability. The author of this software claims this only affects the demo version.

tags | exploit, remote, php, sql injection
SHA-256 | b509650023b641912535c258e64650b697b206ea7fc1b25224162e1970514f73
HT Editor 2.0.18 Stack Overflow
Posted Mar 30, 2011
Authored by ZadYree

HT Editor versions 2.0.18 and below file opening stack overflow exploit.

tags | exploit, overflow
SHA-256 | 606c05d66ce0b264b537d3064e14cdd8c31c5369f64587f21351ba4018f04a4f
Andy's PHP Knowledgebase 0.95.2 SQL Injection
Posted Mar 30, 2011
Authored by Mark Stanislav

Andy's PHP Knowledgebase version 0.95.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
advisories | CVE-2011-1546
SHA-256 | ef98675a17d9e48efecc788efee692612e97e35a67ea1472dbd238994394fa08
Debian Security Advisory 2208-1
Posted Mar 30, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2208-1 - It was discovered that BIND, a DNS server, contains a race condition when processing zones updates in an authoritative server, either through dynamic DNS updates or incremental zone transfer (IXFR). Such an update while processing a query could result in deadlock and denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2011-0414
SHA-256 | 8e452dea246304cace57360967f3dd35c2135af4917dc90c3899c242b7d570fd
PHPBoost 3.0 Remote Backup Download
Posted Mar 30, 2011
Authored by KedAns-Dz

PHPBoost version 3.0 suffers from a remote backup download vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | ef1574e2e3c50a6b9c92f75f53d0b32ddd0539433aaa7cc5f36a70142127fb52
Cisco Security Advisory 20110330-nac
Posted Mar 30, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Network Access Control (NAC) Guest Server system software contains a vulnerability in the RADIUS authentication software that may allow an unauthenticated user to access the protected network. Cisco has released free software updates that address this vulnerability.

tags | advisory
systems | cisco
advisories | CVE-2011-0963
SHA-256 | 268896624ef8d94224345a2976b3904c9920e2396783d1d556ab4bccf7dc55e9
EMC NetWorker Module Arbitrary Code Execution
Posted Mar 30, 2011
Site emc.com

A vulnerability exists in EMC Replication Manager which is embedded in NetWorker Module for Microsoft Applications (NMM). The vulnerability may allow arbitrary code execution on vulnerable installations of the product. Versions affected include EMC NetWorker Module for Microsoft Applications 2.1.x / 2.2.x.

tags | advisory, arbitrary, code execution
advisories | CVE-2011-0647
SHA-256 | 0bf8111e108fe2a222a6dfcc4cca63a04d783a161a247e687ec31c6cc9b95587
Faster Blind MySQL Injection Using Bit Shifting
Posted Mar 30, 2011
Authored by Jelmer de Hen | Site h.ackack.net

This is a brief whitepaper called Faster Blind MySQL Injection Using Bit Shifting.

tags | paper, sql injection
SHA-256 | 0b29a9d07c2c7fc32795bd6b3d988ecd3c3db65a90e7ddf57718b11ea059557f
Pligg CMS 1.1.3 Privilege Escalation / Access Bypass
Posted Mar 30, 2011
Authored by Jelmer de Hen | Site h.ackack.net

Pligg CMS version 1.1.3 suffers from multiple vulnerabilities including access bypass and privilege escalation.

tags | exploit, vulnerability
SHA-256 | c1af8e08548aacff946f9da3d38e8b81d5f8417db51630d93356e356eff7aade
GOM Player 2.1.28.5039 Denial Of Service
Posted Mar 30, 2011
Authored by BraniX

GOM Player version 2.1.28.5039 .avi file denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | a65170b17064f05b9668b27442d562f008b2845f955722fe8ce92128181272b7
Windows Explorer 6.0.2900.5512 Denial Of Service
Posted Mar 30, 2011
Authored by BraniX

Windows Explorer version 6.0.2900.5512 Shmedia.dll denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | windows
SHA-256 | a1d2fba0f7f0303c28217474ca8647a21575b64ab79d031f04bb705463ed5902
Winamp 5.61 Denial Of Service
Posted Mar 30, 2011
Authored by BraniX

Winamp version 5.61 .avi file denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | d7eded42258ccb7867ed395d6417cc61e79d5258f8a9c0196eae0fa65812e8ba
Media Player Classic Home Cinema 1.5.0.2827 Denial Of Service
Posted Mar 30, 2011
Authored by BraniX

