what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 34 RSS Feed

Files Date: 2005-07-21

Posted Jul 21, 2005
Authored by Lostmon

CMSimple versions 2.4 and below are susceptible to cross site scripting attacks. Exploitation details provided.

tags | exploit, xss
SHA-256 | ac5fd80af7327965eade344735d47989fe407c7d846f5b82c9581eed9c67f1b4
Posted Jul 21, 2005
Authored by snooq | Site redpuffer.net

Proof of concept exploit for the MS05-036 JPEG ICC overflow issue.

tags | exploit, overflow, proof of concept
SHA-256 | 964d55971ebc2328554586401051651c26d84a43f508f62667f0210d4af91b9a
Secunia Security Advisory 16128
Posted Jul 21, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mark Pilgrim has reported a vulnerability in the Greasemonkey extension for Firefox, which can be exploited by malicious people to disclose various information.

tags | advisory
SHA-256 | dddb2788715783fb070fbb5f0fbb4c61388ee7f8ce00e265751f9eeda421aebe
Secunia Security Advisory 16152
Posted Jul 21, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun Microsystems has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to cause files to be extracted to an arbitrary directory on a user's system.

tags | advisory, arbitrary
systems | solaris
SHA-256 | 6d2912243cbe67007cfb7b149f38c3831e91c4116d06703d17516aa0c8f81e97
Secunia Security Advisory 16154
Posted Jul 21, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rgod has discovered a vulnerability in Pyrox Search, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 46303c97074299fa59d508b33bd954f4a9228ba36d779fbc04bb0cfd4c51e1f3
Secunia Security Advisory 16155
Posted Jul 21, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - KDE has issued an update for Kopete. This fixes some vulnerabilities in libgadu, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | ffa088eb32f921e73b58ecbd4c562fa8e2626d77523faad04ed78fd59b6b3048
Posted Jul 21, 2005
Authored by topolb | Site sourceforge.net

Weplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. Several attacks are available, so it can measure the effectiveness and minimum requirements of each one. Currently, weplab supports several methods, and it is able to crack the WEP key from 600,000 encrypted packets.

Changes: Windows port.
tags | tool, wireless
SHA-256 | 0420ae604811de6366b3e302813c3ab19671b3a4910217e2dfe9544fd59c6b69
Posted Jul 21, 2005
Authored by Mark Pilgrim

Greasemonkey Firefox extension arbitrary file disclosure exploit.

tags | exploit, arbitrary
SHA-256 | 6e3a1a94c9a12d069c5c0fbaaaeb6dfde3f2af79e0d9e5b4d3e2d72525c35015
Posted Jul 21, 2005
Authored by Mark Seaborn | Site cs.jhu.edu

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

Changes: Implemented the use of fchdir().
tags | tool, shell, kernel
systems | linux, unix
SHA-256 | 093649215ccc30a106eff56de86fb5af56abe41da0caa6764cc4f0ada4fae80d
Beltane Web-Based Management For Samhain
Posted Jul 21, 2005
Site la-samhna.de

Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.

Changes: Various bug fixes.
tags | tool, web, intrusion detection
systems | unix
SHA-256 | 4864570c20eb7c652c11da1bb06d2866cafa830449d11a1ec5d89b8b2fd8bcaa
Posted Jul 21, 2005
Authored by Thierry Fournier | Site perso.numericable.fr

arpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.

Changes: Added the man page.
tags | local
systems | unix
SHA-256 | 85f68830d30e27cbdd69eb2279a9825aac020830b7de5e3524c00948f8178daa
Posted Jul 21, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:17.devfs - Due to insufficient parameter checking of the node type during device creation, any user can expose hidden device nodes on devfs mounted file systems within their jail. Device nodes will be created in the jail with their normal default access permissions.

tags | advisory
systems | freebsd
advisories | CVE-2005-2218
SHA-256 | e1c7cadcfc9a5b70208783e95f2c0e0102c8c0c89d38162917beeb93216b369c
Debian Linux Security Advisory 763-1
Posted Jul 21, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 763-1 - Markus Oberhumer discovered a flaw in the way zlib, a library used for file compression and decompression, handles invalid input. This flaw can cause programs which use zlib to crash when opening an invalid file.

