exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files Date: 2007-12-10

cfp-shpcs2008.txt
Posted Dec 10, 2007
Site diiga.univpm.it

The 2008 Workshop on Security and High Performance Computing Systems Call For Papers is now open. It will be held from June 3 through 6, 2008 in Nicosia, Cyprus.

tags | paper, conference
SHA-256 | 372e388add5bb10e7dbfaa1be01afa6bdbd6d5a58b5919322be3668d8e99a51c
Gentoo Linux Security Advisory 200712-10
Posted Dec 10, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-10 - Alin Rad Pop (Secunia Research) discovered a boundary checking error in the send_mailslot() function which could lead to a stack-based buffer overflow. Versions less than 3.0.28 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-6015
SHA-256 | 94623d4d3b5647510d5c2dff1138a5a24a7ca00eefbe3ac8bb703e421f09e664
Gentoo Linux Security Advisory 200712-9
Posted Dec 10, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-09 - Chris Rohlf discovered that the Gtk::MessageDialog.new() method in the file gtk/src/rbgtkmessagedialog.c does not properly sanitize the message parameter before passing it to the gtk_message_dialog_new() function. Versions less than 0.16.0-r2 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-6183
SHA-256 | ffb2936b579cd2aa8178252e8e6b3874b6fbaa928e8a4e53931190abf2b4a7d8
Gentoo Linux Security Advisory 200712-8
Posted Dec 10, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-08 - The Qt versions used by the AMD64 x86 emulation Qt libraries were vulnerable to several flaws (GLSA 200708-16, GLSA 200710-28). Versions less than 20071114-r2 are affected.

tags | advisory, x86
systems | linux, gentoo
SHA-256 | efcacd31b460a14ade8855e2ab710df48dc9b1abcf3e64ec1882886b010ace7e
Gentoo Linux Security Advisory 200712-7
Posted Dec 10, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-07 - Tatsuya Kinoshita reported that the ndeb-binary function does not handle temporary files correctly. Versions less than 1.4.1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-0237
SHA-256 | 5f7cb713a3fbbc2b1c7488d556632ec59111b14e899b4e07aa1fecbc4bd97578
Gentoo Linux Security Advisory 200712-6
Posted Dec 10, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-06 - Adriano Lima and Ramon de Carvalho Valle reported that functions isc_attach_database() and isc_create_database() do not perform proper boundary checking when processing their input. Versions less than 2.0.3.12981.0-r2 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-4992, CVE-2007-5246
SHA-256 | 0b7ea8ad84bc0e75542d3d2139e32ea8135717813156e44fb1ab75918a59caa1
Gentoo Linux Security Advisory 200712-5
Posted Dec 10, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-05 - priyadi discovered that the request to store a URL string as a LOB is treated as a request to retrieve and store the contents of the URL. Versions less than 2.5.0_alpha1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-5934
SHA-256 | af7e8ac751447253f97fbac8cc35930d48fe0fbfe0bebf2ca0cda71f88b9903d
Gentoo Linux Security Advisory 200712-4
Posted Dec 10, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-04 - Multiple integer overflows were reported, one of which Peter Valchev (Google Security) found to be leading to a heap-based buffer overflow in the cairo_image_surface_create_from_png() function that processes PNG images. Versions less than 1.4.12 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-5503
SHA-256 | 2cb7fca04ba943dd95a43c33f07cc3ad6dcecc421b8106a051f76518de162641
Gentoo Linux Security Advisory 200712-3
Posted Dec 10, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-03 - Drake Wilson reported that the hack-local-variables() function in GNU Emacs 22 does not properly match assignments of local variables in a file against a list of unsafe or risky variables, allowing to override them (CVE-2007-5795). Andreas Schwab (SUSE) discovered a stack-based buffer overflow in the format function when handling values with high precision (CVE-2007-6109). Versions less than 22.1-r3 are affected.

tags | advisory, overflow, local
systems | linux, suse, gentoo
advisories | CVE-2007-5795, CVE-2007-6109
SHA-256 | edd9e083b7d0b8553e48ce34609b874d047a20ca14aabaa98c9459486244286f
bitweaver-sqlxss.txt
Posted Dec 10, 2007
Authored by DoZ | Site hackerscenter.com

Bitweaver is susceptible to multiple cross site scripting and SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | e28189875e0d96173f9cb6e40eb1770320d4313e43c588b297941994f990d55a
exoops-sql.txt
Posted Dec 10, 2007
Authored by Lostmon | Site lostmon.blogspot.com

E-XOOPS suffers from multiple SQL injection vulnerabilities. Versions 1.05 Revisions 1 through 3 and version 1.08 are affected.

tags | exploit, vulnerability, sql injection
SHA-256 | a6aad278b4cec3428d52992c7b26e3d4a857cc5786b47e996bb8a343c5d5715e
expression.eml.gz
Posted Dec 10, 2007
Authored by Tomas Kuliavas | Site topolis.lt

Proof of concept exploit for Roundcube webmail that demonstrates cross site scripting issues.

