exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 77 RSS Feed

Files Date: 2004-12-12

phpbbquoteflaw.txt
Posted Dec 12, 2004
Authored by Matt Benenati

A flaw in phpBB 2.x allows a malicious user the ability to alter how posts are aligned due to mishandling of quotes in posts.

tags | exploit
SHA-256 | 70f56094bb313dcfcd45d1f37379dbf6cf24d348bfcc8878251a398c4ba3275d
goregsbof.zip
Posted Dec 12, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Gore proof of concept exploit that makes use of a buffer overflow in the Gamespy cd-key validation SDK toolkit.

tags | advisory, overflow, proof of concept
SHA-256 | cf5355e7973ad61b6d04183277de237d366a6deab61adfbb1cf102903a1b7d3e
la-gamespy.txt
Posted Dec 12, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Gamespy cd-key validation SDK toolkit suffers from an in-game buffer overflow vulnerability.

tags | advisory, overflow
SHA-256 | 77bedf1aa6487dec667bf59d02065c3be1789f19425ad5beefa3652de81af41a
citadel_fsexp.c
Posted Dec 12, 2004
Authored by CoKi | Site nosystem.com.ar

Remote root exploit for Citadel/UX versions 6.27 and below that makes use of a format string vulnerability. Tested against Slackware 10.0.

tags | exploit, remote, root
systems | linux, slackware
SHA-256 | 67940d624ed15be6a8a2ef3aa01c6a2a06b90ceb459471a189933677b5d6e4b8
nsg-advisory-09.txt
Posted Dec 12, 2004
Authored by CoKi | Site nosystem.com.ar

No System Group Advisory #09 - Citadel/UX versions 6.27 and below suffer from a format string vulnerability that allows for remote root exploitation.

tags | advisory, remote, root
SHA-256 | 4696971823e199337cff698d475784868739e6f9e92bff094b13b9b3806b7141
RLWAL04.zip
Posted Dec 12, 2004
Authored by Roses Labs Innovations (RL+I) | Site roseslabs.com

Web Audit Library (Wal) is a python module that provides a powerful and easy API for writing web applications assessment tools, similar to what Libwhisker does for Perl. Wal comes from the need of such a library for python. Writing web security tools using Wal is very straightforward. Wal provides the following features: send/receive/analyze HTTP 0.9/1.0/1.1, HTML parser, cookie support, anti-IDS, decoders/encoders, and much more. Requires python 2.3 or later.

Changes: SSL support, Proxy support and dozens of bugs fixed.
tags | web, perl, python, library
SHA-256 | 4c007ed432547ea5109613d7dd67c1b585a5d6f9051f0726e337aeffa360788c
scmorphism-1.4beta.tar.gz
Posted Dec 12, 2004
Authored by Rodrigo Rubira Branco | Site bsdaemon.org

SCMorphism is a shellcode polymorphism tool designed to automatically encode shellcodes using various decoders and techniques.

tags | shellcode
SHA-256 | 29a7d7fa8d76082cb40c9cddaf4b04cbdb5c5ccb23f2aa1cea9f32b7ef9c08d9
Secunia Security Advisory 12981
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to the filename and the Content-Type header not being sufficiently validated before being displayed in the file download dialog. This can be exploited to spoof file types in the download dialog by passing specially crafted Content-Disposition and Content-Type headers containing dots and ASCII character code 160. Successful exploitation may result in users being tricked into executing a malicious file via the download dialog. The vulnerability has been confirmed on Opera 7.54 for Windows. Other versions may also be affected.

tags | advisory, spoof
systems | windows
SHA-256 | 3039a1672179b775aa7c491c4d1dd8a33aa4723167c21f1976a34523b34bfe14
Gentoo Linux Security Advisory 200412-6
Posted Dec 12, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200412-06 - PHProjekt contains a vulnerability in the setup procedure allowing remote users without admin rights to change the configuration.

tags | advisory, remote
systems | linux, gentoo
SHA-256 | 5bae0ab12298a42e2f37917a4093de5d7f8f8de2c9b0664a0462ee955fb6c4b1
Secunia Security Advisory 13409
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Alexander Fichman has reported a weakness in Microsoft Office SharePoint Portal Server 2003, which may disclose sensitive information to malicious, local users on the system.

tags | advisory, local
SHA-256 | b7bf18526610a3fba5b6eba2971cb85fd9f800185d5e7516244680376b8f4d78
Secunia Security Advisory 13412
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has reported a vulnerability in iCab, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.

tags | advisory, spoof
SHA-256 | d776027867d552ada252f1f365b9a26b4daaa3b8a91a128d5b220cdfea21ec43
Secunia Security Advisory 13418
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has reported a vulnerability in OmniWeb, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.

tags | advisory, spoof
SHA-256 | 203d85b10a492ca1e807802062bb860b92c2e7983a1e4f45a6a06a72bd477232
Secunia Security Advisory 13356
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has reported a vulnerability in Internet Explorer for Mac, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.

tags | advisory, spoof
SHA-256 | e5cbc8d7aa81c3b95cc2c2f32a57456e00f8faff54f0a8daff22fc5fc1a672f9
dsa-607.txt
Posted Dec 12, 2004
Site debian.org

