exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 33 RSS Feed

Files Date: 2008-11-08 to 2008-11-09

miranda.tar.gz
Posted Nov 8, 2008
Authored by Craig Heffner | Site sourcesec.com

Miranda is a Python-based Universal Plug-N-Play client application designed to discover, query and interact with UPNP devices, particularly Internet Gateway Devices (aka, routers). It can be used to audit UPNP-enabled devices on a network for possible vulnerabilities.

tags | tool, scanner, vulnerability, python
systems | unix
SHA-256 | d14d0b979b115a202bce72bdcfd7fc749f57546b53bf094e2e1119c7c9a8c158
vmware-guestescalate.txt
Posted Nov 8, 2008
Authored by Derek Soeder

By exploiting either of the VMware flaws described in this document, user-mode code executing in a virtual machine may gain kernel privileges within the virtual machine, dependent upon the guest operating system. The flaws have been proven exploitable on x64 versions of Windows, and they have produced potentially exploitable crashes on x64 versions of *BSD. The Linux kernel does not allow exploitation of these flaws on x64 versions of Linux.

tags | advisory, kernel
systems | linux, windows, bsd
advisories | CVE-2008-4279, CVE-2008-4915, CVE-2008-3890
SHA-256 | 00028132b68b6b52ccbf9adca27a78831980d6aa94845933c21f512a28b129b3
AKADV2008-001-v1.0.txt
Posted Nov 8, 2008
Authored by Andreas Kurtz | Site andreas-kurtz.de

The jabber server Openfire versions 3.6.0a and below contain several serious vulnerabilities. Depending on the particular runtime environment these issues can potentially even be used by an attacker to execute code on operating system level. Full exploitation details provided.

tags | exploit, vulnerability
SHA-256 | e1e9a58f4293b2465f10522e4ad1097e16abdeef9a210399eae0280937117098
v3chat-sql.txt
Posted Nov 8, 2008
Authored by d3b4g

V3 Chat - Profiles/Dating Script version 3.0.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | e37e6d9fa0e6bc82b586faa7093acc9c3c3d16376932674772fdb86c9e823b81
file_sharing_security.pdf
Posted Nov 8, 2008
Authored by Francis Corella | Site pomcor.com

Whitepaper entitled Protecting A Web Application Against Attacks Through HTML Shared Files.

tags | paper, web
SHA-256 | a332ffa53a93ffea3c43a63213809c1bc705467514a6098021161dd8468c04fb
hzine-01.pdf
Posted Nov 8, 2008
Authored by hzine | Site hackerss.com

H-Zine Volume #1 - Discussing IpTables, C++, SQL injection, and more. Written in Spanish.

tags | sql injection, magazine
SHA-256 | f469b6e9b8f510a569419a76ea58c063e330ad93e0a6924f5005d7c95a34ff55
ake-escalate.txt
Posted Nov 8, 2008
Authored by Alex from NT Internals | Site ntinternals.org

Anti-Keylogger Elite version 3.3.0 privilege escalation exploit that makes use of AKEProtect.sys.

tags | exploit
SHA-256 | 947c61f151a4a1908ac87ca71f782f1153851a8dd8742e2ff17dc9ef8e96adb8
domainsellerpro-sql.txt
Posted Nov 8, 2008
Authored by TR-ShaRk

Domain Seller Pro version 1.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 53513bf7a444ffe29bd9f632ec5c6fb4deb97f44f070847060aa6b27472ecf26
speedstream-bypass.txt
Posted Nov 8, 2008
Authored by hkm

The SpeedStream 5200 suffers from an authentication bypass vulnerability via Host header modification.

tags | exploit, bypass
SHA-256 | 0e3c38f2cac373a41d993ae5af53a61eab5944e2da8abbaba6e29cc9d4d4e7c5
Mandriva Linux Security Advisory 2008-224
Posted Nov 8, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel.

tags | advisory, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2008-3528, CVE-2008-3831, CVE-2008-4554
SHA-256 | 07420495aa7cda94bcb423e119a9c13e63e0d3b150270e1ff058301f03053469
Mandriva Linux Security Advisory 2008-226
Posted Nov 8, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Denial of service, spoofing, and bypass vulnerabilities exist in Ruby.

tags | advisory, denial of service, spoof, vulnerability, ruby
systems | linux, mandriva
advisories | CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790, CVE-2008-3905
SHA-256 | 488309119dea14c6a264f6053e8b8d14c8d560c0a40a71fd0e398684d17eb685
easybookmarker4-sql.txt
Posted Nov 8, 2008
Authored by G4N0K

