Exploit the possiblities
Showing 1 - 25 of 748 RSS Feed

Files Date: 2005-10-01 to 2005-10-31

Ubuntu Security Notice 151-3
Posted Oct 31, 2005
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-151-3 - USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could be exploited to cause Denial of Service attacks or even arbitrary code execution with malicious data streams. Since aide is statically linked against the zlib library, it is also affected by these issues.

tags | advisory, denial of service, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2005-1849, CVE-2005-2096
MD5 | a407bb38c155967871980fb267291719
SCOSA-2005.43.txt
Posted Oct 30, 2005
Authored by SCO | Site sco.com

SCO Security Advisory - When the RPC portmapper (rpcbind) receives an invalid portmap request from a remote (or local) host, it falls into a denial of service state and cannot respond. As a result, the RPC services will not operate normally.

tags | advisory, remote, denial of service, local
advisories | CVE-2005-2132
MD5 | a5e921749d8c7cf467e6365c7f3511e4
iDEFENSE Security Advisory 2005-10-28.t
Posted Oct 30, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 10.28.05 - Remote exploitation of a stack overflow vulnerability in chmlib as included in various Linux distributions allows attackers to execute arbitrary code. The vulnerability specifically exists due to an unchecked memory copy while processing a CHM file. iDefense has confirmed the existence of this vulnerability in chmlib 0.35. It is suspected that all versions of chmlib are vulnerable.

tags | advisory, remote, overflow, arbitrary
systems | linux
advisories | CVE-2005-2930
MD5 | a94e8da2d13edb5589294da5a0b96773
Ubuntu Security Notice 212-1
Posted Oct 30, 2005
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-212-1 - Steve Kemp discovered two format string vulnerabilities in the logging handler of the Gnome database access library. Depending on the application that uses the library, this could have been exploited to execute arbitrary code with the permission of the user running the application.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2005-2958
MD5 | b97d5deb4fa1fd5692e5d87d0eff9968
swisscom-XSS.txt
Posted Oct 30, 2005
Authored by deepquest

Swisscom EuroSpot wireless service suffers from multiple cross site scripting vulnerabilities. Details provided.

tags | exploit, vulnerability, xss
MD5 | 9741d277e2403db9c5b6f2c1ee4ff94b
Debian Linux Security Advisory 878-1
Posted Oct 30, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 878-1 - A buffer overflow has been identified in the pnmtopng component of the netpbm package, a set of graphics conversion tools. This vulnerability could allow an attacker to execute arbitrary code as a local user by providing a specially crafted PNM file.

tags | advisory, overflow, arbitrary, local
systems | linux, debian
advisories | CVE-2005-2978
MD5 | c443646bceb386d23deea64689eeecbe
ethereal_slimp3_bof.py.txt
Posted Oct 30, 2005
Authored by Sowhat | Site secway.org

Ethereal SLIMP3 protocol dissector remote buffer overflow proof of concept exploit that crashes the program. Tested with Ethereal 0.10.12, WinPcap 3.1 beta4, WinXP SP2.

tags | exploit, remote, overflow, protocol, proof of concept
systems | windows
MD5 | 8079fdf507021e269a350b1e0f4f8dd2
VERITAS-OSX.pl.txt
Posted Oct 30, 2005
Authored by John H. | Site digitalmunition.com

VERITAS Netbackup remote format string exploit for Mac OS-X.

tags | exploit, remote
systems | apple, osx
MD5 | a99cc0cea55e300e8b4870f2a1456aa5
VERITAS-Win32.pl.txt
Posted Oct 30, 2005
Authored by John H. | Site digitalmunition.com

VERITAS Netbackup remote format string exploit for Win32.

tags | exploit, remote
systems | windows
MD5 | 11ed9502250aaf16e593f90f9b662354
VERITAS-Linux.pl.txt
Posted Oct 30, 2005
Authored by John H. | Site digitalmunition.com

VERITAS Netbackup remote format string exploit for Linux.

tags | exploit, remote
systems | linux
MD5 | 3337b74b703e0c9d2f85a5a4e04a70e0
SP Research Labs Advisory 20
Posted Oct 30, 2005
Authored by SP Research Labs | Site security-protocols.com

A denial of service vulnerability exists within Internet Explorer 6.0 on XP SP2 with the J2SE Runtime Environment installed. Successful exploitation causes the browser to not respond. The flaw resides in mshtmled.dll.

tags | advisory, denial of service
MD5 | 3f184bc4e25e46344f0aeac0e81c54d9
win-useradd.c
Posted Oct 30, 2005
Authored by Darkeagle | Site exploiterz.org

318 byte useradd shellcode for Russian Windows NT/2k/XP variants.

tags | shellcode
systems | windows, nt
MD5 | 976a3d6d3788247f9cfd169f4f9ffeca
mirabilis.c
Posted Oct 30, 2005
Authored by ATmaCA | Site atmacasoft.com

Mirabilis ICQ 2003a buffer overflow download shellcoded exploit. Affected versions: Mirabilis ICQ Pro versions 2003a and below.

