exploit the possibilities
Showing 1 - 25 of 116 RSS Feed

Files Date: 2006-10-04

open_basedir_race.txt
Posted Oct 4, 2006
Site hardened-php.net

Hardened-PHP Project Security Advisory: PHP open_basedir Race Condition Vulnerability.

tags | advisory, php
MD5 | 08d4bd206f1f320266d6b22c5c0b5598
IPB-2.1.7.txt
Posted Oct 4, 2006
Authored by Rapigator

Several vulnerabilities in IPB exist that can force the admin to execute malicious SQL commands through the IPB SQL toolbox.

tags | exploit, vulnerability
MD5 | 2963d8df853149a04974e99559374122
YenerHaber.txt
Posted Oct 4, 2006
Authored by Dj ReMix

Yener Haber Script 2.0 suffers from an SQL injection vulnerability.

tags | exploit, sql injection
MD5 | a3d0d4a090ca49cb2434168fa9942476
Mandriva Linux Security Advisory 2006.179
Posted Oct 4, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-179: Tavis Ormandy of the Google Security Team discovered a Denial of Service vulnerability in the SSH protocol version 1 CRC compensation attack detector. This could allow a remote unauthenticated attacker to trigger excessive CPU utilization by sending a specially crafted SSH message, which would then deny ssh services to other users or processes (CVE-2006-4924, CVE-2006-4925). Please note that Mandriva ships with only SSH protocol version 2 enabled by default.

tags | advisory, remote, denial of service, protocol
systems | linux, mandriva
MD5 | 0e95e3d57b1492e07ea45aea6256e0d5
Debian Linux Security Advisory 1188-1
Posted Oct 4, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1188-1: Several security related problems have been discovered in mailman, the web-based GNU mailing list manager. The Common Vulnerabilities and Exposures project identifies the following problems:

tags | advisory, web, vulnerability
systems | linux, debian
MD5 | 42681144b4686814b6fb8809a7efab92
Gentoo Linux Security Advisory 200610-1
Posted Oct 4, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-01 - A number of vulnerabilities have been found and fixed in Mozilla Thunderbird. For details please consult the references below. Versions less than 1.5.0.7 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
MD5 | e8297f539968d253bc87c9ad5334cc33
Gentoo Linux Security Advisory 200610-2
Posted Oct 4, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-02 - The Adobe Flash Player contains multiple unspecified vulnerabilities. Versions less than 7.0.68 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
MD5 | 7ec2188c7ccf5bc14c382877fbb156cf
Debian Linux Security Advisory 1190-1
Posted Oct 4, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1190-1: Oliver Karow discovered that the WebDBM frontend of the MaxDB database performs insufficient sanitising of requests passed to it, which might lead to the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
MD5 | 0f46b891b22dc1909d2e65d0d2093836
Debian Linux Security Advisory 1189-1
Posted Oct 4, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1189-1: Several remote vulnerabilities have been discovered in OpenSSH, a free implementation of the Secure Shell protocol, which may lead to denial of service and potentially the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, shell, vulnerability, protocol
systems | linux, debian
MD5 | bb7b670f7e0f389a4aaa19832a017e45
Ubuntu Security Notice 357-1
Posted Oct 4, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 357-1: Sebastian Krahmer of the SuSE security team discovered that the System.CodeDom.Compiler classes used temporary files in an insecure way. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program. Under some circumstances, a local attacker could also exploit this to inject arbitrary code into running Mono processes.

tags | advisory, arbitrary, local
systems | linux, suse, ubuntu
MD5 | 2872aedcdcf6af7c9436df4e482001ed
Ubuntu Security Notice 353-2
Posted Oct 4, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 353-2: USN-353-1 fixed several vulnerabilities in OpenSSL. However, Mark J Cox noticed that the applied patch for CVE-2006-2940 was flawed. This update corrects that patch.

tags | advisory, vulnerability
systems | linux, ubuntu
MD5 | 14576eaad719e7a410cf51ecb0d72a25
Ubuntu Security Notice 358-1
Posted Oct 4, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 358-1: ffmpeg, xine-lib vulnerabilities

tags | advisory, vulnerability
systems | linux, ubuntu
MD5 | cda9896f3ac31c3a8cf85706fcc5ebd2
oscommerce-page-txt
Posted Oct 4, 2006
Authored by Lostmon | Site lostmon.blogspot.com

osCommerce contains a flaw that allows a remote cross site scripting attack.This flaw exists because the application does not validate 'page' param upon submission to multiple scripts in /admin folder.This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

tags | exploit, remote, arbitrary, xss
MD5 | 300c8b164ee3a71d9f1daf0abcef5c4c
Dr.Web4.33.txt
Posted Oct 4, 2006
Authored by Jean-Sebastien Guay-Leroux

