exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 50 RSS Feed

Files Date: 2012-02-10

Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020000 Buffer Overflow
Posted Feb 10, 2012
Authored by AbdulAziz Hariri | Site metasploit.com

This Metasploit module exploits a remote buffer overflow in the Citrix Provisioning Services 5.6 SP1 (without Hotfix CPVS56SP1E043) by sending a malformed packet to the 6905/UDP port. The module has been successfully tested on Windows Server 2003 SP2, Windows 7, and Windows XP SP3.

tags | exploit, remote, overflow, udp
systems | windows
advisories | OSVDB-75780
SHA-256 | 5d732951640be5f0d7a3bbb2123ba314dbfea24dfb6b7fe3d4aa47cf4fcea31a
Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow
Posted Feb 10, 2012
Authored by Abysssec, sinn3r, Alexander Gavrun | Site metasploit.com

This Metasploit module exploits a vulnerability found in Adobe Flash Player's Flash10u.ocx component. When processing a MP4 file (specifically the Sequence Parameter Set), Flash will see if pic_order_cnt_type is equal to 1, which sets the num_ref_frames_in_pic_order_cnt_cycle field, and then blindly copies data in offset_for_ref_frame on the stack, which allows arbitrary remote code execution under the context of the user. Numerous reports also indicate that this vulnerability has been exploited in the wild. Please note that the exploit requires a SWF media player in order to trigger the bug, which currently isn't included in the framework. However, software such as Longtail SWF Player is free for non-commercial use, and is easily obtainable.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2011-2140, OSVDB-74439
SHA-256 | df9a4f147e437db061fcac07db067da65775ac9fff0ec5fecbe3b18c47f3ceba
NIELD (Network Interface Events Logging Daemon) 0.22
Posted Feb 10, 2012
Authored by Tetsumune KISO | Site github.com

Network Interface Events Logging Daemon is a tool that receives notifications from the kernel through the rtnetlink socket, and generates logs related to link state, neighbor cache (ARP,NDP), IP address (IPv4,IPv6), route, FIB rules.

Changes: This release includes minor updates and bugfixes.
tags | kernel, system logging
systems | unix
SHA-256 | a4c49b5e750e28dea512cb9489711e806265b6f36bc5281799a174276d623e4a
SMW+ 1.5.6 Cross Site Scripting
Posted Feb 10, 2012
Authored by Sony

SMW+ version 1.5.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5c1019c29351c4b0914fc2f6bf114c61f3cb36518aad1764e6bfdc3847a7510e
BackZtage CMS Shell Upload / SQL Injection
Posted Feb 10, 2012
Authored by ITTIHACK

BackZtage CMS suffers from shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | 07d3a410b2d9cbbd10d9aa1c32546098352f2d5c6ed48a7844faa60c105b925e
KedaiScript Shell Upload
Posted Feb 10, 2012
Authored by Netrondoank

KedaiScript suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | c8229636901698f744b2fa992dc9c0ed978c990de84e09edcaaa4f47fdd687ad
eFront Community++ 3.6.10 Cross Site Scripting
Posted Feb 10, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

eFront Community++ version 3.6.10 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 4b599fa223708ee30b2d9f142560984ee2ba77b833d7b6d070539dc723c0ff01
PeerBlock 1.1 Denial Of Service
Posted Feb 10, 2012
Authored by shinnai

PeerBlock version 1.1 blue screen of death denial of service exploit.

tags | exploit, denial of service
SHA-256 | 920cf5f9ed8276bb941a1713a259c0f0be78e23ac4b2956fc7396824706d5b71
Pluck CMS 4.7 Cross Site Request Forgery
Posted Feb 10, 2012
Authored by Gordon Security

Pluck CMS version 4.7 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 5f7f2a7b475e55a35226d5f04fb1f93056be3e2107c4f657b2ef003f1efd3d24
Apache MyFaces Information Disclosure
Posted Feb 10, 2012
Authored by Leonardo Uribe

Apache MyFaces Core versions 2.0.1 to 2.0.11 and 2.1.0 to 2.1.5 suffer from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
advisories | CVE-2011-4367
SHA-256 | a113b6a3cb5d4d9cc3a27c8cb2063965d3394277046397171fde1d787ec38f30
Drupal 6.22 With Finder 6.x-1.9 Code Execution / Cross Site Scripting
Posted Feb 10, 2012
Authored by Justin C. Klein Keane

