exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 58 RSS Feed

Files Date: 2006-02-02

CAID33581.txt
Posted Feb 2, 2006
Authored by Ken Williams | Site supportconnect.ca.com

The following two security vulnerability issues have been identified in the CA Message Queuing (CAM / CAFT) software: CAM is vulnerable to a Denial of Service (DoS) attack when a specially crafted message is received on TCP port 4105. CAM is vulnerable to a Denial of Service (DoS) through the spoofing of CAM control messages.

tags | advisory, denial of service, spoof, tcp
advisories | CVE-2006-0529, CVE-2006-0530
SHA-256 | fa9bcf5733c36e27029a5ff78f5ff979acef14def6f47abd1743b7b6362823eb
Bypass.pdf
Posted Feb 2, 2006
Authored by Mert SARICA

Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.

tags | advisory
SHA-256 | 9c664395dce29c6ee10c00fb5bdb2295836c82ce9b9da4b3f0df46c4ae996247
Mandriva Linux Security Advisory 2006.028
Posted Feb 2, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Multiple response splitting vulnerabilities in PHP allow remote attackers to inject arbitrary HTTP headers via unknown attack vectors, possibly involving a crafted Set-Cookie header, related to the session extension (aka ext/session) and the header function. Multiple cross-site scripting (XSS) vulnerabilities in PHP allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in certain error conditions.

tags | advisory, remote, web, arbitrary, php, vulnerability, xss
systems | linux, mandriva
advisories | CVE-2006-0207, CVE-2006-0208
SHA-256 | c98385883dccd198b6d3864905ce4577e8f33952b37da51c5c40bcbe9a83eb70
Technical Cyber Security Alert 2006-32A
Posted Feb 2, 2006
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA06-032A - America Online has released Winamp 5.13 to correct a buffer overflow vulnerability. By convincing a user to open a specially crafted playlist file, a remote unauthenticated attacker may be able to execute arbitrary code with the privileges of the user. Winamp may open a playlist file without any user interaction as the result of viewing a web page or other HTML document.

tags | advisory, remote, web, overflow, arbitrary
advisories | CVE-2006-0476
SHA-256 | 1e0277b3054f29f9a489f8d9b090518ad23def64220f8bd3b659b9f34d101653
FreeBSD-SA-06-08.sack.txt
Posted Feb 2, 2006
Authored by Scott Wood | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-06:08.sack - SACK (Selective Acknowledgment) is an extension to the TCP/IP protocol that allows hosts to acknowledge the receipt of some, but not all, of the packets sent, thereby reducing the cost of retransmissions. When insufficient memory is available to handle an incoming selective acknowledgment, the TCP/IP stack may enter an infinite loop.

tags | advisory, tcp, protocol
systems | freebsd
advisories | CVE-2006-0433
SHA-256 | 8d3f7d980f0020012c292d7bd87a577e7beeedfba74ebfdf5862b03683811826
ashnews083.txt
Posted Feb 2, 2006
Authored by zeus | Site Security-mx.org

AshWebStudio in Ashnews version 0.83 is susceptible to cross site scripting attacks and remote file inclusion flaws.

tags | exploit, remote, xss, file inclusion
SHA-256 | bf428ab66387cf06fcad67bfd98f8b7acb42600c71eb16c9353a18196875d622
iDEFENSE Security Advisory 2006-02-01.2
Posted Feb 2, 2006
Authored by iDefense Labs, b0f, Ruben Santamarta | Site idefense.com

iDefense Security Advisory 02.01.06 - It has been found that a specially crafted m3u or pls file can overwrite a stack based buffer allowing for remote code execution. This vulnerability is specific to the 5.11 version of Winamp and does not affect previous versions.

tags | advisory, remote, code execution
advisories | CVE-2006-0476
SHA-256 | 55cfc9433a739a9d58acb02156040187fb0c6d1dfe185aad02576b64a0fdf607
Secunia Security Advisory 18681
Posted Feb 2, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in various products within the CA Message Queuing (CAM / CAFT) software, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 76a70c9a69364eeb1058891dee5f7a0847e9f7647d218785525ffe593f216a8c
Secunia Security Advisory 18682
Posted Feb 2, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in various Autodesk products, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 85d1346ee9f0603748478fa6d05ec63ee39398022430026c802c112c9458a170
Secunia Security Advisory 18696
Posted Feb 2, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | freebsd
SHA-256 | 9696a08976ca3a466716a475e0f003479856b8ab1e5dc5ae83b02309e23f5fbf
Secunia Security Advisory 18700
Posted Feb 2, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, potentially disclose sensitive information, and potentially compromise a user's system.

tags | advisory, vulnerability, xss
SHA-256 | 3b39cda16049485fa09a5918a6593b0c68455d2ddebcf9b372813d8fe45bf723
Secunia Security Advisory 18703
Posted Feb 2, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Mozilla Suite, which can be exploited by malicious people to conduct cross-site scripting attacks and potentially compromise a user's system.

