exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 34 RSS Feed

Files Date: 2004-10-07

Echo Security Advisory 2004.7
Posted Oct 7, 2004
Authored by y3dips, Echo Security | Site y3dips.echo.or.id

AJ-Fork version 1.67 is susceptible to path disclosure, directory listing, backup directory access, and other flaws that allow access to database files. Exploitation provided.

tags | exploit
SHA-256 | 8ec6b8d2a7db3b1b263f522b3d69c5e2539d1001dc807514dad9cd3127bed9d8
SCN200409-1.txt
Posted Oct 7, 2004
Authored by James McGlinn | Site servers.co.nz

A SQL injection vulnerability exists in bBlog 0.7.3 that will allow a remote user administrative privileges.

tags | advisory, remote, sql injection
SHA-256 | 64e86af99d91124d41d2bb4cc26af33bd805b5f93c64732ee22d1372f9976e05
pads-1.1.3.tar.gz
Posted Oct 7, 2004
Authored by Matt Shelton | Site passive.sourceforge.net

Pads is a signature based detection engine used to passively detect network assets. It is designed to complement IDS technology by providing context to IDS alerts.

Changes: MAC Address Vendor Resolution, PADS will now attempt to resolve the vendor name of a MAC address, bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 5ab766170b9b9d398e49ab81943136e90ac10d1790984db741067b66de921e37
coldfusionmx61.txt
Posted Oct 7, 2004
Authored by Eric Lackey

There is a vulnerability in ColdFusion MX 6.1 when a user can create a cold fusion template on a ColdFusion server with CreateObject or cfobject tags enabled.

tags | exploit
SHA-256 | b35cc809e881359da234ac0dce6ce8d8cc7a7743cecbf5078cdcc0b3ca19a324
iDEFENSE Security Advisory 2004-09-30.t
Posted Oct 7, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 09.30.04 - Remote exploitation of an input validation vulnerability in Samba allows attackers to access files and directories outside of the specified share path.

tags | advisory, remote
advisories | CVE-2004-0815
SHA-256 | 093d77ea6f8671a498b2960e60a63166e361922696586d3e51dd8af521ab506e
Alicorn Front-End to Unicornscan
Posted Oct 7, 2004
Authored by Jack Y. Louis, Robert E. Lee | Site unicornscan.org

PHP/PostfreSQL front-end to Unicornscan, a new information gathering and correlation engine built for and by members of the security research and testing communities.

tags | tool, php, sniffer
SHA-256 | cd1ceb8668dae0f4b2c023ae3b2e4a132102417998f76629ebd41e41f00b4ec5
Unicornscan v0.4.2
Posted Oct 7, 2004
Authored by Jack Y. Louis, Robert E. Lee | Site unicornscan.org

Unicornscan is a new information gathering and correlation engine built for and by members of the security research and testing communities. It was designed to provide an engine that is Scalable, Accurate, Flexible, and Efficient. It is released for the community to use under the terms of the GPL license. Unicornscan is an attempt at a User-land Distributed TCP/IP stack. It is intended to provide a researcher a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device or network.

tags | tool, sniffer, tcp
SHA-256 | 97d75b4b1bd21590631324583e09fa056619d571a68591f1de160d33fad76225
Samhain File Integrity Checker
Posted Oct 7, 2004
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Bug fixes.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 3aee0ebc1ebb1971abf7ee42e3186c20328ea94ede74439ea0128393e9851315
aircrack-2.1.tgz
Posted Oct 7, 2004
Authored by Christophe Devine

Aircrack is an 802.11 WEP cracking program that can recover a 40-bit or 104-bit WEP key once enough encrypted packets have been gathered. It implements the standard FMS attack along with some optimizations, thus making the attack much faster compared to other WEP cracking tools.

Changes: Added 11g and WPA detection support in airodump, various bug fixes.
tags | tool, wireless
SHA-256 | 9b749d98278450b80153c1f82b7e253548a3f03603062dc98cc1320803d791da
iceexec.rar
Posted Oct 7, 2004
Site delikon.de

Remote proof of concept exploit for Icecast versions 2.0.1 and below on win32 that downloads NCAT from elitehaven.net and spawns a shell on port 9999.

tags | exploit, remote, shell, proof of concept
systems | windows
SHA-256 | 79cf3f920b0cea39a5d66a27f360516678f853ec3ca8c9e63debfaa00a9a1212
priv8icecast.pl
Posted Oct 7, 2004
Authored by Luigi Auriemma, wsxz | Site Priv8security.com

Remote root exploit for Icecast 2.0.1 on Windows. Makes use of an overflow that allows for remote command execution and provides a nice reverse shell.

tags | exploit, remote, overflow, shell, root
systems | windows
SHA-256 | 8eb4988ca3de0fc8a5f36b206a8e275c4ca45baf3e95a867c8c789929cc342e6
Secunia Security Advisory 12686
Posted Oct 7, 2004
Authored by Secunia, r0ut3r | Site secunia.com

Secunia Security Advisory - Some vulnerabilities in PHP-Fusion can be exploited by malicious people to conduct SQL injection and script insertion attacks.

tags | advisory, php, vulnerability, sql injection
SHA-256 | 3bfc33c8df640d2a6a2de1df47310622b234eec864fc0ace3c37bb10a74c9a55
silentstorm.txt
Posted Oct 7, 2004

