what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2012-05-28

Symantec Web Gateway 5.0.2.8 Command Execution
Posted May 28, 2012
Authored by unknown, muts, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in Symantec Web Gateway's HTTP service. By injecting PHP code in the access log, it is possible to load it with a directory traversal flaw, which allows remote code execution under the context of 'apache'. Please note that it may take up to several minutes to retrieve access_log, which is about the amount of time required to see a shell back.

tags | exploit, remote, web, shell, php, code execution
advisories | CVE-2012-0297
SHA-256 | 65a7306dea41b299aa10904fe0da0ef4f8feaaf8b06f2b42c12431d74226ce63
ispVM System XCF File Handling Overflow
Posted May 28, 2012
Authored by unknown, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in ispVM System 18.0.2. Due to the way ispVM handles .xcf files, it is possible to cause a buffer overflow with a specially crafted file, when a long value is supplied for the version attribute of the ispXCF tag. It results in arbitrary code execution under the context of the user.

tags | exploit, overflow, arbitrary, code execution
advisories | OSVDB-82000
SHA-256 | dd306ebaa1dbb06e60f50cd822da5c809e6e45d3a3bec14bed35322b5703fd6a
Mandriva Linux Security Advisory 2012-082
Posted May 28, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-082 - Multiple vulnerabilities has been discovered and corrected in pidgin. A series of specially crafted file transfer requests can cause clients to reference invalid memory. The user must have accepted one of the file transfer requests. Incoming messages with certain characters or character encodings can cause clients to crash. This update provides pidgin 2.10.4, which is not vulnerable to these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2012-2214, CVE-2012-2318
SHA-256 | 8250736d53c4ff0aec14a41ffb644124cf6f919a74bff10c3a67955e6c661991
THC-Hydra 2.1 Tutorial
Posted May 28, 2012
Authored by MDH3LL

This is a tutorial on using THC-Hydra version 2.1. Written in Portuguese.

tags | paper
SHA-256 | e71cb404f49d35223cd71a6c6a7b8232e04fe44cd4cb72204cfa8868296caaa7
Security Vulnerabilities Of Digital Video Broadcast Chipsets
Posted May 28, 2012
Authored by Adam Gowdiak | Site security-explorations.com

This is a presentation called Security Vulnerabilities of Digital Video Broadcast Chipsets. It is from a talk given at the Hack In The Box security conference in Amsterdam in 2012.

tags | paper, vulnerability
SHA-256 | b5085e8431fb1a7e2bbeb1de39c969addc0919c9cb22fbe8c72602adfcfcf41b
Security Threats In Digital Satellite Television
Posted May 28, 2012
Authored by Adam Gowdiak | Site security-explorations.com

This is a presentation called Security Threats in the World of Digital Satellite Television. It is from a talk given at the Hack In The Box security conference in Amsterdam in 2012.

tags | paper
SHA-256 | 61103d4ce9bcf58777deab4ee4ff4c33b39828de0f9c1efaefc51fa159e8fffc
PBBoard 2.1.4 Local File Inclusion
Posted May 28, 2012
Authored by n4ss1m

PBBoard version 2.1.4 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 840dd61912dca2230c93d865025205fb5ad12c9b2ead84a1ac7013ffa24ea103
Topics Viewer 2.3 Local File Inclusion / SQL Injection
Posted May 28, 2012
Authored by n4ss1m

Topics Viewer version 2.3 suffers from local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
SHA-256 | 240295b4314ae057413639f66d3ca5596b799d870b2492f4e019413946b893f4
LibreOffice 3.5.3 FileOpen Crash
Posted May 28, 2012
Authored by shinnai | Site shinnai.altervista.org

LibreOffice version 3.5.3 suffers from a FileOpen crash denial of service condition when handling rtf files.

tags | exploit, denial of service
SHA-256 | a71da538901bbc0fa1d8228c151e5f1dd87314a31e0dae91254b0b30fc980d29
PHP Volunteer Management System 1.0.2 Cross Site Scripting / Shell Upload
Posted May 28, 2012
Authored by Ashoo

PHP Volunteer Management System version 1.0.2 suffers from cross site scripting and shell upload vulnerabilities.

tags | exploit, shell, php, vulnerability, xss
SHA-256 | 5dda1338ca319b4adddc456481f9f1b5cd07d77f0275192f85b5454e36568928
PHP Volunteer Management System 1.0.2 SQL Injection
Posted May 28, 2012
Authored by loneferret

PHP Volunteer Management System 1.0.2 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, sql injection
SHA-256 | bbef50f00f1004c0c3b40f947efc42c825c2517b868db7747f70bf88487f9451
Yamamah 1.1.0 Database Disclosure
Posted May 28, 2012
Authored by L3b-r1'z

Yamamah version 1.1.0 suffers from a database backup download vulnerability.

tags | exploit, info disclosure
SHA-256 | 9ba02db21a83e5a8efab01c2d4243ac6d3bea9948f0e4020890e7d14d7469e10
WinRadius 2009 Denial Of Service
Posted May 28, 2012
Authored by demonalex

WinRadius 2009 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 6d6ac4e2be7fb63e9e680889df21e507bc3a56f9b855b5f2704f8a6297d58047
Tftpd32 DNS 4.00 Denial Of Service
Posted May 28, 2012
Authored by demonalex

Tftpd32 DNS server version 4.00 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | ae64a094bcfcc8018eb6bfa205de45c996bbf7910049e67596d1e1c0a5e3c12c
Gentoo Linux Security Advisory 201205-04
Posted May 28, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201205-4 - Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 19.0.1084.52 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-3103, CVE-2011-3104, CVE-2011-3105, CVE-2011-3106, CVE-2011-3107, CVE-2011-3108, CVE-2011-3109, CVE-2011-3111, CVE-2011-3115
SHA-256 | ff3e26d594fbe9ebe0f7c6b33615b11c94efdd40088cde37f470df19d5578cc8
WHMCS Blind SQL Injection
Posted May 28, 2012
Authored by dx7r

WHMCS appears to suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
systems | linux
SHA-256 | ffc1a03fc3a0f290ac1373d8d574a5ef3822f230c1fccb7c08eebe2405c0db9f
Secunia Security Advisory 49274
Posted May 28, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in activeCollab, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 3211ab70f37249942237af9b8155774403abbde239cc63210991daf73c349fb3
Secunia Security Advisory 49313
Posted May 28, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two weaknesses have been reported in activeCollab, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | e10192ac30eb929306731b7e3b31fcfb16cdf2b251e11f954286a433f000d322
Secunia Security Advisory 49306
Posted May 28, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for chromium and v8. This fixes multiple vulnerabilities, where some have unknown impacts and others can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, gentoo
SHA-256 | ca3b1944abeb4290b34f68ff8de7c795d1422fd86ae146f5522af387d4b78b7d
Secunia Security Advisory 49300
Posted May 28, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VMware vMA, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | bad075b0c98097f9111dccbb27225e3a70c725278b9243d06d5522087ec0c044
Secunia Security Advisory 49294
Posted May 28, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in AzDGDatingMedium, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.

tags | advisory, vulnerability, xss
SHA-256 | 208c4c27cea86819ee8fcb4478bf68231e5eb3d6d7f71c7f0cfa678928c0e491
Secunia Security Advisory 49322
Posted May 28, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VMware vMA, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | 9dcdfa7332f4c0c2d1c5828c5e538961406a9b0403f77482d1889052ee8546d0
Secunia Security Advisory 49282
Posted May 28, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Seagate BlackArmor, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | d189fee91f25667fce724042289faee066d9469885f2e1d3426dccbda3bdfd0d
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close