exploit the possibilities
Showing 1 - 25 of 52 RSS Feed

Files Date: 2005-10-06

Secunia Security Advisory 15745
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in Webroot Desktop Firewall, which can be exploited by malicious, local users to gain escalated privileges or bypass certain security restrictions.

tags | advisory, local, vulnerability
MD5 | 320cbcb04aa4e964ba7459997a060984
Secunia Security Advisory 16852
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in various HAURI anti-virus products, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, virus
MD5 | f0826c5084c026af3a8dd4946b645a09
Secunia Security Advisory 17055
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in PHP-Fusion, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, php, vulnerability, sql injection
MD5 | 6ebb64929ae2c881faa1f50aac2e487e
Secunia Security Advisory 17064
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Laszlo Toth has discovered a security issue in Windows XP, which can be exploited by malicious, local users to gain access to certain sensitive information.

tags | advisory, local
systems | windows, xp
MD5 | 61016bae040344c0e9c039cbeb0a2a3c
Secunia Security Advisory 17071
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tom Ferris has discovered a weakness in Firefox, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | e436044bf689861f6b75f6d05aeda20d
Secunia Security Advisory 17074
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in MediaWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 7d6108999208683d6e8b34c2b881dcc6
Secunia Security Advisory 17075
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Hiki, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 71db9872cddc47d36eb7d0c5343d3032
Secunia Security Advisory 17078
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Donnie Werner has reported two vulnerabilities in Tellme, which can be exploited by malicious people to conduct cross-site scripting attacks or disclose certain system information.

tags | advisory, vulnerability, xss
MD5 | cd84a32300a78d972ac1cc5983ee031f
Secunia Security Advisory 17082
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Defa has reported a vulnerability in the Additional Images module for osCommerce, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | ef440dc35fbc45ae7de2707cc8922e01
Secunia Security Advisory 17084
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for mason. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, debian
MD5 | cf70c350e91174516d1b7ca2c260c91b
dietsniff-0.2a.tar.gz
Posted Oct 6, 2005
Authored by Hynek Schlawack | Site ularx.de

dietsniff is a tiny tool for analyzing traffic on a network. It is not intended to replace well-known tools like tcpdump or ethereal. It is intended for the case when a small and especially static sniffer is required. Accordingly, it is also by far not that powerful, and is also bound to Linux as a platform.

Changes: Bug fix release.
tags | tool, sniffer
systems | linux
MD5 | 0421b522fdb94b1aebe6c4ed7c1b1281
prozilla.c
Posted Oct 6, 2005

ProZilla versions 1.3.7.4 and below ftpsearch results handling client-side buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2005-2961
MD5 | 6b624116150454edaad0deae414417dc
Exploit Labs Security Advisory 2005.15
Posted Oct 6, 2005
Authored by Donnie Werner, Exploit Labs | Site exploitlabs.com

TellMe versions 1.2 and below are susceptible to cross site scripting attacks.

tags | exploit, xss
MD5 | 3ddd430c42f0a27aecf330497720b583
secunia-ALZip.txt
Posted Oct 6, 2005
Authored by Tan Chew Keong | Site secunia.com

Secunia Research has discovered a vulnerability in ALZip, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to multiple boundary errors when reading the filename of a compressed file from ALZ, ARJ, ZIP, UUE or XXE archives. This can be exploited to cause a stack-based buffer overflow (ALZ), or a heap-based buffer overflow (ARJ / ZIP / UUE / XXE). Successful exploitation allows execution of arbitrary code when a malicious ALZ / ARJ archive is opened, or when a ZIP / UUE / XXE archive is extracted.

tags | advisory, overflow, arbitrary, xxe
MD5 | e7534c6efd7f15f680682c8bcc049293
sqlinference.pdf
Posted Oct 6, 2005
Authored by David Litchfield | Site ngssoftware.com

Whitepaper entitled 'Data-Mining With SQL Injection and Inference'. Paper is based on a talk given earlier this year at Blackhat Europe. It divides SQL injection data theft attacks into three classes - inband, out-of-band and inference. The first, in-band, uses the existing connection to get data out; the second, out-of-band, uses another channel, e.g. smtp by using builtin database mail functions; and lastly inference.

tags | paper, sql injection
MD5 | ade3fde8e00210cd40b61b8ed4c5837e
xpms.pdf
Posted Oct 6, 2005
Authored by David Litchfield | Site ngssoftware.com

