what you don't know can hurt you
Showing 1 - 25 of 92 RSS Feed

Files Date: 2006-07-12

srm-1.2.8.tar.gz
Posted Jul 12, 2006
Authored by Matthew Gauthier | Site srm.sourceforge.net

secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.

Changes: Bug fixes.
systems | unix
MD5 | 66ba49b1864a7c69763210dbc3efee33
Linux Kernel 2.6.17.4 sys_prctl() Local Root
Posted Jul 12, 2006
Authored by Julien Tinnes

Linux Kernel versions 2.6.13 through 2.6.17.4 sys_prctl() local root exploit.

tags | exploit, kernel, local, root
systems | linux
MD5 | 2a30453aeb1606762bacb68e2763cc0b
lvae-paper.txt
Posted Jul 12, 2006
Authored by prdelka

The Linux kernel recently incorporated a protection which randomizes the stack making exploitation of stack based overflows more difficult. This paper presents an attack which works on exploiting static addresses in Linux.

tags | paper, overflow, kernel
systems | linux
MD5 | 93a681dbdc3b594cb091e958b2606dfa
ottoman-sploit.txt
Posted Jul 12, 2006
Authored by Jacek Wlodarczyk

Ottoman CMS versions 1.1.3 and below remote file inclusion exploit.

tags | exploit, remote, file inclusion
MD5 | 969720d9c49fc992b4cc1c04f8a2f44c
sabdrimer-include.txt
Posted Jul 12, 2006
Authored by A.nosrati | Site virangar.org

Sabdrimer PRO version 2.2.4 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
MD5 | edbd04100cb02c374d536d5bc49e5a33
squery-include.txt
Posted Jul 12, 2006
Authored by SHiKaA

SQuery versions 4.5 and below remote file inclusion exploit.

tags | exploit, remote, file inclusion
MD5 | df1bdc5ddf1f6765ec9ea4db090e1e13
ej3-exec.txt
Posted Jul 12, 2006
Authored by Hessam-x

EJ3 TOPO version 2.2 remote command execution exploit.

tags | exploit, remote
MD5 | 4396615047d47fa0054512c7f67aa81e
msie-heap.txt
Posted Jul 12, 2006
Authored by H D Moore

Microsoft Internet Explorer 6 denial of service exploit that makes use of a heap overflow.

tags | exploit, denial of service, overflow
MD5 | 4e0d98b76f39b9afe58c5d8f2e8b8658
advchk-0.31.tar.gz
Posted Jul 12, 2006
Authored by Stephan Schmieder | Site advchk.unixgu.ru

Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery.

systems | unix
MD5 | b697f195b73909ede74b524c07e4f5ad
afick-2.8-3.tgz
Posted Jul 12, 2006
Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Some bug fixes and additions.
tags | tool, integrity
systems | windows, unix
MD5 | 85484e53270effccebffe32c7013ceaa
Secunia Security Advisory 21019
Posted Jul 12, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rPath has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | a56ff3c6f4e887ebc1fb8dde26666253
Secunia Security Advisory 21016
Posted Jul 12, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adobe Acrobat and Adobe Reader, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges.

tags | advisory, local
MD5 | 3c4fe5302d019891e8129679bc7a0968
msExcel-again.txt
Posted Jul 12, 2006
Authored by OXYin | Site nevisnetworks.com

A remote code execution vulnerability exists in Excel using a FNGROUPCOUNT value. An attacker could exploit the vulnerability by constructing a specially crafted Excel file that could allow remote code execution. Affected products include Microsoft Office 2000 SP3, XP SP3, 2003 SP1/SP2, Microsoft Works Suites, Microsoft Office X for Mac, Microsoft Office 2004 for Mac.

tags | advisory, remote, code execution
advisories | CVE-2006-1308, CVE-2006-0031
MD5 | cb95ae0e9fc3f4a4a62acdbb9edfe29b
AD20060711.txt
Posted Jul 12, 2006
Authored by Sowhat | Site secway.org

An array boundary condition in Microsoft Office may be violated by a malicious .xls file in order to redirect execution into attacker-supplied data. Exploitation requires that the attacker coerce or persuade the victim to open a malicious .xls file. Affected products include Microsoft Office 2000 SP3, XP SP3, 2003 SP1/SP2, and possibly others.

tags | advisory
advisories | CVE-2006-1306
MD5 | a9df03e1831592422714c1cee8a743b6
rs_prctl_kernel.c
Posted Jul 12, 2006
Authored by dreyer, Roman Medina-Heigl Hernandez aka RoMaNSoFt

Local root exploit for the linux kernel PRCTL core dump handling vulnerability. Affected kernel versions greater than or equal to 2.6.13 and below version 2.6.17.4.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2006-2451
MD5 | 8e388d91e0c6ffa9ed3232431cb72255
Technical Cyber Security Alert 2006-192A
Posted Jul 12, 2006
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA06-192A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, IIS, and Office. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | windows
advisories | CVE-2006-0026, CVE-2006-1314, CVE-2006-2372, CVE-2006-3059, CVE-2006-1316, CVE-2006-1540, CVE-2006-2389, CVE-2006-0033, CVE-2006-0007
MD5 | f08886b6a1e7df8cb305253314b27751
SMBinfodisclose.txt
Posted Jul 12, 2006
Authored by Mike Price, Rafal Wojtczuk

