what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 48 RSS Feed

Files Date: 2006-06-03

aspWebLinks2.0.txt
Posted Jun 3, 2006
Authored by ajann

aspWebLinks 2.0 Remote Admin Pass Change Exploit

tags | exploit, remote
SHA-256 | 448666752f4efb09310e53037604c704325e5182e968d400d394dbc1c5b3b122
RedaxoCMS.txt
Posted Jun 3, 2006
Authored by beford

Versions of Redaxo CMS less than or equal to 3.2 suffer from a remote file inclusion vulnerability.

tags | advisory, remote, file inclusion
SHA-256 | 6e831b5811d3790ead422a4348fd8253eea5e827311a20d3cd6196e28813aad9
Bytehoard2.1.txt
Posted Jun 3, 2006
Authored by beford

Bytehoard 2.1 Epsilon/Delta suffers from a remote file inclusion vulnerability.

tags | advisory, remote, file inclusion
SHA-256 | 785ca1adc4cb287f5e4546e5c06bddc5de3f5ed137c5ff8deef53c884493a17a
ManualMakerv1.0.txt
Posted Jun 3, 2006
Authored by Luny

PHP ManualMaker v1.0 suffers from XSS.

tags | advisory, php
SHA-256 | 6fdad6c757aaea25e684d9b2a700e0c7a44870f16ab564f703a6f64c63003df5
Oggiv1.0.txt
Posted Jun 3, 2006
Authored by Luny

Weblog Oggi v1.0 suffers from XSS.

tags | advisory
SHA-256 | a599fd6f47c01fe240ce74661b71b2e18005c694786730262816a7a8331cb171
SMF1.0.7.txt
Posted Jun 3, 2006
Authored by Jessica Hope

simplemachines SMF versions 1.0.7 and prior plus 1.1rc2 and prior suffer from a IP spoofing vulnerability.

tags | advisory, spoof
SHA-256 | 5b442e579745aa435c282326af3b60033b0f834ca98e46ace0c736a9a56e47d6
CAForum1.0.txt
Posted Jun 3, 2006
Authored by Omnipresent

CAForum 1.0 suffers from a SQL injection vulnerability allowing anyone to log in as admin.

tags | advisory, sql injection
SHA-256 | e299bd93dcd999f3b4614efb95c9da7092ad71335bf46dddb6f6c268d08ab47d
RateMyPicv1.0.txt
Posted Jun 3, 2006
Authored by Luny | Site youfucktard.com

TAL RateMyPic v1.0 suffers from XSS in index.php

tags | advisory, php
SHA-256 | 6761887e06cb1514b94dc439c74482333493865be7b6d563f3e43d349e8e89d1
DRUPAL-SA-2006-005.txt
Posted Jun 3, 2006
Authored by Uwe Hermann | Site drupal.org

Drupal security advisory DRUPAL-SA-2006-005: A security vulnerability in the database layer allowed certain queries to be submitted to the database without going through Drupal's query sanitizer.

tags | advisory
SHA-256 | 19af6d2e9e201f9bae66069a24d63bb1936da2526fa2a043cf13cfa495353f27
DRUPAL-SA-2006-008.txt
Posted Jun 3, 2006
Authored by Uwe Hermann | Site drupal.org

Drupal security advisory DRUPAL-SA-2006-008: Bart Jansens reported that it is possible for a malicious user to insert and execute XSS into free tagging terms, due to lack of validation on output of the page title. The fix wraps the display of terms in check_plain().

tags | advisory
SHA-256 | b0584638f5b9adbb1149a2a0377ce9f140df6fe298f84e5f8c229862801bc629
DRUPAL-SA-2006-007.txt
Posted Jun 3, 2006
Authored by Uwe Hermann | Site drupal.org

Drupal security advisory DRUPAL-SA-2006-007: Recently, the Drupal security team was informed of a potential exploit that would allow untrusted code to be executed upon a successful request by a malicious user. If a dynamic script with multiple extensions such as file.php.pps or file.sh.txt is uploaded and then accessed from a web browser under certain common Apache configurations, it will cause the script inside to be executed. We deemed this exploit critical and released Drupal 4.6.7 and 4.7.1 six hours after the report was filed. The fix was to create a .htaccess file to remove all dynamic script handlers, such as PHP, from the "files" directory.

tags | advisory, web, php
SHA-256 | 80255e976ff4dd047478820972ff5b573191bdf31f9141104f3845d0753acd3b
DRUPAL-SA-2006-006.txt
Posted Jun 3, 2006
Authored by Uwe Hermann | Site drupal.org

Drupal security advisory DRUPAL-SA-2006-006: Certain -- alas, typical -- configurations of Apache allow execution of carefully named arbitrary scripts in the files directory. Drupal now will attempt to automatically create a .htaccess file in your "files" directory to protect you.

tags | advisory, arbitrary
SHA-256 | 912163027c6bb36941cf7da0ba234a074978f1fa7d6a9468b1006f98299d31b5
rPSA-2006-0091-1.txt
Posted Jun 3, 2006
Site rpath.com

rPath Security Advisory: 2006-0091-1 Previous versions of the firefox browser and thunderbird mail user agent have multiple vulnerabilities, some of which allow remote servers to compromise user accounts. The firefox browser is the default browser on rPath Linux, and all users are strongly recommended to update firefox and thunderbird as soon as possible.

