exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 92 RSS Feed

Files Date: 2006-07-12

srm-1.2.8.tar.gz
Posted Jul 12, 2006
Authored by Matthew Gauthier | Site srm.sourceforge.net

secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.

Changes: Bug fixes.
systems | unix
SHA-256 | 3be77158b62873659de9d458f87993537c93bbd32a86d5543290a0cf4ab24f61
Linux Kernel 2.6.17.4 sys_prctl() Local Root
Posted Jul 12, 2006
Authored by Julien Tinnes

Linux Kernel versions 2.6.13 through 2.6.17.4 sys_prctl() local root exploit.

tags | exploit, kernel, local, root
systems | linux
SHA-256 | 5efb14525ba9f4cb8aefb22893eda96c74fc409c3de28d462630484299a60fe1
lvae-paper.txt
Posted Jul 12, 2006
Authored by prdelka

The Linux kernel recently incorporated a protection which randomizes the stack making exploitation of stack based overflows more difficult. This paper presents an attack which works on exploiting static addresses in Linux.

tags | paper, overflow, kernel
systems | linux
SHA-256 | 41d9db52ae0c4b277a6c37905951774ebd9c05e187937bdf18e72fd8198f3cdb
ottoman-sploit.txt
Posted Jul 12, 2006
Authored by Jacek Wlodarczyk

Ottoman CMS versions 1.1.3 and below remote file inclusion exploit.

tags | exploit, remote, file inclusion
SHA-256 | d14b55cf733c347883249ed68cf5e87f8e518603ebf7afad2707ad33baa27d2f
sabdrimer-include.txt
Posted Jul 12, 2006
Authored by A.nosrati | Site virangar.org

Sabdrimer PRO version 2.2.4 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | 352d4c1402a7fc6c74f80f45f8e1582838f95b1211064405fc7703e3bb7dfa8d
squery-include.txt
Posted Jul 12, 2006
Authored by SHiKaA

SQuery versions 4.5 and below remote file inclusion exploit.

tags | exploit, remote, file inclusion
SHA-256 | fba540a7019aeaf82d64284be38cdab2ab7705a312d639e7ff76edc3094c43a7
ej3-exec.txt
Posted Jul 12, 2006
Authored by Hessam-x

EJ3 TOPO version 2.2 remote command execution exploit.

tags | exploit, remote
SHA-256 | ac44a1b4d3443dae78da19d6cae880fa7ee1eb9a1d5bd2ab49dcd22d31a2ebc6
msie-heap.txt
Posted Jul 12, 2006
Authored by H D Moore

Microsoft Internet Explorer 6 denial of service exploit that makes use of a heap overflow.

tags | exploit, denial of service, overflow
SHA-256 | bb94a8e7eb24de12abbc309ece1e4fdf7ec96b1b0207f02670534a407e3e3c19
advchk-0.31.tar.gz
Posted Jul 12, 2006
Authored by Stephan Schmieder | Site advchk.unixgu.ru

Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery.

systems | unix
SHA-256 | 2b851eb6af088365188b6b91e8861626ba23db195e3e829b9edac5f059841ff4
afick-2.8-3.tgz
Posted Jul 12, 2006
Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Some bug fixes and additions.
tags | tool, integrity
systems | windows, unix
SHA-256 | 24812075724e456c4d9024c9ee9dd279f4ac196626517eab95e785e3c6a40556
Secunia Security Advisory 21019
Posted Jul 12, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rPath has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 0a70c34a509f56543993e47f0e6f991e9d26c0495d03d2eb48eea2382ba25173
Secunia Security Advisory 21016
Posted Jul 12, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adobe Acrobat and Adobe Reader, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges.

tags | advisory, local
SHA-256 | 7292c39b59f0dfe18732d4449ed430a10d6149c8f19bc15660e093453cf55f33
msExcel-again.txt
Posted Jul 12, 2006
Authored by OXYin | Site nevisnetworks.com

