exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 39 RSS Feed

Files Date: 2010-03-11 to 2010-03-12

Debian Linux Security Advisory 2013-1
Posted Mar 11, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2013-1 - Nahuel Grisolia discovered two vulnerabilities in Egroupware, a web-based may lead to the execution of arbitrary commands and a cross-site scripting vulnerability was discovered in the login page.

tags | advisory, web, arbitrary, vulnerability, xss
systems | linux, debian
SHA-256 | fc9cc8d0fc1587febf57a6248a4748717879740e917dd9930de52cc03dedcdf9
Mandriva Linux Security Advisory 2010-061
Posted Mar 11, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-061 - sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name. The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file that persists after the program exits. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.

tags | advisory, denial of service, arbitrary, local
systems | linux, mandriva
advisories | CVE-2010-0790, CVE-2010-0791
SHA-256 | 83a7c75f3efeeada265c070ec394bf9bf7567b6d73f909255f2c65e4899eb5ae
Zero Day Initiative Advisory 10-027
Posted Mar 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-027 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Skype. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists with how the OS web-browser passes command line arguments to Skype through the registered 'skype:' protocol handler. Insufficient sanity checking to the /datapath argument allows an attacker to construct a link that will execute Skype with arbitrary arguments. This can be abused to specify a remote configuration storage directory which can be leveraged to glean target user credentials.

tags | advisory, remote, web, arbitrary, protocol
SHA-256 | 1a3fb0c954ce1130e87db954fec34934cb2807e576545be0a66e002a37268fa2
Zero Day Initiative Advisory 10-028
Posted Mar 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-028 - This vulnerability allows remote attackers to remove arbitrary XML files on vulnerable installations of Skype. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in Skype's handling of the 'skype-plugin:' protocol. An attacker can specify a malicious URI, that upon clicking, will trigger the deletion of an arbitrary attacker specified XML file.

tags | advisory, remote, arbitrary, protocol
SHA-256 | fa77e17c17401d4a75c3b4bb25ac1e9ad9db5dd096a945340444340566a1bf56
Eros Erotik Webkatalog SQL Injection
Posted Mar 11, 2010
Authored by Easy Laster

Eros Erotik Webkatalog suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 25c51138a2a8a07da8167bb0890d09ba5886eb9291caf2708eb0550b00d5ee51
ATutor 1.6.4 Cross Site Scripting
Posted Mar 11, 2010
Authored by ItSecTeam

ATutor version 1.6.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3669732d40933733498b181a2186eccb89b07c4994be07577c6cc535a7e43be9
Skype URI Handler Input Validation
Posted Mar 11, 2010
Authored by Paul Craig | Site security-assessment.com

Skype client versions prior to 4.2.0.1.55 suffer from a URI handling input validation vulnerability that allows for remote command execution.

tags | exploit, remote
SHA-256 | faa86373432c9b156df0c665dcd6633b96c306a1b1b24a4aa08c75976837f5d5
Internet Explorer "Aurora" Memory Corruption
Posted Mar 11, 2010
Site metasploit.com

This Metasploit module exploits a memory corruption flaw in Internet Explorer. This flaw was found in the wild and was a key component of the "Operation Aurora" attacks that lead to the compromise of a number of high profile companies. The exploit code is a direct port of the public sample published to the Wepawet malware analysis site. The technique used by this module is currently identical to the public sample, as such, only Internet Explorer 6 can be reliably exploited.

tags | exploit
advisories | CVE-2010-0249
SHA-256 | 0ba5be9c3fc1e65562aeb4e5496513b06e2e1230824a7d5e57fd95077d38074f
Secunia Security Advisory 38869
Posted Mar 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in GNU Cpio, which can potentially be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | a553fbdab70f9a838112e1ecd48cffa008ea7fceb144de86f75cf35770dbf949
Secunia Security Advisory 38836
Posted Mar 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in GNU tar, which can potentially be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | f7bd4936d01cb2d9baf384782da995d5e0f193cdb337ea8e46a285c76e5e7c3a
ANE CMS 1 Cross Site Request Forgery
Posted Mar 11, 2010
Authored by Pratul Agrawal

