what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 65 RSS Feed

Files Date: 2006-02-20

SUSE-SA-2006-009.txt
Posted Feb 20, 2006
Authored by Ludwig Nussel | Site suse.com

SUSE Security Announcement - With certain handcraftable signatures GPG was returning a 0 (valid signature) when used on command-line with option --verify. This only affects GPG version 1.4.x, so it only affects SUSE Linux 9.3 and 10.0. Other SUSE Linux versions are not affected. This could make automated checkers, like for instance the patch file verification checker of the YaST Online Update, pass malicious patch files as correct.

tags | advisory
systems | linux, suse
SHA-256 | dbcd94580d937c8fdef6ffd158eb912f1108bcb0aa65778e07df99b105d01d9b
waraxe-2006-SA-046.txt
Posted Feb 20, 2006
Authored by Janek Vind aka waraxe | Site waraxe.us

waraxe-2006-SA#046 - Critical sql injection in phpNuke 7.5-7.8.

tags | exploit, sql injection
SHA-256 | 43f0203754f8d406a0dd9aedc02d23f9f6a6a4ab3cf5967be7327fc3758c30ef
waraxe-2006-SA-045.txt
Posted Feb 20, 2006
Authored by Janek Vind aka waraxe | Site waraxe.us

waraxe-2006-SA#045 - Bypassing CAPTCHA in phpNuke 6.x-7.9.

tags | exploit
SHA-256 | 607f522e8c5193af13594323a0c45bce281f42ea9b760d1ae3cd0646ee366cb0
secunia-NJStar.txt
Posted Feb 20, 2006
Site secunia.com

Secunia Research has discovered a vulnerability in NJStar Word Processor, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | f61370fbbebc0b233634c48add43e1717d790ddf432d0c18c9d602041c886b71
OpenPKG Security Advisory 2006.5
Posted Feb 20, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory - An allocation off-by-one bug exists in the TIN [1] news reader version 1.8.0 and earlier which can lead to a buffer overflow.

tags | advisory, overflow
SHA-256 | 64e27cc817d51c76569266a91682b2158159cd0d6564041947d43eeeac5e2676
OpenPKG Security Advisory 2006.4
Posted Feb 20, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory - According to vendor security information [0], privilege escalation vulnerabilities exist in the PostgreSQL RDBMS [1] before version 8.1.3. The bug allowed any logged-in user to "SET ROLE" to any other database user id. Due to inadequate validity checking, a user could exploit the special case that "SET ROLE" normally uses to restore the previous role setting after an error. This allowed ordinary users to acquire superuser status, for example.

tags | advisory, vulnerability
SHA-256 | c40cab37f34f78513b56727208269fd48812b531d971509e3a808ace7e30a5b9
EV0071.txt
Posted Feb 20, 2006
Site evuln.com

Magic Calendar Lite suffers from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | 6682f06fe6b89ff05adb4eea45cfea38d405f94dd88ecd9d3ecc03a73a4eb702
EV0069.txt
Posted Feb 20, 2006
Site evuln.com

TTS Software Time Tracking Software suffers from multiple vulnerabilities including XSS and SQL injection.

tags | advisory, vulnerability, sql injection
SHA-256 | 92b023be3b6678e1268a8ca48e3f664fac208f949fa14b224f3ed1e3c05f0ac8
EV0068.txt
Posted Feb 20, 2006
Site evuln.com

CALimba suffers from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | 0495f9484c0b6d6baf8930666f3414bde78582337f38b55f25d0320a570add42
EV0067.txt
Posted Feb 20, 2006
Site evuln.com

PHP/MYSQL Timesheet suffers from multiple SQL injection vulnerabilities.

tags | advisory, php, vulnerability, sql injection
SHA-256 | 62a2a25c114d4ea7c4b1d95d6e4d484bfc89df8c72f9a056973523be384bac0e
EV0066.txt
Posted Feb 20, 2006
Site evuln.com

Scriptme SmE GB Host suffers from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | f02c790b64c7675d20ff20e89902eec2bb8ca5ec5b8ce281d347eb210a5b96ab
EV0065.txt
Posted Feb 20, 2006
Site evuln.com

Scriptme products "SmE GB Host" and "SmE Blog Host" suffer from arbitrary script code insertion in the BBcode [url] tag.

tags | advisory, arbitrary
SHA-256 | 19a3fa43bdd0dfcc8ede4249507fe15db1e263755f93bc20dab6246118b230f8
siteframe_5.0.2_xss.txt
Posted Feb 20, 2006
Authored by Kiki | Site kiki91.altervista.org

Siteframe Beaumont 5.0.1a suffers from a flaw that allows a remote cross site scripting attack.