Myiosoft EasyBookMarker version 4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 83df2edfd70212f9a43b6667f15e25105d3452e00d682c09041279a896ac4d01
etopbiznumberlinks-sql.txt
Posted Nov 8, 2008
Authored by Hussin X | Site tryag.cc

E-topbiz Number Links 1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 890b5f538fbf52221fbfa044cb20d57a18b621df0a16fa1c76ccc5f7e0fe754b
vlcrt-overflow.txt
Posted Nov 8, 2008
Authored by SkD

VLC Media Player versions below 0.9.6 .RT stack buffer overflow exploit.Spawns calc.exe.

tags | exploit, overflow
SHA-256 | 885454393c4e99bc5fc0b83823b3a3c169446cb21872b399d36814636e1d9b76
miniwebcalendar-disclosexss.txt
Posted Nov 8, 2008
Authored by ahmadbady

Mini Web Calendar version 1.2 suffers from file disclosure and cross site scripting vulnerabilities.

tags | exploit, web, vulnerability, xss, info disclosure
SHA-256 | e5dcf4a98914f87dbd7979829a1aded1c4c927d8fe8985c822ab2515e7aadb7d
VMware Security Advisory 2008-0018
Posted Nov 8, 2008
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware Hosted products and patches for ESX and ESXi resolve multiple security issues. A flaw in the CPU hardware emulation may allow for a privilege escalation on virtual machine guest operating systems. In addition a directory traversal issue is resolved.

tags | advisory
advisories | CVE-2008-4915, CVE-2008-4281
SHA-256 | a2cc4fb617dd573bde38a03b8b1f2ca7106b716cdac17f5f3c3c96573df9e5c2
joomlafeederator-rfi.txt
Posted Nov 8, 2008
Authored by NoGe

The Joomla Feederator component version 1.0.5 suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | 357f5efc75fc9246420aeba2bf080c676acc85ee920e2d7effcf8fc6bde64d58
joomlarecly-rfi.txt
Posted Nov 8, 2008
Authored by NoGe

The Joomla Recly!Competitions component version 1.0.0 suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | fc0562c441077d95d6222a0557e1955be8f1f2838569aca7a04931b306fad082
joomlaclickheat101-rfi.txt
Posted Nov 8, 2008
Authored by NoGe

The Joomla Clickheat component version 1.0.1 suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | 68aacf133226e8f2614ba09a9268ee4efd75ebce710713a2fac9272efd5f8efd
VNCcrack-2.1.tgz
Posted Nov 8, 2008
Authored by Jack Lloyd | Site randombit.net

VNCcrack is a simple, fast offline-mode VNC password cracker. It takes a set of challenge-response pairs of the type passed during a VNC authentication attempt, and attempts to recover the passwords using a dictionary file.

tags | cracker
SHA-256 | a6b55baeb838fb9ceba777369bace4a6929bfe58a051349808c800008e0bcaeb
etopbizos1-sql.txt
Posted Nov 8, 2008
Authored by Stack | Site v4-team.com

E-topbiz Online Store 1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 105a1a37d43be84ea5586ecb6ad4c42b92f7666943963469bee7e3c7f793177d
precarlister-sql.txt
Posted Nov 8, 2008
Authored by r45c4l | Site darkc0de.com

Pre Car Lister suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 5f8f42efad763348eaf3d9deb288524d2750af0c41de9141c1da24da16bfec46
Secunia Security Advisory 32607
Posted Nov 8, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for netpbm. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
systems | linux, ubuntu
SHA-256 | 82d08bf6326dfb79a47da6631e03f4de021cfc7c66706f90e53c74c9411acd1c
Pardus Linux Security Advisory 2008.67
Posted Nov 8, 2008
Authored by Pardus Linux, Pardus

Pardus Linux Security Advisory 2008-67 - A remotely exploitable heap-based buffer overflow exists in libcaudio versions prior to 0.99.12-2-2.

tags | advisory, overflow
systems | linux
SHA-256 | 6273274b35ca23a850c3df31e3310cf18e41dbdfa85a0db467c45b6b489785d3
Pardus Linux Security Advisory 2008.66
Posted Nov 8, 2008
Authored by Pardus Linux, Pardus

Pardus Linux Security Advisory 2008-66 - An untrusted search path vulnerability in BPY_interface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySys_SetArgv function.Blender versions prior to 2.47-14-3 are affected.

tags | advisory, arbitrary, local, trojan, python
systems | linux
SHA-256 | f6c4f042b3d94489e7fc447f94e9dc1e3fc5a416d6e1396261743844b53235e9
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close