A remote code execution vulnerability exists in Excel using a FNGROUPCOUNT value. An attacker could exploit the vulnerability by constructing a specially crafted Excel file that could allow remote code execution. Affected products include Microsoft Office 2000 SP3, XP SP3, 2003 SP1/SP2, Microsoft Works Suites, Microsoft Office X for Mac, Microsoft Office 2004 for Mac.

tags | advisory, remote, code execution
advisories | CVE-2006-1308, CVE-2006-0031
SHA-256 | 7e170a0ddb9ebcdf71cd28c1c7a522755c2b4ce84c61d85adab4ad42ff9c7f59
AD20060711.txt
Posted Jul 12, 2006
Authored by Sowhat | Site secway.org

An array boundary condition in Microsoft Office may be violated by a malicious .xls file in order to redirect execution into attacker-supplied data. Exploitation requires that the attacker coerce or persuade the victim to open a malicious .xls file. Affected products include Microsoft Office 2000 SP3, XP SP3, 2003 SP1/SP2, and possibly others.

tags | advisory
advisories | CVE-2006-1306
SHA-256 | fb609c739271a9ebe6e5cec1b2eae2fa37472dc298a788c5b6d84cdea012300d
rs_prctl_kernel.c
Posted Jul 12, 2006
Authored by dreyer, Roman Medina-Heigl Hernandez aka RoMaNSoFt

Local root exploit for the linux kernel PRCTL core dump handling vulnerability. Affected kernel versions greater than or equal to 2.6.13 and below version 2.6.17.4.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2006-2451
SHA-256 | 677603aff112604786b2a169c6c42470daa27928b5f9c17dc183f7ed1be5cd7d
Technical Cyber Security Alert 2006-192A
Posted Jul 12, 2006
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA06-192A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, IIS, and Office. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | windows
advisories | CVE-2006-0026, CVE-2006-1314, CVE-2006-2372, CVE-2006-3059, CVE-2006-1316, CVE-2006-1540, CVE-2006-2389, CVE-2006-0033, CVE-2006-0007
SHA-256 | eb4aca720e4573573cc899c3f02a365c674ba498fae834cf94734dbbc079e425
SMBinfodisclose.txt
Posted Jul 12, 2006
Authored by Mike Price, Rafal Wojtczuk

An information disclosure vulnerability exists in the Microsoft Server service that could allow an attacker to retrieve fragments of memory from an affected host via the host's SMB server. Affected products include Microsoft Windows 2000, Microsoft Windows XP with Service Pack 1, Microsoft Windows XP with Service Pack 2, Microsoft Windows Server 2003, and Microsoft Windows Server 2003 with Service Pack 1.

tags | advisory, info disclosure
systems | windows
advisories | CVE-2006-1315
SHA-256 | cf894ff8c6ca42cce5295a939abdf2e99274c7a324d9f99877c347bc5b1efefc
Zero Day Initiative Advisory 06-022
Posted Jul 12, 2006
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability in the rebuilding of malformed cell comments allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. Affected products include Office Excel 2003, Office Excel Viewer 2003, Office Excel 2002, Office Excel 2000, Office Excel 2004 for Mac, and Office Excel version X for Mac.

tags | advisory, remote, arbitrary
advisories | CVE-2006-2388
SHA-256 | 336d03ea4338b7765f5740d24e314ad6032273ea70a38737372c2014a577cd5c
TSRT-06-02.txt
Posted Jul 12, 2006
Authored by H D Moore, Pedram Amini | Site tippingpoint.com

The Microsoft SRV.SYS driver suffers from a memory corruption flaw when processing Mailslot messages. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Microsoft Windows operating system. Authentication is not required to exploit this vulnerability and code execution occurs within the context of the kernel.

tags | advisory, remote, arbitrary, kernel, code execution
systems | windows
advisories | CVE-2006-1314
SHA-256 | 7ecbc9c470fe349666dc38c15db04ebb879ba6bf0f07f04da1973e974ec14ce4
CYBSEC-mswinDHCP.txt
Posted Jul 12, 2006
Authored by Mariano Nunez Di Croce | Site cybsec.com

