what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 53 RSS Feed

Files Date: 2006-08-03

mambatstaff.txt
Posted Aug 3, 2006
Authored by Dr.Jr7

The mambatstaff Mambo component is susceptible to a remote file inclusion flaw.

tags | exploit, remote, file inclusion
SHA-256 | fa7b9aaa25bac2fdfebbe0f529ca7304edb279aaa506c90a60448255b99bda6e
ip2long.txt
Posted Aug 3, 2006
Authored by rgod | Site retrogod.altervista.org

PHP versions 5.0.2 and 4.3.3 suffer from a bypass flaw in ip2long().

tags | advisory, php
SHA-256 | 077c509657db441601b3a7b0b8b67d798b80cbfbe715a8351e25417221ed27e9
colophon.txt
Posted Aug 3, 2006
Authored by Drago84

Colophon versions 1.2 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | 870c50c1955358cd09c6815fc5ed147288272f145dce06f2bf4a80dbcac1b21f
coppermine122.txt
Posted Aug 3, 2006
Authored by A-S-T TEAM | Site lezr.com

Coppermine Photo Gallery version 1.2.2b-Nuke suffers from remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, file inclusion
SHA-256 | 841a02d8c14bf56f354bf35cf941793561f0cfa85e8f48d3c46ae11eaf798f7d
mgm095.txt
Posted Aug 3, 2006
Authored by A-S-T TEAM | Site lezr.com

Mambo Gallery Manager version 095.r3 suffers from remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, file inclusion
SHA-256 | 2e97397e359cd7cdb11dc44b91eade8442528731a5d3ac075dc9669073fe1fb7
Mandriva Linux Security Advisory 2006.134
Posted Aug 3, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-134 - A number of flaws were discovered in the safe-level restrictions in the Ruby language. Because of these flaws, it would be possible for an attacker to create a carefully crafted malicious script that could allow them to bypass certain safe-level restrictions.

tags | advisory, ruby
systems | linux, mandriva
advisories | CVE-2006-3694
SHA-256 | 6fd312b98f4ecc1065358bb1f845e446f01ac335c208ce0b7bf10c6b1dd51344
Gentoo Linux Security Advisory 200607-12
Posted Aug 3, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200607-12 - Internal security audits by OpenOffice.org have discovered three security vulnerabilities related to Java applets, macros and the XML file format parser. Versions less than 2.0.3 are affected.

tags | advisory, java, vulnerability
systems | linux, gentoo
SHA-256 | 1018090495894745d9422e2235f92f74dc23fd99b8c5156f255ee25c032fc052
Gentoo Linux Security Advisory 200607-11
Posted Aug 3, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200607-11 - Kevin Kofler has reported a vulnerability where three stack variables are allocated with 255, 255 and 100 bytes respectively, yet 256 bytes are read into each. This could lead to buffer overflows. Versions less than or equal to 0.4.2 are affected.

tags | advisory, overflow
systems | linux, gentoo
SHA-256 | 96217443b5f969cdbfdba05c790ed8712e927c32aeb1e498b227128cf755635b
gdiplus.pl.txt
Posted Aug 3, 2006
Authored by Mr.Niega

Gidplus.dll division by 0 proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | e34790ee7ca7e923136b18150c98e6b36106bb11d8baf1c3bfbef95889ee672c
mobb.tgz
Posted Aug 3, 2006
Site browserfun.blogspot.com

Exploit for Mozilla Firefox versions 1.5.0.4 and below. The demonstration exploit below will attempt to launch "calc.exe" on Windows systems, execute "touch /tmp/METASPLOIT" on Linux systems, and bind a command shell to port 4444 for Mac OS X Intel and PowerPC systems. An anonymous researcher for TippingPoint and the Zero Day Initiative showed that when used in a web page Java would reference properties of the window.navigator object as it started up. If the page replaced the navigator object before starting Java then the browser would crash in a way that could be exploited to run native code supplied by the attacker.

tags | exploit, java, web, shell
systems | linux, windows, apple, osx
advisories | CVE-2006-3677
SHA-256 | 9e096b35f0514a051a6f1a202b7742ec4b356a48415a7e37748c715e85cf7500
iodine-0.3.1.tar.gz
Posted Aug 3, 2006
Authored by Yarrick | Site code.kryo.se

iodine is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be useful in situations where Internet access is firewalled, but DNS queries are allowed. It needs a TUN/TAP device to operate. The bandwidth is asymmetrical with limited upstream and up to 1 Mbit/s downstream.

systems | unix
SHA-256 | ca611ba1da2df2c1b536b8029429a67f256e813f7eb9ce21589516f7964e320d
Mandriva Linux Security Advisory 2006.133
Posted Aug 3, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-133 - Mark Dowd, of McAffee Avert Labs, discovered a potential remotely exploitable off-by-one flaw in Apache's mod_rewrite ldap scheme handling.

tags | advisory
systems | linux, mandriva
advisories | CVE-2006-3747
SHA-256 | 7ea66a0d8db3370ee3860ea07f13cce12dd24caa9d29d2fbd5508a949cf83469
rhj.tar
Posted Aug 3, 2006
Authored by Angelo Rosiello | Site rosiello.org

rhj will let you exploit the ptrace() syscall to monitor and hijack some syscalls run-time. At the moment few syscalls are supported (i.e. send(), recv(), read(), write()) since the program is still a proof of concept.

