what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 104 RSS Feed

Files Date: 2006-05-22

skypeVuln.txt
Posted May 22, 2006
Authored by Brett Moore SA | Site security-assessment.com

During the typical installation of the Windows Skype client, several URI handlers are installed. This allows for easy access to the Skype client through various URI types. Due to a flaw in the handling of one of these types, it is possible to include additional command line switches to be passed to the Skype client. One of these switches will initiate a file transfer, sending the specified file to an arbitrary Skype user. All releases prior to and included 2.0.*.104 and releases 2.5.*.0 to and including 2.5.*.78 are affected.

tags | advisory, arbitrary
systems | windows
SHA-256 | fe8684d0edbac32afb8e4bff76ec9538762c80234c607c689d1420885cc275e9
pbnj-1.14.tar.gz
Posted May 22, 2006
Authored by Joshua D. Abraham | Site pbnj.sf.net

PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.

Changes: Fixed bug that crashed PBNJ after scanning a machine with no ports open, Fixed --nodiff banner bug, Added --delim option to allow custom delimination, various other enhancements.
tags | tool, scanner
systems | unix
SHA-256 | 5b9b16feef9c73ca2c84610cef13be1f63d81790e0ac6de5dfb1b8f395860710
Gentoo Linux Security Advisory 200605-15
Posted May 22, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200605-15 - Konstantin V. Gavrilenko discovered two flaws in the Routing Information Protocol (RIP) daemon that allow the processing of RIP v1 packets (carrying no authentication) even when the daemon is configured to use MD5 authentication or, in another case, even if RIP v1 is completely disabled. Additionally, Fredrik Widell reported that the Border Gateway Protocol (BGP) daemon contains a flaw that makes it lock up and use all available CPU when a specific command is issued from the telnet interface. Versions less than 0.98.6-r1 are affected.

tags | advisory, protocol
systems | linux, gentoo
SHA-256 | b0a8d5cd48eeb8de0e203c43e8dc7712e25afcd672b6e05de2783d51c087bc00
Gentoo Linux Security Advisory 200605-14
Posted May 22, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200605-14 - Luigi Auriemma has found two heap-based buffer overflows in libextractor 0.5.13 and earlier: one of them occurs in the asf_read_header function in the ASF plugin, and the other occurs in the parse_trak_atom function in the Qt plugin. Versions less than 0.5.14 are affected.

tags | advisory, overflow
systems | linux, gentoo
SHA-256 | f973e11d8595d68f65bc8261c04c0bf5060deb74a01b421ccc03728facce541b
r57obsdiso.txt
Posted May 22, 2006
Authored by x97Rang

Simple tool written in Perl that creates ISO images for OpenBSD releases.

tags | perl
systems | unix, openbsd
SHA-256 | e234cca5b3aefcb2ab7990e01db7316174e5c7b311923ef1deee23229a8a2bef
TZO-072006-Xampp.txt
Posted May 22, 2006
Authored by Thierry Zoller | Site secdev.zoller.lu

XAMPP version 1.5.2 is susceptible to multiple privilege escalation flaws and a rogue autostart vulnerability.

tags | advisory
SHA-256 | 7297df138d18e6eb6c7c38264ddf0a821e1cc6c91cdd646bca96f9ef24a832d5
cyruspop3d.c
Posted May 22, 2006
Authored by Kingcope

A remote stack-based buffer overrun exists in Cyrus-imapd pop3d. Details and an exploit are included.

tags | exploit, remote, overflow
SHA-256 | 82161cf883e561f19427245498c6582519e5016503ff74be5188231044a685f5
vp-asp-new.txt
Posted May 22, 2006
Authored by tracewar

VP-ASP versions 6.00 through 6.08 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection, asp
SHA-256 | 1b5495f9c3740506d9edae8c1736c015f16f163c6fc0bb4ef38ccbaa0eb08332
zix112.txt
Posted May 22, 2006
Authored by PHP Emperor

Zix Forum versions 1.12 and below suffer from SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
SHA-256 | bdf69dc66c8e8f459c378175b7daf6e0f8c6262e5f8ffbd77f07cb44499f3cad
phpBazar210.txt
Posted May 22, 2006
Authored by PHP Emperor

phpBazar versions 2.1.0 and below suffer from remote file inclusion and credential access flaws.

tags | exploit, remote, file inclusion
SHA-256 | 00478fbdb5351eefeb5d81be1a5d6c27097cd5480e00b7af2d27e8fd503c9031
RaceEventManagement.txt
Posted May 22, 2006
Authored by Mr-X | Site alshmokh.com

RaceEventManagement version 0.7.6 is susceptible to SQL injection and cross site scripting attacks.

tags | exploit, xss, sql injection
SHA-256 | eae1cab37f222ee56b41cd2dc14d93a3307e898d69f32be0db85d225c3653de6
ip3pwdec.txt
Posted May 22, 2006
Authored by negative | Site segfault.net

IP3 NetAccess password decoder.

tags | cracker
SHA-256 | 007ccb7e31d98a988f6328dd6b9ad29e032e5b20fe0f53d46bf737c7f50071bb
interlink.txt
Posted May 22, 2006
Authored by Mr-X | Site alshmokh.com

news_information.php in Interlink is susceptible to cross site scripting.

tags | exploit, php, xss
SHA-256 | 7cdcea199cf51b0f39bafe2ea1ffb36340fd1f556431cc8668ef2e5ec8342c97
Technical Cyber Security Alert 2006-139A
Posted May 22, 2006
Authored by US-CERT | Site cert.org

Technical Cyber Security Alert TA06-139A - Microsoft Word contains a buffer overflow vulnerability. Opening a specially crafted Word document, including documents hosted on web sites or attached to email messages, could trigger the vulnerability.

tags | advisory, web, overflow
SHA-256 | 377ebcb7f82d4865992dcc13aa090f8adeb67a777241c75002a8de8f1dba8eb0
topsitesXSS.txt
Posted May 22, 2006
Authored by Luny

Xtremescripts Topsites version 1.1 is susceptible to cross site scripting and SQL injection attacks.

tags | exploit, xss, sql injection
SHA-256 | fdaaa1b904f3d4668f745b3ce9dc725128e626ae965c46aa95120f59be707693
HP Security Bulletin 2006-11.45
Posted May 22, 2006
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified in Firefox for HP Tru64 UNIX and in the Mozilla Application Suite for HP Tru64 UNIX. The vulnerabilities could result in possible remote execution of arbitrary code or Denial of Service (DoS).