tags | exploit, overflow, shellcode
MD5 | 68429a8c319db0ab0a22dff8987e36a7
ong_bak-0.9.c
Posted Oct 30, 2005
Authored by qobaiashi

Updated and improved version of the local root exploit for the Linux kernel code that has the Bluetooth related flaw.

tags | exploit, kernel, local, root
systems | linux
MD5 | 07d7f431a44a04e36697686663a1216b
Gentoo Linux Security Advisory 200510-24
Posted Oct 30, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200510-24 - Mantis is affected by multiple vulnerabilities ranging from information disclosure to arbitrary script execution. Versions less than 0.19.3 are affected.

tags | advisory, arbitrary, vulnerability, info disclosure
systems | linux, gentoo
MD5 | 53051a827b05bc6c810d683ab4a784ee
Gentoo Linux Security Advisory 200510-23
Posted Oct 30, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200510-23 - Due to improper input validation, TikiWiki can be exploited to perform cross-site scripting attacks. Versions less than 1.9.1.1 are affected.

tags | advisory, xss
systems | linux, gentoo
MD5 | 72ea187ec255bb49a0d639d000879c95
Gentoo Linux Security Advisory 200510-22
Posted Oct 30, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200510-22 - The SELinux patches for PAM introduce a vulnerability allowing a password to be checked with the unix_chkpwd utility without delay or logging. This vulnerability doesn't affect users who do not run SELinux. Versions less than 0.78-r3 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 57c05143a558dfc6d5f723bddd0bd590
bt-hijack.txt
Posted Oct 30, 2005
Authored by Betty Duz

British Telecom (BT) operates an automated fault detection and reporting system that allows anyone to test any line. If the line is found to be faulty the caller is given an option to divert all incoming calls for that line to another number, including mobile phones. No authentication is required and the owner of the line will be oblivious to the fact that her calls are being hijacked.

tags | advisory
MD5 | 8bea0d8e943a9861a3dc95754a05bc8e
Debian Linux Security Advisory 877-1
Posted Oct 30, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 877-1 - Steve Kemp discovered two vulnerabilities in gnump3d, a streaming server for MP3 and OGG files. The 404 error page does not strip malicious javascript content from the resulting page, which would be executed in the victims browser. By using specially crafting URLs it is possible to read arbitrary files to which the user of the streaming server has access to.

tags | advisory, arbitrary, javascript, vulnerability
systems | linux, debian
advisories | CVE-2005-3122, CVE-2005-3123
MD5 | 36f7f68f2bb30887343c69272024e7ce
Rockliffe.txt
Posted Oct 30, 2005
Authored by Paul Craig | Site security-assessment.com

During an audit of a client, Security-Assessment.com discovered multiple critical vulnerabilities within the RockLiffe MailSite Express WebMail software. The vulnerabilities include the retrieval of arbitrary files from the web server, and bypassing attachment validation routines allowing for remote code execution. Exploitation details included. All versions of RockLiffe MailSite Express WebMail prior to version 6.1.22 are affected.

tags | exploit, remote, web, arbitrary, vulnerability, code execution
MD5 | 3ff38e4d684180018f4aebab2106f220
XH-Hasbani-HTTPD-DoS.c
Posted Oct 30, 2005
Authored by Expanders | Site x0n3-h4ck.org

Exploit for a remote denial of service flaw for HTTP GET in Hasbani-WindWeb version 2.0.

tags | exploit, remote, web, denial of service
MD5 | 62411e2cbf277383b98e1096a7b2e2c7
Mandriva Linux Security Advisory 2005.201
Posted Oct 30, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Tavis Ormandy discovered that sudo does not perform sufficient environment cleaning; in particular the SHELLOPTS and PS4 variables are still passed to the program running as an alternate user which can result in the execution of arbitrary commands as the alternate user when a bash script is executed.

tags | advisory, arbitrary, bash
systems | linux, mandriva
MD5 | 4a3154edcc098ad57806c9e3e7f5f347
Mandriva Linux Security Advisory 2005.200
Posted Oct 30, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.

tags | advisory, remote
systems | linux, mandriva
MD5 | a41d0f6129ba44ac583e71b545bbfde8
MS05-047-DoS.c
Posted Oct 30, 2005
Authored by Winny Thomas

Remote denial of service exploit that makes of a length checking issue in the Microsoft UMPNPMGR PNP_GetDeviceList. This code crashes services.exe.

tags | exploit, remote, denial of service
MD5 | d44d6f25706a4763f50ad2705945e957
secunia-ATutor.txt
Posted Oct 30, 2005
Authored by Andreas Sandblad | Site secunia.com

Secunia Research has discovered some vulnerabilities in ATutor, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system. The vulnerabilities have been confirmed in version 1.5.1-pl1. Other versions may also be affected.

tags | exploit, vulnerability, xss
MD5 | cb2e39612b6178817ab884e23fe1aab3
Page 1 of 30
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    10 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close