what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 58 RSS Feed

Files Date: 2009-11-17 to 2009-11-18

PHP 5.2.11 / 5.3.0 symlink() open_basedir Bypass
Posted Nov 17, 2009
Authored by Maksymilian Arciemowicz | Site securityreason.com

PHP versions 5.2.11 and 5.3.0 suffer from a symlink() open_basedir bypass vulnerability.

tags | exploit, php, bypass
SHA-256 | f8af26e6ee5914fd87ea6711ebc4f3b21a8d49616078c8c12af0172c01be0e3c
ISC DHCP dhclient Buffer Overflow
Posted Nov 17, 2009
Authored by Jon Oberheide

ISC DHCP dhclient scripts_write_params() stack buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2009-0692
SHA-256 | 2014e6abc56455168433974101c55c09624023f1879081dc6ce5c0c8823eb70e
Mozilla NSS NULL Character CA SSL Certificate Bypass
Posted Nov 17, 2009
Authored by Dan Kaminsky | Site doxpara.com

Mozilla NSS NULL character CA SSL certificate validation security bypass vulnerability.

tags | exploit, bypass
SHA-256 | 92116a1f698ebd192000a6a214b3792bd3a3666828967d60da976747919e9260
Ubuntu Security Notice 853-2
Posted Nov 17, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 853-2 - USN-853-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced regressions that could lead to crashes when processing certain malformed GIF images, fonts and web pages. This update fixes the problem.

tags | advisory, web, vulnerability
systems | linux, ubuntu
SHA-256 | ae7e613a82982701cb0b5e50d5bda7c9a8e2baeb5e561af8226ffa3c8634ddb2
Using XSS To Bypass XSRF Protection
Posted Nov 17, 2009
Authored by Nytro

Whitepaper called Using XSS to Bypass XSRF Protection.

tags | paper
SHA-256 | 5035f8be6334058e104ea433327f5b3e06c3056e60fecf4e10d50092b351f754
WordPress 2.8.5 Shell Upload
Posted Nov 17, 2009
Authored by Dawid Golunski

WordPress versions 2.8.5 and below suffer from an unrestricted file upload vulnerability that allows for PHP code execution.

tags | exploit, php, code execution, file upload
SHA-256 | 8a9c0fdb59cc38abd6330f5a1a1a3775ef99f1828bf48d154ae593fee3004135
Panda Security Software Local Privilege Escalation
Posted Nov 17, 2009
Authored by ShineShadow

Panda Security Software suffers from a local privilege escalation vulnerability.

tags | advisory, local
SHA-256 | 0db1401fc7a166e2a2fc024722964904cbeba0bf6dcd6e4e2b7e640bcaa2de47
Windows 7 Remote Kernel Crash
Posted Nov 17, 2009
Authored by laurent gaffie

Proof of concept exploit that demonstrates a remote kernel crash vulnerability in Windows 7.

tags | exploit, remote, kernel, proof of concept
systems | windows
SHA-256 | 0c550ae47995e2697019b90be957f6aecb34773bd99b762df6389336df4d7c85
AIMP2 Audio Converter Playlist Buffer Overflow
Posted Nov 17, 2009
Authored by corelanc0d3r

AIMP2 versions 2.51 build 330 and below audio converter playlist buffer overflow exploit.

tags | exploit, overflow
SHA-256 | c6e39bb3fcec1877067eb985ee4f07a6fd968d11e76815fc2c325d912e99073b
Technical Cyber Security Alert 2009-314A
Posted Nov 17, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2009-314A - Microsoft has released updates to address vulnerabilities in Microsoft Windows and Windows Server and Office Word and Excel.

tags | advisory, vulnerability
systems | windows
SHA-256 | f4a61c8485cfee670a227cc6dc6ce75b187c3ef15698f355f31d57b7297b8ae3
iDEFENSE Security Advisory 2009-11-10.2
Posted Nov 17, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 11.10.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a FEATHEADER record within an Excel file. This record is used to store information common to multiple other records, and was introduced with Excel 2002 (XP). When certain fields of this record are set to a trigger value, it is possible to corrupt memory in such a way that the next 4 bytes in the record are treated as an object pointer. This pointer is then used to make a virtual function call, which results in the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in Excel versions 2007, 2003, and XP. The record that causes the vulnerability is not supported by Excel 2000, so it is not affected by this vulnerability.