tags | exploit, xss, proof of concept
SHA-256 | d00b7e13f833039a92b08ef1378623811397b7f0ed11d7c802cd37fd0547d0fb
roundcube-xss.txt
Posted Dec 10, 2007
Authored by Tomas Kuliavas | Site topolis.lt

Roundcube webmail does not sanitize payloads allowing for cross site scripting attacks to occur when used in conjunction with Microsoft Internet Explorer.

tags | advisory, xss
SHA-256 | c514bf2d0203e08d52a83ae70c6057b6b34aa94e6ae734ad3ea9440554fa18ed
gpg-unsanitized-js-poc.eml.gz
Posted Dec 10, 2007
Authored by Tomas Kuliavas | Site topolis.lt

Demonstration proof of concept exploit for the SquirrelMail GPG plugin which suffers from an unsanitized javascript display vulnerability.

tags | exploit, javascript, proof of concept
SHA-256 | 62d0fdf0af0e63eb0a6572e40725aa88e01bacd77800ea9c1b3fb83df45ecdef
squirrel-multi.txt
Posted Dec 10, 2007
Authored by Tomas Kuliavas | Site topolis.lt

The SquirrelMail GPG plugin suffers from arbitrary file deletion and unsanitized javascript display vulnerabilities.

tags | advisory, arbitrary, javascript, vulnerability
SHA-256 | f5046e1f7205ce370f1e9ad1b9542accefa1ad2e3a12cc8c7c96b40b5d79baf6
gestdown-sql.txt
Posted Dec 10, 2007
Authored by bebe

GestDown version 1.00Beta suffers from possible SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
SHA-256 | 92e91f1034ac0faa46a837bcf5056a25553db1a984cfd733bde31478da39ef23
bttlxe-sqlxss.txt
Posted Dec 10, 2007
Authored by Mormoroth | Site aria-security.net

bttlxeForum suffers from multiple SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | 58dc54430c7f2a9280769bbaf8ea03196ee2cda79f62e8ba332cfe37c0245068
c1zc0-ban.tar.gz
Posted Dec 10, 2007
Authored by rotor

Simple IPv4 and IPv6 banner grabbing scripts.

tags | tool, scanner
systems | unix
SHA-256 | 57db79dc569f940f827eb9c541e6be8c77ec7cfd6f76c6ae864e6b3ed60a4cee
webspell-xss.txt
Posted Dec 10, 2007
Authored by Brainhead

webSPELL version 4.01.02 suffers from cross site scripting vulnerabilities in calendar.php and usergallery.php.

tags | exploit, php, vulnerability, xss
SHA-256 | 791793881706cf6bc3762e47c4281f337a8bcb8e5aa422cb00382ddbbd92e10e
sambascan2-0.4.1.tar.gz
Posted Dec 10, 2007
Authored by Claudio Clemens | Site asturio.gmxhome.de

Sambascan2 allows you to search an entire network or a number of hosts for SMB shares. It will also list the contents of all public shares that it finds. The difference between sambascan2 and other SMB viewers and scanners is that it will search everything using TCP/IP, and it will not send a lot of broadcast messages, so it can be used over LAN boundaries. It only uses SMB to list the shares and their contents.

Changes: This version adds another parameter to scan hosts in a file.
tags | tool, scanner, tcp
systems | unix
SHA-256 | f080548939c756b572d90221a984e026776f38496e613223baa587ce31fd4150
falconcms-rfixss.txt
Posted Dec 10, 2007
Authored by KiNgOfThEwOrLd | Site inj3ct-it.org

Falcon CMS version 1.4.3 suffers from cross site scripting and remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, file inclusion
SHA-256 | fc5d94465b9c463eea6dc29909f7ec7b2124c15ff28de1d966d9da6423486042
falt4cms-multi.txt
Posted Dec 10, 2007
Authored by Mesut Timur | Site h-labs.org

The Falt4 CMS version RC4 10.9.2007 suffers from multiple vulnerabilities including blind SQL injection and cross site scripting issues.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | 944fbdb7e98ca80e90de15982480925302c61c5965cf4bbb3140296e3b64eb9c
lotfiandb-sql.txt
Posted Dec 10, 2007
Site aria-security.net

The Lotfian.com Database Driven Travel Site suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | cd0c6d06b52fa03772b28e2f9bdad6910e4d3b644783cfd52eec50b2e4858fc5
shnews-sql.txt
Posted Dec 10, 2007
Authored by hadihadi

SH-News version 3.0 suffers from a remote SQL injection vulnerability in comments.php.

tags | exploit, remote, php, sql injection
SHA-256 | 20ee425a806daa62b495d16f060bf6ff26fcf9a931b38b9d2c1ccac340036944
ace-sql.txt
Posted Dec 10, 2007
Authored by t0pp8uzz, xprog

The Ace Image Hosting Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 67bef6711db7fd031bb1e11cf21fe4d59755a80cd106babb07b1f46696206903
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close