A remote buffer overflow vulnerability has been identified in Microsoft Windows DHCP-Client service. Affected include Microsoft Windows 2000 SP4 and below, Microsoft Windows XP SP2 and below, and Microsoft Windows 2003 SP1 and below.

tags | advisory, remote, overflow
systems | windows
SHA-256 | f0b8a04ebf77fe02b596538c5c1cb68e368d924a0210b5216832db0dd11aeda9
finjanPass.txt
Posted Jul 12, 2006
Authored by finde_schwachstelle

The Finjan Appliance version 5100/8100 NG suffers from a clear text password exposure issue when creating a backup file.

tags | exploit
SHA-256 | 657da14335d4b0704013738bb59cf2ba832578e158ac8b62b9896348abf77c9a
Ubuntu Security Notice 311-1
Posted Jul 12, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 311-1 - A race condition was discovered in the do_add_counters() functions. Processes which do not run with full root privileges, but have the CAP_NET_ADMIN capability can exploit this to crash the machine or read a random piece of kernel memory. In Ubuntu there are no packages that are affected by this, so this can only be an issue for you if you use third-party software that uses Linux capabilities. John Stultz discovered a faulty BUG_ON trigger in the handling of POSIX timers. A local attacker could exploit this to trigger a kernel oops and crash the machine. Dave Jones discovered that the PowerPC kernel did not perform certain required access_ok() checks. A local user could exploit this to read arbitrary kernel memory and crash the kernel on 64-bit systems, and possibly read arbitrary kernel memory on 32-bit systems. A design flaw was discovered in the prctl(PR_SET_DUMPABLE, ...) system call, which allowed a local user to have core dumps created in a directory he could not normally write to. This could be exploited to drain available disk space on system partitions, or, under some circumstances, to execute arbitrary code with full root privileges. This flaw only affects Ubuntu 6.06 LTS.

tags | advisory, arbitrary, kernel, local, root
systems | linux, osx, ubuntu
advisories | CVE-2006-0039, CVE-2006-2445, CVE-2006-2448, CVE-2006-2451
SHA-256 | 7561e7fc801390c8838f1fe27efaf5483ef09bccc24d1fcccab73c2e3b1b9963
Mandriva Linux Security Advisory 2006.120
Posted Jul 12, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-120 - A vulnerability in samba 3.0.x was discovered where an attacker could cause a single smbd process to bloat, exhausting memory on the system. This bug is caused by continually increasing the size of an array which maintains state information about the number of active share connections.

tags | advisory
systems | linux, mandriva
advisories | CVE-2006-3403
SHA-256 | 9bb59a98529b1fc81ba23bc2229795f95b2f671eee07b546fa91372db4fee0cc
Mandriva Linux Security Advisory 2006.119
Posted Jul 12, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-119 - Marcus Meissner discovered that pppd's winbind plugin did not check for the result of the setuid() call which could allow an attacker to exploit this on systems with certain PAM limits enabled to execute the NTLM authentication helper as root. This could possibly lead to privilege escalation dependent upon the local winbind configuration.

tags | advisory, local, root
systems | linux, mandriva
advisories | CVE-2006-2194
SHA-256 | 36852726ff1d921e9c1dbf43b6531ae00a2a00531bfab03c69cf1d98750fc3c9
Debian Linux Security Advisory 1108-1
Posted Jul 12, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1108-1 - It was discovered that the mutt mail reader performs insufficient validation of values returned from an IMAP server, which might overflow a buffer and potentially lead to the injection of arbitrary code.

tags | advisory, overflow, arbitrary, imap
systems | linux, debian
advisories | CVE-2006-3242
SHA-256 | 1e56fc2538540ec240b6a31031c084ab33202cde0a9061b8579e657c651a242e
Page 1 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close