what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 58 RSS Feed

Files Date: 2006-10-30

NucleusCorev3.23.txt
Posted Oct 30, 2006
Authored by firewall1954

Nucleus Core v3.23 suffers from a remote file inclusion vulnerability in media.php.

tags | exploit, remote, php, file inclusion
SHA-256 | 6bb55849806ce5461c68f302f55093a036cc1fbe49d31b88585327ce28d72383
PunBB-1.2.13.txt
Posted Oct 30, 2006
Authored by nms | Site wargan.org

PunBB 1.2.13 suffers from multiple vulnerabilities including SQL injection and local file inclusion.

tags | exploit, local, vulnerability, sql injection, file inclusion
SHA-256 | 3652bafc09639322f478bdfbf3bca457d4dc43681175ce33bc857b2fff56d736
OpenPKG Security Advisory 2006.27
Posted Oct 30, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.027: According to a vendor release announcement [0], security issues exist in the personal publishing platform WordPress [1]. The "wp-db-backup" plugin accepts filenames which could be used to access security sensitive files.

tags | advisory
SHA-256 | 786e8c5107fa0271085c49cebac3c5b1b20b0e7d0c2c919671a5d378f98e6762
Debian Linux Security Advisory 1200-1
Posted Oct 30, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1200-1: An integer overflow has been found in the pixmap handling routines in the Qt GUI libraries. This could allow an attacker to cause a denial of service and possibly execute arbitrary code by providing a specially crafted image file and inducing the victim to view it in an application based on Qt.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
SHA-256 | 164139ba980ab9d32154bee061c5bef7b490dd17b4a4973d1c31ba91ed30a90b
Gentoo Linux Security Advisory 200610-15
Posted Oct 30, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-15 - Asterisk contains buffer overflows in channels/chan_mgcp.c from the MGCP driver and in channels/chan_skinny.c from the Skinny channel driver for Cisco SCCP phones. It also dangerously handles client-controlled variables to determine filenames in the Record() function. Finally, the SIP channel driver in channels/chan_sip.c could use more resources than necessary under unspecified circumstances. Versions less than 1.2.13 are affected.

tags | advisory, overflow
systems | cisco, linux, gentoo
SHA-256 | 7da97c63b8d70d60c0b51785511e6d3d1a6ceb5bc517f75ec86487e728c91a87
Gentoo Linux Security Advisory 200610-14
Posted Oct 30, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-14 - A flaw in the PHP memory handling routines allows an unserialize() call to be executed on non-allocated memory due to a previous integer overflow. Versions less than 5.1.6-r6 are affected.

tags | advisory, overflow, php
systems | linux, gentoo
SHA-256 | 24fd15d792177179ef4dbacc3bf7f43884ae94a89b5aefdbfb4aa7af666fa023
Mandriva Linux Security Advisory 2006.192
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-192: The CGI library in Ruby 1.8 allowed a remote attacker to cause a Denial of Service via an HTTP request with a multipart MIME body that contained an invalid boundary specifier, which would result in an infinite loop and CPU consumption.

tags | advisory, remote, web, denial of service, cgi, ruby
systems | linux, mandriva
SHA-256 | e82ad3dc1bfceb29448f2800b116b0e14eb98d470f43c94368a5d815b98b2f78
Mandriva Linux Security Advisory 2006.191
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-191: Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences.

tags | advisory, denial of service, vulnerability
systems | linux, mandriva
SHA-256 | d9601175fd520e0d58f72362561eb51eadeff521b0833f5f4af28a2a6df6d857
Mandriva Linux Security Advisory 2006.191
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-191: Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences.

tags | advisory, denial of service, vulnerability
systems | linux, mandriva
SHA-256 | d9601175fd520e0d58f72362561eb51eadeff521b0833f5f4af28a2a6df6d857
Mandriva Linux Security Advisory 2006.190
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-190: A race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.

tags | advisory, arbitrary, local
systems | linux, mandriva
SHA-256 | 121d6641bede0bca7cda032405675ffdeae7cec29b44ebadbddb2b06c79978bf
Mandriva Linux Security Advisory 2006.190
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-190: A race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.

tags | advisory, arbitrary, local
systems | linux, mandriva
SHA-256 | 121d6641bede0bca7cda032405675ffdeae7cec29b44ebadbddb2b06c79978bf
Mandriva Linux Security Advisory 2006.189
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-189: Yannick Van Osselaer discovered a stack overflow in Xsupplicant, which could potentially be exploited by a remote, authenticated user to gain root privileges. Additional code cleanups to fix potential memory leaks are also included.

tags | advisory, remote, overflow, root, memory leak
systems | linux, mandriva
SHA-256 | 4465bacfe277c499446ae643a2852e1099d8b820c1f8ae82cceacf2ade868b37
Mandriva Linux Security Advisory 2006.189
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-189: Yannick Van Osselaer discovered a stack overflow in Xsupplicant, which could potentially be exploited by a remote, authenticated user to gain root priviledges. Additional code cleanups to fix potential memory leaks are also included.

