Information Security News and Exploits

Providing you with Security News and Exploits from all over the web.

Entries for September 30th, 2010

[dos / poc] – VMware Workstation <= 7.1.1 VMkbd.sys Denial of Service

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>VMware Workstation &lt;= 7.1.1 VMkbd.sys Denial of Service | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 25 Sep 2010 | Exploit category: dos / poc | Exploit author: Lufeng Li | Inj3ct0r – exploit database [...]

Leave a Comment

[webapps / 0day] – E-Xoopport – Samsara <= v3.1 (eCal module) Blind SQL Injection Exploit

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>E-Xoopport – Samsara &lt;= v3.1 (eCal module) Blind SQL Injection Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 25 Sep 2010 | Exploit category: webapps / 0day | Exploit author: _mRkZ_ | Inj3ct0r – [...]

Leave a Comment

[remote exploits] – Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Configuration

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Barracuda Networks Spam &amp; Virus Firewall &lt;= 4.1.1.021 Configuration | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: remote exploits | Exploit author: n/a | Inj3ct0r – exploit database : [...]

Leave a Comment

[local exploits] – Linux Kernel < 2.6.36-rc6 pktcdvd Kernel Memory Disclosure

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Linux Kernel &lt; 2.6.36-rc6 pktcdvd Kernel Memory Disclosure | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 29 Sep 2010 | Exploit category: local exploits | Exploit author: Jon Oberheide | Inj3ct0r – exploit database : [...]

Leave a Comment

[webapps / 0day] – Webspell wCMS-Clanscript4.01.02net<= static&static Blind SQL Injection

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Webspell wCMS-Clanscript4.01.02net&lt;= static&amp;static Blind SQL Injection | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 29 Sep 2010 | Exploit category: webapps / 0day | Exploit author: Easy Laster | Inj3ct0r – exploit database : vulnerability [...]

Leave a Comment

[local exploits] – Quick Player 1.3 Unicode SEH Exploit

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Quick Player 1.3 Unicode SEH Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 29 Sep 2010 | Exploit category: local exploits | Exploit author: Abhishek Lyall | Inj3ct0r – exploit database : vulnerability : [...]

Leave a Comment

[webapps / 0day] – JE Guestbook 1.0 Joomla Component Multiple Remote Vulnerabilities

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>JE Guestbook 1.0 Joomla Component Multiple Remote Vulnerabilities | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: webapps / 0day | Exploit author: Salvatore Fresta | Inj3ct0r – exploit database [...]

Leave a Comment

[webapps / 0day] – ASPMass Shopping Cart Vulnerability File Upload CSRF

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>ASPMass Shopping Cart Vulnerability File Upload CSRF | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: webapps / 0day | Exploit author: Abysssec | Inj3ct0r – exploit database : vulnerability [...]

Leave a Comment

[dos / poc] – Microsoft Unicode Scripts Processor Remote Code Execution

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Microsoft Unicode Scripts Processor Remote Code Execution | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: dos / poc | Exploit author: Abysssec | Inj3ct0r – exploit database : vulnerability [...]

Leave a Comment

[win32] – win32/xp sp3 (Tr) About Box Shellcode 77 bytes

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>win32/xp sp3 (Tr) About Box Shellcode 77 bytes | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: win32 | Exploit author: ZoRLu | Inj3ct0r – exploit database : vulnerability : [...]

Leave a Comment

[win32] – win32 9x/NT/2k/XP Generic cmd.exe Shellcode 159 bytes

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>win32 9x/NT/2k/XP Generic cmd.exe Shellcode 159 bytes | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: win32 | Exploit author: Pepelux | Inj3ct0r – exploit database : vulnerability : 0day [...]

Leave a Comment

[local exploits] – Nero Burning Rom 6 (nbj.exe) DLL Hijacking Exploit

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Nero Burning Rom 6 (nbj.exe) DLL Hijacking Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability [...]

Leave a Comment

[local exploits] – Nero Burning Rom 6 (nbr.exe) DLL Hijacking Exploit

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Nero Burning Rom 6 (nbr.exe) DLL Hijacking Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability [...]

Leave a Comment

[local exploits] – Nero Burning Rom 6 (nero.exe) DLL Hijacking Exploit

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Nero Burning Rom 6 (nero.exe) DLL Hijacking Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability [...]

Leave a Comment

[local exploits] – Nero Burning Rom 6 DLL Hijacking Exploit

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Nero Burning Rom 6 DLL Hijacking Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability : [...]

Leave a Comment

[local exploits] – Real Player 10.5 DLL Hijacking Exploit

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Real Player 10.5 DLL Hijacking Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability : 0day [...]

Leave a Comment

[remote exploits] – MP3 Player Utilities 3.57 (AMVTools-SrcCount.dll) Remote BOF Exploit

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>MP3 Player Utilities 3.57 (AMVTools-SrcCount.dll) Remote BOF Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: remote exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability [...]

Leave a Comment

[local exploits] – Apache 2.2.14.0 Bench command line utility contextmenu.exe DLL Hijacking

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Apache 2.2.14.0 Bench command line utility contextmenu.exe DLL Hijacking | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database : [...]

Leave a Comment

[local exploits] – Fichier Carnet d’adresses (Windows Address Book -wab.exe) DLL Hijacking

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Fichier Carnet d'adresses (Windows Address Book -wab.exe) DLL Hijacking | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database : [...]

Leave a Comment

[local exploits] – Java 6 Standard Edition Runtime (schannel.dll) DLL Hijacking

Sep.30, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Java 6 Standard Edition Runtime (schannel.dll) DLL Hijacking | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 30 Sep 2010 | Exploit category: local exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability [...]

Leave a Comment