tags | proof of concept
systems | unix
SHA-256 | 78500617a093757ebda076945a9af0c3247aa61eb535d942a83eb186890be48a
Mandriva Linux Security Advisory 2006.132
Posted Aug 3, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-132 - Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including wv, abiword, freetype, gimp, libgsf, and imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2006-3376
SHA-256 | b58dbdb89764f92136ac374c126ea6ab7a62bdb2e179a7cd7c5dc16c266bb99e
SUSE-SA-2006-043.txt
Posted Aug 3, 2006
Site suse.com

SUSE Security Announcement SUSE-SA:2006:043 - The mod_rewrite vulnerability in Apache has been patched.

tags | advisory
systems | linux, suse
advisories | CVE-2005-3352, CVE-2006-3747
SHA-256 | 612fec7dc616174adaec186e91536b7c148d1af486ee736e1e7a7ee25ff29e29
Debian Linux Security Advisory 1129-1
Posted Aug 3, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1129-1 - Ulf Harnhammar and Max Vozeler from the Debian Security Audit Project have found several format string security bugs in osiris, a network-wide system integrity monitor control interface. A remote attacker could exploit them and cause a denial of service or execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2006-3120
SHA-256 | 97d86829d7a5f3b002cb07fd3e08b3cdd08071514cad0dfdd7c6b0e4ef9bffdc
modrewrite.txt
Posted Aug 3, 2006
Authored by Mark Dowd | Site avertlabs.com

Mod_rewrite is an Apache module that can be used to remap requests based on regular expression matches of the requested URI. A buffer overflow vulnerability exists when dealing with rewritten URI's that are prefixed with the LDAP protocol scheme.

tags | advisory, overflow, protocol
advisories | CVE-2006-3747
SHA-256 | 89573f59a369c297fe3a2e50bec303dac0dec1ddee0ba1457f1cfd898bbab15d
apacheRewrite.txt
Posted Aug 3, 2006
Site apache.org

An off-by-one flaw exists in the Rewrite module, mod_rewrite, as shipped with Apache 1.3 since 1.3.28, 2.0 since 2.0.46, and 2.2 since 2.2.0.

tags | advisory
advisories | CVE-2006-3747
SHA-256 | f3876d1169158fc551c64958b5e9f885de8ab0264310126aaeecc3277fc486cf
drjr7.txt
Posted Aug 3, 2006
Authored by R0t-KeY

Dr.Jr7 Gallery version 3.2 RC1 suffers from a remote file inclusion flaw.

tags | exploit, remote, file inclusion
SHA-256 | 61bf03c5bc2bfedaeb1de0d3b9814420169cfda1b3eff3e4a7e2735abe4568ad
yimvuln.txt
Posted Aug 3, 2006
Authored by ivan ivan

Yahoo Instant Messenger suffers from a remote flaw that allows a browser to be launched.

tags | advisory, remote
SHA-256 | 3664cbddcc34785d915a40ed0743f9f1bca1614515aebb46884146fb317f77a9
OpenPKG Security Advisory 2006.17
Posted Aug 3, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.017 - Multiple security issues exist in the FreeType font rendering library before version 2.2.

tags | advisory
advisories | CVE-2006-3467, CVE-2006-2661, CVE-2006-2493, CVE-2006-0747
SHA-256 | 2b21a35344d0b2e3246e685dfc6f3441f75ea7e8c4cb18207ba4ee3935413369
OpenPKG Security Advisory 2006.16
Posted Aug 3, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.016 - Multiple unspecified vulnerabilities in the Ruby programming language allow remote attackers to bypass "safe level" checks via unspecified vectors involving the "alias" function, directory operations and regular expressions.

tags | advisory, remote, vulnerability, ruby
advisories | CVE-2006-3694
SHA-256 | 8f897b645d525dd78eeb3792352c96d7f00b3d90a9db7a9350489cbd372b5f18
portailphp17.txt
Posted Aug 3, 2006
Authored by C-W-M | Site meftunnet.com

Portail PHP version 1.7 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, php, file inclusion
SHA-256 | 075f391c35623dda2d5d48a6eee2eb5e8ce6569dd08523a1428252eacf2a2210
Debian Linux Security Advisory 1128-1
Posted Aug 3, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1128-1 - Yan Rong Ge discovered that wrong permissions on a shared memory page in heartbeat, the subsystem for High-Availability Linux could be exploited by a local attacker to cause a denial of service.

tags | advisory, denial of service, local
systems | linux, debian
advisories | CVE-2006-3815
SHA-256 | 1d78acd2fe62cd0f92062ec191b6bb1d1a16f8ea18c828b15e5f99c8c212378f
OpenPKG Security Advisory 2006.15
Posted Aug 3, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.015 - According to a vendor announcement, a vulnerability exists in the mod_rewrite module of the Apache HTTP Server. Depending on the manner in which the Apache HTTP Server was compiled, the software defect may result in a vulnerability which, in combination with certain types of "RewriteRule" directives in the server configuration files, could be triggered remotely.

tags | advisory, web
advisories | CVE-2006-3747
SHA-256 | 0c9d96b0aaa38abdb7aa0010ad4314a2444cfef7fe76891a209c6eafd629eb77
Page 1 of 3
Back123Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close