what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 46 RSS Feed

Files Date: 2010-04-28 to 2010-04-29

Botan C++ Crypto Algorithms Library 1.9.7
Posted Apr 28, 2010
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: This release adds support for reading SSLv2 client hellos, which some applications still send for compatibility with SSLv2-only servers. TLS ciphersuites using the South Korean. SEED block cipher are now supported. The Comb4P hash function combiner is now included. A bug that caused raw (unhashed, unpadded) signatures of messages beginning with 0 bytes to be rejected has been fixed.
tags | library
SHA-256 | a3eb1d8d5c24874e5cfa543fddcd28a558fcae234cbe1999f81e9a5992de2549
SoftBizScripts Hosting Script SQL Injection
Posted Apr 28, 2010
Authored by 41.w4r10r

SoftBizScripts Hosting Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0c9b13a3a2f89999e72bb06578ec5b39a4d95566fcfdb3dee94359b77e2e11a5
SoftBizScripts Dating Script SQL Injection
Posted Apr 28, 2010
Authored by 41.w4r10r

SoftBizScripts Dating Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 50e83f42dd7c942695260a3f890e816fcc4e04c28cfae023022b535d59ad7a18
GeneShop 5.1.1 SQL Injection
Posted Apr 28, 2010
Authored by 41.w4r10r

GeneShop version 5.1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e27fb6ff783e27237acb6378e2f7a39ac29fe667c01212e5878147c63fa43727
UBB.threads 6.4.4 Forum Cross Site Scripting
Posted Apr 28, 2010
Authored by Cr3w-D, Dr.0rYX

UBB.threads 6.4.4 Forum suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8cc680403713d3f0b758dc6cc5bf4bf3163c0a46dc3143b365ac7496c0847821
Microsoft SharePoint Server 2007 Cross Site Scripting
Posted Apr 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Microsoft SharePoint Server 2007 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1a31485d6b626dae460a2e3b7d0478f8e6364c68f3ca848d96c887bc981501cf
Mandriva Linux Security Advisory 2010-084
Posted Apr 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-084 - Multiple Java OpenJDK security vulnerabilities have been identified and fixed. Packages for 2009.0 are provided due to the Extended Maintenance Program.

tags | advisory, java, vulnerability
systems | linux, mandriva
advisories | CVE-2009-2409, CVE-2009-3555, CVE-2009-3728, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3885, CVE-2010-0082
SHA-256 | 312b3c1da3613bba6dee3a18734818e0ba9d2e9be62220fe962af073b0b2a26f
Mandriva Linux Security Advisory 2009-332
Posted Apr 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-332 - Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow. Additionally the patch for in MDVSA-2009:296 was incomplete, this update corrects this as well. This update provides a solution to this vulnerability. Packages for 2009.0 are provided due to the Extended Maintenance Program.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-3909
SHA-256 | d2b192cd78da8edd2e68f462274472b050263f13b309e1cab890312f91302408
Joomla Wap4Joomla SQL Injection
Posted Apr 28, 2010
Authored by Manas58

The Joomla Wap4Joomla component suffers from a remote SQL injection vulnerability in wapmain.php.

tags | exploit, remote, php, sql injection
SHA-256 | 331b9a8efe96a951f20193899004794dd17f40ae7d253aca823fcb3dc75f1854
Tele Data's CMS 0.9 SQL Injection
Posted Apr 28, 2010
Authored by AutoSec Tools

Tele Data's CMS version 0.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4c34f67555fc70368e4139fb4d22613428c7d1dcbf726225359040eb6bda3ba3
Mandriva Linux Security Advisory 2010-085
Posted Apr 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-085 - The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for ICQ and possibly AIM, as demonstrated by the SIM IM client. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Other issues have also been identified.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2009-3615, CVE-2010-0013, CVE-2010-0013, CVE-2010-0277, CVE-2010-0420, CVE-2010-0423
SHA-256 | 209643718e8208dbef837eae2a003ecf460b9808598317b3e97888b1d0d1d215
Mandriva Linux Security Advisory 2010-078
Posted Apr 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-078 - The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ., which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. Packages for 2009.0 are provided due to the Extended Maintenance Program.

tags | advisory, arbitrary, local, trojan
systems | linux, mandriva
advisories | CVE-2010-1163
SHA-256 | 434d5ae46530ca84b4e40cec180a734b59057077f1e870dbe4462b04e8ee1772
Safari 4.0.3 / 4.0.4 Stack Exhaustion
Posted Apr 28, 2010
Authored by Fredrik Nordberg Almroth | Site h.ackack.net

