what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 55 RSS Feed

Files Date: 2010-07-28

Mandriva Linux Security Advisory 2010-142
Posted Jul 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-142 - The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. OpenLDAP 2.4.22 allows remote attackers to cause a denial of service via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2010-0211, CVE-2010-0212
SHA-256 | da58b230384d632c52553a0dc4b5256eeaf3ce762c74c6ad7d8fb67893b6ff42
UPlusFTP Server 1.7.1.01 Buffer Overflow
Posted Jul 28, 2010
Authored by corelanc0d3r, Karn Ganeshen

UPlusFTP Server version 1.7.1.01 remote buffer overflow post authentication exploit.

tags | exploit, remote, overflow
SHA-256 | a6a08e41b5947372974aff9b14a2282596f65cf35a007410bc1f76fed9559f49
Symantec AMS Intel Alert Handler Command Execution
Posted Jul 28, 2010
Authored by Spider

Symantec Antivirus Corporate Edition AMS Intel Alert Handler service (hndlrsvc.exe) proof of concept command execution exploit.

tags | exploit, proof of concept
SHA-256 | bf02e9e1d36238740750081701ce2a3c2b498e0a3532ceabfb5c7b2b1318b948
Jira 4.0.1 Cross Site Scripting
Posted Jul 28, 2010
Authored by MaXe

Jira version 4.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a089b5e197e692751a2c97611b596e258edd5b8b894ebb0ee35d25a94853d538
Autonomy KeyView wkssr.dll Record Parsing Buffer Overflows
Posted Jul 28, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered two vulnerabilities in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused by boundary errors in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing certain records. This can be exploited to cause stack-based buffer overflows via specially crafted files. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, overflow, arbitrary, vulnerability
advisories | CVE-2010-0133
SHA-256 | ba54e9780a47cbb9ac825fb26ba0fcde7c0734880a7eec64089b018ed29a2036
Autonomy KeyView wkssr.dll String Indexing Vulnerability
Posted Jul 28, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused by an error in the SpreadSheet Lotus 123 reader (wkssr.dll) when allocating an array of pointers during the parsing of a certain record type combined with how strings are later indexed. This can be exploited to corrupt memory via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, arbitrary
advisories | CVE-2010-1524
SHA-256 | f9a9de57b6faceeb2d7116e3bbd81eb59d6cb237692bb06b5afcdb428702f9d2
Zemana AntiLogger Local Privilege Escalation
Posted Jul 28, 2010
Authored by th_decoder

Zemana AntiLogger with AntiLog32.sys versions 1.5.2.755 and below suffer from a local privilege escalation vulnerability.

tags | exploit, local
SHA-256 | c4b5374aef4fafad83d8cf34f59211029acaf54deb05c6b2269c93d7ea737d0a
Cetera eCommerce 14.0 Cross Site Scripting / SQL Injection
Posted Jul 28, 2010
Authored by MustLive

