exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2005-11-01

arpalert-0.4.13.tar.gz
Posted Nov 1, 2005
Authored by Thierry Fournier | Site perso.numericable.fr

arpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.

Changes: Small bug fix and command line errors had verbosity added.
tags | local
systems | unix
SHA-256 | 9bfb12da950f19a0f8d4d72432c0ef3df379fd765630c710fa97aab5a220fddf
opensc-0.9.6.tar.gz
Posted Nov 1, 2005
Site opensc-project.org

OpenSC consists of a SmartCard library that uses any common transport API (e.g. PC/SC, CT-API, OpenCT) as its backend and applications that use the library. It has been tested extensively on Finnish Electronic Identity (FINEID) cards, but a number of other PKCS #15 and ISO 7816 compatible cards work too. Also implemented are a PKCS #11 module (e.g. for Mozilla Web/email usage), a PAM module, somewhat working OpenSSH support, an OpenSSL engine, a few basic tools, and a PKCS #15 structure generation tool for supported cards.

tags | web, library
SHA-256 | 53d7d4ffa4599b13f1805801805d8913fee8edec69a082ff9e9aa29d6193a526
0510-exploits.tgz
Posted Nov 1, 2005
Authored by Todd J. | Site packetstormsecurity.com

New Packet Storm exploits for October, 2005.

tags | exploit
SHA-256 | 698e4f77033a3e807e82317dd0e4d7c7ba22daae9e6cda2b09f4f01044396696
Apple Security Advisory 2005-10-31
Posted Nov 1, 2005
Authored by Apple | Site docs.info.apple.com

Flaws for Finder, Software Update, memberd, Keychain, and the kernel have all been addressed in this latest Apple update.

tags | advisory, kernel
systems | apple
advisories | CVE-2005-2749, CVE-2005-2750, CVE-2005-2751, CVE-2005-2739, CVE-2005-1126, CVE-2005-1406, CVE-2005-2752
SHA-256 | 2c633f5d3e2fe72b1fff28459607162165bb542d1f00be4465e76886d8aa7a66
voyagerWorm.txt
Posted Nov 1, 2005

Snippet of code from the Voyager Beta worm.

tags | worm
SHA-256 | 0a9d34add4e646f517537712d241a8537ff7a4bcc502318fa6bb16b5087e7474
look_for_hidden_files.tar.gz
Posted Nov 1, 2005
Authored by Piotr Sobolewski | Site rozrywka.jawsieci.pl

look_for_hidden_files is a script which uses debugfs to read the contents of the filesystem without using the kernel's filesystem support and then compares the resulting list with the analogous output from ls. If there is a discrepancy, it indicates some sort of trouble, most likely invasion of the system by a malicious intruder.

tags | kernel
systems | unix
SHA-256 | 50f3d1a95d7e9a46cd6bb0a9d23a73156c732008394c738db3b8e0202c854e93
Hardened-PHP Project Security Advisory 2005-20.79
Posted Nov 1, 2005
Authored by Stefan Esser, Hardened-PHP Project | Site hardened-php.net

During the development of the Hardening-Patch which adds security hardening features to the PHP codebase, several vulnerabilities within PHP were discovered. This advisory describes one of these flaws concerning a weakness in the file upload code, that allows overwriting the GLOBALS array when register_globals is turned on. Overwriting this array can lead to unexpected security holes in code assumed secure. This vulnerability can allow for remote PHP code execution. Affected versions are PHP4 versions 4.4.0 and below and PHP5 versions 5.0.5 and below.

tags | advisory, remote, php, vulnerability, code execution, file upload
SHA-256 | f8dc972de9ab9723e24e079bb1aa1db52acccf6b34d75a662360600fa9ba97a0
Hardened-PHP Project Security Advisory 2005-19.78
Posted Nov 1, 2005
Authored by Stefan Esser, Hardened-PHP Project | Site hardened-php.net

During the development of the Hardening-Patch which adds security hardening features to the PHP codebase, several vulnerabilities within PHP were discovered. This advisory describes one of these flaws concerning a weakness in the implementation of the parse_str() function. Under certain conditions triggering the memory_limit request shutdown during a parse_str() call will result in the core of PHP believing that the register_globals directive is turned on (for the rest of the lifetime of the involved webserver process). This may allow an attacker to exploit security flaws in PHP applications that exist due to uninitialized global variables. Affected versions are PHP4 versions 4.4.0 and below and PHP5 versions 5.0.5 and below.

tags | advisory, php, vulnerability
SHA-256 | 10f101097fd39138422e2a7874bdb94d072b4fbdce038e8405003d6abe5001f5
Hardened-PHP Project Security Advisory 2005-18.77
Posted Nov 1, 2005
Authored by Stefan Esser, Hardened-PHP Project | Site hardened-php.net

A weakness in PHP's phpinfo() function allows for cross site scripting attacks. Affected versions are PHP4 versions 4.4.0 and below and PHP5 versions 5.0.5 and below.

tags | advisory, php, xss
SHA-256 | 36fa6835dbeb10584c5e0f7fa40b5dfc12ef31a054c790a4bd79c93d91e4cddb
openVPN20x.txt
Posted Nov 1, 2005
Authored by vade79

OpenVPN version 2.0.x contain a remotely exploitable format string bug in the processing of its command-line and configuration arguments.

tags | advisory
SHA-256 | ac9aae219661e250d8c14e1b49f62bdb7c92bc9fd23b145253ed6ab7f2d03578
Hardened-PHP Project Security Advisory 2005-17.75
Posted Nov 1, 2005
Authored by Stefan Esser, Hardened-PHP Project | Site hardened-php.net

phpBB versions 2.0.17 and below are susceptible to multiple cross site scripting and SQL injection flaws.

tags | advisory, xss, sql injection
SHA-256 | b87a7fdac987ea5f043c9ea4c2452f356b8ee2127f77b05d8e0b347a4f218b3e
invision203-SQL.txt
Posted Nov 1, 2005
Authored by aLMaSTeR

Invision Gallery version 2.0.3 is susceptible to SQL injection attacks.

tags | exploit, sql injection
SHA-256 | 88deef477a9b0f6f017143b36dff6e0f5585637cb11e6d1741f2126aea14979c
mwcollect-3.0.0.tar.bz2
Posted Nov 1, 2005
Authored by Honeynet Project | Site mwcollect.org

mwcollect is an easy solution to collect worms and other autonomous spreading malware in a non-native environment like Linux.

Changes: First v3 core based version that catches a whole bunch of malware.
tags | tool, worm, intrusion detection
systems | linux, unix
SHA-256 | 21ae6a8d58a5ef93483cc8c163cf219d57d4772a2f4875558329e397b4c8be5b
forumSQL.txt
Posted Nov 1, 2005
Authored by Abducter

Some forum.php script is susceptible to SQL injection attacks.

tags | exploit, php, sql injection
SHA-256 | d290f47e77ca8e107b5c908d731a65fe539ce781eaa0dcb0584ed3ddd53491de
Ubuntu Security Notice 213-1
Posted Nov 1, 2005
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-213-1 - Tavis Ormandy discovered a privilege escalation vulnerability in sudo. On executing shell scripts with sudo, the P4 and SHELLOPTS environment variables were not cleaned properly. If sudo is set up to grant limited sudo privileges to normal users this could be exploited to run arbitrary commands as the target user.

tags | advisory, arbitrary, shell
systems | linux, ubuntu
advisories | CVE-2005-2959
SHA-256 | edc8f0c244d39ceb41c3da1b77060c73e66a52308b7156971890553733a48bb9
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close