exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 52 RSS Feed

Files Date: 2010-02-09

PHP Apps Links Insecure Cookie Handling
Posted Feb 9, 2010
Authored by jiko

PHP Apps Links suffers from an insecure cookie handling vulnerability.

tags | exploit, php, insecure cookie handling
SHA-256 | 92284a5de7c51f029615734d3f1cc759271141719791df4cf5e830d1c20d9e6b
Yes Solutions SQL Injection
Posted Feb 9, 2010
Authored by HackXBack

Yes Solutions suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | fa8362ac6b7518d3a13e2040e7c0eb6ca591065b14ae08bca687fc272e75afe4
Mojo's IWMS 7 SQL Injection / Cross Site Scripting
Posted Feb 9, 2010
Authored by cp77fk4r

Mojo's IWMS versions 7 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 2ed6cdf1d5bb6b48bbbe4348df210f8fc54a7d21bc55a798774f2de197aba05f
Technical Cyber Security Alert 2010-40A
Posted Feb 9, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-40A - Microsoft has released updates to address vulnerabilities in Microsoft Windows, Windows Server, Internet Explorer, and Microsoft Office.

tags | advisory, vulnerability
systems | windows
SHA-256 | 0d49afe2af08b5325f8b6061009d19ad3d2c3337315a2884da34bc08e8de01d9
Zero Day Initiative Advisory 10-017
Posted Feb 9, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-017 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office PowerPoint Viewer. User interaction is required to exploit this vulnerability in that the target must open a malicious presentation. The specific flaw exists in the handling of TextBytesAtom records contained in a PPT file. Due to the lack of bounds checking on the size argument an unchecked memcpy() copies user data from the file to the stack, overflowing key exception structures. Exploitation of this vulnerability can lead to remote compromise of the affected system under the context of the currently logged in user.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-0033
SHA-256 | e66f5708444afbb8a61a86f354075f2e3c535010d167c5534163b79119e45335
Zero Day Initiative Advisory 10-016
Posted Feb 9, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-016 - This vulnerability allows remote attackers to force a Microsoft Windows system to execute a given local executable. User interaction is required in that the target must access a malicious URL. The specific flaw exists within the ShellExecute API. Using a specially formatted URL an attacker can bypass sanitization checks within this function and force the calling application into running an executable of their choice. Successful exploitation requires a useful binary to exist in a predictable location on the remote system.

tags | advisory, remote, local
systems | windows
advisories | CVE-2010-0027
SHA-256 | cbead906d997ee76877af1d55e446626a519eb77a9753cd8dd8b5595996a9469
UltraISO 9.3.6.2750 Local Buffer Overflow
Posted Feb 9, 2010
Authored by fl0 fl0w

UltraISO version 9.3.6.2750 local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | bd57eec4e2084ff888f186ef5a94a351746bbbfe3542359ada2785b0666a8bbe
Microsoft PowerPoint File Path Handling Buffer Overflow
Posted Feb 9, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Office PowerPoint, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error when handling file paths and can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. Microsoft Powerpoint 2002 is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-0029
SHA-256 | 4ab67aead2a10a87a263653a9e1d2c62ed128edce724d1df60f7bca4e22e07dc
Newsletter Tailor SQL Injection
Posted Feb 9, 2010
Authored by ViRuSMaN

Newsletter Tailor suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 05823bc3f8b1a57206d81340808b740d3fa302331ec2464459967caa1426d34a
Newsletter Tailor Backup Related
Posted Feb 9, 2010
Authored by ViRuSMaN

Newsletter Tailor suffers from remote database backup and disclosure vulnerabilities.

tags | exploit, remote, vulnerability, info disclosure
SHA-256 | f7dc04d8896706c2cb84f60c4233f35656911bb6b59d31db01a2fbd35e2689ab
Core Security Technologies Advisory 2009.0827
Posted Feb 9, 2010
Authored by Core Security Technologies, Damian Frizza | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability exists in MSO.DLL affecting Excel 9 (Office 2000) and Excel 10 (Office XP) in the code responsible for parsing OfficeArtSpgr (recType 0xF003) containers that allows an attacker to cause a class pointer to be interpreted incorrectly, leading to code execution in the context of the currently logged on user.

tags | advisory, code execution
advisories | CVE-2010-0243
SHA-256 | d40c00bfca38691caa302cc240a65cfb4055b89ee51b20a1b18ce6051b11c60e
Zero Day Initiative Advisory 10-015
Posted Feb 9, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-015 - This vulnerability allows attackers to execute arbitrary code on applications that utilize DirectShow for rendering video on Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must be coerced into decompressing a malicious video. The specific flaw exists within the decompression of a specific type of video stream contained in an .AVI file. The application misuses a length field for an allocation causing the memory allocation to be too small to contain the subsequent data. During population of this buffer, the application will copy more data than allocated for leading to memory corruption with the potential for code execution.