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | unix
advisories | CVE-2006-1993
SHA-256 | dd049efa818fdca04bd5bb38f3e96d52d39f9b915dc1965f8f5e023b39235ff2
SSRT2400.txt
Posted May 22, 2006
Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running the BINDv4 Domain Name Server (DNS). The vulnerability could be exploited to poison the DNS cache leading to remote unauthorized access or Denial of Service (DoS).

tags | advisory, remote, denial of service
systems | hpux
SHA-256 | 0d5d444541a44ed20570261c9e25d81c924f55ca73f9005bbdca66ee3c74ff69
HP Security Bulletin 2006-11.33
Posted May 22, 2006
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A vulnerability has been identified in Sendmail which may allow a remote attacker to execute arbitrary code.

tags | advisory, remote, arbitrary
advisories | CVE-2006-0058
SHA-256 | c4aa87665ea964bf5390f12fa0caa35e086e16afc4f14fc2f57d1291216c90d9
applesafari203.txt
Posted May 22, 2006
Authored by Yannick von Arx

A vulnerability exists in Apple Safari 2.0.3 (417.9.3) and perhaps in prior versions which shows up the SRCOD (Spinning Rainbow Cursor Of Death).

tags | advisory
systems | apple
SHA-256 | 64b97db60958045d4f85727b0ccb2b460d2415343e0f67865cdd803727e5aa8e
Debian Linux Security Advisory 1070-1
Posted May 22, 2006
Authored by Debian, Dann Frazier | Site debian.org

Debian Security Advisory 1070-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2004-0427, CVE-2005-0489, CVE-2004-0394, CVE-2004-0447, CVE-2004-0554, CVE-2004-0565, CVE-2004-0685, CVE-2005-0001, CVE-2004-0883, CVE-2004-0949, CVE-2004-1016, CVE-2004-1333, CVE-2004-0997, CVE-2004-1335, CVE-2004-1017, CVE-2005-0124, CVE-2005-0528, CVE-2003-0984
SHA-256 | abfcfec9c5426c958a64908deb18952c3f845f8445134d03db74cbc25cfdf681
Debian Linux Security Advisory 1069-1
Posted May 22, 2006
Authored by Debian, Dann Frazier | Site debian.org

Debian Security Advisory 1069-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2004-0427, CVE-2005-0489, CVE-2004-0394, CVE-2004-0447, CVE-2004-0554, CVE-2004-0565, CVE-2004-0685, CVE-2005-0001, CVE-2004-0883, CVE-2004-0949, CVE-2004-1016, CVE-2004-1333, CVE-2004-0997, CVE-2004-1335, CVE-2004-1017, CVE-2005-0124, CVE-2005-0528, CVE-2003-0984
SHA-256 | fab714dc124579d951ee366f6385b72113496733cdf4deee7907e87627abd79f
Debian Linux Security Advisory 1068-1
Posted May 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1068-1 - Jan Braun discovered that the fbgs script of fbi, an image viewer for the framebuffer environment, creates an directory in a predictable manner, which allows denial of service through symlink attacks.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2006-1695
SHA-256 | d91cd93f6b5c08df6471d6f383665ab228d015f5dfcd95210badd7235c616b72
Debian Linux Security Advisory 1067-1
Posted May 22, 2006
Authored by Debian, Dann Frazier | Site debian.org

Debian Security Advisory 1067-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2004-0427, CVE-2005-0489, CVE-2004-0394, CVE-2004-0447, CVE-2004-0554, CVE-2004-0565, CVE-2004-0685, CVE-2005-0001, CVE-2004-0883, CVE-2004-0949, CVE-2004-1016, CVE-2004-1333, CVE-2004-0997, CVE-2004-1335, CVE-2004-1017, CVE-2005-0124, CVE-2005-0528, CVE-2003-0984
SHA-256 | cf16a95da35f3097d98388731b9cf890a3bd55ad5244f960416c44754c15f95e
Debian Linux Security Advisory 1066-1
Posted May 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1066-1 - It was discovered that phpbb2, a web based bulletin board, does insufficiently sanitize values passed to the "Font Colour 3" setting, which might lead to the execution of injected code by admin users.

tags | advisory, web
systems | linux, debian
advisories | CVE-2006-1896
SHA-256 | 26b3194ce79c5ecacaff8a5d1cc1eb91b6bd6d8cf30771d6931218a1efce7284
Debian Linux Security Advisory 1065-1
Posted May 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1065-1 - Matteo Rosi and Leonardo Maccari discovered that hostapd, a wifi network authenticator daemon, performs insufficient boundary checks on a key length value, which might be exploited to crash the service.

tags | advisory
systems | linux, debian
advisories | CVE-2006-2213
SHA-256 | 0309d7161a568e1f72760c9de546122e8b740ed73f8ea6cf700313fe311708ec
Page 1 of 5
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close