exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 42 RSS Feed

Files Date: 2010-07-23 to 2010-07-24

Joomla GolfCourseGuide SQL Injection
Posted Jul 23, 2010
Authored by Valentin Hoebel

Joomla GolfCourseGuide component versions 0.9.6.0 Beta and 1 Beta suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c3d20cf389cff928da4dbb4ad7fd832d03fccb5ab9c000e761ebb0bc5f5bae5f
Mandriva Linux Security Advisory 2010-138
Posted Jul 23, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-138 - Ovidiu Mara reported a vulnerability in ping.c (iputils) that could cause ping to hang when responding to a malicious echo reply. The updated packages have been patched to correct these issues.

tags | advisory
systems | linux, mandriva
advisories | CVE-2010-2529
SHA-256 | 18104719beea5b46ca8f389d76fb415df95834e77108878de2bc04a65edcc28a
WATOBO Web Application Toolbox Auditor 0.9.2rev149
Posted Jul 23, 2010
Authored by Andreas Schmidt | Site watobo.sourceforge.net

WATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.

Changes: New history navigation, new fuzzer engine, improved differ usability, and WATOBO now runs on Windows, Linux and MAC.
tags | tool, web, local, scanner, vulnerability, xss, sql injection
systems | unix
SHA-256 | 1c9176931e9eb16200b5f597d7e02aa077d50ac84bc99faa3d877cb9a2fa7907
Ubuntu Security Notice 930-5
Posted Jul 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 930-5 - USN-930-4 fixed vulnerabilities in Firefox and Xulrunner on Ubuntu 9.04 and 9.10. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2. It was discovered that Firefox could be made to access freed memory. A flaw was discovered in the way plugin instances interacted. An integer overflow was discovered in Firefox. Martin Barbella discovered an integer overflow in an XSLT node sorting routine. Michal Zalewski discovered that the focus behavior of Firefox could be subverted. Ilja van Sprundel discovered that the 'Content-Disposition: attachment' HTTP header was ignored when 'Content-Type: multipart' was also present.

tags | advisory, web, overflow, vulnerability
systems | linux, ubuntu
advisories | CVE-2008-5913, CVE-2010-0654, CVE-2010-1121, CVE-2010-1125, CVE-2010-1196, CVE-2010-1197, CVE-2010-1198, CVE-2010-1199, CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203, CVE-2010-1205, CVE-2010-1206, CVE-2010-1207, CVE-2010-1208, CVE-2010-1209, CVE-2010-1210
SHA-256 | 1bc694bb7364fe045af2c603420b4ce5c13f78d79389c7548df6bc16771c9714
Ubuntu Security Notice 930-4
Posted Jul 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 930-4 - USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides the corresponding updates for Ubuntu 9.04 and 9.10, along with additional updates affecting Firefox 3.6.6. If was discovered that Firefox could be made to access freed memory. A flaw was discovered in the way plugin instances interacted. An integer overflow was discovered in Firefox. Martin Barbella discovered an integer overflow in an XSLT node sorting routine. Michal Zalewski discovered that the focus behavior of Firefox could be subverted. Ilja van Sprundel discovered that the 'Content-Disposition: attachment' HTTP header was ignored when 'Content-Type: multipart' was also present.

tags | advisory, web, overflow, vulnerability
systems | linux, ubuntu
advisories | CVE-2008-5913, CVE-2010-0654, CVE-2010-1121, CVE-2010-1125, CVE-2010-1196, CVE-2010-1197, CVE-2010-1198, CVE-2010-1199, CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203, CVE-2010-1205, CVE-2010-1206, CVE-2010-1207, CVE-2010-1208, CVE-2010-1209, CVE-2010-1210
SHA-256 | 503b3e80fd666c5b552b19fdd7eca8d7aca2731d1cbcf9e0be54a272cdad137f
Ubuntu Security Notice 927-8
Posted Jul 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 927-8 - USN-927-1 fixed vulnerabilities in NSS. This update provides the Thunderbird update to use the new NSS. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, ubuntu
SHA-256 | 87749ab295184597b7a07e1590a02ca81b8acc8591a5ebf3e19b6017071a64aa
PhotoPost PHP 4.0 - 4.6 SQL Injection
Posted Jul 23, 2010
Authored by Cyber-sec

PhotoPost PHP versions 4.0 through 4.6 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 1d139e534cdcf0c4e65c6bba0c76664268345d077ff81b076e223d7dc2fad601
SAP NetWeaver SLD 6.4 - 7.02 Cross Site Scripting
Posted Jul 23, 2010
Authored by Sh2kerr, Alexey Troshichev | Site dsecrg.com

SAP NetWeaver SLD versions 6.4 through 7.02 suffer from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 8b641e06e58f7c35d9140a710b83cde908ed39795c6e2eedaaa58b596a3b8385
ZeeMatri 3x Shell Upload
Posted Jul 23, 2010
Authored by SONiC

