exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 92 RSS Feed

Files Date: 2006-07-12

Posted Jul 12, 2006
Authored by Matthew Gauthier | Site srm.sourceforge.net

secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.

Changes: Bug fixes.
systems | unix
SHA-256 | 3be77158b62873659de9d458f87993537c93bbd32a86d5543290a0cf4ab24f61
Linux Kernel sys_prctl() Local Root
Posted Jul 12, 2006
Authored by Julien Tinnes

Linux Kernel versions 2.6.13 through sys_prctl() local root exploit.

tags | exploit, kernel, local, root
systems | linux
SHA-256 | 5efb14525ba9f4cb8aefb22893eda96c74fc409c3de28d462630484299a60fe1
Posted Jul 12, 2006
Authored by prdelka

The Linux kernel recently incorporated a protection which randomizes the stack making exploitation of stack based overflows more difficult. This paper presents an attack which works on exploiting static addresses in Linux.

tags | paper, overflow, kernel
systems | linux
SHA-256 | 41d9db52ae0c4b277a6c37905951774ebd9c05e187937bdf18e72fd8198f3cdb
Posted Jul 12, 2006
Authored by Jacek Wlodarczyk

Ottoman CMS versions 1.1.3 and below remote file inclusion exploit.

tags | exploit, remote, file inclusion
SHA-256 | d14b55cf733c347883249ed68cf5e87f8e518603ebf7afad2707ad33baa27d2f
Posted Jul 12, 2006
Authored by A.nosrati | Site virangar.org

Sabdrimer PRO version 2.2.4 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | 352d4c1402a7fc6c74f80f45f8e1582838f95b1211064405fc7703e3bb7dfa8d
Posted Jul 12, 2006
Authored by SHiKaA

SQuery versions 4.5 and below remote file inclusion exploit.

tags | exploit, remote, file inclusion
SHA-256 | fba540a7019aeaf82d64284be38cdab2ab7705a312d639e7ff76edc3094c43a7
Posted Jul 12, 2006
Authored by Hessam-x

EJ3 TOPO version 2.2 remote command execution exploit.

tags | exploit, remote
SHA-256 | ac44a1b4d3443dae78da19d6cae880fa7ee1eb9a1d5bd2ab49dcd22d31a2ebc6
Posted Jul 12, 2006
Authored by H D Moore

Microsoft Internet Explorer 6 denial of service exploit that makes use of a heap overflow.

tags | exploit, denial of service, overflow
SHA-256 | bb94a8e7eb24de12abbc309ece1e4fdf7ec96b1b0207f02670534a407e3e3c19
Posted Jul 12, 2006
Authored by Stephan Schmieder | Site advchk.unixgu.ru

Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery.

systems | unix
SHA-256 | 2b851eb6af088365188b6b91e8861626ba23db195e3e829b9edac5f059841ff4
Posted Jul 12, 2006
Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Some bug fixes and additions.
tags | tool, integrity
systems | windows, unix
SHA-256 | 24812075724e456c4d9024c9ee9dd279f4ac196626517eab95e785e3c6a40556
Secunia Security Advisory 21019
Posted Jul 12, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rPath has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 0a70c34a509f56543993e47f0e6f991e9d26c0495d03d2eb48eea2382ba25173
Secunia Security Advisory 21016
Posted Jul 12, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adobe Acrobat and Adobe Reader, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges.

tags | advisory, local
SHA-256 | 7292c39b59f0dfe18732d4449ed430a10d6149c8f19bc15660e093453cf55f33
Posted Jul 12, 2006
Authored by OXYin | Site nevisnetworks.com

A remote code execution vulnerability exists in Excel using a FNGROUPCOUNT value. An attacker could exploit the vulnerability by constructing a specially crafted Excel file that could allow remote code execution. Affected products include Microsoft Office 2000 SP3, XP SP3, 2003 SP1/SP2, Microsoft Works Suites, Microsoft Office X for Mac, Microsoft Office 2004 for Mac.

tags | advisory, remote, code execution
advisories | CVE-2006-1308, CVE-2006-0031
SHA-256 | 7e170a0ddb9ebcdf71cd28c1c7a522755c2b4ce84c61d85adab4ad42ff9c7f59
Posted Jul 12, 2006
Authored by Sowhat | Site secway.org

An array boundary condition in Microsoft Office may be violated by a malicious .xls file in order to redirect execution into attacker-supplied data. Exploitation requires that the attacker coerce or persuade the victim to open a malicious .xls file. Affected products include Microsoft Office 2000 SP3, XP SP3, 2003 SP1/SP2, and possibly others.

tags | advisory
advisories | CVE-2006-1306
SHA-256 | fb609c739271a9ebe6e5cec1b2eae2fa37472dc298a788c5b6d84cdea012300d
Posted Jul 12, 2006
Authored by dreyer, Roman Medina-Heigl Hernandez aka RoMaNSoFt

Local root exploit for the linux kernel PRCTL core dump handling vulnerability. Affected kernel versions greater than or equal to 2.6.13 and below version

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2006-2451
SHA-256 | 677603aff112604786b2a169c6c42470daa27928b5f9c17dc183f7ed1be5cd7d
Technical Cyber Security Alert 2006-192A
Posted Jul 12, 2006
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA06-192A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, IIS, and Office. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | windows
advisories | CVE-2006-0026, CVE-2006-1314, CVE-2006-2372, CVE-2006-3059, CVE-2006-1316, CVE-2006-1540, CVE-2006-2389, CVE-2006-0033, CVE-2006-0007
SHA-256 | eb4aca720e4573573cc899c3f02a365c674ba498fae834cf94734dbbc079e425
Posted Jul 12, 2006
Authored by Mike Price, Rafal Wojtczuk

