exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 33 RSS Feed

Files Date: 2005-10-30

Ubuntu Security Notice 151-3
Posted Oct 31, 2005
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-151-3 - USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could be exploited to cause Denial of Service attacks or even arbitrary code execution with malicious data streams. Since aide is statically linked against the zlib library, it is also affected by these issues.

tags | advisory, denial of service, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2005-1849, CVE-2005-2096
SHA-256 | e648bcae15214f4071931ab9828a2a130291bfc0ecfc2a39cc9d2a7b39d43c78
SCOSA-2005.43.txt
Posted Oct 30, 2005
Authored by SCO | Site sco.com

SCO Security Advisory - When the RPC portmapper (rpcbind) receives an invalid portmap request from a remote (or local) host, it falls into a denial of service state and cannot respond. As a result, the RPC services will not operate normally.

tags | advisory, remote, denial of service, local
advisories | CVE-2005-2132
SHA-256 | 7b965753d3a7e4c763df94035fce455dd73a441c5f5b3e89c806b700e160b3aa
iDEFENSE Security Advisory 2005-10-28.t
Posted Oct 30, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 10.28.05 - Remote exploitation of a stack overflow vulnerability in chmlib as included in various Linux distributions allows attackers to execute arbitrary code. The vulnerability specifically exists due to an unchecked memory copy while processing a CHM file. iDefense has confirmed the existence of this vulnerability in chmlib 0.35. It is suspected that all versions of chmlib are vulnerable.

tags | advisory, remote, overflow, arbitrary
systems | linux
advisories | CVE-2005-2930
SHA-256 | ee23933cc3bb210a5faf6c8bbce7befe90f8cf66107a4479fd2909a768c974cf
Ubuntu Security Notice 212-1
Posted Oct 30, 2005
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-212-1 - Steve Kemp discovered two format string vulnerabilities in the logging handler of the Gnome database access library. Depending on the application that uses the library, this could have been exploited to execute arbitrary code with the permission of the user running the application.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2005-2958
SHA-256 | c09669fc02969cd84e0da17bf15e8f81c918154c5c8422161c0a46dd25b2144e
swisscom-XSS.txt
Posted Oct 30, 2005
Authored by deepquest

Swisscom EuroSpot wireless service suffers from multiple cross site scripting vulnerabilities. Details provided.

tags | exploit, vulnerability, xss
SHA-256 | 12ac9a5eaae2ce4ca5f76f2b9eed2d4b8311c75ab8487c21f985d6cf1d5e64ff
Debian Linux Security Advisory 878-1
Posted Oct 30, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 878-1 - A buffer overflow has been identified in the pnmtopng component of the netpbm package, a set of graphics conversion tools. This vulnerability could allow an attacker to execute arbitrary code as a local user by providing a specially crafted PNM file.

tags | advisory, overflow, arbitrary, local
systems | linux, debian
advisories | CVE-2005-2978
SHA-256 | 78bdccaeee505cfe9ac443b08c9f1251e2beb5e2d080e00f6784e5becfe5ff7e
ethereal_slimp3_bof.py.txt
Posted Oct 30, 2005
Authored by Sowhat | Site secway.org

Ethereal SLIMP3 protocol dissector remote buffer overflow proof of concept exploit that crashes the program. Tested with Ethereal 0.10.12, WinPcap 3.1 beta4, WinXP SP2.

tags | exploit, remote, overflow, protocol, proof of concept
systems | windows
SHA-256 | 4040c8f6a0687370d485ce7020c65239db8950551fc47099f8dc2c15e9977dfb
VERITAS-OSX.pl.txt
Posted Oct 30, 2005
Authored by John H. | Site digitalmunition.com

VERITAS Netbackup remote format string exploit for Mac OS-X.

tags | exploit, remote
systems | apple, osx
SHA-256 | 40b19b405339547ac14c58e1de679ac1b08b64282cb47cc79e27e76f6c37eef0
VERITAS-Win32.pl.txt
Posted Oct 30, 2005
Authored by John H. | Site digitalmunition.com

VERITAS Netbackup remote format string exploit for Win32.

tags | exploit, remote
systems | windows
SHA-256 | e2096b1eb9ba99343b4455d73ecb4e8d9884c541e9cf863e8877ae37da43c17b
VERITAS-Linux.pl.txt
Posted Oct 30, 2005
Authored by John H. | Site digitalmunition.com

VERITAS Netbackup remote format string exploit for Linux.

tags | exploit, remote
systems | linux
SHA-256 | 5ffffc3997e8bb1ec7434b97c95d74bb2103cc01e15991b4779df4cabaf30ce5
SP Research Labs Advisory 20
Posted Oct 30, 2005
Authored by SP Research Labs | Site security-protocols.com

A denial of service vulnerability exists within Internet Explorer 6.0 on XP SP2 with the J2SE Runtime Environment installed. Successful exploitation causes the browser to not respond. The flaw resides in mshtmled.dll.

tags | advisory, denial of service
SHA-256 | c5acb9fc228858f7d61a35f25badf37ddaf0c280921bdbde589de85ffb69067e
win-useradd.c
Posted Oct 30, 2005
Authored by Darkeagle | Site exploiterz.org

318 byte useradd shellcode for Russian Windows NT/2k/XP variants.

tags | shellcode
systems | windows
SHA-256 | 10017e3f15e72558b80c3010dd58d45700aa807ddf899b075926f63b8f3ebad0
mirabilis.c
Posted Oct 30, 2005
Authored by ATmaCA | Site atmacasoft.com

Mirabilis ICQ 2003a buffer overflow download shellcoded exploit. Affected versions: Mirabilis ICQ Pro versions 2003a and below.