ZeeMatri version 3x suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 7ae764dcd3f9cfe94ffc925e298693155de1b8ed74f05a92be3a8f82ab14465c
SAP Netweaver 6.4 - 7.0 Cross Site Scripting
Posted Jul 23, 2010
Authored by Sh2kerr | Site dsecrg.com

SAP Netweaver versions 6.4 through 7.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3a33cbd84a9db933f995cbae70e001e3a89be10e4fa30b160c720ca941a9066e
AIX 5l FTPd Hash Disclosure
Posted Jul 23, 2010
Authored by Kingcope

AIX 5l with FTP server remote root hash disclosure exploit. Creates a coredump including the root user hash from /etc/security/passwd. This is the second version that was written to be more portable between hosts.

tags | exploit, remote, root
systems | aix
SHA-256 | 3cbe3f2d71c1a259294434762694c1239444ee2fd3f2d2dc144601f1fe0a5675
ZeeNetworking 1x Shell Upload
Posted Jul 23, 2010
Authored by SONiC

ZeeNetworking 1x suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 48a1e0a10c033ad783e42cba65397d88ed108418e7798d8eec913f84ab073ca5
LILDBI 1.2 Shell Upload
Posted Jul 23, 2010
Authored by EraGoN

LILDBI version 1.2 suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 864cfbbdebc134ab41dcdfddef5df0bf4d519b4dcf637250720ceda162dcb908
ZeeAdBox 2x SQL Injection
Posted Jul 23, 2010
Authored by SONiC

ZeeAdBox version 2x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1022f5f1735c187463f38136fbe414f41f51aa9ed28d88a575fef3ea1b4257c3
Ubuntu Security Notice 957-1
Posted Jul 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 957-1 - Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. Various integer overflows and other issues have also been addressed.

tags | advisory, remote, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-0654, CVE-2010-1205, CVE-2010-1206, CVE-2010-1207, CVE-2010-1208, CVE-2010-1209, CVE-2010-1210, CVE-2010-1211, CVE-2010-1212, CVE-2010-1213, CVE-2010-1214, CVE-2010-1215, CVE-2010-2751, CVE-2010-2752, CVE-2010-2753, CVE-2010-2754
SHA-256 | 102cde32fa8d891e54788fea852e8b6a825b5afe8a3b7b8afa40b6db0cea7fcf
Ubuntu Security Notice 927-7
Posted Jul 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 927-7 - USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, ubuntu
SHA-256 | 029b0a950c4c98aaeb2e0905f2a79e7e3fc90edc62763387ac0165267b47cd4a
Ubuntu Security Notice 927-6
Posted Jul 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 927-6 - USN-927-1 fixed vulnerabilities in NSS on Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 9.04. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2009-3555
SHA-256 | fc403a3536ccafffb088a5a80dccc88c06a03937a82209fc68213061032efc12
Skipfish Web Application Scanner 1.52b
Posted Jul 23, 2010
Authored by Michal Zalewski | Site code.google.com

Skipfish is a fully automated, active web application security reconnaissance tool. It is high speed, has a low false positive rate, and is easy to use.

Changes: Fixed HTTP read loop after 1.48b.
tags | tool, web, scanner
systems | unix
SHA-256 | 4f7aab33039ef0826cbb1473f80c7de5c0319bb5c435c94688e44069e395bcd8
Secunia Security Advisory 40706
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for thunderbird and sunbird. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.

tags | advisory, vulnerability
systems | linux, fedora
SHA-256 | 55331df301ef539362b49ff55ccad090ecf4612f804ccbd892939ac783102910
Secunia Security Advisory 40708
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, potentially conduct cross-site scripting attacks, bypass certain security restrictions, conduct spoofing attacks, and compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, fedora
SHA-256 | f54ae5af48a5e47d104e5ea0c1159ea7891a4b055d759cd44e813f1f4307f835
Secunia Security Advisory 40691
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to conduct DNS cache poisoning attacks.

tags | advisory, kernel, local
systems | linux
SHA-256 | bc1e8faf0c3af5ac178ff93bacc70d3f1837153303358119860420b19526eb33
Secunia Security Advisory 40710
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a security issue in IBM Java, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, java
SHA-256 | 2439ed6f270878a3650193fcff12988ab8d34826e2d3bbec74252a44cb026d2d
Secunia Security Advisory 40692
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the myLinksDump plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | f2383613d9efa3d58a855632b0c7ae97dbe67e75df6829339e619aebceab0bf8
Secunia Security Advisory 40680
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for firefox and xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, potentially conduct cross-site scripting attacks, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, ubuntu
SHA-256 | a6d7b600382f6f27ee8385d297f17535c0b5cfa3cfd4cfc9ddb7cf45b5417eb2
Secunia Security Advisory 40683
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for firefox and xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, potentially conduct cross-site scripting attacks, bypass certain security restrictions, conduct spoofing attacks, and compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, ubuntu
SHA-256 | cbb110ddcd1c33f243f8346b1f3b1a856fd5e51da78dccc65f260405ef299681
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close