tags | advisory, remote, arbitrary
advisories | CVE-2009-3129
SHA-256 | 5f80963ddf2ce93ca1f29af19a4ef71104925c85a3890129ab19e9b97edbffb6
iDEFENSE Security Advisory 2009-11-10.1
Posted Nov 17, 2009
Authored by iDefense Labs, Jun Mao | Site idefense.com

iDefense Security Advisory 11.10.09 - Remote exploitation of a stack buffer overflow vulnerability in Microsoft Corp.'s Word could allow attackers to execute arbitrary code with the privileges of the targeted user. This vulnerability occurs when Word parses the File Information Block (FIB) structure inside a Word document. When a malformed FIB structure is processed, a stack buffer overflow will occur which can lead to an exploitable condition. iDefense has confirmed fully patched Microsoft Word 2003 SP3, Microsoft Word XP SP3, Microsoft Word 2000 SP3 are vulnerable. Microsoft Word 2007 SP1 is not affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2009-3135
SHA-256 | fb02e8e8e484eae0536df20cc974d2730b906f2d936448bc99c5357711be4695
Zero Day Initiative Advisory 09-083
Posted Nov 17, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-083 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious spreadsheet. The specific flaw exists in the handling of Shared Feature Header (0x867) tags in an Excel BIFF file format. When processing the cbHdrData size element of the FEATHEADER it is possible to directly control the distance of a calculated pointer. This condition can be leveraged successfully to execute arbitrary code under the context of the currently logged in user.

tags | advisory, remote, arbitrary
advisories | CVE-2009-3129
SHA-256 | d548095b72374db0546e590ef01b4c3b681d0d5725433ed78d66dbb44ae398ab
Zero Day Initiative Advisory 09-082
Posted Nov 17, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-082 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists when parsing a document containing a malformed PivotCache Stream. The application will utilize the iCache value of an SXVI record to seek into a list of objects. While setting an attribute of that particular object, the application will corrupt memory which can lead to code execution under the context of the currently logged in user.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2009-3127
SHA-256 | d7c02af1af262734ec1d52b22391c85538bf9a03faddc3490b3a8b2eecc6d097
Microsoft Windows License Logging Service Heap Corruption
Posted Nov 17, 2009
Authored by Cody Pierce | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Authentication is not required on certain configurations to exploit this vulnerability. The specific flaw exists in the handling of RPC calls to the License Logging Service (llssrv.exe). When processing arguments to the LlsrLicenseRequestW method a character array is expected to contain a terminating null byte. By supplying data that does not end in a null it is possible to overlap a call to lstrcatW, resulting in a heap overflow. Successful exploitation of this vulnerability can lead to remote system compromise under the credentials of the SYSTEM account.

tags | advisory, remote, overflow, arbitrary
systems | windows
advisories | CVE-2009-2523
SHA-256 | f21d1604d8e1e8c3be6574e22ae7b94c1af0646e4e4c46095c1aa5ccefb5b163
Atheros Driver Reserved Frame Vulnerability
Posted Nov 17, 2009
Authored by Laurent Butti

The wireless drivers in some Wi-Fi access points (such as the ATHEROS-based Netgear WNDAP330) do not correctly parse malformed reserved management frames.

tags | advisory
advisories | CVE-2009-0052
SHA-256 | f6fc1bda3a0c5dffe082b5ca1d4a671c6e65ff573fec7141a069a46e37ab49da
Marvell Driver Element Overflows
Posted Nov 17, 2009
Authored by Laurent Butti

The wireless drivers in some Wi-Fi access points (such as the MARVELL-based Linksys WAP4400N) do not correctly parse information elements included in association requests.

tags | advisory, overflow
advisories | CVE-2007-5475
SHA-256 | f726b07e5df156d18db6d87b24879cea10a4c642f89c60083faaa78b0fa2ed0f
Cute News XSS / LFI / Bypass
Posted Nov 17, 2009
Authored by Andrew Horton

