what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 69 RSS Feed

Files Date: 2005-11-20

vulnuke78bx.txt
Posted Nov 20, 2005
Authored by Bartosz Nowakowski

PHP Nuke versions 7.8 and below suffer from a cross site scripting flaw.

tags | advisory, php, xss
SHA-256 | 828acd8935cfb72547ca9aef20a5e780e000dee260f0baef2dadc77450c4b6a8
TKADV2005-11-004.txt
Posted Nov 20, 2005
Authored by Tobias Klein

Versions 1.5.3 and below of phpMyFAQ contain multiple persistent cross site scripting vulnerabilities. Exploitation details provided.

tags | exploit, vulnerability, xss
SHA-256 | 1604f67bacec514f508f5c7fc8b04b4dd59120438f0d160be0c7d0947450916d
exponentCMS.txt
Posted Nov 20, 2005
Authored by Hans Wolters

ExponentCMS versions 0.96.3 and higher suffer from multiple vulnerabilities including cross site scripting and SQL injection flaws.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | 0e37e6100c4a811fd37043b68ef1990fb601a7fe98d28e1341cfc5d8a760dff6
nestea.tgz
Posted Nov 20, 2005
Authored by slick

Nestea is a CGI scanner that also looks for forbidden files and directories. It has a database of 2097 vulnerabilities and it takes about 10 minutes to completely scan a host.

tags | cgi, vulnerability
systems | unix
SHA-256 | 31d2e5e999b8d14ec9b41bc04ef6dac0e71c197140533675f52c78fa7af03003
Debian Linux Security Advisory 901-1
Posted Nov 20, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 901-1 - Several vulnerabilities have been discovered in gnump3d, a streaming server for MP3 and OGG files.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2005-3349, CVE-2005-3355
SHA-256 | bd001cf0cb4b7ef99eba4cc2bd428870e06524d98ea6b675e9a4d46321444ebb
almondClassifieds.txt
Posted Nov 20, 2005
Authored by Alexiev

Almond Classifieds has a validation flaw that allows remote attacks to edit classifieds of other users.

tags | exploit, remote
SHA-256 | c2ea57c499f9b5d4f1dfc11fed136b3d188aacf69abec3c897afadb9253456ba
exophpdesk_advisory.txt
Posted Nov 20, 2005
Site soulblack.com.ar

ExoPHPDesk version 1.2 is susceptible to remote code execution attacks. Exploitation details provided.

tags | exploit, remote, code execution
SHA-256 | 0fe620751940edd520eb7465d4674eb9fc92ce0c1f7953ab546c197a9ae44898
digsig-1.3.2.tar.gz
Posted Nov 20, 2005
Site sourceforge.net

DigSig kernel load module checks the signature of a binary before running it. It inserts digital signatures inside the ELF binary and verifies this signature before loading the binary. It is based on the Linux Security Module hooks (standard in main stream Linux kernel 2.5.66 and higher). Therefore, it improves the security of the system by avoiding a wide range of malicious binaries like viruses, worms, Trojan programs, and backdoors from running on the system.

tags | worm, kernel, trojan
systems | linux
SHA-256 | 71a9882698f37ed54e72a04fb21ecad41b68f381a335ddc601301d49c752b135
Zero Day Initiative Advisory 05-03
Posted Nov 20, 2005
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

ZDI-05-003: Novell Netmail IMAPD suffers from buffer overflows. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netmail. Authentication is required to exploit this vulnerability. Affected Products: Novell Netmail 3.5.2.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-3314
SHA-256 | a6c8579fcaac421e0684e535024d5416f00bfb87093bdcb05e5735e03d9dc6c9
sparc-setreuid.c
Posted Nov 20, 2005
Authored by lhall

setreuid shellcode for Sparc.

tags | shellcode
SHA-256 | 42591800e90683eb955c1c9063bf0c81608a3300cbb47bf07e83c59b0d6c3e75
sparc-portbind.c
Posted Nov 20, 2005
Authored by lhall

Portbinding shellcode for Sparc.

tags | shellcode
SHA-256 | 82f4f156896f731a0acc2503673d75aa915445af4d59607f8244d69eb87717a9
mamboRumor.txt
Posted Nov 20, 2005
Authored by rebarz99

A Mambo 0-day exploit is rumored to be circulating in the wild.

tags | advisory
SHA-256 | cddd67bbfed322c41fef067924a91b2f6ce69a0d53da19518439872f487591d5
db-sec-tokens.pdf
Posted Nov 20, 2005
Authored by David Litchfield | Site ngssoftware.com

"Snagging Security Tokens to Elevate Privileges" is a brief that details how a database server running as a low privileged user on Windows can still provide an attacker with the ability to gain elevated privileges on the network and suggests a change in security policy to mitigate the risk. As a side note, this affects all network servers that offer OS based authentication - not just database servers.

tags | paper
systems | windows
SHA-256 | ddf0367b0ae123b501921160d18f52c089a3c85c8d21251937bf98c7eee6c567
Gentoo Linux Security Advisory 200511-15
Posted Nov 20, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200511-15 - A vulnerability leading to unauthorized file access has been found. A pre-existing symlink from /tmp/sudoers and /tmp/super.tab to a textfile will cause Smb4k to write the contents of these files to the target of the symlink, as Smb4k does not check for the existence of these files before writing to them. Versions less than 0.6.4 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 641275e390b4dd2721852271e0bd97168fb9641590f315376eaf4e1a2e253cab
eQuickSQLXSS.txt
Posted Nov 20, 2005
Authored by BiPi_HaCk | Site NightmareSecurity.net

e-Quick Cart is susceptible to multiple cross site scripting and SQL injection flaws. Exploitation details provided.

