exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 43 RSS Feed

Files Date: 2012-06-11

Insecurity Of Poorly Design Remote File Inclusion Payloads Part 1
Posted Jun 11, 2012
Authored by bwall | Site firebwall.com

This whitepaper discusses the insecurity of poorly designed remote file inclusion payloads. This is part one.

tags | paper, remote, file inclusion
SHA-256 | 0ad627634c11abc77c0211c9fe0d4a8c8b65595f116f610eceb4b969e304e19d
Microsoft IIS 6.0 / 7.5 Authentication Bypass
Posted Jun 11, 2012
Authored by Kingcope

Microsoft IIS versions 6.0 and 7.5 suffer from various authentication bypass vulnerabilities. 7.5 also suffers from a source code disclosure flaw.

tags | exploit, vulnerability, bypass
SHA-256 | 31f691d3442ef019996f5131a36d46a349b82fb445d8c3c399201566683d7edb
Mandriva Linux Security Advisory 2012-088
Posted Jun 11, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-088 - Security issues were identified and fixed in mozilla firefox and thunderbird. Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure. Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column. Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-1947, CVE-2012-1940, CVE-2012-1941, CVE-2012-1946, CVE-2012-1945, CVE-2012-1944, CVE-2012-1938, CVE-2012-1939, CVE-2012-1937, CVE-2011-3101, CVE-2012-0441
SHA-256 | e45d0a9ecaaa6aa2057a7a0d53316462d0da0cafa4345f6f72cf7e998d9be6ec
Joomla Joomsport SQL Injection / Shell Upload
Posted Jun 11, 2012
Authored by KedAns-Dz

The Joomla Joomsport component suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | e9a76ab29955a0166d426cadbc1fb84359eeca77c4401ff86095bc6d467591ee
Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability
Posted Jun 11, 2012
Authored by Tenable Network Security, juan vazquez | Site metasploit.com

This Metasploit module exploits a file upload vulnerability found in Symantec Web Gateway's HTTP service. Due to the incorrect use of file extensions in the upload_file() function, this allows us to abuse the spywall/blocked_file.php file in order to upload a malicious PHP file without any authentication, which results in arbitrary code execution.

tags | exploit, web, arbitrary, php, code execution, file upload
advisories | CVE-2012-0299, OSVDB-82025
SHA-256 | cf93b4b95c23f5407ba012edff8b93021d9cf2a529de505d5f968bbc6cf64f26
Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection
Posted Jun 11, 2012
Authored by Tenable Network Security, juan vazquez | Site metasploit.com

This Metasploit module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service due to the insecure usage of the exec() function. This Metasploit module abuses the spywall/ipchange.php file to execute arbitrary OS commands without authentication.

tags | exploit, web, arbitrary, php
advisories | CVE-2012-0297
SHA-256 | b0b67649c40ca029b22826b4a8885851ba50ca7ed212e036f2e5e4e0db93816f
Tom Sawyer Software GET Extension Factory Remote Code Execution
Posted Jun 11, 2012
Authored by rgod, Elazar Broad, juan vazquez | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability in the tsgetx71ex553.dll ActiveX control installed with Tom Sawyer GET Extension Factory due to an incorrect initialization under Internet Explorer. While the Tom Sawyer GET Extension Factory is installed with some versions of VMware Infrastructure Client, this module has been tested only with the versions installed with Embarcadero Technologies ER/Studio XE2 / Embarcadero Studio Portal 1.6. The ActiveX control tested is tsgetx71ex553.dll, version 5.5.3.238. This Metasploit module achieves DEP and ASLR bypass using the well known msvcr71.dll rop chain. The dll is installed by default with the Embarcadero software, and loaded by the targeted ActiveX.

tags | exploit, remote, code execution, activex
advisories | CVE-2011-2217, OSVDB-73211
SHA-256 | 9ea26d2b6cb47fda41b9580e28eab68d2c736833da3e4ee9317fb28219b79c3f
MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability
Posted Jun 11, 2012
Authored by Yorick Koster, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in Microsoft Office's ClickOnce feature. When handling a Macro document, the application fails to recognize certain file extensions as dangerous executables, which can be used to bypass the warning message. This allows you to trick your victim into opening the malicious document, which will load up either a python or ruby payload based on your choosing, and then finally download and execute our executable.