tags | advisory
systems | linux, debian
advisories | CVE-2005-1849
SHA-256 | a27a54950193671066e8e58e185d1af8aa532745949f17af9eca68212b3dc189
Posted Jul 21, 2005
Authored by tracewar

Simple replacement binaries for netstat, ls, and ps that enable an attacker or administrator to hide specific strings.

tags | tool, rootkit
systems | unix
SHA-256 | 60b4569d41899121ba50b99fc410a2bd24142d5f2c7bf9931f2512e999cf5ae0
Posted Jul 21, 2005
Site phpbb.com

phpBB 2.0.17 has been released to fix some cross site scripting flaws in earlier versions.

tags | advisory, xss
SHA-256 | 3c919db6e03305ded631e8a8dfac067a5f66b3db8521b773e6f8fa08b4541346
Posted Jul 21, 2005
Authored by c0ntex

Cool whitepaper discussing the return into libc attacks used to bypass non-executable stacks.

tags | paper
SHA-256 | 1ba3c2707f91d623e72b2c5a1148eab35db801819661c3567ab2521765535e5f
Posted Jul 21, 2005
Authored by Petko Petkov

Misuse of services like Google's WMLProxy and IYHY allow for proxied/anonymous attacks against web sites.

tags | advisory, web
SHA-256 | c520e4f371db2afdd4444776ffdf953c2721adc1507e695f201b5cb6b86b2db6
Posted Jul 21, 2005
Authored by Sowhat | Site secway.org

A vulnerability in PeanutHull versions 3.0 Beta 5 and below allows for local escalation to SYSTEM privileges.

tags | exploit, local
SHA-256 | e386d26672ec959f3aae1a8ff760d9fb2cce069ebf985167f901becbb46f3893
Gentoo Linux Security Advisory 200507-18
Posted Jul 21, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200507-18 - MediaWiki fails to escape a parameter in the page move template correctly. Versions less than 1.4.7 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 20fa3d166c6f6eecd10de38c0d4d31ef451282fd4a3e5f1ba60c0dc59f93ef92
Posted Jul 21, 2005
Site ghc.ru

PHPNews 1.2.5 is susceptible to SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 1158ee071f079e4bf13a9537c73ff65066db777d4b8bdad47648b2e244dac61b
Posted Jul 21, 2005
Authored by tgo

PHP Surveyor version 0.98 stable is vulnerable to multiple SQL injection, cross site scripting, and path disclosure flaws.

tags | advisory, php, xss, sql injection
SHA-256 | cb8271abdb655fdec5823f0f81bacfa9adb4bae8c2f371f81aca744b88241536
Posted Jul 21, 2005
Authored by Jeff Fay | Site patchadvisor.com

The Cisco Call Manager versions 3.2 and below may restart when more than 1 gigabyte of memory is used. Sending specially crafted packets to the CCM will cause the CCM to use more than 1 gigabyte of virtual memory.

tags | advisory
systems | cisco
SHA-256 | a73577718b6c44a7e301e85575188a29e2d59b9366f6093c8b2ffcfac3022c66
Posted Jul 21, 2005
Authored by r_i_t_b_15

A SQL injection vulnerability exists in a Chinese ASP webcounter.

tags | exploit, sql injection, asp
SHA-256 | db7e634e2ae892bb30d9ca134e5c03c7306b58ce541dd373f15f9de52b74fa17
Secunia Security Advisory 16123
Posted Jul 21, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - thegreatone has discovered some vulnerabilities in PHP Surveyor, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, php, vulnerability, sql injection
SHA-256 | f1cf5ebb779803ee5f943120c7c9e146351cd55cca4396fd044cf825bbed1e3f
Secunia Security Advisory 16125
Posted Jul 21, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - F5 Networks has acknowledged some vulnerabilities in BIG-IP and 3-DNS, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 1094ad92a97fdc0e9f22ee1656e8d0ce432d693213412dd582307271dd724207
Page 1 of 2

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By