Safari versions 4.0.3 and 4.0.4 stack exhaustion exploit.

tags | exploit
SHA-256 | 938050b12d8e854b8d626299c5b02d2478693ccb82a3c9f2f0e60fae7b36d4e9
Zero Day Initiative Advisory 10-079
Posted Apr 28, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-079 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Helix Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication provided by the administrative web interface and is only present if it is configured to use NTLM. The vulnerability can be triggered by specifying invalid Base64 string within the Authorization header. If the string is not proper Base64 the vulnerable function returns -1 which is not verified and is later used as a length to a string copy routine.

tags | advisory, remote, web, arbitrary
advisories | CVE-2010-1317
SHA-256 | 82b64874e461a91bd5206c27ae63f5c67cc13feabbf3505aea024977b045e5c3
Pligg CMS 1.0.4 SQL Injection
Posted Apr 28, 2010
Authored by Don Tukulesto | Site indonesiancoder.com

Pligg CMS version 1.0.4 suffers from a remote SQL injection vulnerability in story.php.

tags | exploit, remote, php, sql injection
SHA-256 | dfceebf1ddd3ae78d3a60379a8dc3112aaa232992645d2692e33ac0e33757e1d
Joomla JE Property Finder Shell Upload
Posted Apr 28, 2010
Authored by Sid3 effects

The Joomla JE Property Finder component suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 785f540949c9284b75d6f445e1195de9237e568cf2d1391438029433492dab0d
Canvas Tag Denial Of Service
Posted Apr 28, 2010
Authored by Jelmer de Hen | Site h.ackack.net

Safari 4.0.5 and Internet Explorer 6.0 / 8.0 suffer from a canvas tag denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 3d68e03674c167cdb9f2be68ee115a16ce37f9b9fa334ccac260022a178880a3
WhatWeb Scanner 0.4.1
Posted Apr 28, 2010
Authored by Andrew Horton | Site morningstarsecurity.com

WhatWeb next generation web scanner identifies what websites are running. Released at the Kiwicon conference (kiwicon.org) in Wellington, New Zealand. Written in Ruby for Linux. Flexible plugin architecture with over 70 plugins so far. Passive plugins use information in the headers, cookies, HTML body and URL. Aggressive plugins can identify versions of Joomla, phpBB, etc by making extra requests to the webserver.

tags | tool, web, scanner, ruby
systems | linux, unix
SHA-256 | aceeab845573c4cd8661eb2c47f2086cfd6616595069ba6227bdfd86bf423c08
Secunia Security Advisory 39630
Posted Apr 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Acoustica CD/DVD Label Maker, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | eaa4403036d68be10166456f3637ab7a38ab363c6354bbd0e4e17151429375b3
Secunia Security Advisory 39585
Posted Apr 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Graphics component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | d3a5aae0a775c70713d935096f2d2ad15dbad1ede414c0b38d6c02dd6b0d6196
Secunia Security Advisory 39617
Posted Apr 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been discovered in Portaneo Open Source

tags | advisory
SHA-256 | 5ba30ee467a99f29aea9aa861372f132fcf214cd3ec4eb6ae04109e1160ccb03
Secunia Security Advisory 39622
Posted Apr 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in 2daybiz Advanced Poll Script, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 201ef179a467ad185d1def62f22ccfad25c1adb2f2e4e87311cf7a1413ade8fe
NIBE Heat Pump Remote Command Execution
Posted Apr 28, 2010
Authored by Jelmer de Hen | Site h.ackack.net

NIBE Heat Pump remote command execution exploit.

tags | exploit, remote
SHA-256 | b7be4c5b5ec76e2e1bcc110e78615b4b3669adf96f53c1be031eb2ddf00f317a
NIBE Heat Pump Local File Inclusion
Posted Apr 28, 2010
Authored by Jelmer de Hen | Site h.ackack.net

NIBE Heat Pump suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 5d6ba859f170a18e649cc2161fb852dee7d942ed4650f159f9fdb80c12ad5f67
OneHTTPD 0.6 Directory Traversal
Posted Apr 28, 2010
Authored by AutoSec Tools

OneHTTPD version 0.6 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | c50fa9a39158c2c8478a3d3c8759333a933c6d5abd2674ab2675ae566345553d
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close