exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 64 RSS Feed

Files Date: 2012-08-29

Endonesia 8.5 CMS Publisher Module SQL Injection
Posted Aug 29, 2012
Authored by Crim3R

Endonesia 8.5 CMS publisher module suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2b7945c56a8f9846517260ec379412697319a8da8f902141f87eb1058681b581
squidGuard 1.4 Denial Of Service
Posted Aug 29, 2012
Authored by Stefan Bauer

squidGuard version 1.4 may suffer from a denial of service vulnerability when fed a long URL.

tags | exploit, denial of service
SHA-256 | fc2b35ea47586fba7304892ac8282bfcbf545aead94d1ecb4627ea55270709b0
Winlog Lite SCADA HMI System 2.06.17 SEH Overwrite
Posted Aug 29, 2012
Authored by Ciph3r

Winlog Lite SCADA HMI system version 2.06.17 suffers from a SEH overwrite vulnerability.

tags | exploit
SHA-256 | 65763c2d8beef5f0757ae8cb84213f5458a558619a807c7ffc08f54e8de3a0d9
YourOnlineAgents CMS Blind SQL Injection
Posted Aug 29, 2012
Authored by Crim3R

YourOnlineAgents CMS suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6e4aaf2fcf81a9aefc84e43c1f9c90e1b7bfd1cc5114b7b861c96dc50dc8a7e9
Rudimentary Runtracer For Windows 7
Posted Aug 29, 2012
Authored by JODE | Site nsense.net

This is a rudimentary runtracer for Windows 7 on x86 (ASLR resilient).

tags | x86
systems | windows
SHA-256 | 0c338f0abacb1298c6e3159ef4e1383419cd701b04ef15d5434f37c70994813a
iSolution CMS SQL Injection
Posted Aug 29, 2012
Authored by Crim3R

iSolution CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 1a08a1a12a801bc316f73078633539d6a650fbcb8bc90023cfe06640eece4665
Disqus Blog Comments SQL Injection
Posted Aug 29, 2012
Authored by Spy_w4r3

Disqus Blog Comments suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d153d27a4a6e5a7b4b64cb53d6872723f2de5a385ce4b520ca8623a249712a95
WordPress HD Webplayer 1.1 SQL Injection
Posted Aug 29, 2012
Authored by JoinSe7en

WordPress HD Webplayer version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 794f8fb3c3303c1fd8753b97a7fade46db699ff0285978b9dae1170f973058ad
Mandriva Linux Security Advisory 2012-147
Posted Aug 29, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-147 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. Security researcher Abhishek Arya of Google Chrome Security Team discovered a series of use-after-free issues using the Address Sanitizer tool. Many of these issues are potentially exploitable, allowing for remote code execution. Security researcher Mariusz Mlynski reported that it is possible to shadow the location object using Object.defineProperty. This could be used to confuse the current location to plugins, allowing for possible cross-site scripting attacks. Various other vulnerabilities were also addressed.

tags | advisory, remote, arbitrary, vulnerability, code execution, xss
systems | linux, mandriva
advisories | CVE-2012-1956, CVE-2012-1970, CVE-2012-1971, CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956, CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960, CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964, CVE-2012-3966, CVE-2012-3967, CVE-2012-3968, CVE-2012-3969, CVE-2012-3970, CVE-2012-3971, CVE-2012-3972, CVE-2012-3974, CVE-2012-3975, CVE-2012-3978, CVE-2012-3980
SHA-256 | ac842d060e5a71fbd19379a59603aad1eb68341ea634c795cd15a6abd94be521
Zero Day Initiative Advisory 12-182
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-182 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC ApplicationXtender. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WxSuperCtrl650.ocx ActiveX control. By manipulating a combination of the DisplayImageFile, AnnoLoad and AnnoSave methods, the vulnerable AnnoSave() method can enable an attacker to save arbitrary files inside arbitrary locations. The attacker is able to control the file extension and the creation path via a directory traversal issue. An attacker can leverage this vulnerability to execute code under the context of the process.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2012-2289
SHA-256 | 6aa38dcf56266cca5031793e281cb153a6a3cbeed54f22bddc1b5e8754cbf960
Zero Day Initiative Advisory 12-181
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-181 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins as well as the Microsoft Windows spooler service. When handling certain requests the client-file-name parameter is improperly copied to a local stack buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM.

tags | advisory, remote, arbitrary, local, activex
systems | windows
advisories | CVE-2011-4186
SHA-256 | 8979b4441be91dc89370ce5a0c381bc13ea650e7ac616526aaef1318d9a9dff3
Zero Day Initiative Advisory 12-180
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-180 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Admin Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ISGrid.dll ActiveX control. The process performs insufficient bounds checking on user-supplied data passed in the DoFindReplace() method which results in heap corruption. This vulnerability can be leveraged to execute code under the context of the process.

