what you don't know can hurt you
Showing 1 - 25 of 61 RSS Feed

Files Date: 2005-06-21

phpMyVisites.txt
Posted Jun 21, 2005
Authored by Max Cerny

phpMyVisites 1.3 is susceptible to a local file retrieval vulnerability.

tags | exploit, local
MD5 | 054f4ad41c3652dd4a004c0c77bf1bfb
phox.txt
Posted Jun 21, 2005
Authored by Phox

myPHP version 3 suffers from some authentication flaws.

tags | advisory
MD5 | 51193ee739824833703a2b986a8817e0
p33r-b33r.c
Posted Jun 21, 2005
Authored by Darkeagle | Site unl0ck.org

PeerCast versions 0.1211 and below HTTP Requests remote format string exploit.

tags | exploit, remote, web
MD5 | 00f67cfea4ab785ecf052066a2de5a86
Clam AntiVirus Toolkit 0.86
Posted Jun 21, 2005
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Various fixes and updates.
tags | virus
systems | unix
MD5 | 1c886e4f4f4c3e4e76250b7b52c000b4
enterasys.txt
Posted Jun 21, 2005
Authored by Jacek Lipkowski

Enterasys Vertical Horizon switches have a default account embedded in them. Additionally, a denial of service vulnerability exists.

tags | exploit, denial of service
MD5 | 3c55a0c2a378a2559de3b5e1742f103a
groupwarePassword.txt
Posted Jun 21, 2005
Authored by Securityteam

A Vulnerability exists in the Novell GroupWise Client that will allow an attacker to identify the id and password of the users GroupWise email account. Tested vulnerable versions: 6.5.2, 6.0, and 5.5.

tags | advisory
MD5 | 247525e3134e3af71f57de4939f0c987
pafaq.pl.txt
Posted Jun 21, 2005
Authored by James Bercegay | Site gulftech.org

paFaq version 1.0 Beta 4 add administrator proof of concept exploit.

tags | exploit, proof of concept
MD5 | e4b23110de0d22452069c17a74f0f323
paFaq10beta4.txt
Posted Jun 21, 2005
Authored by James Bercegay | Site gulftech.org

paFaq version 1.0 Beta 4 suffers from SQL injection and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | c5a17775ac9f8c3830caec2f48aa4d7b
sudo168-9.txt
Posted Jun 21, 2005
Site sudo.ws

A race condition exists in Sudo's command pathname handling prior to Sudo version 1.6.8p9 that could allow a user with Sudo privileges to run arbitrary commands.

tags | advisory, arbitrary
MD5 | 5939f94fefe664dba75391d01aae7038
ciscoEnum.txt
Posted Jun 21, 2005
Authored by Roy Hills | Site nta-monitor.com

A vulnerability in Cisco VPN concentrators allows an attacker to enumerate valid groupnames on a through either a dictionary attack, or a brute-force attack. The issue exists because the concentrator responds to valid groupnames differently to the way in which it responds to invalid groupnames. The issue is believed to affect all models of Cisco VPN 3000 Concentrator: 3005, 3015, 3020, 3030, 3060 and 3080. It is believed that all software versions prior to 4.1.7.F are vulnerable.

tags | advisory
systems | cisco
MD5 | 19ac412bc2aa9bf5d8070cbc1c2538df
Echo Security Advisory 2005.18
Posted Jun 21, 2005
Authored by Echo Security, Dedi Dwianto | Site echo.or.id

Multiple SQL injection vulnerabilities exist in Ublog Reload version 1.0.5.

tags | exploit, vulnerability, sql injection
MD5 | 2653ef9ff31d1fb8373b63f08748f37d
Gentoo Linux Security Advisory 200506-16
Posted Jun 21, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200506-16 - A vulnerability has been found in cpio that can potentially allow a cpio archive to extract its files to an arbitrary directory of the creator's choice. Versions less than 2.6-r3 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2005-1111
MD5 | 213cabe29a9953b70a90984aaf99fc0e
advisory-012005.txt
Posted Jun 21, 2005
Authored by Stefan Esser | Site hardened-php.net

During an evaluation of Trac, an input validation vulnerability was discovered which can lead to arbitrary uploading and downloading of files with the permission of the web server.

