exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2012-11-19

Zero Day Initiative Advisory 12-187
Posted Nov 19, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-187 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a particular array contained within a Real Media file and then uses the data. When allocating and reading frame size information, the application will fail to check the bounds of how this array is used. The application will use results in this array as an allocation for the size of a buffer. When initializing this new buffer, the application can then write outside it's bounds which will lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2012-0923
SHA-256 | 7f7a245921e96acbc1266832a2c321122ceba54fcacd0d720579d3be636c6813
Belkin Insecure Default WPA2 Passphrase
Posted Nov 19, 2012
Authored by Jakob Lell

Having a preconfigured randomly generated WPA2-PSK passphrase for wireless routers is basically a good idea since a vendor-generated passphrase can be much more secure than most user-generated passwords. However, in the case of Belkin the default password is calculated solely based on the MAC address of the device. Since the MAC address is broadcasted with the beacon frames sent out by the device, a wireless attacker can calculate the default passphrase and then connect to the wireless network. Vulnerable versions include, but are not limited to, Belkin Surf N150 Model F7D1301v1, Belkin N900 Model F9K1104v1, Belkin N450 Model F9K1105V2, and possibly Belkin N300 Model F7D2301v1.

tags | advisory
advisories | CVE-2012-4366
SHA-256 | 684453e25779c4ae90104f2addefb07264bc19185c67e2fec33fdde7ceba7c7c
Splunk 4.x Denial Of Service
Posted Nov 19, 2012
Authored by Alexander Klink | Site nruns.com

Splunk versions 4.0 through 4.3.4 suffer from an unauthenticated remote denial of service vulnerability against splunkd.

tags | advisory, remote, denial of service
SHA-256 | 712c0f2ebc8a92c6651117dcb6b048dd30c332c12100a46fccd41ffa48f1183d
Mandriva Linux Security Advisory 2012-172
Posted Nov 19, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-172 - Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file. The updated packages have been patched to correct this issue.

tags | advisory, remote, overflow
systems | linux, mandriva
advisories | CVE-2012-4504
SHA-256 | 02a25e5905882a2a706131a0db3229bdc2ff4621ce2936bd1a05e5416c3a6d68
Akeni LAN 1.2.118 Filter Bypass
Posted Nov 19, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

A filter bypass vulnerability in Akeni LAN (LE) Messenger version 1.2.118 allows for malicious script insertion / cross site scripting attacks.

tags | exploit, xss, bypass
SHA-256 | a856de3fd6a5d3af851ebd5974741c479af215deb2422d936244be3106873f79
Manage Engine Exchange Reporter 4.1 Cross Site Scripting
Posted Nov 19, 2012
Authored by Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com

Manage Engine Exchange Reporter version 4.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 88a98e8af73fd137f6bbd014be80a042c4c83acb3c1d6f43255c2ccbf4407a8e
Omni-Secure 5 / 6 / 7 Remote File Disclosure
Posted Nov 19, 2012
Authored by HaCkeR_EgY

Omni-Secure versions 5, 6, and 7 suffer from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | c7976e9f4319789ecff0baa4aac29390e943b06f256fba7cbb192d9a9f5ae6f1
Skype Account Service Reset Credentials
Posted Nov 19, 2012
Authored by Benjamin Kunz Mejri, Chokri Ben Achor, Vulnerability Laboratory | Site vulnerability-lab.com

The Skype Account Service application suffered from a reset password/username vulnerability.

tags | exploit
SHA-256 | 47ad6f50220ee53830173e0377be0516841a8b60569695b59844b96a36e1e0a7
Skype Account Service Session Token Bypass
Posted Nov 19, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

The Skype Account Service application suffered from a session token bypass vulnerability.

tags | exploit, bypass
SHA-256 | 81e159aed334870a8fa4696621cdbdbfd9454dd6dac853d85e668dc983dc5061
HostBox SSH 0.1
Posted Nov 19, 2012
Authored by Oskar Stridsman | Site stridsmanIT.wordpress.com

HostBox SSH is a python script will scan servers and routers for insecure SSH configurations.

tags | tool, scanner, python
systems | unix
SHA-256 | 357b430d5880a2895e02e42da73691c2a1ff1fed1383e9a6c9521150eb847208
WeBid 1.0.5 Directory Traversal
Posted Nov 19, 2012
Authored by loneferret

WeBid versions 1.0.5 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 691fd6a645c981162b89806c3a38adbbac74928e9a8c6bdd1391a139433a93d9
Debian Security Advisory 2575-1
Posted Nov 19, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2575-1 - It was discovered that ppm2tiff of the tiff tools, a set of utilities for TIFF manipulation and conversion, is not properly checking the return value of an internal function used in order to detect integer overflows. As a consequence, ppm2tiff suffers of a heap-based buffer overflow. This allows attacker to potentially execute arbitrary code via a crafted ppm image, especially in scenarios in which images are automatically processed.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2012-4564
SHA-256 | 95cfa80b845e14c6c0c830bb5c10f59eae3761c0da48aa072ed301a20ee9076e
Microsoft Office OneNote 2010 Memory Corruption
Posted Nov 19, 2012
Authored by coolkaveh

Microsoft Office OneNote 2010 suffers from a WriteAV memory corruption vulnerability.

tags | exploit
systems | linux
SHA-256 | e7beebdffa62b0c8bab44b31791cda2bf7875af83b941a521c5aa933e91f031f
Secunia Security Advisory 51333
Posted Nov 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the jNews component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 5515abf4b7c444131012e5a44fdb24d641613275c32b43fd5f28a71623439d54
Secunia Security Advisory 51339
Posted Nov 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Sophos UTM, which can be exploit by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.

tags | advisory, vulnerability, xss
SHA-256 | 2ff3055165467c658b8247e3febf4d21d3616a3e4365ee96668db33b149ca001
Secunia Security Advisory 51294
Posted Nov 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in WeeChat, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
SHA-256 | ccb96fd6ac335595f6bb070f9b1f37882aa301383ca71389809421b1eda751b3
Secunia Security Advisory 51349
Posted Nov 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in RSA Data Protection Manager, where some have an unknown impact and others can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks.

tags | advisory, local, vulnerability, xss
SHA-256 | 0b6bdc6c195e2a4fe18b1ab74fe4d0801cea522e214c185779d63e136f749a28
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close