exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2006-05-05

mysqlExec.txt
Posted May 5, 2006
Authored by Stefano Di Paola | Site wisec.it

MySQL server versions 5.0.20 and below suffer from information leakage and arbitrary command execution flaws.

tags | advisory, arbitrary
SHA-256 | 73926f323fd235433143abd52ed6b9430e45c62875f010bf2cd9188857a7813d
my_com_table_dump_exploit.c
Posted May 5, 2006
Authored by Stefano Di Paola | Site wisec.it

Exploit for MySQL server versions 5.0.20 and below which suffer from information leakage and arbitrary command execution flaws.

tags | exploit, arbitrary
SHA-256 | dff58328a3f1ca93623e9a8886b9d869d4f877a0b500615da4f050b4bbaf2ad2
mysqlLeak.txt
Posted May 5, 2006
Authored by Stefano Di Paola | Site wisec.it

MySQL server versions 4.1.18 and below and 5.0.20 and below suffer from an information leakage issue.

tags | advisory
SHA-256 | eb1d10694aff57e15a622b021c3784bf24605040a4da6933d54eafaa3b59792c
my_anon_db_leak.c
Posted May 5, 2006
Authored by Stefano Di Paola | Site wisec.it

Proof of concept exploit that demonstrates an information leakage vulnerability in MySQL server version 4.1.18 and below and 5.0.20 and below.

tags | exploit, proof of concept
SHA-256 | 8660944cf077440334eb208ca4159d9608657b390786c7af9f2b5c70a2a33352
Secunia Security Advisory 19947
Posted May 5, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Kerio WinRoute Firewall, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 234d2cd50d442335cd1fb5870bf64689b71927d9e2c7cbb233137bd9e7cd0520
aircrack-ng-0.5.tar.gz
Posted May 5, 2006
Site aircrack-ng.org

aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).

Changes: Hop on 2.4Ghz channels by default. Added support for OpenWrt devices. Multiple bug fixes.
tags | tool, wireless
SHA-256 | 09c6959671e2e96315d161cf34084461c194e5ab0a3007631cddf8bc3efe7f2e
nufw-1.0.25.tar.gz
Posted May 5, 2006
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: Following an internal security audit, the NuFW Core Team has discovered that some data fields coming from authenticated users were improperly checked. This could lead in extreme cases to a crash of nuauth.
tags | tool, remote, firewall
systems | unix
SHA-256 | 3ab2fd5defa7f41dccfdc1c032d9287e4a6f2b70f812add551c581db366dc618
ndisc6-0.6.2.tar.bz2
Posted May 5, 2006
Authored by Remi Denis-Courmont | Site people.via.ecp.fr

ndisc consists or two small command line tools (ndisc and rdisc) that perform ICMPv6 Neighbor Discovery and ICMPv6 Router Discovery respectively. It is primarily meant for IPv6 networking diagnostics or to detect rogue IPv6 nodes or routers on an Ethernet segment.

Changes: Various improvements have been implemented.
tags | tool, scanner
systems | unix
SHA-256 | ff9085c9dedea34507ad1e092962d568d42bc1d28b62e18d418ba32d5c53ec09
Beltane Web-Based Management For Samhain
Posted May 5, 2006
Site la-samhna.de

Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.

Changes: Multiple improvements have been made.
tags | tool, web, intrusion detection
systems | unix
SHA-256 | 76d42706137ffd2ecb37b25460ce517ddb9502569972f20e19e220a2c1210e2b
Samhain File Integrity Checker
Posted May 5, 2006
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | fe845acf956cdb59339c630a0d1ab3ed125e77572190ddf93b27a504ccc3d947
sBlog.txt
Posted May 5, 2006
Site subjectzero.net

sBlog version 0.7.2 suffers from SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | e443e280c31b2c8ecc23d16203b2e264207695f3878220ac35956d2b3b2e19e0
Gentoo Linux Security Advisory 200605-4
Posted May 5, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200605-04 - rgod has reported that the hub_dir parameter in index.php isn't properly verified. When magic_quotes_gpc is disabled, this can be exploited to include arbitrary files from local resources. Versions less than 0.10.2 are affected.