Debian Security Advisory 607-1 - Several developers have discovered a number of problems in the libXpm library which is provided by X.Org, XFree86 and LessTif. These bugs can be exploited by remote and/or local attackers to gain access to the system or to escalate their local privileges, by using a specially crafted XPM image.

tags | advisory, remote, local
systems | linux, debian
advisories | CVE-2004-0914
SHA-256 | 92e7bd5b29761513771a1772f54dd0d5024e128275bd7b489004e373a340c1f3
Secunia Security Advisory 13374
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Kerio WinRoute Firewall, which can be exploited by malicious people to poison the DNS cache. The vulnerability is caused due to an unspecified error and can be exploited to insert fake information in the DNS cache. The vulnerability has been reported in version 6.0.8. Prior versions may also be affected.

tags | advisory
SHA-256 | 9470e3ba88264de0947d2cbf1f95c8ccf7561c3ae9e25f96c3b59bcabc37bc98
Secunia Security Advisory 13411
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in MIMEsweeper for SMTP, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the Security Service when processing PDF files. This can be exploited to crash the Security Service by sending an email containing a specially crafted PDF file as attachment.

tags | advisory, denial of service
SHA-256 | 847db55edac0b9a1ff35f6e4671b96ac95c986ddaac0a8d11f359cfe0c4fe205
pfpro-0.1.1.tar.gz
Posted Dec 12, 2004
Authored by acidos | Site pfpro.sf.net

PfPro is a Java based GUI for creating OpenBSD PF firewall configurations.

Changes: Minor changes.
tags | tool, java, firewall
systems | unix, openbsd
SHA-256 | 9045f93ccf02dcef027cc8434dea5fd77fb7f8f71a2d4923b79fc9fefd1b4d87
tinyca-0.6.7.tar.gz
Posted Dec 12, 2004
Authored by Stephan Martin | Site tinyca.sm-zone.net

TinyCA is a simple GUI written in Perl-Gtk to manage a small certification authority. It works as a frontend to OpenSSL. TinyCA lets you manage x509 certificates. It is possible to export data in PEM or DER format for use with servers, as PKCS#12 for use with clients, or as S/MIME certificates for use with email programs. It is also possible to import your own PKCS#10 requests and generate certificates from them. It also lets you create and manage SubCAs for more complex setups. The most important certificate extensions can be configured with the graphical frontend. English and German translations are included.

Changes: Added Import functionality.
tags | perl, encryption
SHA-256 | 8a1bb32cee60240ac5d5a649d5bfa156a97838bf1b1396b7d7711a407c3f3dd2
openct-0.6.2.tar.gz
Posted Dec 12, 2004
Authored by Andreas Jellinghaus | Site opensc-project.org

OpenCT is a library for accessing smart card terminals. It provides a rich set of functions for driver writers, protocol drivers for T=0 and T=1, serial and USB functionality, including USB hotplugging. The main user of OpenCT is the OpenSC smart card framework, but OpenCT can of course be used by other applications as well. OpenCT provides a native OpenCT, CT-API and PC/SC Lite IFD interface with an OpenCT ifdhandler resource manager.

tags | protocol, library
SHA-256 | 1de736e0b87f2f911e12e3783b86a12ed92e9e0c2d6d74bb86e066da0380766f
arpalert.tar.gz
Posted Dec 12, 2004
Authored by Thierry Fournier | Site perso.numericable.fr

arpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.

tags | local
systems | unix
SHA-256 | b8955ae8ecdf629bea2a66cf408810c212bf51f264a111e850a2ffccbc273765
Secunia Security Advisory 13414
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in PHP Gift Registry, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, php, registry, vulnerability, xss
SHA-256 | 53ed3e34e7259ed51ccd79ed6e7d87cc39ebc98766501b422f625fabdacb624d
fsecureDisclose.txt
Posted Dec 12, 2004
Authored by Oliver Karow

F-Secure Policy Manager has a path disclosure vulnerability when being fed a malformed URL.

tags | advisory
SHA-256 | d7607bd9f5edb9970bab1a1ea1cc4f470f0a88d34e627d489fc8f58359c9228c
Secunia Security Advisory 13410
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Jeremy Fitzhardinge has reported some potential vulnerabilities with an unknown impact in the Linux Kernel.

tags | advisory, kernel, vulnerability
systems | linux
SHA-256 | 232afce89926e41a352c93cc15d531d100256a8f7c31199adbf145dfd817246b
Secunia Security Advisory 13408
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Artur Szostak has reported a vulnerability in Squid, which can be exploited by malicious people to gain knowledge of potentially sensitive information.

tags | advisory
SHA-256 | 3d3fcad20da28cd9a4fb337e05279a5661c6c80df6998e124ed14a4fa04f78a7
Secunia Security Advisory 13405
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in rootsh, which can be exploited by malicious, local users to bypass the logging functionality.

tags | advisory, local
SHA-256 | 91c7a7a0a456c648804743c33935aa250f41c039a9cca1801b422a899d4450d6
Page 1 of 4
Back1234Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close