exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 37 RSS Feed

Files Date: 2011-05-09

Zero Day Initiative Advisory 11-154
Posted May 9, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-154 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sybase M-Business Anywhere. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gsoap.exe module exposed by the webserver that listens by default on TCP ports 8093 and 8094. A remote user can send an specially crafted SOAP packet with an invalid 'password' closing tag via a POST request to the web server to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.

tags | advisory, remote, web, overflow, arbitrary, tcp, code execution
SHA-256 | 9eeb0f5fc625589a4915b9cae5ca9b82741a4442e22f1b54cb70500a7bd5f052
HP Security Bulletin HPSBOV02682 SSRT100495
Posted May 9, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02682 SSRT100495 - Potential vulnerabilities have been identified with HP OpenVMS running Kerberos. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS) or execution of arbitrary code, or by a remote unauthorized user to modify data, prompts, or responses. Revision 1 of this advisory.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2008-0062, CVE-2008-0947, CVE-2008-0948, CVE-2009-0846, CVE-2009-4212, CVE-2010-1323
SHA-256 | deba330be58344603284826e84811bfbbfe925a41948fff53b13f556755e818b
HP Security Bulletin HPSBTU02684 SSRT100390
Posted May 9, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBTU02684 SSRT100390 - A potential vulnerability has been identified with HP Tru64 UNIX running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, java, denial of service
systems | unix
advisories | CVE-2010-4476
SHA-256 | aebdbd5943edbed6f159028af47f66fa472e98bb6050c7a673b5cea40d33de86
HP Security Bulletin HPSBOV02634 SSRT100390
Posted May 9, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02634 SSRT100390 - A potential vulnerability has been identified with HP OpenVMS running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, java, denial of service
advisories | CVE-2010-4476
SHA-256 | dd3eda6f3c1f44c6304dc1182012d147c1d3c05d72154924bef68f24ec389573
Securing The Kernel Via Static Binary Rewriting And Program Shepherding
Posted May 9, 2011
Authored by Piotr Bania

Whitepaper called Security the Kernel via Static binary Rewriting and Program Shepherding. -

tags | paper, kernel
SHA-256 | 18ae1bdd7e29da68b73f1ee47eb588a934ffcd5e35aad3d0fc3709c3bac2a3e3
Glyptodon File System Analyzer 1.2
Posted May 9, 2011
Authored by Emeric Nasi

Glyptodon is a little file-system analyzer for Linux systems. It is written in bash and it comes with an installer to make it run everyday automatically. This script writes some general information about file permissions, socket, ownership, etc. It also verifies the file-system for potential risks, such as set-uid files, world writable files, symlinks nouser files, etc.

tags | tool, bash
systems | linux, unix
SHA-256 | 0c9a68bfb2e52bdc81f2316f067d7f264897eb737ada4467537a3e3f11c576b8
Perl Null Pointer Dereference
Posted May 9, 2011
Authored by Jonathan Brossard

When given a wrong number of arguments, a number of perl functions will attempt to read memory from an unmapped location, resulting in a deterministic crash.

tags | advisory, perl
advisories | CVE-2011-0761
SHA-256 | b72775fe46f3e69183620de7109ecf5ba3fd1540d7eb6d3c5323b82bb1325925
Opera SELECT SIZE Arbitrary Null Write
Posted May 9, 2011
Authored by Jonathan Brossard

Opera up to and including version 10.60 is vulnerable to an arbitrary memory write of 0x00000000, 4 byte aligned, when processing an html page featuring a SELECT tag with a very large SIZE parameter.

tags | advisory, arbitrary
advisories | CVE-2011-1824
SHA-256 | 630fbf78a70da7125a10c3f5ee2b547435896349a5687c315425d7f9e3ea9851
Ampache 3.5.4 Cross Site Scripting
Posted May 9, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in Ampache version 3.5.4 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
SHA-256 | 2c031f381e8f5eeba932231724913927673a5d79539752522ee73af4cc60731a
ECoder 0.4.10 Cross Site Scripting
Posted May 9, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in ECoder version 0.4.10 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
SHA-256 | b07513e742762ea47f23b8269c3e5208e9e99ca02617d14ddd19d55087bfd9e6
Exponent 2.0.0 Beta 1.1 Local File Inclusion
Posted May 9, 2011
Authored by AutoSec Tools | Site autosectools.com

