exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 84 RSS Feed

Files Date: 2007-04-17 to 2007-04-18

propecia2.c
Posted Apr 17, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

A hack of propecia.c to include class A domain scanning and banner grabbing.

tags | tool, scanner
systems | unix
SHA-256 | ae8a423a27e728cb503ae16ca7498897d5c367359e9d1cc6bd038e6287aae1e4
phpnuke-bypass-sql.txt
Posted Apr 17, 2007
Authored by Aleksandar aka sale83

PHP-Nuke versions 8.0.0.3.3b and below suffer from a flaw that allows the SQL injection protection to be bypassed thus allowing for attacks. Details provided.

tags | exploit, php, sql injection, bypass
SHA-256 | e8ff03b9574af29c44c7061332f9fa9f8c0b900accd47af22c307553c80e497d
netsprint-exec.txt
Posted Apr 17, 2007
Authored by sapheal

Netsprint Toolbar version 1.1 suffers from a buffer overrun vulnerability.

tags | advisory, overflow
SHA-256 | 1ad5002ca5075e2b188da4d08d7c1f9be2dae58d8475eae58da031fe9b739ac6
iDEFENSE Security Advisory 2007-04-16.2
Posted Apr 17, 2007
Authored by iDefense Labs, McSlibin | Site idefense.com

iDefense Security Advisory 04.16.07 - Remote exploitation of a buffer overflow vulnerability in Akamai Technologies, Inc's Download Manager ActiveX Control could allow an attacker to execute arbitrary code within the security context of the targeted user. iDefense has confirmed the existence of this vulnerability within version 2.2.0.5 of Akamai Technologies Inc's DownloadManagerV2.ocx. All older versions are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary, activex
advisories | CVE-2007-1891
SHA-256 | bd7c8b62df5ed63b528af4059e2e8c5a5b7a896e5b3d9bc44b6a53e6e38cb804
Mandriva Linux Security Advisory 2007.086
Posted Apr 17, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A flaw was discovered in how CUPS handled SSL negotiation that could allow a remote attacker capable of connecting to the CUPS daemon to cause a DoS to other CUPS users.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2007-0720
SHA-256 | 2c75cf3ebd48ac4a57d8ee7059eb95c7119a711d5061da1f90d4fb0430cbc0f0
Gentoo Linux Security Advisory 200704-12
Posted Apr 17, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200704-12 - John Heasman of NGSSoftware has discovered a stack-based buffer overflow in the StarCalc parser and an input validation error when processing metacharacters in a link. Also OpenOffice.Org includes code from libwpd making it vulnerable to heap-based overflows when converting WordPerfect document tables (GLSA 200704-07). Versions less than 2.1.0-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-0002, CVE-2007-0238, CVE-2007-0239
SHA-256 | 74b0fcdf442f7d50af5cc91ca0bc3cc8490733897b5f1c1544134f2e17d01f6b
Mandriva Linux Security Advisory 2007.085
Posted Apr 17, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures.

tags | advisory, remote, denial of service, memory leak
systems | linux, mandriva
advisories | CVE-2007-2028
SHA-256 | 16cc2182d8b5e734c6db73d481075a284e427cf82b792b4d08a2bd8a0d356858
Mandriva Linux Security Advisory 2007.084
Posted Apr 17, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The ipsec-tools package prior to version 0.6.7 allows remote attackers to cause a Denial of Service (tunnel crash) via crafted DELTE and NOTIFY messages.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2007-1841
SHA-256 | 9884cd76064966a13c483dca185a893c7bf64f985f22ed9cd8ee8cb91ed56783
ATSA-2007-001.txt
Posted Apr 17, 2007
Authored by iDefense, FortiNet | Site akamai.com

Akamai Technologies Security Advisory 2007-0001 - Two security vulnerabilities have been discovered in the ActiveX version of Akamai Download Manager. For successful exploitation, both vulnerabilities require the user to visit a malicious URL, triggering a stack-based buffer overflow that allows the attacker to execute arbitrary code within the context of the victim.

tags | advisory, overflow, arbitrary, vulnerability, activex
advisories | CVE-2007-1891, CVE-2007-1892
SHA-256 | dbbaf096163cf2efc8265445fa804f02abd06396737956dba892bb7bf7981d35
wabbit-xss.txt
Posted Apr 17, 2007
Authored by the_Edit0r | Site xmors-security.com

Wabbit PHP Gallery version 0.9 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | d3dc7bc7af30921a747c4330a8a259e1058f56e33a1c029f74c72b2359125a8c
Gentoo Linux Security Advisory 200704-11
Posted Apr 17, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200704-11 - During an internal audit, Raphael Marichez of the Gentoo Linux Security Team found that Vixie Cron has weak permissions set on Gentoo, allowing for a local user to create hard links to system and users cron files, while a st_nlink check in database.c will generate a superfluous error. Versions less than 4.1-r10 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2007-1856
SHA-256 | 621ba41866d3c9ca4724522e77f353267d1cb019936b388520231204e7bf8070
ivan-rfi.txt
Posted Apr 17, 2007
Authored by SekoMirza

