exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 33 RSS Feed

Files Date: 2011-04-18

Zero Day Initiative Advisory 11-136
Posted Apr 18, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-136 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Directory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in how ibmslapd.exe handles LDAP CRAM-MD5 packets. ibmslapd.exe listens by default on port TCP 389. When the process receives an LDAP CRAM-MD5 packet, it uses libibmldap.dll to handle the allocation of a buffer for the packet data. A specially crafted packet can cause the ber_get_int function to allocate a buffer that is too small to fit the packet data, causing a subsequent stack-based buffer overflow. This can be leveraged by a remote attacker to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2011-1206
SHA-256 | 5856c905992ce3367f10fbd82bf9872e59657ed8b978886f53701ed9eeb4747f
Wireshark 1.4.4 SEH Overflow
Posted Apr 18, 2011
Authored by sickness

Wireshark versions 1.4.1 through 1.4.4 SEH overflow exploit that spawns calc.exe.

tags | exploit, overflow
SHA-256 | 1190bfbcea843e5145744418548830b04cb799c34c387f3a3edb3bd512300dbd
Pastebay Password Bypass
Posted Apr 18, 2011
Authored by Sw1tCh

Pastebay suffers from a password bypass vulnerability.

tags | exploit, bypass
SHA-256 | ebd3027c69a1ad01ec43a6aa1d8a4c8ab3b282c31cdbd8211cfa94df34fbbaff
Adaptive Authentication (On-Premise) Cross Site Scripting
Posted Apr 18, 2011
Site emc.com

A potential cross site scripting vulnerability has been identified in RSA? Adaptive Authentication (On-Premise) that could be exploited in certain circumstances. This is due to an input validation error in a Flash Shockwave file provided by the Adaptive Authentication system.

tags | advisory, xss
advisories | CVE-2011-1422
SHA-256 | a83fabf54ed5f3331ab76f5aae6561209b00f4bf7ffb46fbdc69a206932bb910
Ultra Marketing Enterprises CMS And Cart SQL Injection
Posted Apr 18, 2011
Authored by eXeSoul

Ultra Marketing Enterprises CMS and Cart suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d34005c364f7d4611990f005c5880bba9ad4ebb113ae3607456293769682cd4a
Ubuntu Security Notice USN-1113-1
Posted Apr 18, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1113-1 - It was discovered that the Postfix package incorrectly granted write access on the PID directory to the postfix user. A local attacker could use this flaw to possibly conduct a symlink attack and overwrite arbitrary files. This issue only affected Ubuntu 6.06 LTS and 8.04 LTS. Wietse Venema discovered that Postfix incorrectly handled cleartext commands after TLS is in place. A remote attacker could exploit this to inject cleartext commands into TLS sessions, and possibly obtain confidential information such as passwords.

tags | advisory, remote, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2009-2939, CVE-2011-0411
SHA-256 | 6aa138e4da81ce01a79a100e10f8c8db333638d58fca582399c80a99743e1fb6
Windows Credential Editor 1.2
Posted Apr 18, 2011
Authored by Hernan Ochoa | Site ampliasecurity.com

Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes and Kerberos tickets). This can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.) which can be used to perform further attacks, obtain Kerberos tickets and reuse them in other Windows or Unix systems.

Changes: It now supports logon sessions and NTLM credentials just by reading memory without performing code injection.
tags | remote
systems | linux, windows
SHA-256 | 099e55d14489dafd73cfdfa5499d3104b38a4256c3df9a93abae54beaa077d30
EMC NetWorker Arbitrary Code Execution With Elevated Privileges
Posted Apr 18, 2011
Site emc.com

EMC NetWorker contains a potential security vulnerability that can be exploited to execute malicious code with elevated privileges on the affected system.

tags | advisory
advisories | CVE-2011-1421
SHA-256 | 865a9f3693f441082930e4366c848c4a8368c6122943070f7ee2590626605e5f
Go Null Yourself E-Zine Issue 04
Posted Apr 18, 2011
Authored by gny | Site gonullyourself.org

Go Null Yourself E-zine Issue 4 - Topics in this issue include Lattice-Based Cryptography, The Tech Behind Credit Cards, MapReduce Part 2, 303-833-00xx Scan, and more.