tags | advisory, remote, overflow, root, memory leak
systems | linux, mandriva
SHA-256 | 4465bacfe277c499446ae643a2852e1099d8b820c1f8ae82cceacf2ade868b37
Mandriva Linux Security Advisory 2006.188
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-188: Sebastian Krahmer of the SUSE security team found that the System.CodeDom.Compiler classes in mono used temporary files in an insecure way that could allow a symbolic link attack to overwrite arbitrary files with the privileges of the user running a program that made use of those classes.

tags | advisory, arbitrary
systems | linux, suse, mandriva
SHA-256 | 75362f04ffe58ba78e72e8a1410dc65a7b572c94db473d529f5e4e9357aecfdf
Mandriva Linux Security Advisory 2006.188
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-188: Sebastian Krahmer of the SUSE security team found that the System.CodeDom.Compiler classes in mono used temporary files in an insecure way that could allow a symbolic link attack to overwrite arbitrary files with the privileges of the user running a program that made use of those classes.

tags | advisory, arbitrary
systems | linux, suse, mandriva
SHA-256 | 75362f04ffe58ba78e72e8a1410dc65a7b572c94db473d529f5e4e9357aecfdf
framework-2.7.tar.gz
Posted Oct 30, 2006
Authored by H D Moore | Site metasploit.com

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. The Framework will run on any modern system that has a working Perl interpreter, the Windows installer includes a slimmed-down version of the Cygwin environment.

Changes: Many changes, 14 new exploits added.
tags | tool, perl
systems | windows, unix
SHA-256 | 516952772aaa8982628460b927c9119850925f870903c5a131a9c9f0390cf77f
asterisk-1.2.13.txt
Posted Oct 30, 2006
Authored by Jesus Oquendo | Site infiltrated.net

Asterisk Open Source PBX versions prior to 1.2.13 are vulnerable to local and remote denial of service attacks via a sequence of malformed packets.

tags | advisory, remote, denial of service, local
SHA-256 | 2b0be2f77b87a8b5e9ce286060248fb1dbf05ea28f09a44a6813660999d9e6f6
GestArt_vbeta_1.txt
Posted Oct 30, 2006
Authored by Wasem898

GestArt vbeta 1 and prior suffer from a remote file inclusion vulnerability in /gestArt/aide.php.

tags | exploit, remote, php, file inclusion
SHA-256 | d5c5b20e02b057928a8151002d3b6ef3b90265dc9cddd6a3645261773fc6b16b
AxaltoProtiva.txt
Posted Oct 30, 2006
Authored by nnposter

Axalto Protiva 1.1 stores sensitive information in plaintext world readable files.

tags | advisory
SHA-256 | 1d4fa0c1a0c77d3b016d87d417bbd2af7698989d80d70df0be6ad79cf4af5901
Joomlaextended_registration.txt
Posted Oct 30, 2006
Authored by Crackers_Child

The Joomla extended_registration mod suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | b5ec95b388d9d4c34f6cc34562cd6884f254b932b29fa0a2f9a145158f4caa30
DD-WRT-firmware.txt
Posted Oct 30, 2006
Authored by jfcastilho

Any router running DD-WRT only checks the first 8 characters of a users password. The DD-WRT firmware is used in many Linksys routers.

tags | advisory
SHA-256 | b39b63064f539d2fcf3558b21e0539ef9ca1fef50960fc82361ed466a56069ec
TorrentFlux2.1.txt
Posted Oct 30, 2006
Authored by vooduhal

TorrentFlux 2.1 doesn't properly sanitize user input passed via the "dir" GET variable thus allowing anyone to get a list of files anywhere on the system.

tags | exploit
SHA-256 | 82396ecba330189442653cc67928c3cf56d83a210ab195d99c98ba811df0d958
phpFaber_cms.txt
Posted Oct 30, 2006
Authored by Vigilon | Site vigilon.com

phpFaber CMS versions 1.3.36 and below suffer from a cross site scripting flaw.

tags | advisory, xss
SHA-256 | 8dfc27e31874e0a98831d402239fae1cd3c852329ebd7026b7c3ecef108dfe6b
UNISOR-cms.txt
Posted Oct 30, 2006
Authored by fireboy

UNISOR CMS suffers from a SQL injection vulnerability that can be used to gain administrative privileges.

tags | exploit, sql injection
SHA-256 | d3ff9edcd325258939ef9797a17e7a279dec7fb8d7087eca520a632d4146be6c
ParallelsDesktop.txt
Posted Oct 30, 2006
Authored by naif

Parallels Desktop for Mac - Build 1940 creates files with insecure permissions.

tags | advisory
SHA-256 | e4c883be914c2e585934e5e834b9e62c1863e95b15be5a3217e5c05a2f5a9f93
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close