tags | exploit, xss, sql injection
SHA-256 | c0917d9be89c6bc5d4582e3cd2501515dc90fef1c4bbd7dc0cd3d650bec70897
phpFusion600206.txt
Posted Nov 20, 2005
Authored by Robin Verton

PHP-Fusion versions 6.00.206 and below suffer from SQL injection attacks.

tags | exploit, php, sql injection
SHA-256 | 5c759a854ef640ac086d20a4e6915f62b1f78fc833f667effd143990303e0ff0
secunia-mailenable.txt
Posted Nov 20, 2005
Authored by Tan Chew Keong | Site secunia.com

Secunia Research has discovered some vulnerabilities in Mail Enable Professional/Enterprise, which can be exploited by malicious users to cause a DoS (Denial of Service) and to compromise a vulnerable system. Affected Software: MailEnable Professional version 1.6 with Hotfix MEIMAPS-UPD0511010000.zip applied. MailEnable Enterprise version 1.1 with Hotfix MEIMAPS-UPD0511010000.zip applied. Prior versions may also be affected.

tags | advisory, denial of service, vulnerability
SHA-256 | a41e13f40a8136993edd20a8f6b3d9a6e59403bff26a194c137c66898da4cf47
secunia-winmail.txt
Posted Nov 20, 2005
Site secunia.com

Secunia Research has discovered some vulnerabilities in Winmail Server, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks, and overwrite arbitrary files. Affected Software: Winmail Server 4.2 (build 0824). Other versions may also be affected.

tags | advisory, arbitrary, vulnerability, xss
SHA-256 | 483903aafaf97c68ef194aea91ed9e74286d55d7bb3ddf39ea0d000823b9aeb5
incident-2.9.tar.gz
Posted Nov 20, 2005
Authored by Viraj Alankar | Site bigfoot.com

Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.

Changes: RIPE redirect stopped working due to arin result changing. Fixed.
tags | tool, remote, sniffer
SHA-256 | 144abbc7055b4f059404ac3e9a380f83138ffb714ba24dec2e674c9adf980287
RFC-NG-3.3.0.tar.gz
Posted Nov 20, 2005
Authored by Claudio Panichi | Site rfc.sourceforge.net

RFC (Remote Filesystem Checker) is a set of scripts that aims to help system administrators run a filesystem checker (like tripwire, aide, etc.) from a master-node to several slave-nodes using ssh, scp, sudo, and few other common shell commands.

Changes: Minor release with an updated AFICK and nice contributions from some RFC's users.
tags | tool, remote, shell, integrity
SHA-256 | dbabd1edfd938cd01ffaa094c7698d70d516922009dc18072bbb7990956da8d8
Nixory_0.3.4.zip
Posted Nov 20, 2005
Authored by Alfredo Spadafina | Site nixory.sourceforge.net

Nixory is an innovative, fast, and powerful anti-spyware program, with a user-friendly graphical interface. It protects Mozilla Firefox from dangerous spyware and harmful cookies. Platform independent source zip file.

Changes: Better interface, improvements, and a new live update system to keep definitions database up to date.
SHA-256 | e7c030ea1072f4f0f3960a7cb5495355fa653243b392ee43aea388fac5bd7b0d
Debian Linux Security Advisory 900-1
Posted Nov 20, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 900-1 - Thomas Wolff discovered that the fetchmailconfig program which is provided as part of fetchmail, an SSL enabled POP3, APOP, IMAP mail gatherer/forwarder, creates the new configuration in an insecure fashion that can lead to leaking passwords for mail accounts to local users.

tags | advisory, local, imap
systems | linux, debian
advisories | CVE-2005-3088
SHA-256 | 1fab93074bcf0d6c1ff84696b4f9e765f5d00b58003a806527e17411b3e97f72
iDEFENSE Security Advisory 2005-11-17.t
Posted Nov 20, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 11.17.05 - Remote exploitation of a directory transversal vulnerability in Qualcomm WorldMail IMAP Server allows attackers to read any email stored on the system. Exploitation details provided. Tested against Qualcomm Worldmail server version 3.0. Other versions may be vulnerable.

tags | exploit, remote, imap
advisories | CVE-2005-3189
SHA-256 | 01a2547672aa0a6bf533fe4063a9e2b47e5039c817eda96685045473de319554
Debian Linux Security Advisory 899-1
Posted Nov 20, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 899-1 - Several vulnerabilities have been discovered in egroupware, a web-based groupware suite.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2005-0870, CVE-2005-2600, CVE-2005-3347, CVE-2005-3348
SHA-256 | ce5dc61b6ab7f174ffd0578f4d7b299207ee622bfdae9b8fd35c151559cf6fca
WHMAutoPilot2520.txt
Posted Nov 20, 2005
Authored by Agna Zilchi

A vulnerability leading to unauthorized cancellation requests in WHM AutoPilot versions 2.5.20 and below has been discovered.

tags | advisory
SHA-256 | 2ad2b040e6222ebcf0eab5e45ad775907734a840167b49cdfdcc6a95a13c1585
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close