An information disclosure vulnerability exists in the Microsoft Server service that could allow an attacker to retrieve fragments of memory from an affected host via the host's SMB server. Affected products include Microsoft Windows 2000, Microsoft Windows XP with Service Pack 1, Microsoft Windows XP with Service Pack 2, Microsoft Windows Server 2003, and Microsoft Windows Server 2003 with Service Pack 1.

tags | advisory, info disclosure
systems | windows
advisories | CVE-2006-1315
SHA-256 | cf894ff8c6ca42cce5295a939abdf2e99274c7a324d9f99877c347bc5b1efefc
Zero Day Initiative Advisory 06-022
Posted Jul 12, 2006
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability in the rebuilding of malformed cell comments allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. Affected products include Office Excel 2003, Office Excel Viewer 2003, Office Excel 2002, Office Excel 2000, Office Excel 2004 for Mac, and Office Excel version X for Mac.

tags | advisory, remote, arbitrary
advisories | CVE-2006-2388
SHA-256 | 336d03ea4338b7765f5740d24e314ad6032273ea70a38737372c2014a577cd5c
Posted Jul 12, 2006
Authored by H D Moore, Pedram Amini | Site tippingpoint.com

The Microsoft SRV.SYS driver suffers from a memory corruption flaw when processing Mailslot messages. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Microsoft Windows operating system. Authentication is not required to exploit this vulnerability and code execution occurs within the context of the kernel.

tags | advisory, remote, arbitrary, kernel, code execution
systems | windows
advisories | CVE-2006-1314
SHA-256 | 7ecbc9c470fe349666dc38c15db04ebb879ba6bf0f07f04da1973e974ec14ce4
Posted Jul 12, 2006
Authored by Mariano Nunez Di Croce | Site cybsec.com

A remote buffer overflow vulnerability has been identified in Microsoft Windows DHCP-Client service. Affected include Microsoft Windows 2000 SP4 and below, Microsoft Windows XP SP2 and below, and Microsoft Windows 2003 SP1 and below.

tags | advisory, remote, overflow
systems | windows
SHA-256 | f0b8a04ebf77fe02b596538c5c1cb68e368d924a0210b5216832db0dd11aeda9
Posted Jul 12, 2006
Authored by finde_schwachstelle

The Finjan Appliance version 5100/8100 NG suffers from a clear text password exposure issue when creating a backup file.

tags | exploit
SHA-256 | 657da14335d4b0704013738bb59cf2ba832578e158ac8b62b9896348abf77c9a
Ubuntu Security Notice 311-1
Posted Jul 12, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 311-1 - A race condition was discovered in the do_add_counters() functions. Processes which do not run with full root privileges, but have the CAP_NET_ADMIN capability can exploit this to crash the machine or read a random piece of kernel memory. In Ubuntu there are no packages that are affected by this, so this can only be an issue for you if you use third-party software that uses Linux capabilities. John Stultz discovered a faulty BUG_ON trigger in the handling of POSIX timers. A local attacker could exploit this to trigger a kernel oops and crash the machine. Dave Jones discovered that the PowerPC kernel did not perform certain required access_ok() checks. A local user could exploit this to read arbitrary kernel memory and crash the kernel on 64-bit systems, and possibly read arbitrary kernel memory on 32-bit systems. A design flaw was discovered in the prctl(PR_SET_DUMPABLE, ...) system call, which allowed a local user to have core dumps created in a directory he could not normally write to. This could be exploited to drain available disk space on system partitions, or, under some circumstances, to execute arbitrary code with full root privileges. This flaw only affects Ubuntu 6.06 LTS.

tags | advisory, arbitrary, kernel, local, root
systems | linux, osx, ubuntu
advisories | CVE-2006-0039, CVE-2006-2445, CVE-2006-2448, CVE-2006-2451
SHA-256 | 7561e7fc801390c8838f1fe27efaf5483ef09bccc24d1fcccab73c2e3b1b9963
Mandriva Linux Security Advisory 2006.120
Posted Jul 12, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-120 - A vulnerability in samba 3.0.x was discovered where an attacker could cause a single smbd process to bloat, exhausting memory on the system. This bug is caused by continually increasing the size of an array which maintains state information about the number of active share connections.

tags | advisory
systems | linux, mandriva
advisories | CVE-2006-3403
SHA-256 | 9bb59a98529b1fc81ba23bc2229795f95b2f671eee07b546fa91372db4fee0cc
Mandriva Linux Security Advisory 2006.119
Posted Jul 12, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-119 - Marcus Meissner discovered that pppd's winbind plugin did not check for the result of the setuid() call which could allow an attacker to exploit this on systems with certain PAM limits enabled to execute the NTLM authentication helper as root. This could possibly lead to privilege escalation dependent upon the local winbind configuration.

tags | advisory, local, root
systems | linux, mandriva
advisories | CVE-2006-2194
SHA-256 | 36852726ff1d921e9c1dbf43b6531ae00a2a00531bfab03c69cf1d98750fc3c9
Debian Linux Security Advisory 1108-1
Posted Jul 12, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1108-1 - It was discovered that the mutt mail reader performs insufficient validation of values returned from an IMAP server, which might overflow a buffer and potentially lead to the injection of arbitrary code.

tags | advisory, overflow, arbitrary, imap
systems | linux, debian
advisories | CVE-2006-3242
SHA-256 | 1e56fc2538540ec240b6a31031c084ab33202cde0a9061b8579e657c651a242e
Page 1 of 4

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By