tags | exploit, remote, xss
SHA-256 | 902ce8c37a6cd6f61a009656c9b99f43f27775b39c8b08fd6f93a2235da6445f
phpkit_161r2_incl_xpl.txt
Posted Feb 20, 2006
Authored by rgod | Site retrogod.altervista.org

PHPKit v.1.6.1 release 2 remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 40dbfa7d4e7c88faa8ef13dedd9f663f5ef67c0a942f8de03bcbc553a30bc228
AD20060216.txt
Posted Feb 20, 2006
Site secway.org

Winamp versions up to and including 5.13 suffer from a .m3u buffer overflow vulnerability

tags | advisory, overflow
SHA-256 | e4574457d5bc6b9d0f12e56864b885fce741a0f53c0a098bee785a94b91de1db
DWL-G700AP.txt
Posted Feb 20, 2006
Authored by l0om | Site excluded.org

It is possible to crash the web interface on a D-Link DWL-G700AP by sending it a simple GET request. POC included.

tags | advisory, web
SHA-256 | b871451dc09aa313045fd79f0f175a1b7c4a71df8e6f5fc1ed298a782aff19be
RUNCMS1.3a-sql.tyxt
Posted Feb 20, 2006
Authored by Hamid Network Security Team | Site runcms.org

RUNCMS version 1.3a is vulnerable to SQL injection due to improper user input sanitization. POC included.

tags | exploit, sql injection
SHA-256 | 14e347c720be0a14ec4ca360bd0bd757032c17d4c6cd0582b2fb62fc3c809842
Kyoceraprinters.txt
Posted Feb 20, 2006
Authored by evader | Site evader.wordpress.com

It is possible to gain administrative access on Kyocera 3830 printers by using telnet.

tags | advisory
SHA-256 | 7aeebf751b381ae2252541ba8745ebca6d719e929fef24288eb300f0b88b85f5
XOR-Wimpy.txt
Posted Feb 20, 2006
Site xorcrew.net

XOR Crew :: Security Advisory - Wimpy MP3 Player - Text file overwrite. (lame)

tags | exploit
SHA-256 | 7bc198a85e597e1c0f111b55aa7529eb074c38e39cb28d54200295c1ae6ffcc2
XOR-HostAdmin.txt
Posted Feb 20, 2006
Site xorcrew.net

XOR Crew :: Security Advisory - HostAdmin - Remote Command Execution Vulnerability. POC Included.

tags | exploit, remote, add administrator
SHA-256 | 6219a1cce7396fca0cafffc2189eae721c467e8a9b1cdbcee1b4eaa027860189
XOR-wcp.txt
Posted Feb 20, 2006
Site xorcrew.net

XOR Crew :: Security Advisory - Web Calendar Pro - Denial of Service SQL injection (lame). POC included.

tags | exploit, web, denial of service, sql injection
SHA-256 | e2061819fde5f3990cc88175624322611b1af03da0aa806de4d7cf4c4d151ff8
XOR-iUser.txt
Posted Feb 20, 2006
Authored by Scott Dewey | Site xorcrew.net

XOR Crew :: Security Advisory - iUser Ecommerce - Remote Command Execution Vulnerability. POC exploit included.

tags | exploit, remote
SHA-256 | 715dcda6cf0846eb7a63e03f09ac8eb64ace6ef2386ae5ba8cb0e518d176494b
enyelkm.en.v1.1.tar.gz
Posted Feb 20, 2006
Authored by RaiSe | Site enye-sec.org

LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry handlers, so it does not modify sys_call_table, or IDT content. It hide files, directories, and processes. Hides chunks inside of files, gives remote reverse_shell access, local root, etc.

Changes: Version 1.1
tags | tool, remote, x86, kernel, local, root, rootkit
systems | linux, unix
SHA-256 | 35ea2786343f647b5d0d1506a2ce375502622f51df18479aad20afe05b4ce18e
ms06_009_eng.txt
Posted Feb 20, 2006
Authored by Ryan Lee | Site ryanstyle.com

Security advisory for MS06-009 - Misuse of ShellAbout() API could allow elevation of privilege Affected system: Korean version of Windows XP, 2003 and Office 2003.

tags | advisory
systems | windows
SHA-256 | 5040ef262c895b9b0fe3b2f1e23e354a9fc3d0a36e0d103507a8fd05a91fd8f5
plus-6.2.0.189.txt
Posted Feb 20, 2006
Authored by Brian Boner

PLUS (PatchLink Update Server) version: 6.2.0.189 suffers from several bugs and security issues.

tags | advisory
SHA-256 | 58baf2f29a5064e0b84a52fab2ed18a11b809e4bf44d324bf4320abd35865304
Page 1 of 3
Back123Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close