what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 111 RSS Feed

Files Date: 2005-03-15

photopost50rc3.txt
Posted Mar 15, 2005
Authored by Igor Franchuk

PhotoPost 5.0RC3 is susceptible to SQL injection, arbitrary file upload, cross site scripting, and various manipulation flaws.

tags | exploit, arbitrary, xss, sql injection, file upload
SHA-256 | 0b6ed983b076ee2d4747a046aec2414e2cdc85fe6b5b11e5af9bf5f2cb0512b8
ubbSQL.txt
Posted Mar 15, 2005
Authored by kreon | Site adz.void.ru

UBB.threads version 6 is susceptible to a SQL injection attack in the editpost.php module.

tags | exploit, php, sql injection
SHA-256 | cfbe8ebd5d12e416db9bb89e13a9b9fbec917af66bef40faa03dc285bb757b1c
spinworkds.txt
Posted Mar 15, 2005
Authored by Dr. Insane

A vulnerability has been identified in Spinworks application server that allow a remote user to succesfully crash the server by supplying a '.' in the sid parameter.

tags | advisory, remote
SHA-256 | 910f03dfbc884bf97c6b6788b7c2a7b7d5ff6e6b9d751e648b24eff160c82744
exp3.pl.txt
Posted Mar 15, 2005
Authored by Stefano Di Paola | Site wisec.it

Proof of concept exploit that makes use of functions in libc in order to gain MySQL user privileges. Version 4.1.10 and versions below and equal to 4.0.23 are affected.

tags | exploit, proof of concept
SHA-256 | 883268c86f6fa35f215d28b707d9b6aa5143b2203243c3f53302acab8d0dc34d
mysqlCreatelibc.txt
Posted Mar 15, 2005
Authored by Stefano Di Paola | Site wisec.it

If an authenticated user has INSERT and DELETE privileges on an mysql administrative database, it is possible, by using the CREATE FUNCTION command, to take advantage of functions from libc in order to gain mysql user privileges. Version 4.1.10 and versions below and equal to 4.0.23 are affected.

tags | advisory
SHA-256 | 05ae9e22a0591885b9e526aefabcc601ce81851c4dcec3496411367507e6bb0a
exp2.php.txt
Posted Mar 15, 2005
Authored by Stefano Di Paola | Site wisec.it

Proof of concept exploit that makes use of a library injection flaw in MySQL via the CREATE function. Version 4.1.10 and versions below and equal to 4.0.23 are affected.

tags | exploit, proof of concept
SHA-256 | d74efbde515c47b96c4ca08796c904e378535ec258fbffd7eb05c6774714d9c8
mysqlCreateinject.txt
Posted Mar 15, 2005
Authored by Stefano Di Paola | Site wisec.it

If an authenticated user has INSERT and DELETE privileges on a mysql administrative database, it is possible to use a library located in an arbitrary directory using the CREATE function. Version 4.1.10 and versions below and equal to 4.0.23 are affected.

tags | advisory, arbitrary
SHA-256 | b6cd1438080f20142c162f5f1c30010bcc56c15eeb9a45e72e51b6759e1dc41f
nufw-1.0.0.tar.gz
Posted Mar 15, 2005
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: Some code cleaning and a new configure option.
tags | tool, remote, firewall
systems | unix
SHA-256 | 73018186a2d1d30f0b50f0b6d8819edb8cf8742f51531fdd50ba98e6aeb3cb76
Linux IPTables Firewall
Posted Mar 15, 2005
Site iptables.org

iptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.

Changes: Various bug fixes.
tags | tool, firewall
systems | linux
SHA-256 | 9f8b504a6133f6065659d4d4aeccae3509663d014946633ceb25e5813db6a358
ap-utils-1.5.tar.bz2
Posted Mar 15, 2005
Authored by roma | Site ap-utils.polesye.net

Access Point Utilities for Unix is a set of utilities that configure and monitor a Wireless Access Point under Unix. It is known to compile (with GCC and the IBM C compiler) and run under Linux, FreeBSD, OpenBSD, MacOS X, AIX, and QNX.

Changes: Documentation and translation updates. Various bug fixes and feature enhancements.
tags | tool, wireless
systems | linux, unix, freebsd, openbsd, aix, osx
SHA-256 | f01d068650f0f05c5b3753147ee0a5d3dfc07732c9788bb295683e66415a325d
p0f-db-20050307.tar.gz
Posted Mar 15, 2005
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.

