exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 69 RSS Feed

Files Date: 2012-04-11

Subverting Networks
Posted Apr 11, 2012
Authored by Parul Khanna

This is a brief presentation that touches on various elements of attacks used to cause computer security issues. It is very high level.

tags | paper
SHA-256 | 40bf343ddc6f826bdaa3a6f429164fd979037dafa0de7cfaa4220c3431ebc5aa
Ubuntu Security Notice USN-1420-1
Posted Apr 11, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1420-1 - It was discovered that the NVIDIA graphics drivers could be reconfigured to gain access to arbitrary system memory. A local attacker could use this issue to possibly gain root privileges.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2012-0946
SHA-256 | e6b94f42f688c3136d553ecff135bd232b991d4f41e23779631623996fd74e61
Technical Cyber Security Alert 2012-101B
Posted Apr 11, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-101B - Adobe has released Security Bulletin APSB12-08, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. As part of this update, Adobe Reader and Acrobat 9.x will use the system-wide Flash Player browser plug-in instead of the Authplay component. In addition, Reader and Acrobat now disable the rendering of 3D content by default.

tags | advisory, vulnerability
SHA-256 | 7b6efa396060be88ab58d1b9ba817b6174c0d8cac6c5b6a361ff1c72175a2467
NIELD (Network Interface Events Logging Daemon) 0.23
Posted Apr 11, 2012
Authored by Tetsumune KISO | Site github.com

Network Interface Events Logging Daemon is a tool that receives notifications from the kernel through the rtnetlink socket, and generates logs related to link state, neighbor cache (ARP,NDP), IP address (IPv4,IPv6), route, FIB rules.

Changes: This release includes minor updates and bugfixes.
tags | tool, kernel, system logging
systems | linux, unix
SHA-256 | e1ec1bc25bc337a1942e74d7c07a0a9782a3728905f92f633204d8c7be267b17
BGS CMS 2.2.1 Cross Site Scripting
Posted Apr 11, 2012
Authored by LiquidWorm | Site zeroscience.mk

BGS CMS version 2.2.1 suffers from multiple stored and reflected cross site scripting vulnerabilities when parsing user input to several parameters via GET and POST method (post-auth). Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary, vulnerability, xss
SHA-256 | 1a474163f17dc1462181f57315dc71f8d56003df79de9b6b8db2e147abf40c76
Seditio Chat 1.0 Cross Site Request Forgery
Posted Apr 11, 2012
Authored by Akastep

Seditio Chat plugin version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 06d094015e904ce08e8240eb9c7df829c02e6115b618f94827052ea9bfa99a16
Mandriva Linux Security Advisory 2012-055
Posted Apr 11, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-055 - The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call. The updated packages have been patched to correct this issue.

tags | advisory, remote, arbitrary
systems | linux, mandriva
advisories | CVE-2012-1182
SHA-256 | 676cd5caa1a00ec6655d780e2a43329e69c8af366edce0bac72c298a8f52bb1d
Koprana CMS SQL Injection
Posted Apr 11, 2012
Authored by The UnKn0wN

Koprana CMS remote SQL injection exploit written in PHP.

tags | exploit, remote, php, sql injection
SHA-256 | 3383c2a1d0fd8d6e9b8379515a4a9e8a9e190c71f0a02cda50e3dab5e367ed96
Koprana CMS Shell Upload
Posted Apr 11, 2012
Authored by The UnKn0wN

Koprana CMS remote shell upload exploit written in PHP.

tags | exploit, remote, shell, php
SHA-256 | 8d3b750e079db72cdf1375b60505c4691cf36b74583357d5e66d952c663400c6
Technical Cyber Security Alert 2012-101A
Posted Apr 11, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-101A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft Server Software, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities.

tags | advisory, vulnerability
systems | windows
SHA-256 | 2151cce31ecc67c5f890478458d9f102d21fc5c5acf8bed6a032535dcfa65a58
wicd Privilege Escalation
Posted Apr 11, 2012
Site infosecinstitute.com

wicd suffers from a privilege escalation vulnerability. Exploit that spawns a root shell and a patch are included.

tags | exploit, shell, root
SHA-256 | 7fc081886c2f0c3cdfce37239884c557cb3aa605b12afcdc87cef71a8c11ddaf
Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution
Posted Apr 11, 2012
Site metasploit.com

This exploit dynamically creates a .xpi addon file. The resulting bootstrapped Firefox addon is presented to the victim via a web page with. The victim's Firefox browser will pop a dialog asking if they trust the addon. Once the user clicks "install", the addon is installed and executes the payload with full user permissions. As of Firefox 4, this will work without a restart as the addon is marked to be "bootstrapped". As the addon will execute the payload after each Firefox restart, an option can be given to automatically uninstall the addon once the payload has been executed.