Ivan Gallery Script version 0.1 remote file inclusion exploit.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 3c54e555424f64952f2651f5481d8e386826f91a03f47502ffd6aecdea9d4d29
iDEFENSE Security Advisory 2007-04-16.1
Posted Apr 17, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 04.16.07 - Remote exploitation of a buffer overflow vulnerability in Clam AntiVirus' ClamAV allows attackers to execute arbitrary code with the privileges of the affected process. The vulnerability exists within the cab_unstore() function in libclamav, the library used by clamd to scan various file types. A 32-bit signed integer is taken from the packet and compared against the sizeof() the destination buffer. However, the sizeof() return value is improperly casted to a signed integer. By supplying a negative value, an attacker can pass cause the comparison to succeed. This eventually leads to an exploitable stack-based buffer overflow. iDefense has confirmed the existence of this vulnerability in ClamAV in versions 0.90rc3 through 0.90.1.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2007-1997
SHA-256 | a0e03ca2f3785c29263dffc681e45f0d4c2adfe3bada8fefa43b8334247040c6
dns-poison.txt
Posted Apr 17, 2007
Authored by Makoto Shiotsuki

Whitepaper discussing Windows DNS cache poisoning by forwarder DNS spoofing.

tags | paper, spoof
systems | windows
SHA-256 | a8edfacf63fc3159336647ddf759fbe145f1138297489817602d348e2b57d3a4
myblog098-exec.txt
Posted Apr 17, 2007
Authored by BlackHawk | Site itablackhawk.altervista.org

MyBlog versions 0.9.8 and below remote command execution exploit.

tags | exploit, remote
SHA-256 | 4aa2dcc6cbe8dc143c4ab7969cca79681024ff371081ce9c27147058c2eef087
action-rfi.txt
Posted Apr 17, 2007
Authored by SekoMirza

ActionPoll PhpOpenChat version 1.1.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 479a393a4dfa1447096a9de8868a998571d13f8c33f100545b02135f41bcc40c
major_rls45.txt
Posted Apr 17, 2007
Authored by David "Aesthetico" Vieira-Kurz | Site majorsecurity.de

oe2edit CMS suffers from cross site scripting and cookie manipulation vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 1d545e67b993df013f9a00de25830766a799b8b03071712d0eae874b63679455
msdns_zonename.rb.txt
Posted Apr 17, 2007
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a stack overflow in the RPC interface of the Microsoft DNS service. The vulnerability is triggered when a long zone name is supplied that contains escaped characters. This exploit will NOT work on Windows 2003 SP1 or SP2 if hardware DEP is enabled.

tags | exploit, overflow
systems | windows
advisories | CVE-2007-1748
SHA-256 | 9e489d03059ad614ec6b6212926d5c4b2852414c9f8a30464d6ccd7e43d0f9ca
Secunia Security Advisory 24826
Posted Apr 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for ipsec-tools. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, mandriva
SHA-256 | f2b14903da0c9609abba4fb0cddc4215240291ed9fb309e1560bd0dc924ea1ca
Secunia Security Advisory 24859
Posted Apr 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for inkscape. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, gentoo
SHA-256 | f835a527c40b654829f18eb638dfb9350b07f9822ff76f71a8e3a7758d3c5fd5
Secunia Security Advisory 24882
Posted Apr 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in MailBee WebMail Pro, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 9d2fba4ff6b421d455310f33dc0e505ca72185e6abc94f82cd86a03c0f3e664a
Secunia Security Advisory 24890
Posted Apr 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Alkomandoz Hacker has reported a vulnerability in StoreFront for Gallery, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | b4f9e91c97acf7ad1f10e59e2cdcd8c87f3de1416274cd8cf9b8592e4cdd2761
Secunia Security Advisory 24895
Posted Apr 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, mandriva
SHA-256 | 685a9c0d04028b3b1ee55379270c7e74cb56c676fb6033a93f00d24c9437fa3a
Secunia Security Advisory 24900
Posted Apr 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Akamai Download Manager ActiveX control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability, activex
SHA-256 | 376deccaa736ef478da06e4ce388a81bfb044c789b90c1a1c59046660f200d4f
Secunia Security Advisory 24901
Posted Apr 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rPath has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, gain escalated privileges, and by malicious people to cause a DoS.

tags | advisory, denial of service, kernel, local, vulnerability
SHA-256 | 2540b32d7a37f84188785069a78cfd53a3cabe380faf19f6da5f46cf190ab8ac
Page 1 of 4
Back1234Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close