what you don't know can hurt you
Showing 1 - 25 of 104 RSS Feed

Files Date: 2006-05-22

skypeVuln.txt
Posted May 22, 2006
Authored by Brett Moore SA | Site security-assessment.com

During the typical installation of the Windows Skype client, several URI handlers are installed. This allows for easy access to the Skype client through various URI types. Due to a flaw in the handling of one of these types, it is possible to include additional command line switches to be passed to the Skype client. One of these switches will initiate a file transfer, sending the specified file to an arbitrary Skype user. All releases prior to and included 2.0.*.104 and releases 2.5.*.0 to and including 2.5.*.78 are affected.

tags | advisory, arbitrary
systems | windows
MD5 | fc255d4d355f756adbe4dda55b1adf56
pbnj-1.14.tar.gz
Posted May 22, 2006
Authored by Joshua D. Abraham | Site pbnj.sf.net

PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.

Changes: Fixed bug that crashed PBNJ after scanning a machine with no ports open, Fixed --nodiff banner bug, Added --delim option to allow custom delimination, various other enhancements.
tags | tool, scanner
systems | unix
MD5 | a421aed4476b2a0ecd20aa112da9869d
Gentoo Linux Security Advisory 200605-15
Posted May 22, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200605-15 - Konstantin V. Gavrilenko discovered two flaws in the Routing Information Protocol (RIP) daemon that allow the processing of RIP v1 packets (carrying no authentication) even when the daemon is configured to use MD5 authentication or, in another case, even if RIP v1 is completely disabled. Additionally, Fredrik Widell reported that the Border Gateway Protocol (BGP) daemon contains a flaw that makes it lock up and use all available CPU when a specific command is issued from the telnet interface. Versions less than 0.98.6-r1 are affected.

tags | advisory, protocol
systems | linux, gentoo
MD5 | a38e9d18f3849daa79e90015bb3d26ed
Gentoo Linux Security Advisory 200605-14
Posted May 22, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200605-14 - Luigi Auriemma has found two heap-based buffer overflows in libextractor 0.5.13 and earlier: one of them occurs in the asf_read_header function in the ASF plugin, and the other occurs in the parse_trak_atom function in the Qt plugin. Versions less than 0.5.14 are affected.

tags | advisory, overflow
systems | linux, gentoo
MD5 | 3216110d63f3abbacf3b035f472a40d2
r57obsdiso.txt
Posted May 22, 2006
Authored by x97Rang

Simple tool written in Perl that creates ISO images for OpenBSD releases.

tags | perl
systems | unix, openbsd
MD5 | b517088345591040c8421fb029a3cc6c
TZO-072006-Xampp.txt
Posted May 22, 2006
Authored by Thierry Zoller | Site secdev.zoller.lu

XAMPP version 1.5.2 is susceptible to multiple privilege escalation flaws and a rogue autostart vulnerability.

tags | advisory
MD5 | 0400aa7b17ef7dce2b10569b91329299
cyruspop3d.c
Posted May 22, 2006
Authored by Kingcope

A remote stack-based buffer overrun exists in Cyrus-imapd pop3d. Details and an exploit are included.

tags | exploit, remote, overflow
MD5 | 68899d1810acb42fb37d1bfa4da967a3
vp-asp-new.txt
Posted May 22, 2006
Authored by tracewar

VP-ASP versions 6.00 through 6.08 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection, asp
MD5 | 2e0cae0fb1482400b10e7afb1fa9b07d
zix112.txt
Posted May 22, 2006
Authored by PHP Emperor

Zix Forum versions 1.12 and below suffer from SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
MD5 | 65798d5810a745563adb51ab10a6928e
phpBazar210.txt
Posted May 22, 2006
Authored by PHP Emperor

phpBazar versions 2.1.0 and below suffer from remote file inclusion and credential access flaws.

tags | exploit, remote, file inclusion
MD5 | e72569a5d0fa5f4e51b2ec57ba1d99a5
RaceEventManagement.txt
Posted May 22, 2006
Authored by Mr-X | Site alshmokh.com

RaceEventManagement version 0.7.6 is susceptible to SQL injection and cross site scripting attacks.

tags | exploit, xss, sql injection
MD5 | 7a177bc8fcc946dc89f049364cebfed4
ip3pwdec.txt
Posted May 22, 2006
Authored by negative | Site segfault.net

IP3 NetAccess password decoder.

tags | cracker
MD5 | d0d6c6dfbab49cacc6763592e82d41c6
interlink.txt
Posted May 22, 2006
Authored by Mr-X | Site alshmokh.com

news_information.php in Interlink is susceptible to cross site scripting.

tags | exploit, php, xss
MD5 | ef8a9d5ebc4719385829bfeceb4e13e2
Technical Cyber Security Alert 2006-139A
Posted May 22, 2006
Authored by US-CERT | Site cert.org

Technical Cyber Security Alert TA06-139A - Microsoft Word contains a buffer overflow vulnerability. Opening a specially crafted Word document, including documents hosted on web sites or attached to email messages, could trigger the vulnerability.

tags | advisory, web, overflow
MD5 | d91a5a215848766d599da6cdafdc1e0b
topsitesXSS.txt
Posted May 22, 2006
Authored by Luny

Xtremescripts Topsites version 1.1 is susceptible to cross site scripting and SQL injection attacks.

tags | exploit, xss, sql injection
MD5 | 7e0869a664a4079af398fac9f75b5751
HP Security Bulletin 2006-11.45
Posted May 22, 2006
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified in Firefox for HP Tru64 UNIX and in the Mozilla Application Suite for HP Tru64 UNIX. The vulnerabilities could result in possible remote execution of arbitrary code or Denial of Service (DoS).