Dr.Web 4.33 antivirus LHA long directory name heap overflow: When building a special LHA archive with a long directory name in an extended directory header, a fixed size buffer on the heap is overflowed. When processing this malicious archive, it is then possible to make Dr.Web run arbitrary code by overwriting some internal malloc management informations.

tags | advisory, web, overflow, arbitrary
MD5 | b25747f8e08fa99b7c064bca93e4d788
CAID34661.txt
Posted Oct 4, 2006
Authored by Ken Williams | Site supportconnect.ca.com

CAID 34661: CA Unicenter WSDM File System Read Access Vulnerability: Unicenter Web Services Distributed Management 3.1 uses a known vulnerable version of Jetty WebServer, an open source java web server. An advisory describing the Jetty WebServer vulnerability can be found at http://www.securityfocus.com/bid/11330. The vulnerability allows a remote attacker to gain full read access on the install partitions file system of the Unicenter WSDM host system through a directory traversal attack

tags | advisory, java, remote, web
MD5 | 0e0db4898090d2e7cec643c43de02026
iDEFENSE Security Advisory 2006-10-02.t
Posted Oct 4, 2006
Authored by iDefense Labs, iDefense | Site idefense.com

iDefense Security Advisory 10.02.06: Remote exploitation of a DoS vulnerability in Novell Inc.'s GroupWise Messenger could allow attackers to crash the Messenger server.

tags | advisory, remote, denial of service
MD5 | ec17d21552be0cec382064c95d451f2a
flokken-0.1-whore.tar
Posted Oct 4, 2006
Authored by PoWeR PoRK

FreeBSD 5.2 and prior shmat local kernel exploit.

tags | exploit, kernel, local
systems | freebsd
advisories | CVE-2004-0114
MD5 | ffe44096a169a03b93959d392e4ac724
HP Security Bulletin 2006-12.20
Posted Oct 4, 2006
Authored by Hewlett Packard | Site hp.com

HPSBUX02157 SSRT061220 rev.1 HP-UX Running Ignite-UX Server, Remote Unauthorized Access and Privilege Elevation: A potential security vulnerability has been identified in HP-UX running the Ignite-UX server. The vulnerability could be exploited to allow a remote unauthorized user to gain root access to the system running the Ignite-UX server.

tags | advisory, remote, root
systems | hpux
MD5 | 03077ae66d2b6bcf9f6c41b6b17cdb3e
HP Security Bulletin 2006-11.49
Posted Oct 4, 2006
Authored by Hewlett Packard | Site hp.com

HPSBUX02129 SSRT061149 rev.1 - HP-UX running SLP, Remote Unauthorized Access: A potential security vulnerability has been identified in HP-UX when running Service Locator Protocol (SLP).The vulnerabilit y could be exploited by a remote user of Service Locator Protocol (SLP) for unauthorized access.

tags | advisory, remote, protocol
systems | hpux
MD5 | 44ad69e410ad47dbf0a49b1fd296e4a9
Technical Cyber Security Alert 2006-275A
Posted Oct 4, 2006
Authored by US-CERT | Site cert.org

National Cyber Alert System Technical Cyber Security Alert TA06-275A: Multiple Vulnerabilities in Apple and Adobe Products

tags | advisory, vulnerability
systems | apple
MD5 | cb1d7b8c7f66e74efd808f3ebd8c1ad6
Pebble2.0.0.txt
Posted Oct 4, 2006
Authored by Paolo Perego

Pebble 2.0.0 RC1 and 2 suffer from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | cc86c9357f168bfbfcc6c256249a84f5
aimject-0.6.tar.gz
Posted Oct 4, 2006
Authored by Jon Oberheide | Site jon.oberheide.org

Aimject facilitates man-in-the-middle attacks against AOL Instant Messenger's OSCAR protocol via a simple GTK interface.

tags | tool, sniffer, protocol
MD5 | fa0a2a2f056a2bcc7005acba628ac25a
Epolicy3.5.0.txt
Posted Oct 4, 2006
Authored by muts | Site remote-exploit.org

McAfee ePolicy Orchestrator 3.5.0 contains a pre-authentication buffer overflow vulnerability in NAISERV.exe. Protection Pilot 1.1.0 uses the same HTTP server, and is also vulnerable.

tags | advisory, web, overflow
MD5 | 9958f65624dd9081bf74f16a1fdbd061
Informix-ids.txt
Posted Oct 4, 2006
Authored by Larry W. Cashdollar | Site vapid.dhs.org

IBM Informix (IDS) V10.0 suffers from several flaws that could allow an attacker to overwrite any file on the system or inject commands into the installer scripts.

tags | advisory
MD5 | b4a6fa745c48abc2169cb2b6d56e9c0e
EasyBannerFree.txt
Posted Oct 4, 2006
Authored by abu ahmed

EasyBannerFree suffers from a remote file inclusion vulnerability in functions.php.

tags | exploit, remote, php, file inclusion
MD5 | c50d641a5caafe50ae47639e96ebdd27
Page 1 of 5
Back12345Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    11 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close