ANE CMS version 1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c161a7a1a5a54682f580191406652a5e246f2635feaab6ea5ab2e0886ee6c702
ANE CMS 1 Cross Site Scripting
Posted Mar 11, 2010
Authored by Pratul Agrawal

ANE CMS version 1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 946679792042f3ecb6616e6fc5dab2a0154013a6d023c94ef5bfba33652d1333
Ubuntu Security Notice 909-1
Posted Mar 11, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 909-1 - William Grant discovered that dpkg-source did not safely apply diffs when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2010-0396
SHA-256 | e03b020237a34eb10babde3dbb250d6762835d7c9f4c0e64626d3411643ef369
Abton CMS SQL Injection
Posted Mar 11, 2010
Authored by MustLive

Abton CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a4a9d625c462fc6db5ec9dce05a8d5d85346fe12ad0164e012210717ed49fcd6
Secunia Security Advisory 38908
Posted Mar 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Paul Craig has reported a vulnerability in Skype, which can be exploited by malicious people to bypass certain security restrictions and potentially disclose certain sensitive information.

tags | advisory
SHA-256 | dc5780f0e267cb54f2eb1a98a6e04cc112e6ffab86d001165a6c20b654aa3a05
Secunia Security Advisory 38885
Posted Mar 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for apache2. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
SHA-256 | e1e5073e352ab295b98c6d8d65e315d3acd58baa06828d082335bd8851d21f0f
Secunia Security Advisory 38911
Posted Mar 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Monthly Archive by Node Type module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | 2032247ad4da8fcd49abcaee49a035078fb00ecbba63908d9d7830693f999a61
Secunia Security Advisory 38904
Posted Mar 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in ispCP Omega, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | adcf13b7f0ff81775cc9c82dd7aa26ff13c10fe730c53baceabf234556d1c882
Debian Linux Security Advisory 2011-1
Posted Mar 11, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2011-1 - William Grant discovered that the dpkg-source component of dpkg, the low-level infrastructure for handling the installation and removal of Debian software packages, is vulnerable to path traversal attacks. A specially crafted Debian source package can lead to file modification outside of the destination directory when extracting the package content.

tags | advisory
systems | linux, debian
advisories | CVE-2010-0396
SHA-256 | f26791a518123e680e1e34a55a4fd5c04672d53c72462a13fa80c1b690ec4fe6
Secunia Security Advisory 38864
Posted Mar 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Campsite, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 041a2b9b4cdbeb1963942c4eb1f5af11bada72f812162a0ba0b1a806b6e4b0bb
Secunia Security Advisory 38916
Posted Mar 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - edu has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
systems | windows
SHA-256 | bf8acb7a0334f2e84baa57ea42e108db0c01d9659dfbd3d7ed22e4c72f7e9a1a
Secunia Security Advisory 38907
Posted Mar 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for dpkg. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data and compromise a vulnerable system.

tags | advisory
systems | linux, debian
SHA-256 | 8f6c9c6167a4cdf00756fc0787b07e0a2ef3fb05251d553fa7084e5b0270b476
Secunia Security Advisory 38895
Posted Mar 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been discovered in ViewVC, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | afbf4c58256b70150438e23a8c4e7a819cdcbc12ed75271ca7defec94c90ec4f
Secunia Security Advisory 38917
Posted Mar 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luka Milkovic has reported some vulnerabilities in SUPERAntiSpyware, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
SHA-256 | 5c1d12e732ea088f60d359525fb61ebc40f7c1a4b1b9eb0a3a23d31b8412b01c
Secunia Security Advisory 38884
Posted Mar 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luka Milkovic has reported some vulnerabilities in Super Ad Blocker, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
SHA-256 | fd5f4a1b71210da0bf39b460e631ec28b2f140e1d34ab7444fd7f609866e1282
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close