exploit the possibilities
Showing 1 - 25 of 115 RSS Feed

Files Date: 2006-10-20

XNetMine.txt
Posted Oct 20, 2006
Authored by federico | Site defsol.plugs.it

XNetMine suffers from multiple buffer overflow exploits. PoC included that crashes XNetMine.

tags | exploit, overflow
MD5 | 8a3215a81494681793a672075352ec7a
Exploit Labs Security Advisory 2006.5
Posted Oct 20, 2006
Authored by Donnie Werner, Exploit Labs | Site exploitlabs.com

EXPL-A-2006-005 exploitlabs.com Retro Advisory 002 - SHTTPD: SHTTPD is vulnerable to an overly long GET request.

tags | advisory
MD5 | d3ac9730dc6805f0c45cac59d422fccf
MU Security Advisory 2006-10.01
Posted Oct 20, 2006
Authored by MU Dynamics | Site labs.musecurity.com

Mu Security MU-200610-01: Denial of Service in XORP OSPFv2: OSPF carries link state information using Link State Advertisements. Each LSA contains a length field as well as a checksum. XORP performs a checksum verification when processing an LSA. During the checksum verification, the length field is used to calculate the payload. An invalid length field causes an out of bounds read, causing the OSPF daemon to crash.

tags | advisory, denial of service
MD5 | 33b3bdfd954cea1809b116e45992e0f8
ECHO_ADV_56_2006.txt
Posted Oct 20, 2006
Authored by Matdhule | Site advisories.echo.or.id

[ECHO_ADV_46$2006] P-Book 1.17 and prior (pb_lang) Remote File Inclusion: Input passed to the "pb_lang" parameter in admin.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local or external resources.

tags | advisory, remote, arbitrary, local, php, file inclusion
MD5 | 2d3b3e1a5307935ff571956751eceff9
zorum_3_5.txt
Posted Oct 20, 2006
Authored by Mohandko

zorum 3.5 suffers from a remote file inclusion vulnerability in dbproperty.php.

tags | exploit, remote, php, file inclusion
MD5 | e669a62357c5628c9b6db0d68a71f3a5
Simplog0.9.3.1.txt
Posted Oct 20, 2006
Authored by disfigure | Site w4ck1ng.com

Simplog 0.9.3.1 suffers from SQL injection which can used to obtain the admin password hash.

tags | exploit, sql injection
MD5 | 2057c9ef9554209de39ca15862040dc7
ComdevOneAdmin4.1.txt
Posted Oct 20, 2006
Authored by disfigure | Site w4ck1ng.com

Comdev One Admin 4.1 suffers from a remote file inclusion vulnerability in adminfoot.php

tags | exploit, remote, php, file inclusion
MD5 | 6b4d520e926e4a827c37dc8a8693ebb1
BoonexDolphin5.2.txt
Posted Oct 20, 2006
Authored by disfigure | Site w4ck1ng.com

Boonex Dolphin 5.2 suffers from a remote file inclusion vulnerability in index.php.

tags | exploit, remote, php, file inclusion
MD5 | 242afecf5e90799a9f407c579d55894e
iDEFENSE Security Advisory 2006-10-17.t
Posted Oct 20, 2006
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 10.17.06: Opera Software Opera Web Browser URL Parsing Heap Overflow Vulnerability

tags | advisory, web, overflow
MD5 | bb171a8a16c2967066b02bd46680cd55
Rapid7 Security Advisory 26
Posted Oct 20, 2006
Authored by Rapid7 | Site rapid7.com

Rapid7 Advisory R7-0026 - HTTP Header Injection Vulnerabilities in the Flash Player Plugin. Two HTTP Header Injection vulnerabilities have been discovered by Rapid7 in the Flash Player plugin. They allow attackers to perform arbitrary HTTP requests while controlling most of the HTTP headers. This can make it easier to perform CSRF attacks [2] in some cases. When the HTTP server implements Keep-Alive connections and when Firefox is used, these Flash vulnerabilities can even be used to perform totally arbitrary HTTP requests where every part is controlled by the attacker: HTTP method, URI, HTTP version, headers, and data. Such attacks make use of the HTTP Request Splitting method.

tags | advisory, web, arbitrary, vulnerability
MD5 | 4fc4021a024f3424cfd3af1d82526c4d
DEVWeb-1.5.txt
Posted Oct 20, 2006
Authored by CorryL | Site x0n3-h4ck.org

DEV Web Manager System versions less than or equal to 1.5 cross site scripting exploit.

tags | exploit, web, xss
MD5 | f2a96cb99e6f3fb11fc8aafbb021f9b7
phpAdsNew-2.0.8.txt
Posted Oct 20, 2006
Authored by wacky | Site iHACK.pl

phpAdsNew 2.0.8 suffers from a file inclusion vulnerability in upgrade.php.

tags | exploit, php, file inclusion
MD5 | be3cd41d4ffea725e8488f8b40dd244f
ProCheckUp Security Advisory 2006.3b
Posted Oct 20, 2006
Authored by ProCheckUp

