what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files Date: 2005-08-18

iptgraph-0.1.tar.bz2
Posted Aug 18, 2005
Site unixforge.org

iptgraph is a kernel patch that adds hooks to the netfilter subsystem for the purpose of tracking the statistics of IP packets being processed and iptable rules being triggered. It currently supports Linux kernel 2.6.11.11, 2.6.12, 2.6.12.3, and 2.6.12.4.

tags | tool, kernel, firewall
systems | linux
SHA-256 | 43eb584de08fdb0097db58a1e4fc0f9b3df61ae70857be8d44bf67bc08dab01b
ninja-0.1.0.tar.bz2
Posted Aug 18, 2005
Authored by Tom Rune Flo | Site forkbomb.org

Ninja is a privilege escalation detection and prevention system for GNU/Linux hosts. While running, it will monitor process activity on the local host, and keep track of all processes running as root. If a process is spawned with UID or GID zero (root), ninja will log necessary information about this process, and optionally kill the process if it was spawned by an unauthorized user.

tags | tool, local, root, intrusion detection
systems | linux, unix
SHA-256 | d24a665624c479709b5a91d7303bfba53f43f48945d7908c4bf833a39220f7c8
aircrack-2.23.tgz
Posted Aug 18, 2005
Authored by Christophe Devine

Aircrack is an 802.11 WEP cracking program that can recover a 40-bit or 104-bit WEP key once enough encrypted packets have been gathered. It implements the standard FMS attack along with some optimizations, thus making the attack much faster compared to other WEP cracking tools.

Changes: Various fixes including buffer overflows.
tags | tool, wireless
SHA-256 | ee449f4909fa8f4fed09da045eb24c44a43d30c300fe4664c1f9146b815f17c1
BluezHCIDpwned.txt
Posted Aug 18, 2005
Authored by Kevin Finisterre

Document that outlines an exploitable scenario for hcid using the popen() bug in security.c. This was written in response to a claim that the bluez vulnerability was quite trivial.

tags | paper
SHA-256 | ba3ca0b2cbb2323bf730283ba3e93983b93c16bf657c4a78442e1241f594c2e5
zorum.html
Posted Aug 18, 2005
Authored by rgod | Site retrogod.altervista.org

Zorum 3.5 is susceptible to remote code execution and directory traversal flaws. Exploit included.

tags | exploit, remote, code execution
SHA-256 | 75c3a0e5bdd561aaf7e44e601cd1377ea2e29ba452e42683a4ff48564cc47fdb
chmpokbof.zip
Posted Aug 18, 2005
Authored by Luigi Auriemma | Site aluigi.altervista.org

Proof of concept buffer overflow exploit for Chris Moneymaker's World Poker Championship version 1.0.

tags | exploit, overflow, proof of concept
SHA-256 | e5186c3c15301e48877b9d74d4c8d81d964b0e20e531c2f04717ebf60af15384
chmpokbof.txt
Posted Aug 18, 2005
Authored by Luigi Auriemma | Site aluigi.altervista.org

Chris Moneymaker's World Poker Championship version 1.0 is susceptible to buffer overflow in the creation of the string that states the user's name joining the game.

tags | advisory, overflow
SHA-256 | fc7d506283bb2c39607e2efc7e042d013adfaab98f6c037c75fb967ac09efa34
Technical Cyber Security Alert 2005-229A
Posted Aug 18, 2005
Authored by US-CERT | Site cert.org

Technical Cyber Security Alert TA05-229A - Apple has released Security Update 2005-007 to address multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser, and other products. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Impacts of other vulnerabilities include bypassing security restrictions and denial of service.

tags | advisory, remote, web, denial of service, arbitrary, vulnerability
systems | apple, osx
SHA-256 | 2172d753fb743f6dde9c566d2e0a4c43f1944304734a8f0c8be9e13956e77cc3
emefaGuest.txt
Posted Aug 18, 2005
Authored by SmOk3

Emefa Guestbook 1.2 is reportedly vulnerable to an HTML injection vulnerability due to a lack of properly sanitized user-supplied input.

tags | advisory
SHA-256 | 9902ed2d23dcac2d814fd059bf6ab9d6bc965f2c3aab42d6436fce90009d9ce6
phpfreenews140.txt
Posted Aug 18, 2005
Authored by matrix killer, h4cky0u | Site h4cky0u.org

PHPFreeNews versions 1.40 and below are susceptible to SQL injection and cross site scripting attacks.

tags | exploit, xss, sql injection
SHA-256 | bccc9e9a7dc931ad6edaa966c934728da196b6ce84f1d6e2a6d856eca2891ac5
NOVL-2005-10098073.txt
Posted Aug 18, 2005
Site novell.com

The GroupWise client sometimes caches the user name and password in memory while it is running. A hostile user with administrative access to the machine where a user is logged in may dump memory and find username/password pairs of logged in users. Versions below 7 are affected.

tags | advisory
advisories | CVE-2005-2620
SHA-256 | daccc6c0233f0bedb5d274a00e22cbb85f2201a94c36fb64ed82282708ac3f80
msnPass.txt
Posted Aug 18, 2005
Authored by Gregory R. Panakkal | Site infogreg.com

MSN Messenger password decrypter for Microsoft Windows XP and 2003. Includes the entropy value thrown in from the credui.dll GUID.

