what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 79 RSS Feed

Files Date: 2005-11-08

truecrypt-4.0-source-code.tar.gz
Posted Nov 8, 2005
Site truecrypt.org

TrueCrypt is on-the-fly disk encryption software that can create a virtual encrypted disk within a file and mount it as a real disk. It can also encrypt an entire hard disk partition, or a storage device such as USB memory stick. It supports plausible deniability.

tags | encryption
SHA-256 | 7d7bd8858a4eccdb2602f189106d16d6315dc069285c547adbba3b1ba4bb3a5c
atutor151pl2.txt
Posted Nov 8, 2005
Authored by rgod | Site retrogod.altervista.org

ATutor versions less than or equal to 1.5.1pl2 SQL Injection and Remote commands execution exploit.

tags | exploit, remote, sql injection
SHA-256 | e2a2e37dcb0eaeb0884b07d1a427904fe82c1ec628e6e89d964624ea93406cd7
usn-215-1.txt
Posted Nov 8, 2005
Authored by Martin Pitt | Site security.ubuntu.com

Ubuntu Security Notice USN-215-1 - Thomas Wolff and Miloslav Trmac discovered a race condition in the fetchmailconf program. The output configuration file was initially created with insecure permissions, and secure permissions were applied after writing the configuration into the file. During this time, the file was world readable on a standard system (unless the user manually tightened his umask setting), which could expose email passwords to local users.

tags | advisory, local
systems | linux, ubuntu
SHA-256 | 6623623dafd34401f8c96868a18ded75da8c838542b53142fe1c1ed8ae52e8fe
herodot.tar.bz2
Posted Nov 8, 2005
Authored by Piotr Sobolewski | Site rozrywka.jawsieci.pl

Herodot is a tool that parses the timeline of filesystem activity created by mactime and adds human readable descriptions to it. It also understands that later changes of some mac tags hide earlier changes.

systems | unix
SHA-256 | e855f365e9aae9d99d0e69d5a3b263fa17380a16ce8c0182a68fdd6d4a323a9b
tkadv2005-11-001.txt
Posted Nov 8, 2005
Authored by Tobias Klein | Site trapkit.de

PHPlist Version 2.10.1 and prior contain multiple Cross Site Scripting and SQL Injection vulnerabilities. Furthermore it is possible to access and read arbitrary system files through a vulnerability in PHPlist. Detailed exploitation provided.

tags | advisory, arbitrary, vulnerability, xss, sql injection
SHA-256 | 429d5e2ed3062111670608399cbfe4c23936e0a7acc764e78fbed068284c5240
adv8.txt
Posted Nov 8, 2005
Authored by suresec advisories | Site suresec.org

Suresec Security Advisory - #00008 - The Mac OS X kernel has several information leaks.

tags | advisory, kernel
systems | apple, osx
SHA-256 | 6e5fe88ae96f0ebafc98b33ec5d5cc1032b4f8bc92afe972b5f8d717263c56be
zone.labs-fw.txt
Posted Nov 8, 2005
Authored by Debasis Mohanty | Site hackingspirits.com

Zone Alarm products with Advance Program Control or OS Firewall Technology enabled, detects and blocks almost all APIs which are commonly used by malicious programs to send data via http by piggybacking over other trusted programs. However, it is still possible for a malicious programs to make outbound connections to the evil site by piggybacking over trusted Internet browser using "HTML Modal Dialog" in conjunction with simple JavaScript. POC code provided.

tags | advisory, web, javascript
SHA-256 | 6a46a2572af3dd1abd885d847dcf1d1d546bfc278f44b84cfbce2a5e7a3651eb
usn-214-1.txt
Posted Nov 8, 2005
Authored by Martin Pitt | Site security.ubuntu.com

Ubuntu Security Notice USN-214-1 - Chris Evans discovered several buffer overflows in the libungif library. By tricking an user (or automated system) into processing a specially crafted GIF image, this could be exploited to execute arbitrary code with the privileges of the application using libungif.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
SHA-256 | ccbe3257524d3fdb082a6e5a23209acfa63fb1f6a865fc10270711e1b6b6c566
issue_22_2005.pdf
Posted Nov 8, 2005
Authored by astalavista | Site astalavista.com

Astalavista Security Newsletter - Issue 22 - Featured articles include - Things to consider when developing your early-stage security policy ; and Antivirus software - so what?! as well as an interview with Daniel Brandt, Google-Watch.org.

SHA-256 | a7278b95685fd44c892a083a6c300a4c6170bdbab6fb8d585444a5fe69bb8287
issue_21_2005.pdf
Posted Nov 8, 2005
Authored by astalavista | Site astalavista.com

Astalavista Security Newsletter - Issue 21 - Featured articles include - What else should I worry about besides the encryption length of our VPN solution? ; and Tips for enhancing your online privacy as well as an interview with Johannes B. Ullrich, CTO of the Sans Internet Storm Center, and the main developer behind the Dshield.org project

SHA-256 | 8ba66c707aa903e96ddabd065c7d527d2729e1ed43e05700bab667e21d239aba
Debian Linux Security Advisory 888-1
Posted Nov 8, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 888-1 - Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer (OpenSSL) library that can allow an attacker to perform active protocol-version rollback attacks that could lead to the use of the weaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS 1.0.

tags | advisory, protocol
systems | linux, debian
SHA-256 | 21ed7aa055178d83db9c356c04e65b32efc4ee0f419150cc9d5019df90af7fac
Debian Linux Security Advisory 887-1
Posted Nov 8, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 887-1 - Several vulnerabilities have been discovered in Clam AntiVirus, the antivirus scanner for Unix, designed for integration with mail servers to perform attachment scanning

