exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files from Chris Travers

Email addresschris.travers at gmail.com
First Active2003-02-02
Last Active2014-02-03
LedgerSMB Improper Logout
Posted Feb 3, 2014
Authored by Chris Travers

LedgerSMB versions prior to 1.3.36 suffer from an improper logout vulnerability that can allow for replay attacks.

tags | exploit
SHA-256 | aebd76ca1473ca0c35d7b7dbc17da3b164760cd470cacb9812093262becbfd72
LedgerSMB 1.3 Denial Of Service
Posted Jul 31, 2012
Authored by Chris Travers

A security oversight has been discovered in LedgerSMB 1.3 which could allow a malicious user to cause a denial of service against LedgerSMB or otherwise affect the way in which certain forms of data would get entered.

tags | advisory, denial of service
SHA-256 | 4cd2f77e1b66b8024507a17ff8fd9246978a15c4237dcc46026b9a96ef1a1227
SQL-Ledger 2.8.33 / LedgerSMB 1.2.24 SQL Injection
Posted Aug 31, 2011
Authored by Chris Travers

SQL-Ledger versions 2.8.33 and below and LedgerSMB versions 1.2.24 and below suffer from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
SHA-256 | 74ae2dd9a5dbeecf672c223648b93cc3b3ea5aeb23766d4edca33c4cbbb332c1
LedgerSMB 1.2.24 SQL Injection
Posted Aug 25, 2011
Authored by Chris Travers

The LedgerSMB development team has found an SQL injection issue in LedgerSMB version 1.2.24. Because this issue stems from their common SQL-Ledger heritage, it affects all versions of LedgerSMB and has been confirmed in SQL-Ledger version 2.8.33.

tags | advisory, sql injection
SHA-256 | d46a40d761ab4f653c338833304f4974937256b45896dba52e8970d226b6ce1c
SQL-Ledger Cross Site Request Forgery / Local File Inclusion / SQL Injection
Posted Jan 26, 2010
Authored by Chris Travers

SQL-Ledger has been patched to address cross site request forgery, local file inclusion, no secure flag on cookie, default administrator password and remote SQL injection vulnerabilities.

tags | advisory, remote, local, vulnerability, sql injection, file inclusion, csrf
advisories | CVE-2009-3580, CVE-2009-3582, CVE-2009-3583, CVE-2009-4402, CVE-2009-3584
SHA-256 | 285bfdfd6459c517b7d7fdad4e66f894515d9a97b2c09fb44c8c4036cdd19c20
ledgersmb-sql.txt
Posted Oct 10, 2007
Authored by Chris Travers

LedgerSMB versions 1.0.0 through 1.2.7 and SQL-Ledger version 2.x are susceptible to SQL injection vulnerabilities.

tags | advisory, vulnerability, sql injection
SHA-256 | eda42bf7f295bb93c14358c74c7fcb4333fb8f63d7b699a043b52c7b3368a891
ledgersmb-bypass.txt
Posted Jul 19, 2007
Authored by Chris Travers

LedgerSMB versions 1.2.0 through 1.2.6 suffer from an authentication bypass.

tags | advisory, bypass
SHA-256 | 095c2dbf209d876105110d06020263404fc91e57fbd9e2597f5c50ee7e4d301b
overtheledger.txt
Posted Mar 20, 2007
Authored by Chris Travers

LedgerSMB versions below 1.1.10 and SQL-Ledger versions below 2.6.27 suffer from arbitrary code execution flaws. SQL-Ledger also suffers from an authentication bypass vulnerability. Details provided.

tags | exploit, arbitrary, code execution, bypass
SHA-256 | b02d142d543c4e1b63e89850d09320c110d56c8a7b6b58ce6ea7b5cc79a90ff8
ledger-multi.txt
Posted Mar 6, 2007
Authored by Chris Travers

Another security issue has been found in LedgerSMB versions 1.1.5 and below and all versions of SQL-Ledger which allows an attacker to engage in directory transversal, retrieval of sensitive information, user account fabrication, or even arbitrary code execution.

tags | advisory, arbitrary, code execution
SHA-256 | 92c29f7115d1ad3119189f3c9d9a8812b23ba13320ea31a997a5207f3c9403f2
sqlledger.txt
Posted Sep 8, 2006
Authored by Chris Travers

SQL-Ledger uses a fundamentally flawed approach to session authentication. All versions of SQL-Ledger from 2.4.4 to the present (2.6.17 as of this writing) are vulnerable.

tags | exploit
SHA-256 | 37e1d7c4d55623267b9bade8f69db530dbaa4628327b91a0dec29a95800e68df
fwreport-1.0.1.tar
Posted Feb 2, 2003
Authored by Chris Travers | Site sourceforge.net

FWReport 1.0.0 is a log parser and reporter for IPTables. It generates daily and monthly summaries of the log files, allowing admins to free up substantial time, maintain better control over security of the network, and reduce the likelihood that attacks will go unnoticed.

systems | unix
SHA-256 | 4733e349da3d5359a1ead6e850b3715845498392bf612582792c369c45bcd4cd
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close