exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files Date: 2006-01-26

CheesyBlog-1.0.txt
Posted Jan 26, 2006
Authored by Aliaksandr Hartsuyeu | Site evuln.com

CheesyBlog v1.0 does not properly sanitize user input leading to script injection bugs in archive.php

tags | exploit, php
SHA-256 | 27701de69f54beecdd05d2987d3c9db8fdcc102c1720906f4ca09f65979ee422
ExpressionEngine-1.4.1.txt
Posted Jan 26, 2006
Authored by Aliaksandr Hartsuyeu | Site evuln.com

ExpressionEngine 1.4.1 does not sanatize the HTTP_REFERER variable. This can be used to post HTTP query with fake Referrer value which may contain arbitrary html or script code. This code will be executed when administrator(or any user) will open Referrer Statistics.

tags | exploit, web, arbitrary
SHA-256 | 269640d9a1082ed07f4dc3684cbd7cf0264bdf5992ad0cf57f58bf4c5ed91008
HYSA-2006-002.txt
Posted Jan 26, 2006
Authored by h4cky0u | Site h4cky0u.org

HYSA-2006-002 h4cky0u.org Advisory 011 - Phpclanwebsite 1.23.1 Multiple Vulnerabilities

tags | exploit, vulnerability
SHA-256 | 939c46940920ae4e59b49c8d850070fa0945fb8c9fd9f41fd69d8bb607cf30d5
HYSA-2006-001.txt
Posted Jan 26, 2006
Authored by h4cky0u | Site h4cky0u.org

HYSA-2006-001 h4cky0u.org Advisory 010 - phpBB 2.0.19 search.php and profile.php DOS Vulnerability

tags | exploit, denial of service, php
SHA-256 | 3ff86ddc78738cb6203a1749d74844dc8cc8d4f63c681163705f301849960318
Secunia Security Advisory 18596
Posted Jan 26, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Avaya has acknowledged a vulnerability in Predictive Dialing System (PDS), which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | ba80531e1baa2a3650339af864b27829a7a0f91a4670a870bae30109b641fcc6
Secunia Security Advisory 18597
Posted Jan 26, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - matrix_killer has discovered two vulnerabilities in Phpclanwebsite, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | dd1d200cd2ff4f130e3ace67044fdfd561780019ddb7b6fc7a30d3c3e4712fd9
Secunia Security Advisory 18602
Posted Jan 26, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered a vulnerability in ExpressionEngine, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 7eaa406d353432135d7f40a3cae7fbc0b616ea494498ff6e4bb8c1ad16b7706c
Secunia Security Advisory 18612
Posted Jan 26, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for mailman. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | 7e582180978d73ca93dac035839154664414b00ac8cca721ebc875fac1fd1240
Secunia Security Advisory 18613
Posted Jan 26, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco IOS, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
systems | cisco
SHA-256 | 4f3d2d892ab573f2b168fa844660c8c21fa8c432fa9b5bc698cda93d207f95c7
Secunia Security Advisory 18615
Posted Jan 26, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged some vulnerabilities in Sun StorEdge Enterprise Backup and Solstice Backup, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 1b65c640b35486accb2600354377ce397ee0ef1618d857eb6e7ffc2ac4707ce0
Secunia Security Advisory 18616
Posted Jan 26, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for ipsec-tools. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, mandriva
SHA-256 | ed116a6f6df49e3a0a632db4010f49ba64db295bdb92b49651088b0594e66309
fireclicking.txt
Posted Jan 26, 2006
Authored by Michael Krax | Site mikx.de

Using custom Microsoft Agent characters it is possible to cover any kind of windows, including security or download dialogs. This is an expected feature of the Microsoft Agent control. Because custom characters are fully scriptable, can have any kind of shape and are downloaded automatically, this can be used as a flexible tool to cover and/or spoof any kind of window and lure the user to execute arbitrary code by performing one or two clicks (depending on security zone configuration and Windows version).

tags | advisory, arbitrary, spoof
systems | windows
SHA-256 | 039b06b0507512df1ffd004234a3787a21cf7ec3fdaad643a094cb8696e17771
Note-A-Day-2.1.txt
Posted Jan 26, 2006
Authored by Aliaksandr Hartsuyeu | Site evuln.com

Note-A-Day v2.1 does not password protect a sensitive directory leading to information disclosure.

tags | exploit, info disclosure
SHA-256 | 9d9d12c063b7d418eac5256e7618635a978326aa7490bf76910a6e74638b40e6
e-moBLOG.txt
Posted Jan 26, 2006
Authored by Aliaksandr Hartsuyeu | Site evuln.com

e-moBLOG v1.3 suffers from SQL injection bugs leading to login bypass and information disclosure.

tags | exploit, sql injection, info disclosure
SHA-256 | 6155530b7e5ebcbae507cd31de1dd530d17ad0bd6dac37be8e345c4c579e3161
rh-servers.txt
Posted Jan 26, 2006
Authored by NGSSoftware Insight Security Research | Site ngssoftware.com

