exploit the possibilities
Showing 1 - 25 of 216 RSS Feed

Files Date: 2004-07-01 to 2004-07-31

Posted Jul 29, 2004
Authored by Josh Gilmour

SQL Injection and cross site scripting vulnerabilities exist in AntiBoard versions 0.7.2 and below due to a lack of input validation of various variables.

tags | exploit, vulnerability, xss, sql injection
MD5 | 7b3e3b69deaf2508cd5bddf064acc884
Posted Jul 29, 2004
Authored by CoKi | Site nosystem.com.ar

Citadel/UX versions 6.23 and below are vulnerable to a buffer overflow that occurs when more than 97 bytes are sent with the USER directive to port 504.

tags | exploit, overflow
MD5 | 19ca7f050f3b6e57f8fb51c2e642600d
Posted Jul 29, 2004
Site checkpoint.com

Checkpoint Security Advisory - An ASN.1 issue has been discovered affecting Check Point VPN-1 products during negotiations of a VPN tunnel which may cause a buffer overrun, potentially compromising the gateway. In certain circumstances, this compromise could allow further network compromise.

tags | advisory, overflow
MD5 | f4e9ac39212c97a4fcb082fede7a22ca
IRM Security Advisory 9
Posted Jul 28, 2004
Authored by IRM Research | Site irmplc.com

IRM Security Advisory 009 - RiSearch version 1.0.01 and RiSearch Pro 3.2.06 are susceptible to open FTP/HTTP proxying, directory listings, and file disclosure vulnerabilities.

tags | exploit, web, vulnerability
MD5 | 1b9d106a4cfb851b8104f1d39a7e039c
Posted Jul 28, 2004
Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running the CIFS Server. This buffer overflow could potentially be exploited to remotely gain access. HP-UX versions B.11.00, B.11.11, B.11.22, and B.11.23 are all affected.

tags | advisory, overflow
systems | hpux
MD5 | d61ad57ac28a5c887e36a94b552e508b
Posted Jul 28, 2004
Authored by Vincent Deffontaines

squid-nufw-helper is an external ACL helper for Squid that provides Single Sign On capabilities. It uses the NuFW firewall suite and supports the NuFW users SQL logging scheme. The module allows for strict SSO identification and authentication of users on any Squid proxy, including transparent proxies.

tags | web
MD5 | c9a529abc2d0795dec84dc732888ef1c
Secunia Security Advisory 12150
Posted Jul 28, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in Hitachi's Web Page Generator versions 1.x and 2.x and also Enterprise releases 3.x and 4.x. These include denial of service, cross site scripting, and content disclosure attacks.

tags | advisory, web, denial of service, vulnerability, xss
MD5 | 24a7ed4970aa66d8ac623a72ea68942c
Posted Jul 28, 2004
Authored by Christophe Devine

aescrypt2 is a command line file encryption program that relies on AES-CBC-128 plus HMAC-MD5. It has been designed to be portable as well as very straightforward to use. Works on all Unix flavors and Win32.

tags | encryption
systems | windows, unix
MD5 | 5f8781343494b1c74e2aa5ebf6d594e6
Posted Jul 28, 2004
Authored by Eric Hope | Site traceproto.sourceforge.net

Traceproto is a traceroute replacement that allows the user to specify the protocol and port to trace to. It currently supports TCP, UDP, and ICMP traces.

tags | tool, udp, scanner, tcp, protocol
systems | unix
MD5 | 4d7a857fbccfb799313a32bf259d796c
Posted Jul 28, 2004
Authored by Andre Derek Protas

White paper on basic security and hardening procedures for AIX. Many of the features and functions shown throughout this guide are applicable to AIX 4.3 and above, but are more directed towards AIX 5.2. This guide attempts to cover a lot of ground and offers useful and necessary insight for anyone administering AIX machines.

tags | paper
systems | unix, aix
MD5 | 7ee76c37cf394cc8018decb23e4e558e
Secunia Security Advisory 12107
Posted Jul 28, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Komrade has reported a vulnerability in FTP Surfer, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when handling filenames. This can be exploited to cause a buffer overflow, which is triggered when the application is closed, by tricking a user into opening a file with an overly long filename from a malicious FTP server. Successful exploitation may potentially allow execution of arbitrary code. The vulnerability has been reported in version 1.0.7. Other versions may also be affected.

tags | advisory, overflow, arbitrary
MD5 | ab12a4ac2315678b57a905607062c695
Posted Jul 28, 2004
Authored by Ferruh Mavituna | Site ferruh.mavituna.com