tags | exploit, python, ruby
advisories | CVE-2012-0013, OSVDB-78207
SHA-256 | 0a79ccc75253fc54a4cbf99a7599c06f3f75c9e59c1385bd9c4f718868f83665
Debian Security Advisory 2492-1
Posted Jun 11, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2492-1 - The Phar extension for PHP does not properly handle crafted tar files, leading to a heap-based buffer overflow. PHP applications processing tar files could crash or, potentially, execute arbitrary code.

tags | advisory, overflow, arbitrary, php
systems | linux, debian
advisories | CVE-2012-2386
SHA-256 | deb55cad739d879e271b8fcdefd66474772fb3e4d74c4b94ab20d59dfc18e50c
Debian Security Advisory 2491-1
Posted Jun 11, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2491-1 - Two vulnerabilities were discovered in PostgreSQL, an SQL database server.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-2143, CVE-2012-2655
SHA-256 | 08cee1118490a95890ce39cec136e45a1e76b0f30a416aecbf838f863b61cc51
AdSpy Pro 2.0 Cross Site Request Forgery
Posted Jun 11, 2012
Authored by L3b-r1'z

AdSpy Pro version 2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 42c3a8510f506adcfcb0f5c40b7d7f4704875302576570762e81040e45d11f7e
Secunia Security Advisory 49402
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in HP Onboard Administrator, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 8d1911634e157101a1ad0325ae2c325e52fea6bdd9480e4028992ef0bc5c0a91
Secunia Security Advisory 49417
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in MariaDB, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 92bb4c20061a285a50c1cd2e48c8b27c121123f3fa4f617c423fd5ab491e1b0d
Secunia Security Advisory 49423
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for postgresql-8.4. This fixes a weakness, which can be exploited by malicious people to conduct brute force attacks.

tags | advisory
systems | linux, debian
SHA-256 | 2795521e0707f6203c022f38bda6a80e5396b0ea2a2fb0739963cb442e4979cd
Secunia Security Advisory 49508
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for pidgin-otr. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, suse
SHA-256 | 483458260d2a434fbc2d69dc043124295476988c8697f5b0d5f95c0711f1d3d1
Secunia Security Advisory 49468
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Mac Photo Gallery plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 31f29d19ac9fcd79d9783495351c114c2d363601d1710085881e262c5c184780
Secunia Security Advisory 49428
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Front File Manager plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 954e8ca279ea258a073c36d368592a4a4a45bf4147977cc1fd4deeed4342d44e
Secunia Security Advisory 49452
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Agora Project, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
SHA-256 | ed41b10fb1a228659004218efe2b0f9cab0ea212ed8644611aadb45c4d7dbf78
Secunia Security Advisory 49465
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Top Quark Architecture plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 3c9b10deaf9f535372190db3f221805a61f5dfcdbe3a5cbb796a521609c84973
Secunia Security Advisory 49481
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in ForeScout CounterACT, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | e5a1d43aca1f8189077c1b2b697b652a25ad91636032344ff590cd1ccad9b5dc
Secunia Security Advisory 49467
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the PICA Photo Gallery plugin for WordPress, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 6b28cb27d1e16b73332bd370c3ea62a988ebea91db3decc5d5ade6a5af1d1a10
Secunia Security Advisory 49463
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the RBX Gallery plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 5ec5460f29199322a43d91b013e30a15c5a330a7cb79af18c277efa197063336
Secunia Security Advisory 49460
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has reported a vulnerability in the Tinymce Thumbnail Gallery plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | c9146dd2d8cd774a3bf7118fc191ec807c46052c46db14e2c55ae98168ba4feb
Secunia Security Advisory 49444
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the PDW File Browser plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 3b51062446dadf082e2632f62025ff2b6843929a178904c48ce576be4d0a0f08
Secunia Security Advisory 49462
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Simple Download Button Shortcode plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | e1a460c937f6f04c09d9dd0c5160dec2552f2c01757a653a5eb1f1b32c732f5f
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close