Peter Winter-Smith of NGSSoftware has discovered a high risk vulnerability in Red Hat Directory Server and Red Hat Certificate Server. It is possible that under certain circumstances these flaws could permit an unauthenticated attacker to remotely compromise the Directory or Certificate server, in other circumstances this flaw could facilitate local privilege escalation to root.

tags | advisory, local, root
systems | linux, redhat
SHA-256 | 6e9342c78e61c28a0dbc7c60186a0b107227cc4b377e5f1073f17c7eda93c630
xmame-expl.c
Posted Jan 26, 2006
Authored by sj

Xmame 0.102 and below local root exploit for Linux.

tags | exploit, local, root
systems | linux
SHA-256 | 2c6822915bdcdbefc6d4a8813d3e194cbb6038994934e02de11d2bd3f319d395
ptscan_1.1.tgz
Posted Jan 26, 2006
Authored by Robert Molnar

A simple lightweight threaded portscanner. Version 1.1

Changes: Using pthreads instead of forking, thus reducing the overhead of creating threads and the memory consumption. Bug fixes in the log file and screen output. Added separate option for read timeout.
tags | tool, scanner
systems | unix
SHA-256 | 016fe412f7e19872b98981da557d161c4e796dd774935614f03e247112aff64f
ptscan_1.1.tgz
Posted Jan 26, 2006
Authored by Robert Molnar

A simple lightweight threaded portscanner. Version 1.1

Changes: Using pthreads instead of forking, thus reducing the overhead of creating threads and the memory consumption. Bug fixes in the log file and screen output. Added separate option for read timeout.
tags | tool, scanner
systems | unix
SHA-256 | 016fe412f7e19872b98981da557d161c4e796dd774935614f03e247112aff64f
RockLiffe-wconsole.txt
Posted Jan 26, 2006
Authored by OS2A

RockLiffe MailSite wconsole.dll Denial of Service/Script Injection Vulnerability

tags | advisory, denial of service
SHA-256 | 8aff353399cd70e494ccd17f68e2fda160bdabc46209288131fb167e560b0511
RCBlog-1.0.3.txt
Posted Jan 26, 2006
Authored by Aliaksandr Hartsuyeu | Site evuln.com

RCBlog v1.0.3 suffers from several vulnerabilities which can be used to open arbitrary files and compromise the admin's md5 password hash.

tags | exploit, arbitrary, vulnerability
SHA-256 | 9a5a943ec06cac59377d32cc75369eeea009157b6051a9fe080aa6c64a9651d4
tsng-1.1.tar.gz
Posted Jan 26, 2006
Authored by van Hauser, thc | Site thc.org

TSNG is another excellent release from THC. It is just your normal plain text mode wardialer without a GUI, but with the ability to scan with as many modems as you want. The only limits are your bandwidth, RAM and CPU power. So in theory, up to 65000 modems can be used in parallel to scan a large range of numbers. The modems can be in any area of the world, as long as you have network connectivity to the systems to which the modems are connected.

SHA-256 | 507bafc71c2cda7abc5b5ef9e08d09c37dbfcfb1829b0270db30b21988eef784
NS-012006-ASPNET-LDAP.pdf
Posted Jan 26, 2006
Authored by shreeraj | Site net-square.com

Advisory ID: NS-012006-ASPNET-LDAP - IIS running with .Net Framework - Web Services running on the ASP.NET framework may disclose an internal LDAP filter query, if an exception is not handled properly in the source code.

tags | advisory, web, asp
SHA-256 | ec6248ef459de61a425371c1fc96b7fbbc2b00bd8dfab9a89c71ab083cdc6d40
msvc-featurebug-POC.zip
Posted Jan 26, 2006
Authored by Morning Wood | Site exploitlabs.com

POC Exploit for the MSVC 6.0 run file bug.

tags | exploit
SHA-256 | 8dc1ea0a87aeaf315faada5f0a3e56449a6ecd38e65005ebcc862f8b10894989
msvc-featurebug.txt
Posted Jan 26, 2006
Authored by Morning Wood | Site exploitlabs.com

MSVC 6.0 run file bug - Generally authors offer code as a project with source, headers, and msvc project files if it is a fairly big project. Most users will simply open up the project.dsw file, ( especialy if it says to do so in a readme.txt or other compiler instructions ) which in turn loads the project.dsp files, which provides the compiler directives. A malicious attacker could embed commands to be executed in the project files, and execute any local code of his choosing.

tags | advisory, local
SHA-256 | 6a5009f0e4aebe69416725cbeacce66fef04e21047c8e1e2cc4db50de6dbc0ff
SysChk3.1.tar.gz
Posted Jan 26, 2006
Authored by h0e | Site ihackedthisbox.com

SysChk is a tool to aid in monitoring file system integrity. Monitored changes include: User Ownership. Group Ownership. File Permissions. Modified Time. Md5 Hash.

tags | tool, integrity
SHA-256 | 8ea43a8ad579b3a6784a08d37afa13ede6500c73177fda62fca08121d3cbc32e
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close