ASPRunner versions 2.x suffer from multiple vulnerabilities. Various SQL Injection, information disclosure, cross site scripting, and database download flaws exit.

tags | advisory, vulnerability, xss, sql injection, info disclosure
MD5 | 2c1676cc234b5d5adf1b6476c9578741
Secunia Security Advisory 12165
Posted Jul 28, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ziv Kamir has reported a security issue in FTPGlide, which can be exploited by malicious, local users to view usernames and passwords. The problem is that the profiles used for connecting to FTP servers are stored in clear text and are readable by any local user. This has been reported to affect version 2.43.

tags | advisory, local
MD5 | a208647134ede8c415895cb655e65c76
phpMyFAQ Security Advisory 2004-07-27
Posted Jul 28, 2004
Authored by The phpMyFAQ Team | Site phpmyfaq.de

A flaw in phpMyFaq version 1.4.0 allows malicious users the ability to upload or delete arbitrary images.

tags | advisory, arbitrary
MD5 | 647c49671e5a96548308384ab76ec4ea
Posted Jul 27, 2004
Site gentoo.org

Gentoo Linux Security Advisory GLSA 200407-19 - Pavuk 0.x contains a bug that can allow an attacker to run arbitrary code via a buffer overflow in the Digest authentication code.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
MD5 | 8348347f9d1c6ccc27992306edea485d
Posted Jul 27, 2004
Authored by bitlance winter

A vulnerability in the Opera 7.x series allows phishing attacks due to not updating the address bar if a web page is opened using the window.open function and then replaced using the location.replace function.

tags | exploit, web
MD5 | c14ba26335be0774fdde44f2ac60d3c4
Posted Jul 27, 2004
Authored by Jordi Corrales | Site shellsec.net

An authentication error in Mensajeitor allows users to post messages with administrative privileges.

tags | advisory
MD5 | ef2ec2b7765f0b3472bfea52ca1aaa8c
Scapy Packet Manipulation Tool 0.9.17
Posted Jul 27, 2004
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do about the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

tags | tool, scanner, python
systems | unix
MD5 | c7b0363d646fbdee7fd09042de6fb0a7
Posted Jul 27, 2004
Authored by Aron Griffis | Site gentoo.org

keychain is a utility that helps manage ssh keys in a convenient and secure manner. It acts as a frontend to ssh-agent, but allows the user to easily have one long running ssh-agent process per system, rather than the norm of one ssh-agent per login session. It also makes it easy for remote cron jobs to securely hook-in to a long running ssh-agent process, allowing your scripts to take advantage of key-based logins.

tags | remote, encryption
MD5 | a95f6daf83c1aad477da332ffc6df2a2
Posted Jul 27, 2004

Microsoft Windows 2K/XP Task Scheduler local exploit that will spawn notepad.exe.

tags | exploit, local
systems | windows, 2k
advisories | CVE-2004-0212
MD5 | f49cbd2402c17cf6f8afe5bde0383382
Posted Jul 27, 2004
Authored by aCiDBiTS

Nucleus CMS version 3.01 addcoment/itemid SQL Injection Proof of Concept PHP exploit that dumps the username and md5 hash of the password for the administrator user.

tags | exploit, php, sql injection, proof of concept
MD5 | 5f33156ab09bacdd615e77aecfc99674
Posted Jul 26, 2004
Authored by Dirk Loss | Site it-consult.net

eSeSIX Thintune with a firmware equal to or below 2.4.38 is susceptible to multiple vulnerabilities. These include having a backdoored service on a high port with an embedded password giving a remote root shell, various other passwords being stored locally in clear text, and a local root shell vulnerability.

tags | exploit, remote, shell, local, root, vulnerability
MD5 | ed8d2018e1ac3d1f4a1ffa5deebcf6f7
Posted Jul 26, 2004
Site subversion.tigris.org

Subversion versions up to and including 1.0.5 have a bug in mod_authz_svn that allows users with write access to read portions of the repository that they do not have read access to.

tags | advisory
MD5 | 2520a76f3d17802a2d29d13ad9b66794
Posted Jul 26, 2004
Authored by konewka | Site priv8security.com

Simple utility that will generate Linux x86 shellcode from provided text.

tags | x86, shellcode
systems | linux
MD5 | ee7ef24309745afa5b310be1c337df2a
Posted Jul 26, 2004
Authored by konewka | Site priv8security.com

Simple utility to view hex.

MD5 | 593330c72110583c3a9e439ca037874e
Page 1 of 9

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    1 Files
  • 29
    Nov 29th
    11 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By