tags | advisory, remote, arbitrary, activex
SHA-256 | 6cda57ac5d2dddf4b3b0a51b759fbd94b82e7766e18694fd0cc41e25bf65aec3
Zero Day Initiative Advisory 12-179
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-179 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC ApplicationXtender. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AEXView.ocx ActiveX control. By manipulating a combination of the DisplayImageFile, AnnoLoad and AnnoSave methods, the vulnerable AnnoSave() method can enable an attacker to save arbitrary files in arbitrary locations. The attacker is able to control the file extension and the creation path via a directory traversal issue. An attacker can leverage this vulnerability to execute code under the context of the process.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2012-2289
SHA-256 | a7465b5401eae09d86f86686525c56e6d712583245d647f15ff28395259f58e1
Zero Day Initiative Advisory 12-178
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-178 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is update() which allows an unauthenticated user to update the admin credentials. This can lead to remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, code execution
SHA-256 | a7d7cad7879c61819dbc94f08be01be1e8d0afbc314b1e6219a955b923aa173f
Zero Day Initiative Advisory 12-177
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-177 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is loadFileContent() which will return the content of any local file on the server including the configuration files containing password information. This can lead to remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, local, code execution
SHA-256 | a981f2b2198bcd2e57cbfd68417c9cbccf607abda086d08e670d5451e2b885db
Zero Day Initiative Advisory 12-176
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-176 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is getFileInternal() which will return the content of any local file on the server including the configuration files containing password information. This can lead to remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, local, code execution
SHA-256 | 70a89850ac9dc1cd883c181aae929ff4a71d499727264d2562593c361f329253
Zero Day Initiative Advisory 12-175
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-175 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is create() which allows unauthenticated user to create a new user account for the service. This account has access to an DownloadFilesHandler which contains a flaw that allows you to download any file from the server including the server configuration files that contains the admin credentials. This can lead to remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, code execution
SHA-256 | 63c7d0cb64b93026d854c51c9d224b782e10faf19f32dc134c2e2f728d9539c3
Zero Day Initiative Advisory 12-174
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-174 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw is a directory traversal in the UploadFilesHandler url that allows you to upload files to the server into a directory on the server that allows for scripting. This vulnerability could lead to remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, code execution
SHA-256 | 4ee84abc0ed60faa0ef4eaf23e562588e583a3ba9fdbd25999ffb6342ecf1e64
Zero Day Initiative Advisory 12-173
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-173 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists because HP SiteScope allows unauthenticated SOAP calls to be made to the SiteScope service. One of those calls is getSiteScopeConfiguration() which will return the current configuration of the server including the administrator login and password information. A remote attacker could abuse this vulnerability to login to SiteScope with administrative privileges then execute arbitrary code through the underlying functionality.

tags | advisory, remote, arbitrary
SHA-256 | 3664679a0798fdfd213eb09c398b686510ec5256a83ac88387b3ba49d44830c2
Zero Day Initiative Advisory 12-172
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-172 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Operations Orchestration. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RSScheduler service JDBC component of Operations Orchestra which listens by default on TCP port 9001. The component is vulnerable to SQL injection attacks. Remote, unauthenticated attackers can exploit this vulnerability by injecting malicious SQL into the target, which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp, code execution, sql injection
SHA-256 | 2e6296934e9eb31a41004fb77a403dabf9b037e9f8ff4edde0c15edcccb89a28
Zero Day Initiative Advisory 12-171
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-171 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The flaw exists within the uam.exe component which listens by default on UDP port 1811. When logging received actions to a log file, sprintf is used to build the log message. The process does not properly verify the destination buffer on the stack is of sufficient size to handle the newly created string. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, udp
SHA-256 | 72b76f5f036df5670bf0135032f957301d5d812167752414d6bc378a702e8dc4
Zero Day Initiative Advisory 12-170
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-170 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Application Lifecycle Management. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XGO.ocx ActiveX control. The control exposed two vulnerable functions: 'SetShapeNodeType', which is vulnerable to a type confusion allowing user specified memory to be used as an object; and 'CopyToFile' which allows an attacker to create and overwrite files on the system of the user invoking the control. The attacker can utilize these vulnerabilities to execute remote code under the context of the process.

tags | advisory, remote, arbitrary, vulnerability, activex
SHA-256 | d3c9828441c320ddd3cc9e187105d893074559a023cf494f12db26998b203cae
Zero Day Initiative Advisory 12-169
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-169 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE Proficy Historian. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the KeyHelp.ocx ActiveX control. The control contains a LaunchTriPane function that allows launching of the HTML Help executable (hh.exe) with customized command line parameters. By using the -decompile switch, an attacker can specify the folder to decompile to and a UNC path to a specially crafted .chm file. The attacker can utilize this vulnerability to execute remote code under the context of the process.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2012-2516
SHA-256 | 1d9cc5e9c9e4b44c3492912b95ec7b4338a90ddb678216b44fd28eec565c9802
Zero Day Initiative Advisory 12-168
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-168 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft Thin Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ISSymbol.ocx ActiveX component. The process performs insufficient bounds checking on user-supplied data passed in as the 'InternationalSeparator' parameter which results in a heap overflow. This vulnerability can be leveraged to execute code under the context of the user running the browser.

tags | advisory, remote, overflow, arbitrary, activex
advisories | CVE-2011-0340
SHA-256 | d3906c04c1551295a1d49431e04af6182300549f596f348f989e9e3ea751e535
Zero Day Initiative Advisory 12-167
Posted Aug 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-167 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell File Reporter Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within NFRAgent.exe which communicates with the Agent component over HTTPS on TCP port 3037. When parsing tags inside the VOL element, the process performs insufficient bounds checking on user-supplied data prior to copying it into a fixed-length buffer on the stack. This vulnerability can result in remote code execution under the context of the SYSTEM account.

tags | advisory, remote, web, arbitrary, tcp, code execution
SHA-256 | 69ef2ff5d98292fa291bf2211351fecf6a6b0eb8a1a5ff2d20882a59592c9bb3
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close