tags | advisory, remote, vulnerability
systems | linux
SHA-256 | 27bd7d8714b37e6a0e3d04f904095e130aa210389f06defad89fc008600a4f9b
VMware Security Advisory 2006-0002.asc
Posted Jun 3, 2006
Authored by VMware | Site vmware.com

VMware Security Advisory VMSA-2006-0002 - VMware Server sensitive information lifetime issue.

tags | advisory
SHA-256 | 9416d428754ffc0b448019d32ca7dc292291475a2ce00dba7c1f89d1be10eda9
VMware Security Advisory 2006-0001.asc
Posted Jun 3, 2006
Authored by VMware | Site vmware.com

VMware Security Advisory VMSA-2006-0001: VMware ESX Server Cross Site Scripting issue

tags | advisory, xss
SHA-256 | 726f9d276952b2f62ad214bd01f6b5a9ad22236f887256e9dee21bdc2411de2e
Mandriva Linux Security Advisory 2006.094
Posted Jun 3, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-094: Evolution, as shipped in Mandriva Linux 2006.0, can crash displaying certain carefully crafted images, if the "Load images if sender is in address book" option in enabled in Edit | Preferences | Mail Preferences | HTML.

tags | advisory
systems | linux, mandriva
SHA-256 | 26abadc4e025c77cdff5319db48bcbdb3d3a0b397b42d9545ed0637a47806512
Mandriva Linux Security Advisory 2006.094
Posted Jun 3, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-094: Evolution, as shipped in Mandriva Linux 2006.0, can crash displaying certain carefully crafted images, if the "Load images if sender is in address book" option in enabled in Edit | Preferences | Mail Preferences | HTML.

tags | advisory
systems | linux, mandriva
SHA-256 | 26abadc4e025c77cdff5319db48bcbdb3d3a0b397b42d9545ed0637a47806512
Debian Linux Security Advisory 1086-1
Posted Jun 3, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1086-1: The xmcdconfig creates directories world-writeable allowing local users to fill the /usr and /var partition and hence cause a denial of service. This problem has been half-fixed since version 2.3-1.

tags | advisory, denial of service, local
systems | linux, debian
SHA-256 | 6c651630037fb5a3d3e0c09a5a7566cd2e210e7396cd7553174d3d3cea923642
Debian Linux Security Advisory 1085-1
Posted Jun 3, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1085-1: Several vulnerabilities have been discovered in lynx, the popular text-mode WWW browser.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | 04757ea7b1bd42204648df0712cb6de2c2fe06c16478845a86ec741f644e3e74
Debian Linux Security Advisory 1085-1
Posted Jun 3, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1085-1: Several vulnerabilities have been discoverd in lynx, the popular text-mode WWW browser.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | 04757ea7b1bd42204648df0712cb6de2c2fe06c16478845a86ec741f644e3e74
Technical Cyber Security Alert 2006-153A
Posted Jun 3, 2006
Authored by US-CERT | Site cert.org

National Cyber Alert System Technical Cyber Security Alert TA06-153A: Mozilla Products Contain Multiple Vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 4b7a351b592f163172aae4ced003fc3ab814494e58efb8c56b84a230ab6a9252
ishopcart-cgi-bof.c.txt
Posted Jun 3, 2006
Site awarenetwork.org

ishopcart.cgi suffers from a buffer overflow in the vGetPost() function. POC included.

tags | exploit, overflow, cgi
SHA-256 | f4b07660ad5a348c1dbafdfd6cc4b4787cab9c62bf3ca8f7b05872ffe58d50e8
ovidentiav5.8.0.txt
Posted Jun 3, 2006
Authored by black-code

ovidentia v5.8.0 suffers from many remote file inclusion vulnerabilities.

tags | advisory, remote, vulnerability, file inclusion
SHA-256 | c1952c1957950337388447ca299dcf74407f3e3a44f4c9dc8c76223d8c6a2fdf
Squirrelmail-1.4.x.txt
Posted Jun 3, 2006
Authored by Junker Broke | Site denixsolutions.com

If register_globals is on Squirrelmail 1.4.x suffers from a local file inclusion vulnerability.

tags | advisory, local, file inclusion
SHA-256 | 4329b0cabb98685d5a81ebad25ec3592fbed415d18453ada886e7f5e24e43fca
loggy-r26-0.1.3.tgz
Posted Jun 3, 2006
Authored by Evil Coder | Site eviltime.com

Unix log cleaner that has all kinds of interesting features like a ptrace_attach of syslogd to stop the log writing when it happens in real time.

Changes: added SYS_RECVFROM blocks in lr26-ptrace, added restart hiding in lr26-ptrace, TEMP_FILE now is generated by rand(), optimized the code (lr26.c)
tags | tool, rootkit
systems | unix
SHA-256 | 62caeb82dad755104b11703320f817e6f3d78c796dd786523517ac9bdf619580
Page 1 of 2
Back12Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close