tags | exploit, overflow, shellcode
SHA-256 | 01676ac1acef6ab5d516ee90542dec43fea9c4accbc3df9c2c03d2a059fe0351
ong_bak-0.9.c
Posted Oct 30, 2005
Authored by qobaiashi

Updated and improved version of the local root exploit for the Linux kernel code that has the Bluetooth related flaw.

tags | exploit, kernel, local, root
systems | linux
SHA-256 | 41cf67b44ead5be4a7bf304315be0c442ff77ad14a01b9d00c0f87d107b198e5
Gentoo Linux Security Advisory 200510-24
Posted Oct 30, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200510-24 - Mantis is affected by multiple vulnerabilities ranging from information disclosure to arbitrary script execution. Versions less than 0.19.3 are affected.

tags | advisory, arbitrary, vulnerability, info disclosure
systems | linux, gentoo
SHA-256 | 19c3a876d924b808c5dde8507af88c2240a1311908ddd4e82172a57a9f9b89a8
Gentoo Linux Security Advisory 200510-23
Posted Oct 30, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200510-23 - Due to improper input validation, TikiWiki can be exploited to perform cross-site scripting attacks. Versions less than 1.9.1.1 are affected.

tags | advisory, xss
systems | linux, gentoo
SHA-256 | ae25ab42edccb8f81e7e80784ca4d189a28f4f5548c73215ddc3f56de0af8d4e
Gentoo Linux Security Advisory 200510-22
Posted Oct 30, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200510-22 - The SELinux patches for PAM introduce a vulnerability allowing a password to be checked with the unix_chkpwd utility without delay or logging. This vulnerability doesn't affect users who do not run SELinux. Versions less than 0.78-r3 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 7c7e5d46bf6fd6f71f5337abf9fc116b600f7355c35a74788774b636404011b3
bt-hijack.txt
Posted Oct 30, 2005
Authored by Betty Duz

British Telecom (BT) operates an automated fault detection and reporting system that allows anyone to test any line. If the line is found to be faulty the caller is given an option to divert all incoming calls for that line to another number, including mobile phones. No authentication is required and the owner of the line will be oblivious to the fact that her calls are being hijacked.

tags | advisory
SHA-256 | ccb6e976c84994b8246b1691d17c53db361f5ac8ccbf6fca3af7aa4a0d4a5797
Debian Linux Security Advisory 877-1
Posted Oct 30, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 877-1 - Steve Kemp discovered two vulnerabilities in gnump3d, a streaming server for MP3 and OGG files. The 404 error page does not strip malicious javascript content from the resulting page, which would be executed in the victims browser. By using specially crafting URLs it is possible to read arbitrary files to which the user of the streaming server has access to.

tags | advisory, arbitrary, javascript, vulnerability
systems | linux, debian
advisories | CVE-2005-3122, CVE-2005-3123
SHA-256 | 98fa603efd7958547815f57ece2488d3f36345e45de9af44f1bbef83d27dac4f
Rockliffe.txt
Posted Oct 30, 2005
Authored by Paul Craig | Site security-assessment.com

During an audit of a client, Security-Assessment.com discovered multiple critical vulnerabilities within the RockLiffe MailSite Express WebMail software. The vulnerabilities include the retrieval of arbitrary files from the web server, and bypassing attachment validation routines allowing for remote code execution. Exploitation details included. All versions of RockLiffe MailSite Express WebMail prior to version 6.1.22 are affected.

tags | exploit, remote, web, arbitrary, vulnerability, code execution
SHA-256 | 620b1bc3c58fa84fa86dd64e75b2c243efc3431f8bb6eb7c5bd361422269be97
XH-Hasbani-HTTPD-DoS.c
Posted Oct 30, 2005
Authored by Expanders | Site x0n3-h4ck.org

Exploit for a remote denial of service flaw for HTTP GET in Hasbani-WindWeb version 2.0.

tags | exploit, remote, web, denial of service
SHA-256 | e7ea5226541a9e30177def6562f8d6efcb06aad03e47001f1f145555549dc8b9
Mandriva Linux Security Advisory 2005.201
Posted Oct 30, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Tavis Ormandy discovered that sudo does not perform sufficient environment cleaning; in particular the SHELLOPTS and PS4 variables are still passed to the program running as an alternate user which can result in the execution of arbitrary commands as the alternate user when a bash script is executed.

tags | advisory, arbitrary, bash
systems | linux, mandriva
SHA-256 | 8065af1a69c4eae4f5fc5ee3860e0ca7e4a63e03d474b5e164f6ba0611f7966b
Mandriva Linux Security Advisory 2005.200
Posted Oct 30, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.

tags | advisory, remote
systems | linux, mandriva
SHA-256 | 6026d986b49e82508b1a992df337232860f4aa9bf4e0f0f430a8de79bb5a2126
MS05-047-DoS.c
Posted Oct 30, 2005
Authored by Winny Thomas

Remote denial of service exploit that makes of a length checking issue in the Microsoft UMPNPMGR PNP_GetDeviceList. This code crashes services.exe.

tags | exploit, remote, denial of service
SHA-256 | 4c414db62f8080df8cfa4b3c934df6fe1b7ac73cf2921817e10cd4373baf9f07
secunia-ATutor.txt
Posted Oct 30, 2005
Authored by Andreas Sandblad | Site secunia.com

Secunia Research has discovered some vulnerabilities in ATutor, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system. The vulnerabilities have been confirmed in version 1.5.1-pl1. Other versions may also be affected.

tags | exploit, vulnerability, xss
SHA-256 | ea4981890b687d4caff07c6b7157202c331ffe371d5cb42efe41a196ad0226d2
Page 1 of 2
Back12Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close