what you don't know can hurt you
Showing 1 - 25 of 40 RSS Feed

Files Date: 2005-09-08

class1.html
Posted Sep 8, 2005
Authored by rgod | Site retrogod.altervista.org

Class-1 Forum version 0.24.4 SQL injection and remote code execution proof of concept exploit.

tags | exploit, remote, code execution, sql injection, proof of concept
MD5 | f905604086859d4e72ea47fb9568dbaa
pblang465.php.txt
Posted Sep 8, 2005
Authored by Pengo | Site rst.void.ru

PBLang 4.65 and below remote command execution exploit. Written in PHP.

tags | exploit, remote, php
MD5 | 71ccc7f98383698fd3bb92a718f29fce
adv6.pdf
Posted Sep 8, 2005
Authored by Ilja van Sprundel | Site suresec.org

Suresec Security Advisory - A lockfile handling error was found in kcheckpass which can, in certain configurations, be used to create world writable files. kdebase versions 3.2.0 through 3.4.2 are susceptible.

tags | advisory
advisories | CVE-2005-2494
MD5 | 7d74c170c8c2e344e46a1f82970e2ea3
Cisco Security Advisory 20050907-auth_proxy
Posted Sep 8, 2005
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory: Cisco IOS Software is vulnerable to a Denial of Service (DoS) and potentially an arbitrary code execution attack when processing the user authentication credentials from an Authentication Proxy Telnet/FTP session. To exploit this vulnerability an attacker must first complete a TCP connection to the IOS device running affected software and receive an auth-proxy authentication prompt.

tags | advisory, denial of service, arbitrary, tcp, code execution
systems | cisco
MD5 | ac0529743730805e044120d007a62ab1
stylemotion.txt
Posted Sep 8, 2005
Authored by Robin 'onkel_fisch' Verton | Site it-security23.net

Stylemotion WEB//NEWS 1.4 is susceptible to SQL injection attacks.

tags | exploit, web, sql injection
MD5 | 481c54926e3c6d506cd38053c7db8890
roadRunner.txt
Posted Sep 8, 2005
Authored by gp32boy

It appears that the Road Runner ADSL modem allows for unauthenticated logins on TCP port 244 using telnet.

tags | advisory, tcp
MD5 | 1cac87316feaceaa6caa2332925f34d8
mimedefang-2.53.tar.gz
Posted Sep 8, 2005
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: The main changes in this release are a workaround for bugs in SpamAssassin 3.1RC1 which could cause SIGCHLD to be blocked (making it impossible to use the embedded Perl mode), and a workaround for lack of deflate64 support in zlib (which could cause clamdscan to fail and tempfail mail).
systems | windows, unix
MD5 | 19074962a8d624d83339ec43a45faa34
issue_19_2005.pdf
Posted Sep 8, 2005
Authored by astalavista | Site astalavista.com

Astalavista Security Newsletter - Issue 19 - Featured articles include - Security Researchers and you organizaton caught in between?, Today's security trends and practical tips for your security - Part 1 as well as an interview with Eric Goldman EricGoldman.org.

MD5 | 53b9cd4734e36d4a0329ba899631cb7f
issue_18_2005.pdf
Posted Sep 8, 2005
Authored by astalavista | Site astalavista.com

Astalavista Security Newsletter - Issue 18 - Featured articles include - Insiders at the workplace - trends and practical risk mitigation approaches, Spam - proactive protection tips and an interview with John Young from Cryptome.org.

MD5 | c3e1c10506463ef52eab7ef6c678ccec
issue_17_2005.pdf
Posted Sep 8, 2005
Authored by astalavista | Site astalavista.com

Astalavista Security Newsletter Issue 17 - Featured articles include - DNS Security and the introduction of DNSSEC Part 2 ; Mobile phones' bluetooth attacks and how to protect yourself, and an interview with Roman Polesek from Hakin9.org.

MD5 | cbacb9336235e3e01d8c40b80c0865ac
MyBBPR2.txt
Posted Sep 8, 2005
Authored by Devil-00

SQL injection exploit for MyBB PR2

tags | exploit, sql injection
MD5 | cd9f735b64bb72ddccd074a3c0ff4aa2
Debian Linux Security Advisory 802-1
Posted Sep 8, 2005
Authored by Debian | Site debian.org

Debian Security Advisory DSA 802-1 - Marcus Meissner discovered that the cvsbug program from CVS, which serves the popular Concurrent Versions System, uses temporary files in an insecure fashion.

tags | advisory
systems | linux, debian
MD5 | 0ee0a688851c56c465f57fa479d96e26
myBloggie-2.1.3.txt
Posted Sep 8, 2005
Authored by OS2A

myBloggie versions 2.1.3-beta and prior suffer from SQL injections and privilege escalation vulnerabilities.