systems | windows
SHA-256 | 73d3162712d5b43af42864df4b5146f3dfcd067cb576e0530d1faa70df6ffa24
phpAdsNew205.txt
Posted Aug 18, 2005
Authored by Maksymilian Arciemowicz

phpAdsNew and phpPgAds versions 2.0.5 and below suffer from an arbitrary file inclusion flaw. Detailed exploitation provided.

tags | exploit, arbitrary, file inclusion
SHA-256 | 6833a14c5428a1ab7069a247b24dedc54ba6daa383bffdce736f79ab0ab23c66
Gentoo Linux Security Advisory 200508-9
Posted Aug 18, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200508-09 - The name of a Bluetooth device is improperly validated by the hcid utility when a remote device attempts to pair itself with a computer. Versions less than 2.19 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2005-2547
SHA-256 | 9d8575a59702648b07b2cce8826e4aff6fdb3e7bd6a2b40ba21dda4416ec2d5e
Cisco Security Advisory 20050817-cca
Posted Aug 18, 2005
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory: Cisco Clean Access (CCA) is a software solution that can automatically detect, isolate, and clean infected or vulnerable devices that attempt to access your network. CCA includes as part of the architecture an Application Program Interface (API). Lack of authentication while invoking API methods can allow an attacker to bypass security posture checking, change the assigned role for a user, disconnect users and can also lead to information disclosure on configured users. Versions affected: CCA releases 3.3.0 to 3.3.9, CCA releases 3.4.0 to 3.4.5, CCA releases 3.5.0 to 3.5.3.

tags | advisory, info disclosure
systems | cisco
SHA-256 | 2e0b28b5d5eafeafea32f1160b39960b09b5c19cbdc3be83260e2b0464e09eb2
PHPADSNEW-SA-2005-001.txt
Posted Aug 18, 2005
Authored by Matteo Beccati | Site phpadsnew.com

phpAdsNew and phpPgAds versions 2.0.5 and below suffer from arbitrary command execution, SQL injection, and various other flaws.

tags | advisory, arbitrary, sql injection
SHA-256 | f6f37d6d21bfc6b7554889b68c9f913aaca557b529dc0afcabbdf7cc88811289
wftp168.txt
Posted Aug 18, 2005
Authored by Donato Ferrante | Site autistici.org

WinFTP Server version 1.6.8 suffers from a Unicode buffer overflow.

tags | advisory, overflow
SHA-256 | ab27d046e0f4447dc1ecf476c43ed829dad3671be63c87b0b1920cc65e40a8c5
phptbInject.txt
Posted Aug 18, 2005
Authored by Filip Groszynski

PHPTB versions 2.0 and below suffer from multiple PHP injection flaws.

tags | exploit, php
SHA-256 | 35182f28e0799a54d286a2c618ac46b67f411b5800bf94b1a40f5cd00ae1c347
Debian Linux Security Advisory 777-1
Posted Aug 18, 2005
Authored by Debian | Site debian.org

Debian Security Advisory DSA 777-1 - A vulnerability has been discovered in Mozilla and Mozilla Firefox that allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site. Thunderbird is not affected by this and Galeon will be automatically fixed as it uses Mozilla components.

tags | advisory, remote, arbitrary, javascript
systems | linux, debian
advisories | CVE-2004-0718, CVE-2005-1937
SHA-256 | fe7dd80389549d09099729c84fc045224101401ce5646a8f9b9cdf2fd780fc64
mediabox404.txt
Posted Aug 18, 2005
Authored by Cedric Tissieres | Site objectif-securite.ch

mediabox404 WebRadio and WebTV manager is susceptible to a SQL injection attack that allows for login bypass. Versions 1.2 and below are vulnerable.

tags | exploit, sql injection
SHA-256 | 04669a921c6ceaddd612ede1c6c7d5a931d34d7e36deeca64cf09e1f7d91af7d
Secunia Security Advisory 16454
Posted Aug 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Thor Larholm has reported some vulnerabilities in CPAINT, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a vulnerable system.

tags | advisory, vulnerability, xss
SHA-256 | acafb7052a3fe041ac249354888a09a2bd50cbb3a50edf74bbf3c6f025d3f837
Secunia Security Advisory 16457
Posted Aug 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Steve Scherf has reported a security issue in Linksys WRT54GS, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 0a7ac43485cbb74c6096ad77a4695b550e63e38f3f548ff888c9676231dc955b
Secunia Security Advisory 16459
Posted Aug 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - John Cobb has discovered some vulnerabilities in ECW-Shop, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 100456acce4b47db73f4ba0a7ee6ab52dbb53610400184686d0f6f5b7c73dbeb
Secunia Security Advisory 16464
Posted Aug 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Three vulnerabilities have been reported in Legato NetWorker, which can be exploited by malicious people to cause a DoS (Denial of Service), gain knowledge of sensitive information, or bypass certain security restrictions.

tags | advisory, denial of service, vulnerability
SHA-256 | 1dbe6c3a63c383c904f7f587ad79d056da2df65f5d32d3723dfdda71ff009e6f
Secunia Security Advisory 16467
Posted Aug 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Xerox Document Centre, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability, xss
SHA-256 | db3bb580a4d301689d5ffe9f7ac0363196f1560ea056472ff269667bbd0efcb3
Page 1 of 2
Back12Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close