PR06-03b: The F5 FirePass 1000 SSL VPN application version 5.5, and possibly earlier versions, is vulnerable to Cross-Site Scripting within the sid" field of the "my.acctab.php3" program.

tags | advisory, xss
MD5 | 64fb1159600fd731199cea0ab42f296e
Netragard Security Advisory 2006-08-10
Posted Oct 20, 2006
Authored by Netragard | Site netragard.com

Netragard, L.L.C Advisory: dtmail suffers from a buffer overflow vulnerability which could result in the execution of arbitrary code. More specifically this vulnerability is triggered when using -a flag:

tags | advisory, overflow, arbitrary
MD5 | e2a5786e80ceb93d705cf3c5b21d4bde
php5-unserialize.txt
Posted Oct 20, 2006
Authored by slythers

PHP 5 ecalloc memory manager unserialize() array integer overflow proof of concept exploit.

tags | exploit, overflow, php, proof of concept
MD5 | d5c6f58a96ddc33bcc56c17e343c720d
HP Security Bulletin 2006-12.35
Posted Oct 20, 2006
Authored by Hewlett Packard | Site hp.com

HPSBUX02155 SSRT061235 rev.2 HP-UX CIFS Server (Samba) Local Unauthorized Access, Elevated Privileges: A potential security vulnerability has been identified with HP-UX running CIFS Server (Samba). This vulnerability may allow permit unauthorized access or local authenticated user to gain elevated privileges.

tags | advisory, local
systems | hpux
MD5 | 39f16eb0b5baa8b77fe58290555ac3c6
ffoxdie.txt
Posted Oct 20, 2006
Authored by Mike | Site lcamtuf.coredump.cx

PoC exploit that crashes Firefox 2.0 RC3.

tags | exploit
MD5 | 43a631be50091c90ebab9452f9402b67
ECHO_ADV_55-2006.txt
Posted Oct 20, 2006
Site advisories.echo.or.id

[ECHO_ADV_55$2006] - Phpmybibli 2.1 and prior Multiple Remote File Inclusion Vulnerabilities.

tags | advisory, remote, vulnerability, file inclusion
MD5 | 700c7f4752e81f6af4ecdbb37d79a94e
OpenPKG Security Advisory 2006.23
Posted Oct 20, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory - OpenPKG-SA-2006.023 - According to a security advisory [1] from Maksymilian Arciemowicz, a vulnerability exists in the programming language PHP [0] which allows local users to bypass certain Apache HTTP server "httpd.conf" options, such as "safe_mode" and "open_basedir", via the "ini_restore" function, which resets the values to their "php.ini" (master value) defaults.

tags | advisory, web, local, php
MD5 | 685fe022508e79fd8a96d6a6e2c02d3b
TorrentFlux-user_id.txt
Posted Oct 20, 2006
Authored by 3cab7cc7 | Site stevenroddis.com.au

Data passed to the users array is not properly sanitized before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in an administrators browser session in context of an affected site when the Activity Log is viewed.

tags | advisory, arbitrary
MD5 | 1d233074c0fb9765b562b0ee8bf84651
TorrentFlux-file.txt
Posted Oct 20, 2006
Authored by 3cab7cc7 | Site stevenroddis.com.au

Input passed to the file variable is not properly sanitized before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in an administrators browser session in context of an affected site when the Activity Log is viewed. An example is attempting to login with an incorrect username or password. Where the username field of /login.php contains the arbitrary code.

tags | advisory, arbitrary, php
MD5 | 3bda6145651d8f2f9abdf6dce37e9ed0
TorrentFlux-action.txt
Posted Oct 20, 2006
Authored by 3cab7cc7 | Site stevenroddis.com.au

Input passed to the action variable is not properly sanitized before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in an administrators browser session in context of an affected site when the Activity Log is viewed.

tags | advisory, arbitrary
MD5 | 76f505ace33a8c7d83d68aa969edd617
DMA-2006-1016a - WebObjects and OpenBase SQL Local Root
Posted Oct 20, 2006
Authored by Kevin Finisterre | Site digitalmunition.com

DMA-2006-1016a - Apple Xcode WebObjects / OpenBase SQL multiple vulnerabilities including local root and file creation.

tags | advisory, local, root, vulnerability
systems | apple
MD5 | 5e238e77fc8606aadda762b1c8b92fd4
phplistv2.10.2xss.txt
Posted Oct 20, 2006
Authored by b0rizQ

phplist v 2.10.2 suffers from cross site scripting.

tags | exploit, xss
MD5 | 45f7436297a71001a94bfac3b63ad520
osprey1.0.txt
Posted Oct 20, 2006
Authored by KaBaRa.HaCk.eGy

osprey 1.0 suffers from a remote file inclusion vulnerability in ListRecords.php.

tags | exploit, remote, php, file inclusion
MD5 | c63a0df4a317b1b12bece2878a1eb0d0
Page 1 of 5
Back12345Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    18 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close