what you don't know can hurt you
Showing 1 - 25 of 50 RSS Feed

Files Date: 2005-08-24

Gentoo Linux Security Advisory 200508-13
Posted Aug 24, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200508-13 - Stefan Esser of the Hardened-PHP Project discovered that the PEAR XML-RPC and phpxmlrpc libraries were improperly handling XMLRPC requests and responses with malformed nested tags. Versions less than 1.4.0 are affected.

tags | advisory, php
systems | linux, gentoo
advisories | CVE-2005-2498
MD5 | fa9e3a3a4f3f1348182b93e9fe4fdbfd
Debian Linux Security Advisory 783-1
Posted Aug 24, 2005
Authored by Debian | Site debian.org

Debian Security Advisory DSA 783-1 Eric Romang discovered a temporary file vulnerability in a script accompanied with MySQL, a popular database, that allows an attacker to execute arbitrary SQL commands when the server is installed or updated.

tags | advisory, arbitrary
systems | linux, debian
MD5 | 27fa9af88b22e081bb38add3fee79411
ventboom.zip
Posted Aug 24, 2005
Authored by Luigi Auriemma | Site aluigi.altervista.org

Exploit for the Ventrilo 2.3.0 malformed status packet vulnerability.

tags | exploit
MD5 | 229640659ca0f3ef62b355bbbbdc37e9
ventboom.txt
Posted Aug 24, 2005
Authored by Luigi Auriemma | Site aluigi.altervista.org

It is possible to crash Ventrilo 2.3.0 by sending a malformed status packet.

tags | advisory
MD5 | cd5b0284602379c6d91ed0d331157c1b
solaris_lpd_unlink.pm.txt
Posted Aug 24, 2005
Authored by H D Moore, Optyx

This Metasploit module uses a vulnerability in the Solaris line printer daemon to delete arbitrary files on an affected system. This can be used to exploit the rpc.walld format string flaw, the missing krb5.conf authentication bypass, or simple delete system files. Tested on Solaris 2.6, 7, 8, 9, and 10.

tags | exploit, arbitrary
systems | solaris
MD5 | c354cbe8ad5502700d7c12a89411d670
Secunia Security Advisory 16531
Posted Aug 24, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Phuket has discovered some vulnerabilities in PHPKit, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 08c6a021b6daac4ac7f683e5d22f5a48
Secunia Security Advisory 16543
Posted Aug 24, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libpcre3. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, ubuntu
MD5 | cbddfe05533346c4a23fc35dd7600cf9
Secunia Security Advisory 16554
Posted Aug 24, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for elm. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, redhat
MD5 | 85d43602a6c3fd3717235f814d2c1b22
Ubuntu Security Notice 173-1
Posted Aug 24, 2005
Authored by Ubuntu, Martin Pitt | Site security.ubuntu.com

A buffer overflow has been discovered in the PCRE, a widely used library that provides Perl compatible regular expressions. Specially crafted regular expressions triggered a buffer overflow. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the application using the library.

tags | advisory, overflow, arbitrary, perl
MD5 | a1eb0b17ba6ac46ae3a47fc76a39e9b4
Gentoo Linux Security Advisory 200508-12
Posted Aug 24, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200508-12 - Ulf Harnhammar discovered that Evolution is vulnerable to format string bugs when viewing attached vCards and when displaying contact information from remote LDAP servers or task list data from remote servers (CVE-2005-2549). He also discovered that Evolution fails to handle special calendar entries if the user switches to the Calendars tab (CVE-2005-2550). Versions less than 2.2.3-r3 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2005-2549, CVE-2005-2550
MD5 | 9e2b5c8ce4a86128d7e1a9d6040f3cba
Ubuntu Security Notice 172-1
Posted Aug 24, 2005
Authored by Ubuntu, Martin Pitt | Site security.ubuntu.com

Javier Fernandez-Sanguino Pena noticed that the pwmconfig script created temporary files in an insecure manner. This could allow a symlink attack to create or overwrite arbitrary files with full root privileges since pwmconfig is usually executed by root.

tags | advisory, arbitrary, root
MD5 | 6341123d87c0a54dbede7210441363c9
ZipTorrent1.3.7.3.txt
Posted Aug 24, 2005
Authored by Kozan | Site spyinstructors.com

ZipTorrent stores proxy server information and password in X:\\[Program_Files_Path]\[ZipTorrent_Path]\pref.txt in plain text. A local user can read passwords and others.

tags | exploit, local
MD5 | 7d908a1cd5539c732f0a038b55e21f92
IMRadio-4.0-expl.txt
Posted Aug 24, 2005
Authored by Kozan | Site spyinstructors.com

Mercora IMRadio 4.0.0.0 stores username and passwords in the Windows Registry in plain text. A local user can read the values.

tags | exploit, local, registry
systems | windows
MD5 | 649b6ad97a5ee8a49551e8e28ad2b8b4
oracle_checkpwd.zip
Posted Aug 24, 2005
Authored by Alexander Kornbrust | Site red-database-security.com

A dictionary based Oracle password checker. This is a useful and fast (150.000 pw/sec) tool for DBAs to identify Oracle accounts with weak or default passwords.

tags | cracker
MD5 | b7de2b9f8cd1311552f23276d5156f26
logcheck_1.2.41.tar.gz
Posted Aug 24, 2005
Authored by Todd Troxell | Site logcheck.org

Logcheck parses system logs and generates email reports based on anomalies. Anomalies can be defined by users with 'violations' files. It differentiates between 'Active System Attacks', 'Security Violations', and 'Unusual Activity', and is smart enough to remember where in the log it stopped processing to improve efficiency. It can also warn when log files shrink, and does not report errors when they are rotated.