Cetera eCommerce versions 14.0 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 6f1b7cc690c9fe01ae23a3cdf4588f2d2b60564d3f3c631d51149fa0275d2050
Autonomy KeyView wkssr.dll Integer Underflow Vulnerability
Posted Jul 28, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused by an integer underflow error in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing the size of a specific record type. This can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, denial of service, overflow, arbitrary
advisories | CVE-2010-1525
SHA-256 | 29ad95481579f1764c96d5a3b905c173447d7638ad22ab0b3fad3310e1033f40
Autonomy KeyView wosr.dll Data Block Parsing Buffer Overflow
Posted Jul 28, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error the WordPerfect 5.x reader (wosr.dll) when parsing data blocks and can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-0135
SHA-256 | 5ed5b03e9a9bfac07541b8affc29df12ce6a114af5ce70de811e350abee24c4c
Autonomy KeyView rtfsr.dll RTF Parsing Signedness Error
Posted Jul 28, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a signedness error when parsing the argument to the "\\ls" keyword within a list override table entry in RTF files. This can be exploited to cause a buffer overflow via a specially crafted RTF file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-0134
SHA-256 | 9f637d773e05147f5fddebca47d4f32eaa065525a4713e86117852b4fc62630c
Autonomy KeyView wkssr.dll Floating Point Conversion Buffer Overflow
Posted Jul 28, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error in the Spreadsheet Lotus 123 reader (wkssr.dll) when converting floating point values in certain record types. This can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-0131
SHA-256 | 79ff156cf917fb691f4b17bdbfad5cb0a6cc061edf41a7bcd72b346f6913a832
Autonomy KeyView Compound File Parsing Buffer Overflow
Posted Jul 28, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error when parsing record data in compound documents. This can be exploited to cause a heap-based buffer overflow when an application using the vulnerable library parses e.g. a specially crafted Quattro Pro file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-0126
SHA-256 | c8af127dc81e18677064ef66428dd5b8386a0ce6358af637f1bbae03414a1ae4
Apache Tomcat UTF-8 Directory Traversal
Posted Jul 28, 2010
Authored by Simon Ryeo, mywisdom

UTF-8 directory traversal /etc/passwd grabbing exploit for Apache Tomcat versions prior to 6.0.18.

tags | exploit, file inclusion
advisories | CVE-2008-2938
SHA-256 | 976e244165fc9beb273d4e21c954c5135843e2b1fb28d129213c11847fd97471
Joomla PhotoMap Gallery 1.6.0 SQL Injection
Posted Jul 28, 2010
Authored by Salvatore Fresta

Joomla PhotoMap Gallery version 1.6.0 suffers from multiple remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 8990931df0ebbd576f3d3b513dc714bdbe844c94639806bdeeb8b03de8fc3d32
AV Arcade 3 Insecure Cookie / SQL Injection
Posted Jul 28, 2010
Authored by saudi0hacker

AV Arcade version 3 suffers from insecure cookie and SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection, insecure cookie handling
SHA-256 | 8e521695e01449c7661f2cb8f90b185012521a3a3fc71c1f2a2a3040bb131b5f
nuBuilder 10.04.x Remote File Inclusion
Posted Jul 28, 2010
Authored by Ahlspiess

nuBuilder version 10.04.x suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 50aa0127b4f48063bded2efe72397e46ea8cda4e661102f4751dfdcb7cca99b4
Secunia Security Advisory 40741
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for jboss-seam2. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, redhat
SHA-256 | 1f66f3b22ebc5b24916bace93266531af9f937ab6d1b8e9bb97a071edca32f8b
Secunia Security Advisory 40740
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and a vulnerability have been reported in MediaWiki, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | b22c0eeeec3ca2a90ab3f7a2cdda7cd24bfa42913180a5fd00518843a1fd90bb
Secunia Security Advisory 40679
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Zabbix, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 0e594d0c1fc7f38c3ac50fb687688700c06bb431c685d58a36401c57a586782e
Secunia Security Advisory 40727
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in KVIrc, which can be exploited by malicious people to hijack IRC connections.

tags | advisory
SHA-256 | 04f006656d5afdeb39aa80ce20a5b7dc4ed746fecdb8ce2ca287f5bccb32ef2b
Secunia Security Advisory 40737
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in bozohttpd, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | a7d066c2cc8cefcd25baf8c479852de7fc2da0695f44c4d44e8118728af9f7b0
Secunia Security Advisory 40744
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in nuBuilder, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | d2e57a39c835ec7678c8fb691abb7d74caf3cb3be3294cc8dcf44f85c8065b0d
Secunia Security Advisory 40713
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in hsolinkcontrol, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local, vulnerability
SHA-256 | e6b559f8344d03713cee7b6a322e904df7b03a8792335c201193b5cba5bb0c90
Secunia Security Advisory 40753
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the Front End User Registration extension for TYPO3, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 2d692ae4f82b8d8c52cab67f895d860df52e1627ef4e68e42fef6197e4a6fa9b
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close