what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 59 RSS Feed

Files Date: 2012-03-30

Mandriva Linux Security Advisory 2012-045
Posted Mar 30, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-045 - Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service via a large SessionTicket. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2011-4128
SHA-256 | 9d3027f3aebc071f3740544e88a82db2c4435c748db9687f95fffe022c747c8e
Landshop 0.9.2 Cross Site Scripting / SQL Injection
Posted Mar 30, 2012
Authored by the_storm, Vulnerability Laboratory | Site vulnerability-lab.com

Landshop version 0.9.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 06c23effd7b7b44a3089ec55527daab42554267e4fdee22011c25999803dae48
Bitsmith PS Knowbase 3.2.3 Buffer Overflow
Posted Mar 30, 2012
Authored by Julien Ahrens, Vulnerability Laboratory | Site vulnerability-lab.com

Bitsmith PS Knowbase version 3.2.3 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | ff8b475b068dda8ae047b8fac7df7397a76692e21be2a9c19f5a7db55247df62
Java AtomicReferenceArray Type Violation
Posted Mar 30, 2012
Authored by egypt, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability due to the fact that AtomicReferenceArray uses the Unsafe class to store a reference in an array directly, which may violate type safety if not used properly. This allows a way to escape the JRE sandbox, and load additional classes in order to perform malicious operations.

tags | exploit
advisories | CVE-2012-0507, OSVDB-80724
SHA-256 | f3f101f5489c7554b50702229d0f0d209cf48a2f373093551088f3e07904f138
Bypassing tolower() Filters In Buffer Overflows
Posted Mar 30, 2012
Authored by localh0t

This whitepaper goes into detail on how to bypass tolower() filters in buffer overflows. It uses a stack-based buffer overflow as an example but the technique can also be applied to heap overflows as well.

tags | paper, overflow
SHA-256 | db7da31673402422788bf435e51bb26cce80674800f01ecfb89ff9f49608d751
JAMWiki 1.1.4 Cross Site Scripting
Posted Mar 30, 2012
Authored by Sooraj K.S | Site secpod.com

JAMWiki version 1.1.4 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3a434a12f95e083d4e37bd69a090f4a82a49d407c4756262d732f4e0e3f3a399
SocialCMS 1.0.2 Cross Site Scripting
Posted Mar 30, 2012
Authored by Ivano Binetti

SocialCMS versions 1.0.2 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2012-1982
SHA-256 | a66d3ebbdf0a5c8fec0b050c9acc1528e7708bd7acc201da83ebb71d1a25f4df
Simple PHP Agenda 2.2.8 Cross Site Request Forgery
Posted Mar 30, 2012
Authored by Ivano Binetti

Simple PHP Agenda versions 2.2.8 and below suffer from multiple cross site request forgery vulnerabilities.

tags | exploit, php, vulnerability, csrf
advisories | CVE-2012-1978
SHA-256 | 02e95a628273a7d274960548d31bfc06e489e5e9030ae0a37dac889a18238b13
How Secure Is Contactless Smartcard Technology
Posted Mar 30, 2012
Authored by Hitesh Malviya

This is a brief whitepaper discussing the security of contactless smartcard technology.

tags | paper
SHA-256 | 74a21b5c3907b319f53c402833c27ad3d326f6ca78d9dff95d4041ee8e139943
MailMax 4.6 POP3 Buffer Overflow
Posted Mar 30, 2012
Authored by localh0t

MailMax versions 4.6 and below POP3 USER remote buffer overflow exploit.

tags | exploit, remote, overflow
SHA-256 | 14b8a1f5446fbce8f0033455b422da494838ebd8f710bfefe2e225cd86bde3c9
SyndeoCMS 3.0.01 Cross Site Scripting
Posted Mar 30, 2012
Authored by Ivano Binetti

SyndeoCMS versions 3.0.01 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-1979
SHA-256 | e50db0bbb8c9c5cf899bf6cc502424fee086c16a445dd347146129d91f1a131c
VMware High-Bandwidth Backdoor ROM Overwrite Privilege Elevation
Posted Mar 30, 2012
Authored by Derek Soeder

