ignore security and it'll go away
Showing 1 - 25 of 1,171 RSS Feed

Files Date: 2006-10-01 to 2006-10-31

NucleusCorev3.23.txt
Posted Oct 30, 2006
Authored by firewall1954

Nucleus Core v3.23 suffers from a remote file inclusion vulnerability in media.php.

tags | exploit, remote, php, file inclusion
MD5 | 52047ce9f27cd35356fb629852777187
PunBB-1.2.13.txt
Posted Oct 30, 2006
Authored by nms | Site wargan.org

PunBB 1.2.13 suffers from multiple vulnerabilities including SQL injection and local file inclusion.

tags | exploit, local, vulnerability, sql injection, file inclusion
MD5 | cbf2c36a8a9b138e100f8910791ca4b8
OpenPKG Security Advisory 2006.27
Posted Oct 30, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.027: According to a vendor release announcement [0], security issues exist in the personal publishing platform WordPress [1]. The "wp-db-backup" plugin accepts filenames which could be used to access security sensitive files.

tags | advisory
MD5 | 6fa23e5f66c06c2196f275c22469f95c
Debian Linux Security Advisory 1200-1
Posted Oct 30, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1200-1: An integer overflow has been found in the pixmap handling routines in the Qt GUI libraries. This could allow an attacker to cause a denial of service and possibly execute arbitrary code by providing a specially crafted image file and inducing the victim to view it in an application based on Qt.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
MD5 | 4c4178b2c54028d3a9f92810258b8f98
Gentoo Linux Security Advisory 200610-15
Posted Oct 30, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-15 - Asterisk contains buffer overflows in channels/chan_mgcp.c from the MGCP driver and in channels/chan_skinny.c from the Skinny channel driver for Cisco SCCP phones. It also dangerously handles client-controlled variables to determine filenames in the Record() function. Finally, the SIP channel driver in channels/chan_sip.c could use more resources than necessary under unspecified circumstances. Versions less than 1.2.13 are affected.

tags | advisory, overflow
systems | cisco, linux, gentoo
MD5 | d8799077b64101eca58d5a7b90fda78a
Gentoo Linux Security Advisory 200610-14
Posted Oct 30, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-14 - A flaw in the PHP memory handling routines allows an unserialize() call to be executed on non-allocated memory due to a previous integer overflow. Versions less than 5.1.6-r6 are affected.

tags | advisory, overflow, php
systems | linux, gentoo
MD5 | 348e64dff7c57b7b9a61a30897389f25
Mandriva Linux Security Advisory 2006.192
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-192: The CGI library in Ruby 1.8 allowed a remote attacker to cause a Denial of Service via an HTTP request with a multipart MIME body that contained an invalid boundary specifier, which would result in an infinite loop and CPU consumption.

tags | advisory, remote, web, denial of service, cgi, ruby
systems | linux, mandriva
MD5 | e4dc9b5f9f0fba547dcd24f100ae9e56
Mandriva Linux Security Advisory 2006.191
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-191: Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences.

tags | advisory, denial of service, vulnerability
systems | linux, mandriva
MD5 | 95e40134eda956dc3de730efe58397cd
Mandriva Linux Security Advisory 2006.191
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-191: Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences.

tags | advisory, denial of service, vulnerability
systems | linux, mandriva
MD5 | f8b603d9b64a7e8263554ea2b93733b3
Mandriva Linux Security Advisory 2006.190
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-190: A race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.

tags | advisory, arbitrary, local
systems | linux, mandriva
MD5 | d6f8213dbf2f4580c64703dcab56ea4e
Mandriva Linux Security Advisory 2006.190
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-190: A race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.

tags | advisory, arbitrary, local
systems | linux, mandriva
MD5 | db27a618dfba81f66e5d36cd7c501b81
Mandriva Linux Security Advisory 2006.189
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-189: Yannick Van Osselaer discovered a stack overflow in Xsupplicant, which could potentially be exploited by a remote, authenticated user to gain root privileges. Additional code cleanups to fix potential memory leaks are also included.

tags | advisory, remote, overflow, root, memory leak
systems | linux, mandriva
MD5 | e69dde083e354bde40884804d57701c5
Mandriva Linux Security Advisory 2006.189
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-189: Yannick Van Osselaer discovered a stack overflow in Xsupplicant, which could potentially be exploited by a remote, authenticated user to gain root priviledges. Additional code cleanups to fix potential memory leaks are also included.