Changes: Various updates. See changelog.
tags | tool, intrusion detection
systems | unix
MD5 | 1a946e45f82a0dc98838c896510dfca9
WepDecrypt-0.7.tar.gz
Posted Aug 24, 2005
Authored by icemanf | Site wepdecrypt.sourceforge.net

Wepdecrypt is a wireless LAN tool based on wepattack that guesses WEP keys using an active dictionary attack, a key generator, a distributed network attack, and some other methods.

Changes: Added a gui, some support, and some minor fixes. Documentation also added.
tags | tool, wireless
MD5 | 72576cec9af9486bf64124b7aaa79f31
AntiExploit-1.3b6.tar.gz
Posted Aug 24, 2005
Authored by Enrico Kern | Site hzeroseven.org

AntiExploit is an exploit scanner to detect local intruders. It scans for over 3900 suspicious files, has daily database updates, and will act if a file is accessed. It uses the dazuko kernel module, which is also used by clamAV, Amavis, and other virus scanners.

Changes: Various bug fixes and feature improvements.
tags | kernel, local, virus
systems | unix
MD5 | 514fb2703a69df699ff342fc469c8c8f
sysmask-1.02.tgz
Posted Aug 24, 2005
Authored by XIAO Gang | Site wims.unice.fr

Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.

tags | worm, arbitrary
systems | linux
MD5 | b4c9d16ad0aa5ead3e5bb1e4ff383db3
Debian Linux Security Advisory 782-1
Posted Aug 24, 2005
Authored by Debian | Site debian.org

Debian Security Advisory DSA 782-1 - Due to missing input sanitization in the bluez-utils package, it is possible for an attacker to execute arbitrary commands supplied as the device name from the remote device.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2005-2547
MD5 | 573b4462916bf822e9a6f262e207e4c7
DMA-2005-0818a.txt
Posted Aug 24, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

dsidentity on Apple OS X 10.4 allows any user on the system to add accounts to Directory Services.

tags | advisory
systems | apple, osx
advisories | CVE-2005-2508
MD5 | 2d7b7f12c34ff0ef4eff0fcef016015e
CA Security Advisory 32919
Posted Aug 24, 2005
Authored by Ken Williams, Computer Associates | Site ca.com

During a recent internal audit, CA discovered several vulnerability issues in the CA Message Queuing (CAM / CAFT) software. CA has made patches available for all affected users. These vulnerabilities affect all versions of the CA Message Queuing software prior to v1.07 Build 220_13 and v1.11 Build 29_13 on the platforms specified below.

tags | advisory, vulnerability
MD5 | 027c910f26a43332192ba8b9bccbded4
phpkit161.txt
Posted Aug 24, 2005
Authored by phuket

PHPKit 1.6.1 suffers from various SQL and PHP injection attacks.

tags | exploit, php
MD5 | 1e06c82655f6a9df83e573597bc58690
Cisco Security Advisory 20050824-ips
Posted Aug 24, 2005
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory: Cisco Intrusion Prevention Systems (IPS) are a family of network security devices that provide network based threat prevention services. A user with OPERATOR or VIEWER access privileges may be able to exploit a vulnerability in the command line processing (CLI) logic to gain full administrative control of the IPS device. Vulnerable Products: Cisco Intrusion Prevention System version 5.0(1) and 5.0(2).

tags | advisory
systems | cisco
MD5 | 420df6ce12bca597bc5aaf3f22c49996
Cisco Security Advisory 20050824-idsmc
Posted Aug 24, 2005
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory: A malicious attacker may be able to spoof a Cisco Intrusion Detection Sensor (IDS), or Cisco Intrusion Prevention System (IPS) by exploiting a vulnerability in the SSL certificate checking functionality in IDSMC and Secmon. Vulnerable Products: IDSMC version 2.0 and version 2.1. CiscoWorks Monitoring Center for Security (Security Monitor or Secmon) version 1.1 through version 2.0 and version 2.1.

tags | advisory, spoof
systems | cisco
MD5 | 26f60137f998c39f480b6a175f5ba71a
postnukeAgain.txt
Posted Aug 24, 2005
Authored by Maksymilian Arciemowicz | Site securityreason.com

PostNuke 0.760 suffers from cross site scripting and SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
MD5 | e6dbb3a4e72927086bb0f4460afef0fb
Page 1 of 2
Back12Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    16 Files
  • 18
    Sep 18th
    8 Files
  • 19
    Sep 19th
    14 Files
  • 20
    Sep 20th
    20 Files
  • 21
    Sep 21st
    3 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close