tags | exploit, web
SHA-256 | fe11f9476eec443ec8ee1c993de10588be44723dae4fb783e6c16d3dee18a219
GroupWare epesiBIM CRM 1.2.1 Cross Site Scripting
Posted Apr 11, 2012
Authored by Chokri Ben Achor, Vulnerability Laboratory | Site vulnerability-lab.com

GroupWare epesiBIM CRM version 1.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c8547aac5f5cba34e71dc25c9a17b80bad80d40910df5ab397eefbfb9b3d332a
Joomla The Estate Agent SQL Injection
Posted Apr 11, 2012
Authored by xDarkSton3x

The Joomla The Estate Agent component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f8119363f3290801042b0f1c3735641f9fc59f70c8602592130260e11f967745
Joomla Bearleague SQL Injection
Posted Apr 11, 2012
Authored by xDarkSton3x

The Joomla Bearleague component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c05f4b345fb2d1016095fd8e718636b8bde10eb1010efcb48159aaf1c75cf9ef
National Center EDU Research SQL Injection
Posted Apr 11, 2012
Authored by Alexander Fuchs, Vulnerability Laboratory | Site vulnerability-lab.com

The National Center of Education Research suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4414371f33085a44c8b6596429e944389bb731f361deea72620305a56acc9d10
Matterdaddy Market 1.1 SQL Injection
Posted Apr 11, 2012
Authored by Chokri Ben Achor, Vulnerability Laboratory | Site vulnerability-lab.com

Matterdaddy Market eCommerce CMS version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 552b7c73a625dead8d7e17634e55ad2b13b259c4464c324854d1aba922dd83b1
Europcar.bg Cross Site Scripting
Posted Apr 11, 2012
Authored by Ryuzaki Lawlet

Europcar.bg suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 676ef51ad74a4ac79ad0a05d05c18176b77664cb0b82133150aad8e913d7989d
Europcarug.com Cross Site Scripting
Posted Apr 11, 2012
Authored by Ryuzaki Lawlet

Europcarug.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ce7854c9d40879b31bfdf15cb847160ef3b26aee7bece362ab63ca3079896931
Scully.cfa.harvard.edu Cross Site Scripting
Posted Apr 11, 2012
Authored by Ryuzaki Lawlet

Scully.cfa.harvard.edu suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e4391c75e3382e2334e35a018940ecf4b5d58377004a9dbfd2d7b74d09e449eb
Minerva Infotech CMS 1.0 Blind SQL Injection
Posted Apr 11, 2012
Authored by Andrea Bocchetti

Minerva Infotech CMS version 1.0 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ba5b6e4d3096c01565cf0114ac49e260b3f4ff8c5da95f18e87649296a077989
Debian Security Advisory 2448-1
Posted Apr 11, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2448-1 - It was discovered that a heap-based buffer overflow in InspIRCd could allow remote attackers to execute arbitrary code via a crafted DNS query.

tags | advisory, remote, overflow, arbitrary
systems | linux, debian
advisories | CVE-2012-1836
SHA-256 | 531a6ada2ab9abfb6de202bbd399f431ac06f31ee6befe118b5ce7ceb9a5fdfa
Gentoo Linux Security Advisory 201204-02
Posted Apr 11, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201204-2 - A heap-based buffer overflow in InspIRCd may allow execution of arbitrary code. Versions less than 2.0.5-r1 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2012-1836
SHA-256 | abfd4aa364671b754d92a1c343e376e15d17c7bb1a31c20017539b916774f662
Ubuntu Security Notice USN-1419-1
Posted Apr 11, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1419-1 - It was discovered that Puppet used a predictable filename when downloading Mac OS X package files. A local attacker could exploit this to overwrite arbitrary files. It was discovered that Puppet incorrectly handled filebucket retrieval requests. A local attacker could exploit this to read arbitrary files. It was discovered that Puppet incorrectly handled filebucket store requests. A local attacker could exploit this to perform a denial of service via resource exhaustion. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, apple, osx, ubuntu
advisories | CVE-2012-1906, CVE-2012-1986, CVE-2012-1987, CVE-2012-1988, CVE-2012-1989, CVE-2012-1906, CVE-2012-1986, CVE-2012-1987, CVE-2012-1988, CVE-2012-1989
SHA-256 | b321c92d30665135abf19544c4c759a8dc26d73f6d998793727b56e0115999ac
Gentoo Linux Security Advisory 201204-03
Posted Apr 11, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201204-3 - Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Versions less than 18.0.1025.151 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-3066, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3070, CVE-2011-3071, CVE-2011-3072, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3077
SHA-256 | b701e0af7fd5d3bb49ccbc4fccd62c9703b155c464213a93ce5483d96ca2f2b6
Page 1 of 3
Back123Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close