what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 46 RSS Feed

Files Date: 2012-01-30

sudo 1.8.3p1 Format String
Posted Jan 30, 2012
Authored by joernchen | Site phenoelit.de

sudo versions 1.8.0 through 1.8.3p1 suffer from a format string vulnerability that allows for privilege escalation.

tags | exploit
SHA-256 | 81fb04538af951a21c660e19f143b2d360f83aa70ff21c86befc1fc8af952094
OSClass 2.3.4 XSS / RFI / SQL Injection
Posted Jan 30, 2012
Authored by Filippo Cavallarin

OSClass version 2.3.4 suffers from cross site scripting, remote file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, file inclusion
SHA-256 | 6961ecec1291ed82c08ed138f70b351bb7b06cabde1aec1d2b62eb96c14593fb
Postfixadmin 2.3.4 SQL Injection / Cross Site Scripting
Posted Jan 30, 2012
Authored by Filippo Cavallarin

Postfixadmin version 2.3. 4 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 792946daa68d21da19823d935d226aff83199c4a69cc33fe6dfa3dcbd4a11618
Snort Report 1.3.2 SQL Injection
Posted Jan 30, 2012
Authored by a.kadir altan

Snort Report versions 1.3.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7ac11a9eb9c4af7ae958f9e6572c3363d054e93d2c7c025644e592843827575f
Joomla Propertylab SQL Injection
Posted Jan 30, 2012
Authored by the_cyber_nuxbie

The Joomla Propertylab component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a3daef246c503bc8547f849b2aed3b44984344f9ecdc3e77c4c0bb237510ca66
DPI 1.0 Cross Site Scripting
Posted Jan 30, 2012
Authored by Red Security TEAM

DPI version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d8cd5e55214550fc0a341eefb3545a7f8deabb3b7d422347a02fbf65f060e75d
Mibew Messenger 1.6.4 Cross Site Scripting
Posted Jan 30, 2012
Authored by Filippo Cavallarin

Mibew Messenger version 1.6.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 70ca4b16e1bd521b1858f4631f536db54e0cb770544aff6b395c926a0f05eef9
Joomla BBS SQL Injection
Posted Jan 30, 2012
Authored by the_cyber_nuxbie

The Joomla BBS component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6f0b8c419e5e825a1c8825cf7a430c175e04de600ae4369c1e50886fbe48d296
Phux Download Manager SQL Injection
Posted Jan 30, 2012
Authored by Red Security TEAM

Phux Download Manager suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 04856c2e105c35adc10d68427ec4e8e9a4262fc82b5e01eee835f8a9d50f9cad
Red Hat Security Advisory 2012-0071-01
Posted Jan 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0071-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash value, a large amount of CPU time would be consumed. This flaw has been mitigated by adding a new configuration directive, max_input_vars, that limits the maximum number of parameters processed per request. By default, max_input_vars is set to 1000.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2011-0708, CVE-2011-1466, CVE-2011-2202, CVE-2011-4566, CVE-2011-4885
SHA-256 | 5aa584ae8e2538b311608383e29e10b03cfc35f4dda508f886e8a55f83326c25
Red Hat Security Advisory 2012-0070-01
Posted Jan 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0070-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays in Ruby. An attacker able to supply a large number of inputs to a Ruby application that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions.

tags | advisory, denial of service, ruby
systems | linux, redhat
advisories | CVE-2011-3009, CVE-2011-4815
SHA-256 | 03b3e4cae76347af80bc92c207769ad0a2a84889ef025d717522605f2284e476
Red Hat Security Advisory 2012-0069-01
Posted Jan 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0069-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays in Ruby. An attacker able to supply a large number of inputs to a Ruby application that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions.