tags | advisory, web, arbitrary
MD5 | 00dba04475bd475b6868aa919975df73
Gentoo Linux Security Advisory 200506-15
Posted Jun 21, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200506-15 - James Bercegay of the GulfTech Security Research Team discovered that PeerCast insecurely implements formatted printing when receiving a request with a malformed URL. Versions less than 0.1212 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 03f71e15a12f5f3f7632f11351e5d29b
Gentoo Linux Security Advisory 200506-14
Posted Jun 21, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200506-14 - Both Sun's and Blackdown's JDK and JRE may allow untrusted applets to elevate privileges. Versions less than 1.4.2.08 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 28799d13e031684b88e1ad0e59f92f8e
KCcol-xpl.pl
Posted Jun 21, 2005
Authored by K-C0d3r

Perl version of the Claroline e-Learning version 1.6 and below remote password hash extraction SQL injection exploit.

tags | exploit, remote, perl, sql injection
MD5 | 0ac46af2ede123a753211fce255eebfe
claroline16.txt
Posted Jun 21, 2005
Authored by Sieg Fried, mh_p0rtal

Claroline e-Learning versions 1.6 and below remote password hash extraction SQL injection exploit.

tags | exploit, remote, sql injection
MD5 | 4a6202bc89d4af70e45042da387bf656
Gentoo Linux Security Advisory 200506-13
Posted Jun 21, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200506-13 - Eric Romang discovered webapp-config uses a predictable temporary filename while processing certain options, resulting in a race condition. Versions less than 1.11 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 635c5d2d30feb5890aeb86ac9401cfc1
yawsSource.txt
Posted Jun 21, 2005
Authored by M. Eiszner | Site sec-consult.com

Yaws webserver versions 1.55 and below suffer from a source code disclosure flaw when a null byte is appended to the filename being accessed.

tags | advisory
MD5 | 2ee78a266dc5e86e2a53a5e8b19a8ce3
adobeXML.txt
Posted Jun 21, 2005
Authored by Jeremiah Grossman

Recent versions of Adobe Reader (previously known as Acrobat Reader) are vulnerable to XML External Entity (XXE) Attacks. By including a JavaScript in a PDF file, and have this JavaScript parse an embedded XML document with a reference to an external entity, it is possible to read certain types of textual files on the local computer, and have them sent to a remote attacker.

tags | advisory, remote, local, javascript, xxe
MD5 | c07093855ade2dac4b6131c02ed0c24c
Exploit Labs Security Advisory 2005.9
Posted Jun 21, 2005
Authored by Donnie Werner, Exploit Labs | Site exploitlabs.com

Cool Cafe Chat 1.2.1 suffers from a SQL injection vulnerability via an unsanitized password variable.

tags | exploit, sql injection
MD5 | e392b48b21b9e092a495d83dbad304b0
EEYEB-20050316.txt
Posted Jun 21, 2005
Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a vulnerability in the way various versions of Windows handle Windows Help (.CHM) files. If exploited, this vulnerability allows arbitrary code to be executed by the remote attacker. A malicious .CHM file can be opened by Internet Explorer without user interaction by using the ms-its protocol specification.

tags | advisory, remote, arbitrary, protocol
systems | windows
MD5 | 678f43edc3874d1f3b0659ecb60daecb
phpforum11.txt
Posted Jun 21, 2005
Authored by d_bug

Phpforum McGallery version 1.1 suffers from a directory traversal vulnerability.

tags | exploit
MD5 | c2aeb62cbb91fe79e5d6ca5260055752
bitrix40xInclusion.txt
Posted Jun 21, 2005
Authored by d_bug

Bitrix Site Manager 4.0.x suffers from a remote file inclusion and execution vulnerability.

tags | exploit, remote, file inclusion
MD5 | 36b1b7457acd7c67150480cd54c8d2f1
DMA-2005-0614a.txt
Posted Jun 21, 2005
Authored by Kevin Finisterre

The Global Hauri ViRobot 2.0 server suffers from a cookie related overflow.

tags | advisory, overflow
MD5 | 8a389c544ddff81441203be8fcd7474e
Page 1 of 3
Back123Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close