what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files Date: 2010-01-31 to 2010-01-31

Debian Linux Security Advisory 1985-1
Posted Jan 31, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1985-1 - It was discovered that sendmail, a Mail Transport Agent, does not properly handle a '\\0' character in a Common Name (CN) field of an X.509 certificate. This allows an attacker to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority.

tags | advisory, arbitrary, spoof
systems | linux, debian
advisories | CVE-2009-4565
SHA-256 | 7f363bfc3756efe52291262afeda37362d40aa4743af918350401f623bf2e9cc
Ajax Manset Haber Sistemi 3 Administrative Bypass
Posted Jan 31, 2010
Authored by LionTurk

Ajax Manset Haber Sistemi version 3 suffers from a direct administrative access vulnerability.

tags | exploit, bypass
SHA-256 | 4f0c122f38a557788f375a4c95181c8fd9a7692d400ef3507c9c5975cb731a7f
Simple And Nice Index File 1.5.2 Arbitrary File Download
Posted Jan 31, 2010
Authored by Aodrulez

Snif (Simple And Nice Index File) version 1.5.2 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
SHA-256 | 8d49044a22bb6ef51032fbf025432f7ed888926d599eceff9c9eaf303f52a675
Tavanmand Portal 1.1 Shell Upload
Posted Jan 31, 2010
Authored by Pouya Daneshmand

Tavanmand Portal version 1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | fb168fa44563091154600a5cd9651be6263e25297384567ff0934a5b1c34233d
WordPress Calendar SQL Injection
Posted Jan 31, 2010
Authored by HackXBack

The Wordpress Calendar plugin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 08a05486f33d13a0e2be43057015560487fa5f32a66513b4948a18473bdc7f3c
EFIPW Apple EFI Firmware Password Changer 0.2a
Posted Jan 31, 2010
Authored by Paul Makowski | Site code.google.com

EFIPW is a tool that can be used to decode and modify Apple EFI firmware passwords via the command line. It is designed after the non open source OFPW utility and is designed to work on Intel machines running Leopard or newer. Useful for lab deployments (setting the firmware password of machines as a post install item) and pen tests (recovering the EFI firmware password).

Changes: Complete Python rewrite. Works on Snow Leopard again.
tags | tool
systems | unix, apple
SHA-256 | 83fe779b6bcdb2cbbb4da3359a7a5d0e75ca7ff27c8901c902ff4d15ec0f684b
Last Wizardz SQL Injection
Posted Jan 31, 2010
Authored by AtT4CKxT3rR0r1ST

Last Wizardz suffers from a remote SQL injection vulnerability in content.php.

tags | exploit, remote, php, sql injection
SHA-256 | 9466bbdd9f32a88c81de91d8afe6f63d45dd32b067d4a917071e9ff85eebd213
Creative SplashWorks-SplashSite Blind SQL Injection
Posted Jan 31, 2010
Authored by AtT4CKxT3rR0r1ST

Creative SplashWorks-SplashSite suffers from a remote blind SQL injection vulnerability in page.php.

tags | exploit, remote, php, sql injection
SHA-256 | 611c1d0c80a95c7c5c72fcce83877382c76388a764e8db6df7270b6ad7efbcdf
Cross Site Scripting Paper
Posted Jan 31, 2010
Authored by fred777

This is a whitepaper on cross site scripting written in German.

tags | paper, web, xss
SHA-256 | 84575c90ddd7b89abb93facb4b651f00ea940f399ca79081a089a8f99b5f6d80
Debian Linux Security Advisory 1983-1
Posted Jan 31, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1983-1 - Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to the execution of arbitrary code or denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2009-4337, CVE-2010-0304
SHA-256 | 92494330a2cbeec055881203210e9efbe69ab0660d46baf67fa4e9b5cfd12fe2
RoakCMS Shell Upload / Directory Traversal
Posted Jan 31, 2010
Authored by Pouya Daneshmand

RaakCMS suffers from shell upload and directory traversal vulnerabilities.

tags | exploit, shell, vulnerability, file inclusion
SHA-256 | f61f656cd196728cc713a69e33c70b17c446e8f1d860cf604928eca092e75851
TopWS SQL Injection
Posted Jan 31, 2010
Authored by AtT4CKxT3rR0r1ST