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2005-3239, CVE-2005-3303, CVE-2005-3500, CVE-2005-3501
SHA-256 | 19fe0bf5d21318b46fff2d6f1fe1ca7101310761f48077823f9f7d4dcd06f302
Debian Linux Security Advisory 886-1
Posted Nov 8, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 886-1 - Several vulnerabilities have been discovered in chmlib, a library for dealing with CHM format files.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2005-2659, CVE-2005-2930, CVE-2005-3318
SHA-256 | cbf277d42ce4c03b6b50abb1868f45943ca6d3f2d2bef4a0a612bd0db6b72f43
Debian Linux Security Advisory 885-1
Posted Nov 8, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 885-1 - Several vulnerabilities have been discovered in OpenVPN, a free virtual private network daemon.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2005-3393
SHA-256 | b562c478a5b671e0a40c58b8e56753c165b071cdaf6b97f869089538d5720895
Debian Linux Security Advisory 809-3
Posted Nov 8, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 809 - Kosa Attila discovered that the security update DSA 809-2 contained a regression in the packages for the old stable distribution (woody).

tags | advisory
systems | linux, debian
SHA-256 | 380746252630ea5abe71f6420c44ac59e18cb0bae062d9b32df114112f9217e2
oste1.0.txt
Posted Nov 8, 2005
Authored by khc

The OSTE toplist script v1.0 is vulnerable to remote code execution.

tags | exploit, remote, code execution
SHA-256 | 7c98c5711a922879c1be02daa2cdaf33d7adfb1dc923a86f065747dbfbbfa609
guestbook-2.2.txt
Posted Nov 8, 2005
Authored by bhs_team | Site Babol-Hackers.com

Guestbook v2.2 is vulnerable to a classic SQL admin bypass vulnerability.

tags | exploit, bypass
SHA-256 | 834d6fd178742f363d14a0ce587fa6b9fdbeb3016c3bfafa4ee1f15cde133da3
Secunia Security Advisory 17476
Posted Nov 8, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in phplist, which can be exploited by malicious users to conduct SQL injection attacks and disclose sensitive information, and by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and disclose sensitive information.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | ed12d871433128df94cbf718f13911eee1b1182b044a4ad5ffb608f4663a7f92
Secunia Security Advisory 17479
Posted Nov 8, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Christopher Kunz has reported some vulnerabilities in PHPKIT, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks, disclose sensitive information, and compromise a vulnerable system.

tags | advisory, vulnerability, xss
SHA-256 | ba281bd942e163b397f7599fe4724a303cbeb3eeb0f56beaa03f819b69bfa95b
Secunia Security Advisory 17493
Posted Nov 8, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - khc has reported a vulnerability in OSTE, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | b22e7ffd492781753dd3ae20b97da114c38688209d590428e0609c32b8f1130b
SEC-20051107-1.txt
Posted Nov 8, 2005
Authored by Bernhard Mueller | Site sec-consult.com

SEC-CONSULT Security Advisory 20051107-1 - SEC Consult has found that parameters to ActionDefineFunction (ACTIONRECORD 0x9b) in the Macromedia Flash Plugin are not properly sanitized. Loading a specially crafted SWF leads to an improper memory access condition which can be used to crash flash player or may be exploited as a vector for code execution. This issue is similar to CVE-2005-2628 (as reported by eEye Digital Security on November 4, 2005) but affects a different function. Versions affected: flash.ocx 7.0.19.0 and earlier, libflashplayer.so before 7.0.25.0.

tags | exploit, code execution
SHA-256 | 8e6fb046a48b15f155e81ed751344b5482c9f52a4be9ea7157fd0da5cedddaa6
SEC-20051107-0.txt
Posted Nov 8, 2005
Authored by Bernhard Mueller | Site sec-consult.com

SEC-CONSULT Security Advisory 20051107-0 - toendaCMS allows for theft of CMS usernames and passwords (XML database mode), session theft (XML database mode), directory traversal attacks (XML database mode), and arbitrary file uploads. Versions below 0.6.2 are affected.

tags | exploit, arbitrary, file upload
SHA-256 | 144222686022b8b1399ddb13787fcc507b4e08544d5c7ae39a117d7c50b31914
Debian Linux Security Advisory 884-1
Posted Nov 8, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 884-1 - Mike O'Connor discovered that the default installation of Horde3 on Debian includes an administrator account without a password. Already configured installations will not be altered by this update.

tags | advisory
systems | linux, debian
advisories | CVE-2005-3344
SHA-256 | b558ad5e29c5e29d0339a30dd6291d69998653a4d07b93466d54d060c4e5c7dd
fileZillaDoS.txt
Posted Nov 8, 2005
Authored by Inge Henriksen

FileZilla Server Terminal version 0.9.4d appears to suffer from a buffer overflow vulnerability when being passed 900-3000 characters to the USER directive.

tags | advisory, overflow
SHA-256 | 334bebb9956a106eb2cd459c8d4304a22a36821a0e716ac35a08441077fc83c3
namesXSS.txt
Posted Nov 8, 2005
Authored by reuben.31

names.co.uk, an English registrar and web hosting company, has an cross site scripting vulnerability allowing injection of arbitrary Javascript.

tags | exploit, web, arbitrary, javascript, xss
SHA-256 | 6cd18e600b100ec54795e80d0e317b9b89700aa71f5874e4be0cf2489246d22b
Page 1 of 4
Back1234Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close