An information disclosure vulnerability exists in the Microsoft Server service that could allow an attacker to retrieve fragments of memory from an affected host via the host's SMB server. Affected products include Microsoft Windows 2000, Microsoft Windows XP with Service Pack 1, Microsoft Windows XP with Service Pack 2, Microsoft Windows Server 2003, and Microsoft Windows Server 2003 with Service Pack 1.

tags | advisory, info disclosure
systems | windows, 2k, xp
advisories | CVE-2006-1315
MD5 | 9358377db91461b8a827dad50e37321b
Zero Day Initiative Advisory 06-022
Posted Jul 12, 2006
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability in the rebuilding of malformed cell comments allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. Affected products include Office Excel 2003, Office Excel Viewer 2003, Office Excel 2002, Office Excel 2000, Office Excel 2004 for Mac, and Office Excel version X for Mac.

tags | advisory, remote, arbitrary
advisories | CVE-2006-2388
MD5 | 9de06baad3d1070075e2a5ab58fad0d3
TSRT-06-02.txt
Posted Jul 12, 2006
Authored by H D Moore, Pedram Amini | Site tippingpoint.com

The Microsoft SRV.SYS driver suffers from a memory corruption flaw when processing Mailslot messages. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Microsoft Windows operating system. Authentication is not required to exploit this vulnerability and code execution occurs within the context of the kernel.

tags | advisory, remote, arbitrary, kernel, code execution
systems | windows
advisories | CVE-2006-1314
MD5 | b47c1cbf91e63eaad1a5176c21856aef
CYBSEC-mswinDHCP.txt
Posted Jul 12, 2006
Authored by Mariano Nunez Di Croce | Site cybsec.com

A remote buffer overflow vulnerability has been identified in Microsoft Windows DHCP-Client service. Affected include Microsoft Windows 2000 SP4 and below, Microsoft Windows XP SP2 and below, and Microsoft Windows 2003 SP1 and below.

tags | advisory, remote, overflow
systems | windows, 2k, xp
MD5 | e5006150d8e56274970c6cccc19613a7
finjanPass.txt
Posted Jul 12, 2006
Authored by finde_schwachstelle

The Finjan Appliance version 5100/8100 NG suffers from a clear text password exposure issue when creating a backup file.

tags | exploit
MD5 | 7510c54ad6d7c1e0046d3b5ab08203f7
Ubuntu Security Notice 311-1
Posted Jul 12, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 311-1 - A race condition was discovered in the do_add_counters() functions. Processes which do not run with full root privileges, but have the CAP_NET_ADMIN capability can exploit this to crash the machine or read a random piece of kernel memory. In Ubuntu there are no packages that are affected by this, so this can only be an issue for you if you use third-party software that uses Linux capabilities. John Stultz discovered a faulty BUG_ON trigger in the handling of POSIX timers. A local attacker could exploit this to trigger a kernel oops and crash the machine. Dave Jones discovered that the PowerPC kernel did not perform certain required access_ok() checks. A local user could exploit this to read arbitrary kernel memory and crash the kernel on 64-bit systems, and possibly read arbitrary kernel memory on 32-bit systems. A design flaw was discovered in the prctl(PR_SET_DUMPABLE, ...) system call, which allowed a local user to have core dumps created in a directory he could not normally write to. This could be exploited to drain available disk space on system partitions, or, under some circumstances, to execute arbitrary code with full root privileges. This flaw only affects Ubuntu 6.06 LTS.

tags | advisory, arbitrary, kernel, local, root
systems | linux, osx, ubuntu
advisories | CVE-2006-0039, CVE-2006-2445, CVE-2006-2448, CVE-2006-2451
MD5 | 2fc78c9c9f579a3520a7baac3bc441b0
Mandriva Linux Security Advisory 2006.120
Posted Jul 12, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-120 - A vulnerability in samba 3.0.x was discovered where an attacker could cause a single smbd process to bloat, exhausting memory on the system. This bug is caused by continually increasing the size of an array which maintains state information about the number of active share connections.

tags | advisory
systems | linux, mandriva
advisories | CVE-2006-3403
MD5 | a280dbb5918dfdd8b8f8ae91d9e45d02
Mandriva Linux Security Advisory 2006.119
Posted Jul 12, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-119 - Marcus Meissner discovered that pppd's winbind plugin did not check for the result of the setuid() call which could allow an attacker to exploit this on systems with certain PAM limits enabled to execute the NTLM authentication helper as root. This could possibly lead to privilege escalation dependent upon the local winbind configuration.

tags | advisory, local, root
systems | linux, mandriva
advisories | CVE-2006-2194
MD5 | 3b48e0ee721a6e265751c2686b2998fe
Debian Linux Security Advisory 1108-1
Posted Jul 12, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1108-1 - It was discovered that the mutt mail reader performs insufficient validation of values returned from an IMAP server, which might overflow a buffer and potentially lead to the injection of arbitrary code.

tags | advisory, overflow, arbitrary, imap
systems | linux, debian
advisories | CVE-2006-3242
MD5 | 432b6aeb548ac361aff1f6329c176081
Page 1 of 4
Back1234Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close