Drupal version 6.22 with Finder version 6.x-1.9 suffers from code execution and cross site scripting vulnerabilities.

tags | exploit, vulnerability, code execution, xss
SHA-256 | bc5bc7291e47cd928211933f2d494e8136c2644c4d6690eaa62b5d3f085f4987
Mandriva Linux Security Advisory 2012-015
Posted Feb 10, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-015 - Multiple file parser and NULL pointer vulnerabilities including a RLC dissector buffer overflow was found and corrected in Wireshark. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.

tags | advisory, overflow, vulnerability
systems | linux, mandriva
SHA-256 | 95695391ed7335c6ce3ff55ab98779da0adddae2c6935122a886da467bbcd2d3
RabbitWiki Cross Site Scripting
Posted Feb 10, 2012
Authored by Sony

RabbitWiki suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 26dd268bf32582bf13d46198cbec95081c9bdfc20d056a0f58226f8737ee29d3
OS X / x86 Port Binding Shellcode
Posted Feb 10, 2012
Authored by KedAns-Dz

97 bytes small OS X / x86 shellcode that binds a shell to port 4444.

tags | shell, x86, shellcode
systems | apple, osx
SHA-256 | 623642c76b21d9c8b8565f08b67486e7985cda73e2d5e7e4e1a112dc36fa3cee
ProWiki Cross Site Scripting
Posted Feb 10, 2012
Authored by Sony

ProWiki suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d60aa738c24e63904bdff955209aa790dbb4e3c2aea9eb067f3329024a86c6b0
Novell.com Local File Inclusion
Posted Feb 10, 2012
Authored by Uniscan Team

Novell.com suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 7ed031d1beabacdc03d67e4eaf10594e39bd5e288a401ed72690d5583e3421ad
Sysax Multi Server 5.52 Buffer Overflow
Posted Feb 10, 2012
Authored by Craig Freyman

Sysax Multi Server version 5.52 and below file rename buffer overflow exploit with egghunter shellcode that spawns a shell on port 4444.

tags | exploit, overflow, shell, shellcode
SHA-256 | fd8d36251f2ddc9fcea601c55652a9a591bf0d2d18d9d9b24252773e06529a61
Creepy Geolocation Gathering Tool 0.1.95
Posted Feb 10, 2012
Authored by Yiannis Kakavas | Site ilektrojohn.github.com

creepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is presented in a map inside the application where all the retrieved data is shown, accompanied with relevant information (i.e. what was posted from that specific location) to provide context to the presentation.

Changes: This release fixes the problem with Twitter consumer keys.
tags | tool
systems | unix
SHA-256 | 7a86cf41515ab0fd2f21e568a1a7dc2c0bc36f5aacdb1047ebd40c8254effce7
JetVideo 8.0.2 Basic Denial Of Service
Posted Feb 10, 2012
Authored by Senator of Pirates

JetVideo version 8.0.2 basic crash exploit.

tags | exploit, denial of service
SHA-256 | 96c092a9ba01a81b07403d99de7fa489c425010b0d39a1028f92be6fe15acdd0
Secunia Security Advisory 47987
Posted Feb 10, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for gnutls. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service
systems | linux, suse
SHA-256 | db42069679b2e263484a3cedf8f71c5f6a7c757be8bf4a7d7f78dc56f3da8805
Secunia Security Advisory 47901
Posted Feb 10, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has discovered multiple vulnerabilities in RabidHamster R4, which can be exploited by malicious people to disclose potentially sensitive information and compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 4f27c239e13979764335ccf92788539bee8fd1c6dc5e42d11a289b253dbbf210
Secunia Security Advisory 47927
Posted Feb 10, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM solidDB, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 00e09cd2fbce4c8ed4753852ced3eb8862a6cbdf2fce309db52874323c32c26c
Secunia Security Advisory 47895
Posted Feb 10, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged a weakness in Pidgin included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | solaris
SHA-256 | 8d49d75d47b7a8cad1ad02b2c5434f1092573631a7b6abb60ee1041fcdf46914
Secunia Security Advisory 47926
Posted Feb 10, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in ImageMagick, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 5c8591c1a3964b291b94c6d86445b368afce34ea6bd96986d813ef91fdbf46bc
Secunia Security Advisory 47965
Posted Feb 10, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Attachmate has acknowledged a vulnerability in multiple Reflection products, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 9d520f9b8dfe52b6c923433986c7c3f0dfe8f56548e41dbbdeb3baccdae39e1a
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close