tags | advisory, vulnerability, sql injection
MD5 | f879c4de1e07cafa7e27e71ee30edc05
Mandriva Linux Security Advisory 2005.160
Posted Sep 8, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Update Advisory - Ilja van Sprundel from suresec.org notified the KDE security team about a serious lock file handling error in kcheckpass that can, in some configurations, be used to gain root access. In order for an exploit to succeed, the directory /var/lock has to be writeable for a user that is allowed to invoke kcheckpass.

tags | advisory, root
systems | linux, mandriva
MD5 | 12e8cbd9e133bc0dbc8499955e05f86c
Mandriva Linux Security Advisory 2005.159
Posted Sep 8, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Update Advisory - Ben Burton notified the KDE security team about several tempfile handling related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. This vulnerability was initially discovered by Javier Fern

tags | advisory, local, vulnerability
systems | linux, mandriva
MD5 | 08272e1693aa0fd6137acf26f5482857
Ubuntu Security Notice 177-1
Posted Sep 8, 2005
Authored by Ubuntu, Martin Pitt | Site security.ubuntu.com

Ubuntu Security Notice USN-177-1 - apache2, libapache-mod-ssl vulnerabilities - Apache did not honour the "SSLVerifyClient require" directive within a block if the surrounding block contained a directive "SSLVerifyClient optional". This allowed clients to bypass client certificate validation on servers with the above configuration. Also, Filip Sneppe discovered a Denial of Service vulnerability in the byte range filter handler. By requesting certain large byte ranges, a remote attacker could cause memory exhaustion in the server.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2005-2700, CVE-2005-2728
MD5 | cdae9ab2594c57b38216ec6933a2ac3c
Ubuntu Security Notice 176-1
Posted Sep 8, 2005
Authored by Ubuntu, Martin Pitt | Site security.ubuntu.com

Ubuntu Security Notice USN-176-1 - Ilja van Sprundel discovered a flaw in the lock file handling of kcheckpass. A local attacker could exploit this to execute arbitrary code with root privileges.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2005-2494
MD5 | a8cfbdcd299f3cacffbfde1eb3710acc
Ubuntu Security Notice 160-2
Posted Sep 8, 2005
Authored by Ubuntu, Martin Pitt | Site security.ubuntu.com

Ubuntu Security Notice USN-160-2 - USN-160-1 fixed two vulnerabilities in the Apache 2 server. The old Apache 1 server was also vulnerable to one of the vulnerabilities (CVE-2005-2088). Please note that Apache 1 is not officially supported in Ubuntu (it is in the "universe" component of the archive).

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2005-2088
MD5 | dfb5079ad569d744802d06bba6e27464
FreeBSD-SA-05-20.cvsbug.txt
Posted Sep 8, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05-20.cvsbug - A temporary file is created, used, deleted, and then re-created with the same name. This creates a window during which an attacker could replace the file with a link to another file.

systems | freebsd
advisories | CVE-2005-2693
MD5 | 144795693624779ec7d30b825746ea02
Gentoo Linux Security Advisory 200509-6
Posted Sep 8, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200509-06 - Certain malformed requests result in a segmentation fault in the sslConnectTimeout function, handling of other certain requests trigger assertion failures. Versions less than 2.5.10-r2 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 101a877261610956df19b3486f2bdc6d
Mandriva Linux Security Advisory 2005.158
Posted Sep 8, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Update Advisory - buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via a video file with an audio header containing a large value in a strf chunk.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
MD5 | 78feb268478738b1afcde03ed2cafbf6
Mandriva Linux Security Advisory 2005.157
Posted Sep 8, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Update Advisory - A severe security issue has been discovered in Smb4K. By linking a simple text file FILE to /tmp/smb4k.tmp or /tmp/sudoers, an attacker could get access to the full contents of the /etc/super.tab or /etc/sudoers file, respectively, because Smb4K didn't check for the existance of these files before writing any contents. When using super, the attack also resulted in /etc/super.tab being a symlink to FILE. Affected are all versions of the 0.4, 0.5, and 0.6 series of Smb4K.

tags | advisory
systems | linux, mandriva
MD5 | b920c6779249671a2f1498a4833a170c
Mandriva Linux Security Advisory 2005.156
Posted Sep 8, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Update Advisory - When starting xntpd with the -u option and specifying the group by using a string not a numeric gid the daemon uses the gid of the user not the group.

tags | advisory
systems | linux, mandriva
MD5 | c8c39a23e9f9362eabf2de74c154daa7
Secunia Security Advisory 16479
Posted Sep 8, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in ALZip, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 37ac498b0ee387481aa1b8163de6137f
Secunia Security Advisory 16708
Posted Sep 8, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Nickolay has reported a vulnerability in Squid, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 7105a203b315676a38884023e0b941b0
Page 1 of 2
Back12Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    5 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close