tags | advisory, remote, overflow, root, memory leak
systems | linux, mandriva
MD5 | 28175793cf8a94db7febff25e80b28f2
Mandriva Linux Security Advisory 2006.188
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-188: Sebastian Krahmer of the SUSE security team found that the System.CodeDom.Compiler classes in mono used temporary files in an insecure way that could allow a symbolic link attack to overwrite arbitrary files with the privileges of the user running a program that made use of those classes.

tags | advisory, arbitrary
systems | linux, suse, mandriva
MD5 | 3aab629ed34c3a732108bc3410c744ba
Mandriva Linux Security Advisory 2006.188
Posted Oct 30, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-188: Sebastian Krahmer of the SUSE security team found that the System.CodeDom.Compiler classes in mono used temporary files in an insecure way that could allow a symbolic link attack to overwrite arbitrary files with the privileges of the user running a program that made use of those classes.

tags | advisory, arbitrary
systems | linux, suse, mandriva
MD5 | 12c4c214a9fe860188e9cc61ff933ffa
framework-2.7.tar.gz
Posted Oct 30, 2006
Authored by H D Moore | Site metasploit.com

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. The Framework will run on any modern system that has a working Perl interpreter, the Windows installer includes a slimmed-down version of the Cygwin environment.

Changes: Many changes, 14 new exploits added.
tags | tool, perl
systems | windows, unix
MD5 | ea592cfb006e1b2510b533cece4ecb18
asterisk-1.2.13.txt
Posted Oct 30, 2006
Authored by Jesus Oquendo | Site infiltrated.net

Asterisk Open Source PBX versions prior to 1.2.13 are vulnerable to local and remote denial of service attacks via a sequence of malformed packets.

tags | advisory, remote, denial of service, local
MD5 | a014b9cf99e6da2aba8214779169fd77
GestArt_vbeta_1.txt
Posted Oct 30, 2006
Authored by Wasem898

GestArt vbeta 1 and prior suffer from a remote file inclusion vulnerability in /gestArt/aide.php.

tags | exploit, remote, php, file inclusion
MD5 | 88df7d9896ceb21d0abf1b424291c221
AxaltoProtiva.txt
Posted Oct 30, 2006
Authored by nnposter

Axalto Protiva 1.1 stores sensitive information in plaintext world readable files.

tags | advisory
MD5 | 6e841670bcbfdd2e02db12fe0211fc4e
Joomlaextended_registration.txt
Posted Oct 30, 2006
Authored by Crackers_Child

The Joomla extended_registration mod suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
MD5 | 7d7731045cf55284af46a7f7cc323c12
DD-WRT-firmware.txt
Posted Oct 30, 2006
Authored by jfcastilho

Any router running DD-WRT only checks the first 8 characters of a users password. The DD-WRT firmware is used in many Linksys routers.

tags | advisory
MD5 | b7f0574d4ad47d04430187677d1d2edd
TorrentFlux2.1.txt
Posted Oct 30, 2006
Authored by vooduhal

TorrentFlux 2.1 doesn't properly sanitize user input passed via the "dir" GET variable thus allowing anyone to get a list of files anywhere on the system.

tags | exploit
MD5 | d69dbdf46cda5007d346cbdb94b1e73d
phpFaber_cms.txt
Posted Oct 30, 2006
Authored by Vigilon | Site vigilon.com

phpFaber CMS versions 1.3.36 and below suffer from a cross site scripting flaw.

tags | advisory, xss
MD5 | 0c039db7dcebac797d14d3fd052d92ae
UNISOR-cms.txt
Posted Oct 30, 2006
Authored by fireboy

UNISOR CMS suffers from a SQL injection vulnerability that can be used to gain administrative privileges.

tags | exploit, sql injection
MD5 | aaf61e087988f7fb207d71a9dfcf2bff
ParallelsDesktop.txt
Posted Oct 30, 2006
Authored by naif

Parallels Desktop for Mac - Build 1940 creates files with insecure permissions.

tags | advisory
MD5 | 7fea36f2e5a30f01bd80e037eb9407c6
Page 1 of 47
Back12345Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    8 Files
  • 21
    Sep 21st
    1 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close