Whitepaper entitled 'Buffer Underruns, DEP, ASLR, and improving the Exploitation Prevention Mechanisms (XPMs) on the Windows platform'.

tags | paper
systems | windows
MD5 | 642dad3c7d155dce88737d22337a035e
Fwknop Port Knocking Utility
Posted Oct 6, 2005
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Various additions and bug fixes.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 9fb3d4d42b2c9a3458be11797dd5993c
Gentoo Linux Security Advisory 200510-4
Posted Oct 6, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200510-04 - Frank Lichtenheld has discovered that the sort_offline() function in texindex insecurely creates temporary files with predictable filenames. Versions less than 4.8-r1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2005-3011
MD5 | b115a5740489ad4af2a95e321741b783
Debian Linux Security Advisory 844-1
Posted Oct 6, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 844-1 - A vulnerability in mod_auth_shadow, an Apache module that lets users perform HTTP authentication against /etc/shadow, has been discovered. The module runs for all locations that use the 'require group' directive which would bypass access restrictions controlled by another authorization mechanism, such as AuthGroupFile file, if the username is listed in the password file and in the gshadow file in the proper group and the supplied password matches against the one in the shadow file.

tags | advisory, web
systems | linux, debian
advisories | CVE-2005-2963
MD5 | 0031d24e914a9116d7f67303c2a2f168
Debian Linux Security Advisory 843-1
Posted Oct 6, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 843-1 - Two vulnerabilities have been discovered in the ARC archive program under Unix. Eric Romang discovered that the ARC archive program under Unix creates a temporary file with insecure permissions which may lead to an attacker stealing sensitive information. Joey Schulze discovered that the temporary file was created in an insecure fashion as well, leaving it open to a classic symlink attack.

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2005-2945, CVE-2005-2992
MD5 | 8ac5b55a6ff6d73182ba980b666f5772
iDEFENSE Security Advisory 2005-10-04.2
Posted Oct 6, 2005
Authored by iDefense Labs, infamous41md | Site idefense.com

iDEFENSE Security Advisory 10.04.05-2 - Remote exploitation of a buffer overflow vulnerability in Symantec AntiVirus Scan Engine can allow remote attackers to execute arbitrary code. iDEFENSE Labs has confirmed the existence of this vulnerability in Symantec AntiVirus Scan Engine 4.0. The vendor has confirmed that the vulnerability also effects products utilizing Symantec AntiVirus Scan Engine 4.3, however Scan Engine 4.1 is not affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-2758
MD5 | 619f8be297f5c0c20e2c3e9955c8f7c7
iDEFENSE Security Advisory 2005-10-04.1
Posted Oct 6, 2005
Authored by iDefense Labs, infamous41md | Site idefense.com

iDEFENSE Security Advisory 10.04.05-1 - Remote exploitation of a buffer overflow vulnerability in the University of Washington's IMAP Server (UW-IMAP) allows attackers to execute arbitrary code. iDEFENSE has confirmed the existence of this vulnerability in Washington University imap-2004c1.

tags | advisory, remote, overflow, arbitrary, imap
advisories | CVE-2005-2933
MD5 | 7774c812ade10ba8da58723332764043
HP Security Bulletin 2005-10.41
Posted Oct 6, 2005
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Mozilla, where the vulnerability could be exploited to allow a remote, unauthorized user to execute privileged code or to create a Denial of Service (DoS).

tags | advisory, remote, denial of service
systems | hpux
advisories | CVE-2005-2871
MD5 | 44918921734d431e743424ff1f014abe
HP Security Bulletin 2005-10.40
Posted Oct 6, 2005
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with Mozilla versions prior to 1.7.11.00 running on HP-UX, where the vulnerabilities could be exploited to allow a remote, unauthorized user to execute privileged code.

tags | advisory, remote, vulnerability
systems | hpux
MD5 | 088b6fe76f3abc187f48857c13c0736d
SSRT5940.txt
Posted Oct 6, 2005
Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Mozilla, where a heap overflow could be exploited to allow a remote, unauthorized user to execute privileged code.

tags | advisory, remote, overflow
systems | hpux
advisories | CVE-2005-2871, CVE-2005-0399, CVE-2005-0401, CVE-2005-0989, CVE-2004-1316
MD5 | 29445679496ae867836dfd3a39fbb025
Page 1 of 3
Back123Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    15 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close