TopWS suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 0bbb637ef1426ec1bad19e8d1efce5a2583d915d8d42142023a7368b158741ed
Crownweb SQL Injection
Posted Jan 31, 2010
Authored by AtT4CKxT3rR0r1ST

Crownweb suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b3f6d344d2d6a6ad43301ff46a61e364143d400824369f016d850200f6e6ab6b
Debian Linux Security Advisory 1984-1
Posted Jan 31, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1984-1 - It was discovered that libxerces2-java, a validating XML parser for Java, does not properly process malformed XML files. This vulnerability could allow an attacker to cause a denial of service while parsing a malformed XML file.

tags | advisory, java, denial of service
systems | linux, debian
advisories | CVE-2009-2625
SHA-256 | e56530873719bbbfac147c6d114599e2278e2430011f76a5e4f6add741be4f43
Maian Greetings 2.1 Shell Upload
Posted Jan 31, 2010
Authored by indoushka

Maian Greetings version 2.1 suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 4c78304f0079c43c202c94901f8943093c0c4d602fc9b505ac9d13f15a0e2bbb
Joomla RSGallery2 SQL Injection
Posted Jan 31, 2010
Authored by Snakespc | Site snakespc.com

The Joomla RSGallery2 component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 55ca6626edc826434e43475084cb3c1940ae2eddb575fedb8a546d1e2e61324d
Joomla Simple FAQ Blind SQL Injection
Posted Jan 31, 2010
Authored by AtT4CKxT3rR0r1ST

The Joomla Simple FAQ component suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 825557192d4925e60997c3f0e62d1996c2ac0885bf9e222b9dab631dc515c97d
ThinkAdmin SQL Injection
Posted Jan 31, 2010
Authored by AtT4CKxT3rR0r1ST

ThinkAdmin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8d428cac2963233ecfc54a88a3ee48bc4a1c2a92f0c2add3c4e408067e4472e7
Debian Linux Security Advisory 1841-2
Posted Jan 31, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1841-2 - A bug in git-core caused the security update in DSA 1841 to fail to build on a number of architectures Debian supports. This update corrects the bug and releases builds for all supported architectures.

tags | advisory
systems | linux, debian
advisories | CVE-2009-2108
SHA-256 | 5dcc8ca33d09da65b2123daef88e0d64c824d7df810dac134737c258b0d72fd3
Maian Uploader 4.0 Shell Upload
Posted Jan 31, 2010
Authored by indoushka

Maian Uploader version 4.0 suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 8ac4826ae8e4145a82378b7baf2962c9ed53b71212989a595ed80bdbd074c923
eWebeditor Traversal / Shell Upload / Bypass / Disclosure
Posted Jan 31, 2010
Authored by Pouya Daneshmand

eWebeditor suffers from administrative bypass, database disclosure, shell upload and directory traversal vulnerabilities.

tags | exploit, shell, vulnerability, bypass, info disclosure, file upload
SHA-256 | 4f156dfd0510795ce33ae305fe001950b391154e8114400d6479a2fa300fceb3
Joomla JE Event Calendar SQL Injection
Posted Jan 31, 2010
Authored by bhunt3r

The Joomla JE Event Calendar component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9592d26e0986f825e4393c764edab60436365f91f608307054a97bc4a36e5ca4
Vermillion FTP Daemon Buffer Overflow
Posted Jan 31, 2010
Authored by Dz_attacker

Vermillion FTP Daemon version 1.31 remote buffer overflow exploit that spawns calc.exe.

tags | exploit, remote, overflow
SHA-256 | 8cd7207fe0c17003da397f372225d80927a3889b3b21db5b248fcf42b2164597
HAWHAW SQL Injection
Posted Jan 31, 2010
Authored by s4r4d0

HAWHAW suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 52b97d5c4ac44f99178320f8aef778dae4e629c415752f6a534b7de80507157f
Xerox Workcenter 4150 Buffer Overflow
Posted Jan 31, 2010
Authored by Francis Provencher

The Xerox Workcenter version 4150 suffers from a buffer overflow vulnerability. Proof of concept code included.

tags | exploit, overflow, proof of concept
SHA-256 | 0c47f97159b37b78391874db638835f12d96ef6db7c62a9f90fbaf6511284e7f
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close