what you don't know can hurt you
Showing 1 - 11 of 11 RSS Feed

Files from Chris Travers

Email addresschris.travers at gmail.com
First Active2003-02-02
Last Active2014-02-03
LedgerSMB Improper Logout
Posted Feb 3, 2014
Authored by Chris Travers

LedgerSMB versions prior to 1.3.36 suffer from an improper logout vulnerability that can allow for replay attacks.

tags | exploit
MD5 | ac9a72ec1f90c2da293596515d926724
LedgerSMB 1.3 Denial Of Service
Posted Jul 31, 2012
Authored by Chris Travers

A security oversight has been discovered in LedgerSMB 1.3 which could allow a malicious user to cause a denial of service against LedgerSMB or otherwise affect the way in which certain forms of data would get entered.

tags | advisory, denial of service
MD5 | cb66e6f2346d3301da55e95082a1e4d3
SQL-Ledger 2.8.33 / LedgerSMB 1.2.24 SQL Injection
Posted Aug 31, 2011
Authored by Chris Travers

SQL-Ledger versions 2.8.33 and below and LedgerSMB versions 1.2.24 and below suffer from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
MD5 | bfe294cd4b1b21395f42a22491567ca9
LedgerSMB 1.2.24 SQL Injection
Posted Aug 25, 2011
Authored by Chris Travers

The LedgerSMB development team has found an SQL injection issue in LedgerSMB version 1.2.24. Because this issue stems from their common SQL-Ledger heritage, it affects all versions of LedgerSMB and has been confirmed in SQL-Ledger version 2.8.33.

tags | advisory, sql injection
MD5 | 0b83d4bf0a0266a9d68b3d21c59b8494
SQL-Ledger Cross Site Request Forgery / Local File Inclusion / SQL Injection
Posted Jan 26, 2010
Authored by Chris Travers

SQL-Ledger has been patched to address cross site request forgery, local file inclusion, no secure flag on cookie, default administrator password and remote SQL injection vulnerabilities.

tags | advisory, remote, local, vulnerability, sql injection, file inclusion, csrf
advisories | CVE-2009-3580, CVE-2009-3582, CVE-2009-3583, CVE-2009-4402, CVE-2009-3584
MD5 | 73168ad9809cc91860fc4289b1c43b51
ledgersmb-sql.txt
Posted Oct 10, 2007
Authored by Chris Travers

LedgerSMB versions 1.0.0 through 1.2.7 and SQL-Ledger version 2.x are susceptible to SQL injection vulnerabilities.

tags | advisory, vulnerability, sql injection
MD5 | 80f93761cb45c1458fb9389589c91ff1
ledgersmb-bypass.txt
Posted Jul 19, 2007
Authored by Chris Travers

LedgerSMB versions 1.2.0 through 1.2.6 suffer from an authentication bypass.

tags | advisory, bypass
MD5 | da593cf217e1cd7ff7d1ecd11e8c035a
overtheledger.txt
Posted Mar 20, 2007
Authored by Chris Travers

LedgerSMB versions below 1.1.10 and SQL-Ledger versions below 2.6.27 suffer from arbitrary code execution flaws. SQL-Ledger also suffers from an authentication bypass vulnerability. Details provided.

tags | exploit, arbitrary, code execution, bypass
MD5 | 1df79a09478cc2fde3152194518168e9
ledger-multi.txt
Posted Mar 6, 2007
Authored by Chris Travers

Another security issue has been found in LedgerSMB versions 1.1.5 and below and all versions of SQL-Ledger which allows an attacker to engage in directory transversal, retrieval of sensitive information, user account fabrication, or even arbitrary code execution.

tags | advisory, arbitrary, code execution
MD5 | 3ecf46beda31a0753fb83f0cdfdc107b
sqlledger.txt
Posted Sep 8, 2006
Authored by Chris Travers

SQL-Ledger uses a fundamentally flawed approach to session authentication. All versions of SQL-Ledger from 2.4.4 to the present (2.6.17 as of this writing) are vulnerable.

tags | exploit
MD5 | 4c66054153089898e475c523e3a009ee
fwreport-1.0.1.tar
Posted Feb 2, 2003
Authored by Chris Travers | Site sourceforge.net

FWReport 1.0.0 is a log parser and reporter for IPTables. It generates daily and monthly summaries of the log files, allowing admins to free up substantial time, maintain better control over security of the network, and reduce the likelihood that attacks will go unnoticed.

systems | unix
MD5 | 77b993ed1abf433316ba70f73dace81b
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    11 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close