Information Security News and Exploits

Providing you with Security News and Exploits from all over the web.

Entries for September 27th, 2010

[webapps / 0day] – FreePBX <= 2.8.0 Recordings Interface Allows Remote Code Execution

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>FreePBX &lt;= 2.8.0 Recordings Interface Allows Remote Code Execution | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 24 Sep 2010 | Exploit category: webapps / 0day | Exploit author: n/a | Inj3ct0r – exploit database [...]

Leave a Comment

[local exploits] – NetCut DLL Hijacking Exploit (airpcap.dll & mfc71loc.dll)

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>NetCut DLL Hijacking Exploit (airpcap.dll &amp; mfc71loc.dll) | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 24 Sep 2010 | Exploit category: local exploits | Exploit author: anT!-Tr0J4n | Inj3ct0r – exploit database : vulnerability [...]

Leave a Comment

[dos / poc] – VMware Workstation <= 7.1.1 VMkbd.sys Denial of Service

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>VMware Workstation &lt;= 7.1.1 VMkbd.sys Denial of Service | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 25 Sep 2010 | Exploit category: dos / poc | Exploit author: Lufeng Li | Inj3ct0r – exploit database [...]

Leave a Comment

[webapps / 0day] – E-Xoopport – Samsara <= v3.1 (eCal module) Blind SQL Injection Exploit

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>E-Xoopport – Samsara &lt;= v3.1 (eCal module) Blind SQL Injection Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 25 Sep 2010 | Exploit category: webapps / 0day | Exploit author: _mRkZ_ | Inj3ct0r – [...]

Leave a Comment

[remote exploits] – Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Configuration

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Barracuda Networks Spam &amp; Virus Firewall &lt;= 4.1.1.021 Configuration | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: remote exploits | Exploit author: n/a | Inj3ct0r – exploit database : [...]

Leave a Comment

[dos / poc] – Fox Audio Player 0.8.0 .m3u Denial of Service

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Fox Audio Player 0.8.0 .m3u Denial of Service | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: dos / poc | Exploit author: 4n0nym0us | Inj3ct0r – exploit database : [...]

Leave a Comment

[remote exploits] – PDF Creator Pilot (PDFCreatorPilot.dll) Remote BOF Exploit

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>PDF Creator Pilot (PDFCreatorPilot.dll) Remote BOF Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: remote exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability : [...]

Leave a Comment

[remote exploits] – Realtek (InstallShield-RTCOMDLL.dll) Remote BOF Exploit

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Realtek (InstallShield-RTCOMDLL.dll) Remote BOF Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: remote exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability : 0day : [...]

Leave a Comment

[remote exploits] – Skype 4.2 (Plugin Manager-ezPMUtils.dll) Remote BOF Exploit

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Skype 4.2 (Plugin Manager-ezPMUtils.dll) Remote BOF Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: remote exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability : [...]

Leave a Comment

[remote exploits] – Yahoo! Messenger 10 (PhotoShare.dll) Remote BOF Exploit

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Yahoo! Messenger 10 (PhotoShare.dll) Remote BOF Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: remote exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability : [...]

Leave a Comment

[webapps / 0day] – network411 (Product.asp?intProdID) SQL Injection Vulnerability

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>network411 (Product.asp?intProdID) SQL Injection Vulnerability | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: webapps / 0day | Exploit author: Shamus | Inj3ct0r – exploit database : vulnerability : 0day [...]

Leave a Comment

[linux/x86] – linux/x86 setreuid(0) and add user with root’s priviledges 105 bytes

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>linux/x86 setreuid(0) and add user with root's priviledges 105 bytes | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: linux/x86 | Exploit author: xertux | Inj3ct0r – exploit database : [...]

Leave a Comment

[linux/x86] – linux/x86 setreuid(0,0) add reboot command each minutes 90 bytes

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>linux/x86 setreuid(0,0) add reboot command each minutes 90 bytes | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: linux/x86 | Exploit author: xertux | Inj3ct0r – exploit database : vulnerability [...]

Leave a Comment

[remote exploits] – Digital Music Pad Version 8.2.3.3.4 SEH overflow Metasploit Module

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Digital Music Pad Version 8.2.3.3.4 SEH overflow Metasploit Module | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: remote exploits | Exploit author: Abhishek Lyall | Inj3ct0r – exploit database [...]

Leave a Comment

[local exploits] – Acunetix Ltd 2010 Version 6.5 Build 20100616 DLL Hijacking Exploit

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Acunetix Ltd 2010 Version 6.5 Build 20100616 DLL Hijacking Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database [...]

Leave a Comment

[local exploits] – winstyler (winstyler.exe) DLL Hijacking Exploit

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>winstyler (winstyler.exe) DLL Hijacking Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability : 0day : [...]

Leave a Comment

[local exploits] – Fichier Identificateur numrique (wab.exe) DLL Hijacking Exploit

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Fichier Identificateur numrique (wab.exe) DLL Hijacking Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability : [...]

Leave a Comment

[local exploits] – VLC 1.0.5 Golden eye DLL Hijacking Exploit

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>VLC 1.0.5 Golden eye DLL Hijacking Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability : [...]

Leave a Comment

[local exploits] – Opera 10.51 DLL Hijacking Exploit

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Opera 10.51 DLL Hijacking Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability : 0day [...]

Leave a Comment

[local exploits] – KMplayer v 2.9.3.1428 DLL Hijacking Exploit

Sep.27, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>KMplayer v 2.9.3.1428 DLL Hijacking Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability : 0day [...]

Leave a Comment