tags | advisory, denial of service, ruby
systems | linux, redhat
advisories | CVE-2011-4815
SHA-256 | f7e42c50959c0fb32cbaa649ddc8262f37b293afa41649f8324f881d14fac350
Debian Security Advisory 2397-1
Posted Jan 30, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2397-1 - It was discovered that a buffer overflow in the Unicode library ICU could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-4599
SHA-256 | 33155ab7e9a7b17b4c88cdcfe061b9ce02b5b72b86507f4eee3765acdc720f58
Gentoo Linux Security Advisory 201201-17
Posted Jan 30, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201201-17 - Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Versions less than 16.0.912.77 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-3924, CVE-2011-3925, CVE-2011-3926, CVE-2011-3927, CVE-2011-3928
SHA-256 | eaa004838721d039091f8548c7c6641f0341f17b63e976316bbc9668c5791b8d
Joomla Firmy SQL Injection
Posted Jan 30, 2012
Authored by the_cyber_nuxbie

The Joomla Firmy component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2c0f2c4d9d41df496067e05cfd85ac66ab857fdc7140e5684666b37bd49c645b
Tracker Software pdfSaver ActiveX 3.60 Buffer Overflow
Posted Jan 30, 2012
Authored by LiquidWorm | Site zeroscience.mk

Tracker Software pdfSaver ActiveX control (pdfxctrl.dll) version 3.60.0128 suffers from stack buffer overflow vulnerability.

tags | exploit, overflow, activex
SHA-256 | 1f74a1a4ce723616f317b2c385cfb28c0333209fe68e3f334202488fee4929f5
Gforge.org Cross Site Scripting
Posted Jan 30, 2012
Authored by Sony

Gforge.org suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 279b2c178e7b00319918db7557e39bdfd4d565690af7fe6af6e58a1d007d5819
HP Security Bulletin HPSBUX02724 SSRT100650 3
Posted Jan 30, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02724 SSRT100650 3 - A potential security vulnerability has been identified with HP-UX running SAM. This vulnerability could be locally exploited to create an increase in privilege. Revision 3 of this advisory.

tags | advisory
systems | hpux
advisories | CVE-2011-4159
SHA-256 | 5777efa4796c8cc839fc68219e072197a8bbf19ac8b947c09bddc34c1d8d7f0a
HP Security Bulletin HPSBUX02697 SSRT100591 2
Posted Jan 30, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02697 SSRT100591 2 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 2 of this advisory.

tags | advisory, java, remote, vulnerability
systems | hpux
advisories | CVE-2011-0786, CVE-2011-0788, CVE-2011-0802, CVE-2011-0814, CVE-2011-0815, CVE-2011-0817, CVE-2011-0862, CVE-2011-0863, CVE-2011-0864, CVE-2011-0865, CVE-2011-0866, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0872, CVE-2011-0873
SHA-256 | de66b3926d31636b6f15745b63854f4b379835d2bfec3205e617285439882313
4Images 1.7.6 Cross Site Request Forgery
Posted Jan 30, 2012
Authored by Or4nG.M4N

4Images version 1.7.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 0e8c3124fa4870d03bc83a4c8cc303d480430e0bc48c0c72e6ff897aa2634d37
VMware Security Advisory 2012-0001
Posted Jan 30, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0001 - VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues.

tags | advisory
advisories | CVE-2009-3560, CVE-2009-3720, CVE-2010-0547, CVE-2010-0787, CVE-2010-1634, CVE-2010-2059, CVE-2010-2089, CVE-2010-3493, CVE-2010-4649, CVE-2011-0695, CVE-2011-0711, CVE-2011-0726, CVE-2011-1015, CVE-2011-1044, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495, CVE-2011-1521, CVE-2011-1573
SHA-256 | e35a8f609b986bb8b2fc490b895224847eba088cf1f87974f9bc5820e0c3c589
Secunia Security Advisory 47782
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in WHMCompleteSolution, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 7836e9780a7d6743119d29fe5fe1e565dc52a9fcf68665b4caa4637656092824
Secunia Security Advisory 47605
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in IBM SPSS SamplePower, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 29beac5953b698d745bb01103c874092886d220acd5c8cbc3f833e81273cb725
Secunia Security Advisory 47670
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Postfix Admin, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting and script insertion attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 0fcd50f64699587ecbea6b580ae7675a38fec1cf457ebf05b22ea36c0f0a6e13
Secunia Security Advisory 47731
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Search Autocomplete module for Drupal, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | dfb17ecb6f275da69b81b80de74b13ae64fbf1632d84d9b14984910561c4ab51
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close