tags | advisory, vulnerability, xss
SHA-256 | 8a8eb7e1611c0f75722afa967791f59eee55e99606cfbb63aea0c5378701d583
Secunia Security Advisory 18704
Posted Feb 2, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, potentially disclose sensitive information, and potentially compromise a user's system.

tags | advisory, vulnerability, xss
SHA-256 | 912e9feefaee000bf1bdc0b63ab12af5e3d446a64d38997e6c45b0bc39080a72
iDEFENSE Security Advisory 2006-02-01.1
Posted Feb 2, 2006
Authored by iDefense Labs, b0f | Site idefense.com

iDefense Security Advisory 02.01.06 - It has been found that a specially crafted m3u or pls file with a target filename having the .wma extension can crash Winamp giving the attacker control over the EAX register. The vulnerability appears to have been silently fixed in Winamp 5.11.

tags | advisory
advisories | CVE-2005-3188
SHA-256 | 935858ee6267b84482e4ba827fc47d34de15cccf4e69c52c2ddd81431f77417e
fcron.txt
Posted Feb 2, 2006
Authored by Adam Zabrocki

Fcron (convert-fcrontab) allow users to corruption on heap section.

tags | advisory
SHA-256 | 307ba9a0f7b0232313ae1444b91ef1bddb17413092dccb371e43e011fc3bd6c5
Secunia Security Advisory 18685
Posted Feb 2, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Preben Nylokken has reported a vulnerability in Daffodil CRM, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | cf4a1ef1c8f2be2f3cf4113ae3cca1e9b6710e36c1a83d194414a117e1790536
Secunia Security Advisory 18690
Posted Feb 2, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP Tru64 UNIX, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | unix
SHA-256 | c228d0cec05c0605d9bc3381f1d3a051ee491485e1fdd6ccda818000fff090c5
Debian Linux Security Advisory 962-1
Posted Feb 2, 2006
Authored by Debian | Site debian.org

Debian Security Advisory DSA 962-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdftohtml, a utility that translates PDF documents into HTML format, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2005-3191, CVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627, CVE-2005-3628
SHA-256 | 6fa70a3b6a6f9fb83291fc505e7022559c6acf11137079cda7a3ba7a7d9cb364
EV0053.txt
Posted Feb 2, 2006
Authored by Aliaksandr Hartsuyeu

SZUserMgmt version 1.4 suffers from an authentication bypass flaw.

tags | advisory
SHA-256 | 721ae1201bd201dfc48c599f7217f308e0b8aec4be4d2c5758e6fa4c040c9973
EV0052.txt
Posted Feb 2, 2006
Authored by Aliaksandr Hartsuyeu

Calendarix version 0.6.20050830 is susceptible to SQL injection and authorization bypass vulnerabilities.

tags | advisory, vulnerability, sql injection
SHA-256 | 817429587caf24f8a9bb9b4f73e608f6ac9d5bae42eaa210ec865730b7b9eea5
Debian Linux Security Advisory 961-1
Posted Feb 2, 2006
Authored by Debian | Site debian.org

Debian Security Advisory DSA 961-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdfkit.framework, the GNUstep framework for rendering PDF content, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2005-3191, CVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627, CVE-2005-3628
SHA-256 | 5043533427927678e995928343a8d90491370c45eda0582ade3e70b36444ccb4
ZRCSA-200601.txt
Posted Feb 2, 2006
Authored by Siegfried | Site zone-h.fr

Various SQL injection and cross site scripting vulnerabilities have been discovered in SPIP versions 1.8.2-e and below and 1.9 Alpha 2 and below.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | 3a991cfafd0531bb09745a3b2519ff7ebf3adbae428a01373efe28240b13fb9c
Pound-2.0.tgz
Posted Feb 2, 2006
Authored by roseg | Site apsis.ch

Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.

Changes: See the changelog.
tags | web
SHA-256 | 14207c62f7cb0efc5975769a4c7f0edc8bae662e98feb52887e10ce4955a5a5a
Linux IPTables Firewall
Posted Feb 2, 2006
Site iptables.org

iptables is the packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.

Changes: Various fixes in this release.
tags | tool, firewall
systems | linux
SHA-256 | 1d8ee8634d167b0f1a8872b6547910c11bae676699faf2b4bc2c84a128449c3c
scponly-4.6.tgz
Posted Feb 2, 2006
Authored by Joe | Site sublimation.org

scponly is an alternative shell for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution privileges. Functionally, it is a wrapper around the ssh suite of applications.

Changes: Added missing semicolon.
tags | remote, shell, local
systems | unix
SHA-256 | dfa5a334d66150289a391aea4dc00d1b039c644fd1c628bdeddaa7b0710e01a7
Page 1 of 3
Back123Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close