Media Player Classic Home Cinema version 1.5.0.2827 .avi file denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 4a8479701be1e39559db199ef5f1049c2f021a8e5944e204666ddd282d0636c1
Zend Java Bridge Remote Code Execution
Posted Mar 30, 2011
Authored by Luca Carettoni

Zend Java Bridge version 3.1 remote code execution exploit that takes advantage of a specific flaw in the javamw.jar service.

tags | exploit, java, remote, code execution
SHA-256 | 5b230d5d0d8b69815ef55baf27ebfe72e28fd2c2e03ebc062420fdb5fcd6d19e
YaCOMAS 0.3.6 Alpha Disclosure / Cross Site Scripting
Posted Mar 30, 2011
Authored by ProfEsOr X

YaCOMAS version 0.3.6 suffers from information disclosure and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | 710e28c10c2296f4c8a8b857c4cd66e7933b6428b3716d8ed856057f91b589da
CosmoQuest SQL Injection
Posted Mar 30, 2011
Authored by Net.Edit0r

CosmoQuest suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | cdb6b3dfcff09aa7e0f16347c50028ee2aabac05697ca7308b35e034551842a8
Bigace 2.7.5 Arbitrary File Upload
Posted Mar 30, 2011
Authored by Net.Edit0r

Bigace version 2.7.5 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | 57a9cc07f24f285760467f7c127d2f846400654d5aef4c21e1d8634352d61a17
IrIran Shopping Script SQL Injection
Posted Mar 30, 2011
Authored by Net.Edit0r

IrIran Shopping Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bfa74863454352adb2efaeae6ae22c92436deb4c31e69a0b6fafb19fc870fde1
Snortalog Snort Log Summarizer 2.4.3
Posted Mar 30, 2011
Authored by Jeremy Chartier | Site jeremy.chartier.free.fr

Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.

Changes: This release brings new features like TippingPoint, Netscreen, and CheckPoint R70 & R71 logs detection. The GUI works with the latest GD libraries to improve Windows compatibility.
tags | tool, perl, sniffer
systems | linux
SHA-256 | fac3e4e9a7358940293fb0676f4ff1496e7c05c74c2dfe05897988d1447c3676
Minveli SQL Injection
Posted Mar 30, 2011
Authored by eXeSoul

Minveli suffers from multiple remote SQL injection vulnerabilities in index_1.php and inner.php.

tags | exploit, remote, php, vulnerability, sql injection
SHA-256 | 41b1fe03950607d6b855375dc7a529904bbbb4d5102bf7794b4dc805ce5dcb92
Mandriva Linux Security Advisory 2011-056
Posted Mar 30, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-056 - chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server. bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name, which allows remote attackers to bypass intended access restrictions via an arbitrary password. modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service via a relative Distinguished Name that contains an empty value for the OldDN field. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, arbitrary, root
systems | linux, mandriva
advisories | CVE-2011-1024, CVE-2011-1025, CVE-2011-1081
SHA-256 | ace7fafa9471fca6031d43a03d644b937b041bcea223a3fb3b08278136c49d2e
Mandriva Linux Security Advisory 2011-055
Posted Mar 30, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-055 - chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server. modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service via a relative Distinguished Name that contains an empty value for the OldDN field.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-1024, CVE-2011-1081
SHA-256 | 8591f032eba2c88f1210d71b7a0f3e560b564e03862df761b4a2e8e43b8e0cdb
Grapecity DataDynamics Report Library 1.6.1871.61 Cross Site Scripting
Posted Mar 30, 2011
Authored by Dave Daly

Grapecity DataDynamics Report Library versions 1.6.1871.61 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a22a8c2b6b70131ce3b4225ba88dc0ab77792b84394c64a663c7b4b21c85a45b
VMware Security Advisory 2011-0006
Posted Mar 30, 2011
Authored by VMware | Site vmware.com

VMware Security Advisory 2011-0006 - The VMware vmrun utility is susceptible to a local privilege escalation in non-standard configurations.

tags | advisory, local
advisories | CVE-2011-1126
SHA-256 | 069d709991feb1e78d30ec92cec7f28dd116782787338066a58527dd30e9ea96
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close