exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 42 RSS Feed

Files Date: 2011-05-27

Debian Security Advisory 2244-1
Posted May 27, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2244-1 - It was discovered that BIND, an implementation of the DNS protocol, does not correctly process certain large RRSIG record sets in DNSSEC responses. The resulting assertion failure causes the name server process to crash, making name resolution unavailable.

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2011-1910
SHA-256 | 1d5d9062a169179cd4ddf94fe0a3ecabc58a694c5253fb7da52827e2d41efd17
Debian Security Advisory 2243-1
Posted May 27, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2243-1 - It was discovered that Unbound, a caching DNS resolver, ceases to provide answers for zones signed using DNSSEC after it has processed a crafted query.

tags | advisory
systems | linux, debian
advisories | CVE-2009-4008
SHA-256 | e9b7b8f531d7f0bf62453a71f0ee84e29f0c50968fee5a72a1b77af5437f7843
Security Implications Of IPv6
Posted May 27, 2011
Authored by Fernando Gont

This paper, called Security Implications of IPv6, was published by CPNI and is a collection of security implications to think about while transitioning to IPv6.

tags | paper
SHA-256 | c237c137715ec6c6b22b18847817cae159ad2b52af7a8aac8da06ea03c3945fd
Apache Archiva Cross Site Scripting
Posted May 27, 2011
Authored by Riyaz Walikar | Site archiva.apache.org

Apache Archiva versions 1.3.0 through 1.3.4 suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2011-1077
SHA-256 | 5efbf8901967ec7d67fef99169880a4eb9b5f7f796e2016b76d3c042d56f0674
Lil' HTTP Server 2.2 Cross Site Scripting
Posted May 27, 2011
Authored by Treasure Priyamal | Site treasuresec.com

Lil' HTTP Server version 2.2 suffers from a cross site scripting vulnerability in a default CGI script.

tags | exploit, web, cgi, xss
SHA-256 | 1cd00218bbd303ceb7a7c683ad4f9e471fe94b3e8bd6679f9bf4aab7ee9035d7
cPanel Cross Site Request Forgery
Posted May 27, 2011
Authored by ninjashell

Proof of concept cross site request forgery code that adds a user for cPanel versions prior to 11.25.

tags | exploit, proof of concept, csrf
SHA-256 | a024c484981bd080759beb56b4616306d09fd3038a7cbfbd27ace111d7c4bed6
Brief Whitepaper On Underground Hacking
Posted May 27, 2011
Authored by ninjashell

This is a brief whitepaper discussing tools and methodologies used by black hat hackers.

tags | paper
SHA-256 | 99cb5168fe73f25bc8cebea491434ac4136ad39ade7060bd9bca61721ecbea5c
Apache Archiva 1.3.4 Cross Site Request Forgery
Posted May 27, 2011
Authored by Riyaz Walikar | Site archiva.apache.org

Apache Archiva versions 1.3.0 through 1.3.4 suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2011-1026
SHA-256 | eb08092f53d1420b2409813356b48e5d1e17042b1c5cf9f2453f2175c720699d
BIND 9 Denial Of Service
Posted May 27, 2011
Site isc.org

DNS BIND Security Advisory - A BIND 9 DNS server set up to be a caching resolver is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache a response. This can cause the BIND 9 DNS server (named process) to crash. Versions affected include 9.4-ESV-R3 and later, 9.6-ESV-R2 and later, 9.6.3, 9.7.1 and later, 9.8.0 and later.

tags | advisory, denial of service
advisories | CVE-2011-1910
SHA-256 | fa50a97638e2f7e6a97d4f93201d255bcf855b0b42fd27b17eea562af70dec7f
ICSEA 2011 Call For Papers
Posted May 27, 2011
Site iaria.org

Call For Papers for the ICSEA 2011 conference that will be held in Barcelona, Spain from October 23rd through the 28th, 2011.

tags | paper, conference
SHA-256 | 6c36348fa85097c824b4cfd1b14221c32c0498192a58deb9ab907368fecab4d4
LilHTTP Source Code Disclosure/Download
Posted May 27, 2011
Authored by Treasure Priyamal | Site treasuresec.com

This Metasploit module exploits a source code disclosure/download vulnerability in versions 2.2c and prior of LilHTTP.

tags | exploit
SHA-256 | c2b75ab624e45f5f7aa4903e98c06bac4c9031186419bdf1c964c9adc0dc1287
TrustWave WebDefend Static Database Password
Posted May 27, 2011
Authored by Nathan Power