Changes: Added a patch.
tags | tool, remote, local, scanner
systems | linux, netbsd, unix, solaris, freebsd, openbsd
SHA-256 | 524bb56f5c023913a3328472fa5f6aa5a6cb2c88568ba205c466a1b9a7dfe0e4
iDEFENSE Security Advisory 2005-03-10.t
Posted Mar 15, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.10.05 - Exploitation of a remote buffer overflow within the IMAP daemon of Ipswitch Collaboration Suite allows attackers to execute arbitrary code with administrator privileges.

tags | advisory, remote, overflow, arbitrary, imap
advisories | CVE-2005-0707
SHA-256 | 65f99d3babacbf39e324ea4688bb6e5789a845e47f28952a95d10b7dd06116f7
sdf1-apple.txt
Posted Mar 15, 2005
Authored by Ray Slakinski

Apple ships XCode 1.5 with a feature for distributed compiling that ships with distcc, a Samba module that is susceptible to known exploits allowing for full user access to the target machine.

tags | advisory
systems | apple
SHA-256 | eceae8836e927c9decfd2d91544916148c6c6233db47ee50f8252e1caf55601f
Secunia Security Advisory 14580
Posted Mar 15, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - farhad koosha has reported a security issue in aeNovo, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 733dbc1fe2feb97af0844bbfbf3682a8ed3f40767cd9f8f102480517ab015546
Secunia Security Advisory 14564
Posted Mar 15, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luca Ercoli has reported a vulnerability in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | a263c19e2fb82d6ca83a3b34bd2b99892f0cb51c7bed23d4f54e9d4f7641ae4a
Secunia Security Advisory 14578
Posted Mar 15, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ADZ Security Team has reported a vulnerability in UBB.threads, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 955ad40fa70492eb158512a423d975e8d166540d6300a533c5cf2188d6da5197
Secunia Security Advisory 14566
Posted Mar 15, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Virginity has reported a vulnerability in holaCMS, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 83f245a1865b1abd5122d6a46542c374f3abd6e61e6fc8c13d3f8a08d2c08d3f
Secunia Security Advisory 14579
Posted Mar 15, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Dr_insane has discovered a vulnerability in Spinworks Application Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | a3c1e9fa7bcc022ac9bd467eb46eaa340af2c1b7ad9ba84457bb705a501954b9
Secunia Security Advisory 14576
Posted Mar 15, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Igor Franchuk has reported some vulnerabilities in PhotoPost PHP Pro, which can be exploited to conduct script insertion and SQL injection attacks, bypass certain security restrictions and manipulate potentially sensitive information.

tags | advisory, php, vulnerability, sql injection
SHA-256 | 878de5ccb8b58f6e7985e222ec01cad579f6b3df3a3789cac42b0a520f106a07
Secunia Security Advisory 14567
Posted Mar 15, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - bitlance winter has discovered a weakness in Thunderbird, which can be exploited by malicious people to trick users into saving malicious files by obfuscating URLs.

tags | advisory
SHA-256 | d67dc703f0c77b9795a523679563b801ed19cb524624f9ee9a44f8aadfadee61
Secunia Security Advisory 14568
Posted Mar 15, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - bitlance winter has discovered a weakness in Mozilla, which can be exploited by malicious people to trick users into saving malicious files by obfuscating URLs.

tags | advisory
SHA-256 | 3394eed9c487f3de5bf2f72540ba5a7aaf3604097f142ccedaf1cac756ade7f8
Secunia Security Advisory 14565
Posted Mar 15, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - bitlance winter has discovered a weakness in Firefox, which can be exploited by malicious people to trick users into saving malicious files by obfuscating URLs.

tags | advisory
SHA-256 | 5d15df5847fd6524a76df440cb853b29e46921dcc89bb1723bcc7c2f34ccd920
Secunia Security Advisory 14547
Posted Mar 15, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefano Di Paola has reported two vulnerabilities in MySQL, which potentially can be exploited by malicious users to compromise a vulnerable system and by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.

tags | advisory, local, vulnerability
SHA-256 | 7712d3b9ec53a57e5fa78166a6a9748c7cb3c0218dbf72e38440b994d5e05518
Secunia Security Advisory 14554
Posted Mar 15, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Phorum, which potentially can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 23763bf33e6937d2fddee3bf9f33718a6a42145c1af2b2425375a76d47caa64f
Secunia Security Advisory 14559
Posted Mar 15, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fidel Costa has discovered a vulnerability in WEBInsta Limbo, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 7c516590cd63b79f262bd4adfbd2264446516549faee87cef7f568677bc0c935
Page 1 of 5
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close