Cute News version 1.4.6 and UTF-8 Cute News suffer from cross site request forgery, cross site scripting, file path disclosure, local file inclusion, authentication bypass, and php command injection vulnerabilities.

tags | exploit, local, php, vulnerability, xss, file inclusion, csrf
SHA-256 | cc0fab30e32bdf7cfa84bd8a3a839c9f6541191bedd2b0e2430e4f040589df96
Ubuntu Security Notice 857-1
Posted Nov 17, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 857-1 - It was discovered that QtWebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. Several flaws were discovered in the QtWebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that QtWebKit did not properly handle certain XSL stylesheets. If a user were tricked into viewing a malicious website, an attacker could exploit this to read arbitrary local files, and possibly files from different security zones. It was discovered that QtWebKit did not prevent the loading of local Java applets. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, remote, denial of service, arbitrary, local, javascript
systems | linux, ubuntu
advisories | CVE-2009-0945, CVE-2009-1687, CVE-2009-1690, CVE-2009-1698, CVE-2009-1699, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1725
SHA-256 | 5a324ea48b5787026fc49a852ae6d25efa2d3fb3bd8b0cdfcf21959e24c7da1e
Ubuntu Security Notice 856-1
Posted Nov 17, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 856-1 - Aaron Sigel discovered that the CUPS web interface incorrectly protected against cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. If an authenticated user were tricked into visiting a malicious website while logged into CUPS, a remote attacker could modify the CUPS configuration and possibly steal confidential data.

tags | advisory, remote, web, xss, csrf
systems | linux, ubuntu
advisories | CVE-2009-2820
SHA-256 | 44ccda0c873bd7da23e414ac67e8b1cf3640c62a81554a287b915fe11ac3e227
XM Easy Personal FTP Server 5.8.0 Denial Of Service
Posted Nov 17, 2009
Authored by zhangmc

XM Easy Personal FTP Server version 5.8.0 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 4333012c55f9fc3b55690c74d944a57934c5f46de6d6e2edf1d5267c2f00d29b
HP Security Bulletin HPSBUX02476 SSRT090250
Posted Nov 17, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, privilege escalation, and Denial of Service (DoS).

tags | advisory, java, remote, denial of service, vulnerability
systems | hpux
advisories | CVE-2009-0217, CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2674, CVE-2009-2675, CVE-2009-2676
SHA-256 | 4e557744aecf9dd9f0d0fa1806010807ec9f5b0715c0bca405e0d75be361b35c
Safari 4.0.3 Win32 Denial Of Service
Posted Nov 17, 2009
Authored by Jeremy Brown | Site jbrownsec.blogspot.com

Safari version 4.0.3 (Win32) XSS remote denial of service exploit.

tags | exploit, remote, denial of service
systems | windows
SHA-256 | a7d9ba59f478e5a36cfe543be10d0937974a736f8df9367cba150bfafe28c98d
Cisco Security Advisory 20091109-tls
Posted Nov 17, 2009
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - An industry-wide vulnerability exists in the Transport Layer Security (TLS) protocol that could impact any Cisco product that uses any version of TLS and SSL. The vulnerability exists in how the protocol handles session renegotiation and exposes users to a potential man-in-the-middle attack.

tags | advisory, protocol
systems | cisco
advisories | CVE-2009-3555
SHA-256 | 834e38821f573aad3c161fc1bbd3197b23d825981e7612301a401b08b5f77563
Adobe Acrobat Reader Arbitrary Dereference Proof Of Concept
Posted Nov 17, 2009
Authored by Felipe Andres Manzano

When a U3D CLODProgressiveMeshContinuation (blocktype: 0xFFFFFF3C) is parsed by Adobe Acrobat Reader U3D plugin the split position index is read from the input without any validation. That index is then used for getting an object out of the limits of the array, object from which a function pointer is dereferenced and called. Adobe Acrobat Reader version 8.1.6 and below and 9.1.3 and below are affected.

tags | exploit
advisories | CVE-2009-2990
SHA-256 | f13045466b5a75506fbe65fd83ad85cca5999df4143ceaf0a1f3d413d2624905
Page 2 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close