Trustwave WebDefend suffers from a static database password vulnerability. It was discovered in various DLLs and EXEs and affects WebDefend Enterprise Manager Appliance / Console software versions 5.0 and 4.0.

tags | advisory
SHA-256 | af8e8db72fb21529ddd405451250cf64c1245de881c6b67c33191743d4d5a7f7
AIDeX Mini-Webserver 1.4 Cross Site Scripting
Posted May 27, 2011
Authored by wingthor

AIDeX Mini-Webserver version 1.4 integrated chat suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 63f08b95e3d992ec65cfd62a1c051d262be94d3bea6b68f906be082536cf1b6e
Linux IPTables Firewall 1.4.11
Posted May 27, 2011
Site iptables.org

iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.

Changes: Support for new features in the 2.6.39 kernel. Various bugfixes, cleanups, and documentation updates.
tags | tool, firewall
systems | linux
SHA-256 | c436df01657b30fe1ee7bb14324e5250adefaaaad8fde5760f95f3db55ae4618
Magneto ICMP ActiveX 4.0.0.20 Code Execution
Posted May 27, 2011
Authored by boahat

Magneto ICMP ActiveX version 4.0.0.20 ICMPSendEchoRequest remote code execution exploit.

tags | exploit, remote, code execution, activex
SHA-256 | 876aff9acdbf575a2e84dd3ba6795effc4990578f83f52992f9b6a1f9bb42b99
DNS Reverse Download And Execute Shellcode
Posted May 27, 2011
Authored by Alexey Sintsov

This shellcode downloads and executes a file via a reverse DNS channel.

tags | shellcode
SHA-256 | 137d4935c5dba1bc9303b67ee85506910151f930ad28d4a31438dd485aafed4b
HB Ecommerce SQL Injection
Posted May 27, 2011
Authored by takeshix

HB Ecommerce suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8528a3101bc6b3f501b2554bb1afe92ddb94151a1cd38f6ca2dea1fc1480e803
Ubuntu Security Notice USN-1138-2
Posted May 27, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1138-2 - USN-1138-1 fixed a vulnerability in DBus-GLib. NetworkManager and ModemManager required rebuilding against the updated DBus-GLib to incorporate the changes. It was discovered that DBus-GLib did not properly verify the access flag of exported GObject properties under certain circumstances. A local attacker could exploit this to bypass intended access restrictions or possibly cause a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
SHA-256 | 3a419fab7b32032bd3eaa04ad96c2f47ef0907a28bc4afa4493a9cb97e3c90e9
Ubuntu Security Notice USN-1138-1
Posted May 27, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1138-1 - It was discovered that DBus-GLib did not properly verify the access flag of exported GObject properties under certain circumstances. A local attacker could exploit this to bypass intended access restrictions or possibly cause a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2010-1172
SHA-256 | c935c17e82d36e21de9f5a0ab05a59ede86e3264481de05296335a94ab380a54
Ubuntu Security Notice USN-1137-1
Posted May 27, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1137-1 - Juraj Somorovsky, Jorg Schwenk, Meiko Jensen and Xiaofeng Lou discovered that Eucalyptus did not properly validate SOAP requests. An unauthenticated remote attacker could exploit this to submit arbitrary commands to the Eucalyptus SOAP interface in the context of an authenticated user.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-0730
SHA-256 | 70f2755b4d3cbc4f775f55a6948dcb13931a0c487ececdf66ab508dac31f4c2a
Joomla Restaurants SQL Injection
Posted May 27, 2011
Authored by Fl0riX

The Joomla Restaurants component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b5a9d4afa1ded0712ad5764745b1657176507b0a3aba7019dc7b6a1124e39be6
Secunia Security Advisory 44670
Posted May 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for cyrus-imapd-2.2. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.

tags | advisory
systems | linux, debian
SHA-256 | c4fedb1fe4adb7ba572d8cf87aa0fe3f2d26fb091d8de0d0370fbdfd68776663
Secunia Security Advisory 44718
Posted May 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Wing FTP Server, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | a20f3cbf20ae557fc0eea78f121b795227506be919dbc2346c8d9ea4f3af97c2
Secunia Security Advisory 44727
Posted May 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco Content Delivery System, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco
SHA-256 | df96d124ce4210454a22337408d34ac08e5b269895812c0c70bc5dbde4f56b20
Secunia Security Advisory 44713
Posted May 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for exim4. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, ubuntu
SHA-256 | 0078a1db4d4804da1ceecdc21c124cfd468c6a06632e0c5444bec3c77a85320c
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close