The Silent Storm Portal versions 2.1 and 2.2 suffer from cross site scripting and unauthorized administrative access vulnerabilities due to a lack of variable sanitization.

tags | exploit, vulnerability, xss
SHA-256 | 66fff379261531b82d643a07be7550936ed43fd65a23dbed702ddf1df0474c02
samba22x.txt
Posted Oct 7, 2004
Authored by Karol Wiesek | Site samba.org

Samba versions 2.2.11 and below and versions below and equal to 3.0.5 allow a remote attacker that ability to gain access to files that exist outside of the share's defined path. Such files must still be readable by the account used for the connection.

tags | advisory, remote
SHA-256 | 4f9156f25d9d86303f9556eb907601a2fdfd174787601f7b6045e7dc7b476a98
w-agora.txt
Posted Oct 7, 2004
Site maxpatrol.com

Multiple vulnerabilities were found in the w-agora forum version 4.1.6a. A remote user can conduct SQL injection, HTTP response splitting and Cross site scripting attacks.

tags | exploit, remote, web, vulnerability, xss, sql injection
SHA-256 | 252158627116de7a2f7d1b59a8370a428edf3f5dfc0dd28f1f3bb1bcd9bb5e5b
dsa-555.txt
Posted Oct 7, 2004
Authored by Simon Josefsson | Site debian.org

Debian Security Advisory DSA 555-1 - It has been noticed that the freenet6 tspc.conf file is world readable by default, allowing a local attacker to retrieve password information.

tags | advisory, local
systems | linux, debian
advisories | CVE-2004-0563
SHA-256 | 17829c003c7011c2698e773a3025aa782967aed5ff55934cd04312689bb163d9
crack_bb-0.1.tar.gz
Posted Oct 7, 2004
Authored by Florian Roth

Blackboard Hash Cracker is a bruteforce script, cracking by Blackboard Software encoded passwords via a dictionary attack.

tags | cracker
SHA-256 | 38d51d62f5d24d11311bc81ebcb1c598299a7f74b3e10e642815acf492b7cc30
abzboom.zip
Posted Oct 7, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Remote denial of service exploit for Alpha Black Zero: Intrepid Protocol versions 1.04 and below, which suffer from a denial of service flaw where the server does not limit how many clients can attempt to connect.

tags | exploit, remote, denial of service, protocol
SHA-256 | 52dc7d20f94d6123f3601ec2dacab82d609ae5bb8953ab77436ce3d2710a41c8
alphaBlack104.txt
Posted Oct 7, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Alpha Black Zero: Intrepid Protocol versions 1.04 and below suffer from a denial of service flaw where the server does not limit how many clients can attempt to connect.

tags | advisory, denial of service, protocol
SHA-256 | 4414c547a52fab54a828574d7e1fbf317922a056f062f765be6b4258949199a0
iDEFENSE Security Advisory 2004-09-29.t
Posted Oct 7, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 09.29.04 - Remote exploitation of a buffer overflow vulnerability in Macromedia's JRun 4 mod_jrun Apache module could allow execution of arbitrary code.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2004-0646
SHA-256 | 93907fd7f33154250f601c445f3d1a1ee72b302063061e76b9aefecb32be7a2c
Gentoo Linux Security Advisory 200409-35
Posted Oct 7, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200409-35 - An information leak in mod_authz_svn could allow sensitive metadata of protected areas to be leaked to unauthorized users.

tags | advisory
systems | linux, gentoo
SHA-256 | 2b072be0bf26cab40d910363fe510e068e23315916607e67bb88cbe04fac2a10
SSRT4794.txt
Posted Oct 7, 2004
Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified in Command View XP for all versions up to and including 1.8B, running on any management stations whereby it is possible to bypass access restrictions.

tags | advisory
SHA-256 | 0421e9c99b21c484f1bee311428abfcf00650deaeacacb5e5cc5eeb4dd1fe4ff
Secunia Security Advisory 12639
Posted Oct 7, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Computer Associates Unicenter Common Services, which may disclose sensitive information to malicious, local users.

tags | advisory, local
SHA-256 | dc66e166a89f52a8d1f75df952d6ce32453a2687f864f0da1906a5afbf7ad0a3
realupdate.html
Posted Oct 7, 2004
Authored by Marc Maiffret, John Heasman | Site service.real.com

RealNetworks Inc. has recently been made aware of security vulnerabilities that could potentially allow an attacker to run arbitrary or malicious code on a user's machine. While they have not received reports of anyone actually being attacked with this exploit, all security vulnerabilities are taken very seriously by RealNetworks Inc. Real has found and fixed the problem.

tags | advisory, arbitrary, vulnerability
SHA-256 | 6271c03d314637ce60285d26839c6ed02232a7c525f81fffb3637673d7cd4358
dBpowerAMP.txt
Posted Oct 7, 2004
Authored by James Bercegay | Site gulftech.org

dbPowerAmp Music Converter 10.0 and Player 2.0 suffer from multiple buffer overflow and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
SHA-256 | 6e960aaf7dcf4d341dce48d56fc7b3987ad56e984d13fae340528a8beb88d129
Page 1 of 2
Back12Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    14 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close