Exponent version 2.0.0 Beta 1.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 0ba0b4b54f5f90bea32c1a57ebffe2355097938d7cabbc3c5b3020cab2989e09
VoIP Security - Methodology And Results
Posted May 9, 2011
Authored by Barrie Dempster | Site ngssoftware.com

Whitepaper called VoIP Security - Methodology and Results.

tags | paper
SHA-256 | 19a9d026719f565c18ff28e79f5f73877a8cff31f458c85c1ae0292076d199e4
Remote And Local Exploitation Of Network Drivers
Posted May 9, 2011
Authored by Yuriy Bulygin

Whitepaper called Remote and Local Exploitation of Network Drivers.

tags | paper, remote, local
SHA-256 | 20560e7adb32319870905329c882032975643950db301bd93d3951faa1ad2f0b
Exponent 2.0.0 Beta 1.1 Shell Upload
Posted May 9, 2011
Authored by AutoSec Tools | Site autosectools.com

An arbitrary upload vulnerability in Exponent version 2.0.0 beta 1.1 can be exploited to upload a PHP shell.

tags | exploit, arbitrary, shell, php
SHA-256 | 12a4ae5b35c590048dfadc45867cf588dc993b6e953ffc2772aaa050fcd3a9b0
Gelsheet 1.02 Cross Site Scripting
Posted May 9, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in Gelsheet version 1.02 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
SHA-256 | b3f3b9b95de061c47af70d9ea4e999fd94ee0bb2c2e92e6d27945f4c8b6ac585
GetSimple 3.0 Local File Inclusion
Posted May 9, 2011
Authored by AutoSec Tools | Site autosectools.com

A local file inclusion vulnerability in GetSimple version 3.0 can be exploited to include arbitrary files.

tags | exploit, arbitrary, local, file inclusion
SHA-256 | 62619473fe9392a22a52334b24d039bd3b46c38757aaf0f3fcd7a1e49f3f342c
phpWebSite 1.7.1 Shell Upload
Posted May 9, 2011
Authored by AutoSec Tools | Site autosectools.com

An arbitrary upload vulnerability in phpWebSite version 1.7.1 can be exploited to upload a PHP shell.

tags | exploit, arbitrary, shell, php
SHA-256 | f3cf7eeed0e142ae1fd2df50651cc4ff52f1a275d702fe16ad06c6065341a522
Serva32 1.2.00 RC1 Denial Of Service
Posted May 9, 2011
Authored by AutoSec Tools | Site autosectools.com

A denial of service vulnerability can be exploited to crash Serva32 version 1.2.00 RC1.

tags | exploit, denial of service
SHA-256 | 39ab74456449c1a36d67a2e41f9ae3a631ac80cec6b2df0c2e500a2a02e7f705
Serva32 1.2.00 RC1 Directory Traversal
Posted May 9, 2011
Authored by AutoSec Tools | Site autosectools.com

A directory traversal vulnerability in Serva32 version 1.2.00 RC1 can be exploited to read files outside of the web root.

tags | exploit, web, root, file inclusion
SHA-256 | 36ef686f24a435eddbe553ae5e744a2ddd3c73ecea4f76a2fabce8cbc90b03f0
TCExam 11.1.029 SQL Injection
Posted May 9, 2011
Authored by AutoSec Tools | Site autosectools.com

TCExam version 11.1.029 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 900162c3dfeb68ad88e2af92c699d344c1a2c090365b7b9f726135337f287e5e
Secunia Security Advisory 44495
Posted May 9, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - AutoSec Tools has discovered two vulnerabilities in TCExam, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | b3c333aec30a1832f297041184e2d632ba2a856d31d7a52514a257bd60a33ae3
Secunia Security Advisory 44522
Posted May 9, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Skype for Mac, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | cfb7882ae04fa4850943964256f5003da5c69d5d1499fd997b87368f075dd995
Secunia Security Advisory 44529
Posted May 9, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for asterisk. This fixes two vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, fedora
SHA-256 | c02240e1d95745a4131050d626d1a49601ac621c9557008a1ab794095a07e46d
Secunia Security Advisory 44484
Posted May 9, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - KnockOut has discovered a vulnerability in DORG, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | ebc7ded77eb8ab0e8c09e000bfc35b62942c1245cfdc819a9486fa5d66040ecb
Secunia Security Advisory 44479
Posted May 9, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for otrs2. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, debian
SHA-256 | 765b4faf5121921120cac794529be11b160a206f63d11485e3af1444eaff34ef
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close