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | unix
advisories | CVE-2006-1993
MD5 | d6a01651795b00ae9891b6362dc3cae8
SSRT2400.txt
Posted May 22, 2006
Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running the BINDv4 Domain Name Server (DNS). The vulnerability could be exploited to poison the DNS cache leading to remote unauthorized access or Denial of Service (DoS).

tags | advisory, remote, denial of service
systems | hpux
MD5 | fedaba6b4e5114827cf2a563f34f4b52
HP Security Bulletin 2006-11.33
Posted May 22, 2006
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A vulnerability has been identified in Sendmail which may allow a remote attacker to execute arbitrary code.

tags | advisory, remote, arbitrary
advisories | CVE-2006-0058
MD5 | d7b62d639fe55b268f77be3d0395f710
applesafari203.txt
Posted May 22, 2006
Authored by Yannick von Arx

A vulnerability exists in Apple Safari 2.0.3 (417.9.3) and perhaps in prior versions which shows up the SRCOD (Spinning Rainbow Cursor Of Death).

tags | advisory
systems | apple
MD5 | 6604f4348ea6f9ac439211f69d37901b
Debian Linux Security Advisory 1070-1
Posted May 22, 2006
Authored by Debian, Dann Frazier | Site debian.org

Debian Security Advisory 1070-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2004-0427, CVE-2005-0489, CVE-2004-0394, CVE-2004-0447, CVE-2004-0554, CVE-2004-0565, CVE-2004-0685, CVE-2005-0001, CVE-2004-0883, CVE-2004-0949, CVE-2004-1016, CVE-2004-1333, CVE-2004-0997, CVE-2004-1335, CVE-2004-1017, CVE-2005-0124, CVE-2005-0528, CVE-2003-0984
MD5 | 1a87ad816468b3802b21395a8e39d989
Debian Linux Security Advisory 1069-1
Posted May 22, 2006
Authored by Debian, Dann Frazier | Site debian.org

Debian Security Advisory 1069-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2004-0427, CVE-2005-0489, CVE-2004-0394, CVE-2004-0447, CVE-2004-0554, CVE-2004-0565, CVE-2004-0685, CVE-2005-0001, CVE-2004-0883, CVE-2004-0949, CVE-2004-1016, CVE-2004-1333, CVE-2004-0997, CVE-2004-1335, CVE-2004-1017, CVE-2005-0124, CVE-2005-0528, CVE-2003-0984
MD5 | 0624ddb0d704e2264ed8dac627c7b9c6
Debian Linux Security Advisory 1068-1
Posted May 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1068-1 - Jan Braun discovered that the fbgs script of fbi, an image viewer for the framebuffer environment, creates an directory in a predictable manner, which allows denial of service through symlink attacks.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2006-1695
MD5 | acb638b27457f63bb932542b52fcab0f
Debian Linux Security Advisory 1067-1
Posted May 22, 2006
Authored by Debian, Dann Frazier | Site debian.org

Debian Security Advisory 1067-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2004-0427, CVE-2005-0489, CVE-2004-0394, CVE-2004-0447, CVE-2004-0554, CVE-2004-0565, CVE-2004-0685, CVE-2005-0001, CVE-2004-0883, CVE-2004-0949, CVE-2004-1016, CVE-2004-1333, CVE-2004-0997, CVE-2004-1335, CVE-2004-1017, CVE-2005-0124, CVE-2005-0528, CVE-2003-0984
MD5 | 42387c7d775a6d17cce7ac7fc2c024c9
Debian Linux Security Advisory 1066-1
Posted May 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1066-1 - It was discovered that phpbb2, a web based bulletin board, does insufficiently sanitize values passed to the "Font Colour 3" setting, which might lead to the execution of injected code by admin users.

tags | advisory, web
systems | linux, debian
advisories | CVE-2006-1896
MD5 | c3a55058b0ccee6680de14151d208c1b
Debian Linux Security Advisory 1065-1
Posted May 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1065-1 - Matteo Rosi and Leonardo Maccari discovered that hostapd, a wifi network authenticator daemon, performs insufficient boundary checks on a key length value, which might be exploited to crash the service.

tags | advisory
systems | linux, debian
advisories | CVE-2006-2213
MD5 | 703b95d47d5c83f72f9de44ecd56d174
Page 1 of 5
Back12345Next

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    13 Files
  • 28
    May 28th
    18 Files
  • 29
    May 29th
    17 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close