functional security

Register | Login

Home Files News About Contact Add New

Showing 1 - 1 of 1

Files

Orbit Downloader metalink "name" Directory Traversal: Posted May 20, 2010; Authored by Stefan Cornelius | Site secunia.com; Secunia Research has discovered a vulnerability in Orbit Downloader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application not properly sanitizing the "name" attribute of the "file" element of metalink files before using it to download files. If a user is tricked into downloading from a specially crafted metalink file, this can be exploited to download files to directories outside of the intended download directory via directory traversal attacks. The vulnerability is confirmed in version 3.0.0.4 and 3.0.0.5. Other versions may also be affected.; tags | advisory; MD5 | 9bf1696f33e4255c295cdf8d7557b96c; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 46 files
Ubuntu 34 files
the_cyber_nuxbie 27 files
Sony 24 files
Debian 24 files
Gentoo 16 files
HP 15 files
Tipping Point 15 files
Benjamin Kunz Mejri 15 files
3spi0n 13 files

Recent News

Microsoft To Send Users 4 Critical Patches On Valentine's Day: Posted Feb 10, 2012; tags | headline, microsoft, flaw, patch; Link | Favorite | Comments (0)

Malware Devs Embrace Open Source: Posted Feb 10, 2012; tags | headline, malware, trojan; Link | Favorite | Comments (0)

Mobile Security Researchers Warn Of Evolving Android Malware: Posted Feb 10, 2012; tags | headline, malware, phone, google; Link | Favorite | Comments (0)

Security Patches Cost Google $410,000 In Finder's Fees: Posted Feb 10, 2012; tags | headline, flaw, google; Link | Favorite | Comments (0)

Google Wallet PIN Security Cracked In Seconds: Posted Feb 9, 2012; tags | headline, hacker, phone, google; Link | Favorite | Comments (0)

Airport Bomb Twitter Joker In Second Fine Appeal Bid: Posted Feb 9, 2012; tags | headline, government, twitter; Link | Favorite | Comments (0)

Chinese iPhone Maker Foxconn Hacked: Posted Feb 9, 2012; tags | headline, hacker, microsoft, phone, apple; Link | Favorite | Comments (0)

Anonymous Goes After Syria: Posted Feb 9, 2012; tags | headline, government, anonymous, syria; Link | Favorite | Comments (0)

DDoS Now Protestors' Weapon Of Choice: Posted Feb 8, 2012; tags | headline, cybercrime, denial of service; Link | Favorite | Comments (0)

USB Stick Can Be Tracked And Remotely Deleted: Posted Feb 8, 2012; tags | headline, privacy; Link | Favorite | Comments (0)

View More News →

packet storm

© 2012 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Advertising: Become an Advertiser
Hosting By: Rokabear; Global Mirror List