what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 60 of 60 RSS Feed

Files Date: 2006-01-15 to 2006-01-16

EEYEB-20051229.txt
Posted Jan 15, 2006
Authored by Fang Xing | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in QuickTime Player. There is a stack overflow in the way QuickTime processes qtif format files. An attacker can create a qtif file and send it to the user via email, web page, or qtif file with activex and can directy overflow a function pointer immediately used so it can bypass any stack overflow protection in systems such as xp sp2 and 2003 sp1.

tags | advisory, web, overflow, activex
advisories | CVE-2005-3713
SHA-256 | f381d5232929605ca4544156e61651d6220094f6bc738402ffb8bfa678a9c719
Cisco Security Advisory 20060111-mars
Posted Jan 15, 2006
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco Security Monitoring, Analysis and Response System (CS-MARS) software contains a default password for an undocumented administrative account. This password is set, without any user intervention, during installation of the software used by CS-MARS appliances, and is the same in all installations of the product. Users must be authenticated to the CS-MARS command line in order to utilize the default password to access the administrative account. Software version 4.1.2 and earlier of CS-MARS are affected by this vulnerability. Customers running software version 4.1.3 or higher can mitigate the effects of this vulnerability by applying the workaround listed in this advisory.

tags | advisory
systems | cisco
SHA-256 | d4f3424c2aa15b7e9158c3cac90ddd89ad3408aa27512049c22d68e012d8c449
Ubuntu Security Notice 240-1
Posted Jan 15, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-240-1 - A buffer overflow was found in bogofilter's character set conversion handling. Certain invalid UTF-8 character sequences caused an invalid memory access. By sending a specially crafted email, a remote attacker could exploit this to crash bogofilter or possibly even execute arbitrary code with bogofilter's privileges.

tags | advisory, remote, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2005-4591
SHA-256 | ebbb65da3cf6d20f483c9fac201edc1ee60fd1478e10d11c4cc1ee6487792a59
cirt-41-advisory.pdf
Posted Jan 15, 2006
Authored by Dennis Rand | Site cirt.dk

Apple Quicktime is susceptible to a buffer overflow vulnerability during the handling of .JPG/.PICT files. This vulnerability affects Windows Quicktime versions 6.5.1, 7.0.3, and Mac OSX Quicktime version 7.0.3. Earlier versions are suspected vulnerable.

tags | advisory, overflow
systems | windows, apple
advisories | CVE-2005-2340
SHA-256 | b66634cd6d4fb2048a91ab2a67fdb0d970c66b96ecc12f1fe54e00032f40bff6
phpinclusion.c
Posted Jan 15, 2006
Authored by fabio, b0x | Site pcbsd.ro

Proof of concept file inclusion exploit for PHP scripts that suffer from this sort of vulnerability.

tags | exploit, php, proof of concept, file inclusion
SHA-256 | 22e75534ac29d070b879bb660bfd710f4b8a0cd93dfcde41c7c1172cf5eead53
superXSS.txt
Posted Jan 15, 2006
Authored by Mustafa Can Bjorn | Site nukedx.com

Superonline.com is susceptible to a cross site scripting attack.

tags | advisory, xss
SHA-256 | 230f660f7f9eb9febae0cf5667fb136fce656d584f13c15347c8454a71588538
FreeBSD-SA-06-04.ipfw.txt
Posted Jan 15, 2006
Site freebsd.org

FreeBSD Security Advisory - ipfw maintains a pointer to layer 4 header information in the event that it needs to send a TCP reset or ICMP error message to discard packets. Due to incorrect handling of IP fragments, this pointer fails to get initialized.

tags | advisory, tcp
systems | freebsd
advisories | CVE-2006-0054
SHA-256 | b38cd8ef482c561df679f578513cab445b16a6b986a0729f301d0dc0adb15098
FreeBSD-SA-06-02.ee.txt
Posted Jan 15, 2006
Site freebsd.org

FreeBSD Security Advisory - The ispell_op function used by ee(1) while executing spell check operations employs an insecure method of temporary file generation. This method produces predictable file names based on the process ID and fails to confirm which path will be over written with the user.

tags | advisory
systems | freebsd
advisories | CVE-2006-0055
SHA-256 | aabdd726e7f1d21c64dd7f601f42432a072639283866afd5cb5d75fd085e4063
slsnif-ploit.pl.txt
Posted Jan 15, 2006
Authored by Sintigan | Site shellcoders.com

slsnif aka Serial Line Sniffer version 0.4.4 local root exploit.

tags | exploit, local, root
SHA-256 | 7044dc09ab1c2fff2e8facb27b5f8da29335f2ec94b707262a3868eef911a178
EV0022.txt
Posted Jan 15, 2006
Authored by Aliaksandr Hartsuyeu

MyPhPim version 01.05 is susceptible to cross site scripting and SQL injection vulnerabilities. Exploitation details provided.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | eeef0931b9afa48322ab03f07593527991dc7fd8d24cba2c2378ba282718c777
Page 3 of 3
Back123Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close