VMware suffers from a backdoor ROM overwrite privilege escalation vulnerability.

tags | exploit
advisories | CVE-2012-1515
SHA-256 | b9592c21e5137b1c05d3912f92d7e5520576843ea7ebeb78d6e4e04c2e626f17
Intuit Help System Protocol File Retrieval
Posted Mar 30, 2012
Authored by Derek Soeder

Intuit Help System suffers from protocol file retrieval vulnerability.

tags | exploit, protocol
SHA-256 | 65677d6250ef2ab1e9b970ddb24217950a01b3edbee65118c3e2ebe4ee508a3d
Dalbum 144 Build 174 Cross Site Request Forgery
Posted Mar 30, 2012
Authored by Ahmed Elhady Mohamed

Dalbum version 144 build 174 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 00db7898e4448ebb13cb644498d530d22f039f12896633da126ec0a6476a7296
Intuit Help System Heap Corruption / Memory Leak
Posted Mar 30, 2012
Authored by Derek Soeder

Intuit Help System suffers from protocol URL heap corruption and memory leak vulnerabilities.

tags | exploit, vulnerability, protocol, memory leak
SHA-256 | 28c43548d0a76f1624a1a7bef0b4301fe6ec08af383b75c0a01f373d96370407
WebMatter CMS SQL Injection
Posted Mar 30, 2012
Authored by the_cyber_nuxbie

WebMatter CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4a0f7e79db84fc5f3e6ee7e303d84f4e17d86bc810f47fdf052eaf4e9a4686d1
ArticleSetup 1.11 Cross Site Scripting / SQL Injection
Posted Mar 30, 2012
Authored by Antu Sanadi | Site secpod.com

ArticleSetup versions 1.11 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 9989e178ae23e232b3197892da9d4f97be442d52ccc77c18923483a98701abc4
PHP 5.4 / 5.3 eregi() Memory Limit Bypass
Posted Mar 30, 2012
Authored by Maksymilian Arciemowicz

PHP versions 5.4 and 5.3 suffer from a deprecated eregi() memory_limit bypass vulnerability. Proof of concepts included.

tags | exploit, php, proof of concept, bypass
systems | linux
SHA-256 | b8f9235bcde03d20acafbedaa0aa12b05d9c56034aaaa1a9f164f8fbde699142
Firstload.com Cross Site Scripting
Posted Mar 30, 2012
Authored by Crim3R

Firstload.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fe8708399a692ce8a272a89ac63191db1d103668ef36b703b2323bfc1e4ff6cb
VMware Security Advisory 2012-0006
Posted Mar 30, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0006 - VMware ESXi and ESX address several security issues.

tags | advisory
advisories | CVE-2011-2482, CVE-2011-3191, CVE-2011-4348, CVE-2011-4862, CVE-2012-1515
SHA-256 | c6e864dff9dcf56bf615c9e583291146b0b85366456ccd6d12ad89425be75c54
Secunia Security Advisory 48646
Posted Mar 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Havalite, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
SHA-256 | d142797f7dd77a9313414f41fe5d3420b6993e137b11125df0ae138f13b44b14
Secunia Security Advisory 48646
Posted Mar 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Havalite, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
SHA-256 | d142797f7dd77a9313414f41fe5d3420b6993e137b11125df0ae138f13b44b14
Secunia Security Advisory 48664
Posted Mar 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Red Hat Network Satellite, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, redhat
SHA-256 | 0e39db5313135801d11626704ab28dd1f8ca677b51297e23da2fba7bed3b7ec4
Secunia Security Advisory 48655
Posted Mar 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges, by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service), and by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, kernel, local, vulnerability
SHA-256 | ae89cc46e76cdf1534a4afde5a49a3ed56981fb200773afa921bee03c1acc0a8
Secunia Security Advisory 48613
Posted Mar 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Antu Sanadi has discovered multiple vulnerabilities in ArticleSetup, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | f732c0164c00edbcdaddc2fae2915561be17679c221d7caf3b8b276ea9de4fe0
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close