tags | advisory, arbitrary, code execution
systems | windows
advisories | CVE-2010-0250
SHA-256 | 1b5465d57ec60943e234e5d054de35549b804f4f09c061ee64c2c50e4f728fa3
Linux /bin/cat /etc/passwd Shellcode
Posted Feb 9, 2010
Authored by FB1H2S

43 bytes small /bin/cat /etc/passwd Linux x/86 shellcode.

tags | shellcode
systems | linux
SHA-256 | de7500ae0726581b49c0f823c1ea34c0093776ca11b5329ed06e55f9179a1bf9
Spoofing Technique
Posted Feb 9, 2010
Authored by mc2_s3lector

Whitepaper called spoofing technique.

tags | paper, spoof
SHA-256 | 9cf5bb03c9b206a026568fc09c49e0e27937b42598a05896f187da1388b29970
LDAP Injection Proof Of Concept
Posted Feb 9, 2010
Authored by mc2_s3lector

LDAP injection proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 2431e5ecf0cce38a31875fd868f239dfc6e6328d965b87e14b451c25e2173acb
FlexCMS Insecure Cookie Handling
Posted Feb 9, 2010
Authored by ViRuSMaN

FlexCMS version 3.1 suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
SHA-256 | 05adef10ce58d8f94f7f0ccf20a5cb6e9406c3968e96cd1a72af118ab81f3bf4
Oracle E-Business Suite Cross Site Scripting
Posted Feb 9, 2010
Authored by Gil Cohen | Site hacktics.com

The Oracle E-Business Suite suffers from a cross site scripting vulnerability in the error details page.

tags | advisory, xss
SHA-256 | cfb0d08a1aea903cb859eb27a83251c33db45a11685d30d5bcb2dc4bcf049053
ThinkPHP 1.5 / 2.0 Cross Site Scripting
Posted Feb 9, 2010
Authored by zx

ThinkPHP versions 2.0 and below suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | a7208e5112a62b9ed7872de827624e94648b6e690b6581cc22685d4380ec8629
ACM CCS 2010 - Call For Workshop Proposals
Posted Feb 9, 2010
Authored by Ninghui Li, Ting Yu Chairs

Proposals are solicited for workshops to be held in conjunction with ACM CCS 2010. Each workshop provides a forum to address a specific topic at the forefront of security research. A workshop must be one full day in length. Proceedings of all workshops will be available (on a CD) to the workshop attendees. Each workshop will also have on-line proceedings through ACM Digital Library, with a separate ISBN.

tags | paper, conference
SHA-256 | acdd601dac84be7a44fbd3f5e99f18c1b4604e06b8706e5a43a9a11824d401cc
NetReconn Scanning Tool Collection 1.76
Posted Feb 9, 2010
Authored by Jay Fink

Netreconn is a collection of network scan/recon tools that are relatively small compared to their larger cousins. These include nstrobe, ipdump, and ndecode.

Changes: Various bug fixes and additions.
tags | tool
systems | unix
SHA-256 | 2d67857abdd78b103035140fd6f2853b5cd3c45fa600745b4d134a306fedd23e
Aruba Networks Security Advisory - 020810
Posted Feb 9, 2010
Site arubanetworks.com

Aruba Networks Security Advisory - This advisory addresses the renegotiation related vulnerability disclosed recently in Transport Layer Security protocol. This vulnerability may allow a Man-in-the-Middle (MITM) attacker to inject arbitrary data into the beginning of the application protocol stream protected by TLS.

tags | advisory, arbitrary, protocol
advisories | CVE-2009-3555
SHA-256 | 22e3177636fc7aa2f310bbb771660dd68a2953ca6c2b727698e76ee120c2a131
Secunia Security Advisory 38510
Posted Feb 9, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct brute force attacks or to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | windows
SHA-256 | ed158b5e0d8f9b326366dc957840b691418249a25aab5730f1cdfedcb997bfa2
Secunia Security Advisory 38506
Posted Feb 9, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | windows
SHA-256 | 18d551acaee0a1840a30dba8a3f5dc1b983144a0a8a56d90a156be1d64064d88
Secunia Security Advisory 38512
Posted Feb 9, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | windows
SHA-256 | 3cf3aa0fa33d7cbd101a0206114d61dd7c22ed4ae4c47841bc768dd2a9c45169
Secunia Security Advisory 38503
Posted Feb 9, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Data Analyzer, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 4b3c7107a36fd881027fc459a9998ae9e8303f6dc2d81c9836d0d01831f0596d
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close