tags | advisory, arbitrary, local, php
systems | linux, gentoo
SHA-256 | 35b7294cf70a18b81a5a8bdc1ae632276192b167d8244f2d6fc594cf3a1d5d73
Gentoo Linux Security Advisory 200605-3
Posted May 5, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200605-03 - Ulf Harnhammar and an anonymous German researcher discovered that Freshclam fails to check the size of the header data returned by a webserver. Versions less than 0.88.2 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | d6861ba5972c1f6951266afe52d3ff68eea14c4650ffe4faba6c47e46f53dd16
Gentoo Linux Security Advisory 200605-2
Posted May 5, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200605-02 - X.Org miscalculates the size of a buffer in the XRender extension. Versions less than 6.8.2-r7 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 17e3b856ff633a9fa5b092ebd9928ed4ea54ec0dc03bf22c817700a2f7570dcf
ejabberd.txt
Posted May 5, 2006
Authored by Julien Lanthea

ejabberd versions 1.1.1_1 and below suffer from a denial of service vulnerability due to a symlink attack flaw.

tags | advisory, denial of service
SHA-256 | 490da9eada0fca052bf565945036b9437a01502e0e69c6d6cc8d3d2c5d5495bf
zenphotoXSS.txt
Posted May 5, 2006
Authored by Raphael Huck

Zenphoto versions 1.0.1 Beta and below suffer from path disclosure and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 83d8df863b4ce9c8b39c1a8aa27340646670b7c05e88b7e7d904deb6432ebc8d
Debian Linux Security Advisory 1049-1
Posted May 5, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1049-1 - Gerald Combs reported several vulnerabilities in ethereal, a popular network traffic analyser.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2006-1932, CVE-2006-1933, CVE-2006-1934, CVE-2006-1935, CVE-2006-1936, CVE-2006-1937, CVE-2006-1938, CVE-2006-1939, CVE-2006-1940
SHA-256 | 5b3d056b0e6dbbef4c5637ca89c18542b92ec6c8001db4b73381c6fb2230c44a
x7chatphp.txt
Posted May 5, 2006
Authored by rgod | Site retrogod.altervista.org

Exploit for X7 Chat version 2.0 and below that makes use of an arbitrary local file inclusion flaw that allows for code execution.

tags | exploit, arbitrary, local, code execution, file inclusion
SHA-256 | 9da1962af51d0e1b0807be2ad319b0551dc9c6796c28f5155a3585428331e793
Cisco Security Advisory 20060501-cue
Posted May 5, 2006
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unity Express (CUE) contains a vulnerability that might allow an authenticated user to change the password for another user by using the HTTP management interface, if the password for the user being modified is marked as expired. This can result in a privilege escalation attack and complete administrative control of a CUE module, if the password being changed belongs to an administrator.

tags | advisory, web
systems | cisco
SHA-256 | 37fca38ecd889b1719e457f3c41654c91b2ef522a7f379bbf307b794ad63464f
aklink-sa-2006-001-jsboard-xss.txt
Posted May 5, 2006
Authored by Alexander Klink | Site klink.name

JSBoard releases 2.0.10 and 2.0.11 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2006-2109
SHA-256 | ef4921c4eaae2c60489129528cea8016ef9baaaed728b17d6583b53923c60897
vhcsXSS.txt
Posted May 5, 2006
Authored by O.U.T.L.A.W | Site aria-security.net

VHCS is susceptible to cross site scripting attacks.

tags | exploit, xss
SHA-256 | df40d326412700f818f56f6cacbd295a167462a7185002c9127d2c2d10cfb1f2
Secunia Security Advisory 19972
Posted May 5, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered a vulnerability in Newsadmin, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 2c3b716d4c3ebe0cb441663c4b7c09d494fdb925b0383c343c3d537c0fa5a09b
Secunia Security Advisory 19970
Posted May 5, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Muhammad Ahmed Siddiqui has discovered a vulnerability in XM Easy Personal FTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service
SHA-256 | ddfeb3882501238e22f645551acff9629f179965badb358bb84b2c1af7b1540a
Secunia Security Advisory 19971
Posted May 5, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Javor Ninov has discovered some vulnerabilities in Big Webmaster Guestbook Script, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | 71b1ebd4b94b3a9088770867e6c922817d4728f1687a31888af3833ba19cc748
Secunia Security Advisory 19973
Posted May 5, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in the Invision Community Blog module for Invision Power Board.

tags | advisory
SHA-256 | 472a22b02f50d26db28560b31826380a014f2a8acb32c7b4bdcccda9bbf64bc8
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close