tags | magazine
SHA-256 | 35eabf498921a3ff749db28d5d9622b428e8b2a603b121475303b55a264a85bc
CRESUS SQL Injection
Posted Apr 18, 2011
Authored by GRAYHATZ

CRESUS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c25206e4b15dfe30428563597e1a1363d64b556f27415c22c47d4f718789b052
Secunia Security Advisory 44240
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for proftpd. This fixes two vulnerabilities, which can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, fedora
SHA-256 | ccafd038dcde1e733e4b0fe7bb2f1aa78dc535b69cc46dc88c1e7b292d77d091
Secunia Security Advisory 44051
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Mojolicious, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | aad435433a3873a784ff551ce1b5893c38b4067071e9cc95e4a411bdae38e924
Secunia Security Advisory 44224
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Perl Jifty::DBI, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, perl, vulnerability, sql injection
SHA-256 | ee16a2eae7ff772f1e2c5bd0a66d63508362ce64912f5fd126c4f08e1aadd575
Drupal Themes XSS / Denial Of Service
Posted Apr 18, 2011
Authored by MustLive

Multiple Drupal themes suffer from cross site scripting and denial of service vulnerabilities. Affected themes include Fresh News, Inspire, Spectrum, Delegate, Optimize, Bueno, Headlines, Daily Edition, Coffee Break, The Gazette Edition.

tags | advisory, denial of service, vulnerability, xss
SHA-256 | 165887f15d9354eaf9b8d1bb945cb0dc9da0684b19cf44be05684f5b05d60ae6
Secunia Security Advisory 44219
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and a vulnerability have been discovered in MyBB, which can be exploited by malicious people to disclose certain sensitive information and conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 803f1203cf51ac1479e8ec409f0b5cbd3b365d60fbb263c69a398552b5100509
Secunia Security Advisory 44238
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for libmodplug. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, fedora
SHA-256 | e1e304df70aa4ca0fbdb0f36fcdadfebd76f644ae156cfe2d94668d90d57c6ef
Secunia Security Advisory 44104
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Thunar, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 2a6071287d06bd3824ab732a02050b854a96d3f94e13dbf03c1fdbe733b1bfe1
Secunia Security Advisory 44239
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for tmux. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, fedora
SHA-256 | a94b1de5c9aa0257247acd99483ddb9e56469c33b019b3eacea9f7eae5cdad51
Secunia Security Advisory 44223
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Justin Case has reported a weakness in Skype for Android, which can be exploited by malicious people to gain access to sensitive information.

tags | advisory
SHA-256 | fae84ac51ac8b67252c924423fdae24c29c3e61ebfd8895a4d5d580f6d947bb6
Secunia Security Advisory 44169
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, suse
SHA-256 | 14a64815e3d847dcb4f353283f97876a57888b127e13a7b21aae5a6e887d2251
CompactCMS 1.4.1 Remote File Inclusion / File Disclosure
Posted Apr 18, 2011
Authored by KedAns-Dz

CompactCMS versions 1.4.1 and below suffer from remote file inclusion and disclosure issues.

tags | exploit, remote, code execution, file inclusion, info disclosure
SHA-256 | 9d0a94503eb969764632bc54f78faa71ffad44a133f3df985cbb8c6eaf655d53
Google Chrome 10.0.648.205 Stack Overflow
Posted Apr 18, 2011
Authored by C4SS!0 G0M3S

Google Chrome version 10.0.648.205 stack exhaustion exploit.

tags | exploit
SHA-256 | 82d6dc22eadb26bdd8279068c3bbf816cda86c79a4185c6e44c2d3edaa340479
Secunia Security Advisory 44181
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for krb5. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, suse
SHA-256 | 13cc27186d5ff20728460c4b2bea54234313f92beb4e86bc06a266b766608ed0
Secunia Security Advisory 44173
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libmodplug. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, suse
SHA-256 | 771592ce52c244bd9d96461d89141463905d30ace60ab8aebec9d96e7dc8ec94
Secunia Security Advisory 44179
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for dhcp6. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, suse
SHA-256 | 4fb77a1d56d114d8ac31369cca5138277372854eb3228928974ad1cea50d8e32
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close