what you don't know can hurt you
Showing 1 - 25 of 42 RSS Feed

Files Date: 2006-11-22

MOKB-21-11-2006.dmg.bz2
Posted Nov 22, 2006
Authored by LMH | Site projects.info-pull.com

Denial of service exploit for Mac OS X that demonstrates a failure to properly handle corrupted UDTO HFS+ image structures (ex. bad sectors). Memory corruption is present but is unlikely to allow for arbitrary code execution.

tags | exploit, denial of service, arbitrary, code execution
systems | apple, osx
MD5 | ed1007245a6c325814fabdf084b169e3
xmplay-3.txt
Posted Nov 22, 2006
Authored by Greg Linares

XMPlay version 3.3.0.4 .PLS filename local/remote buffer overflow exploit that executes CALC.exe.

tags | exploit, remote, overflow, local
MD5 | 26100e0eaeda250da4bb39563265b489
xmplay-2.txt
Posted Nov 22, 2006
Authored by Greg Linares

XMPlay version 3.3.0.4 .ASX filename local buffer overflow exploit that executes CALC.exe.

tags | exploit, overflow, local
MD5 | 88b42793681626a2165ae070aa42af96
xmplay-1.txt
Posted Nov 22, 2006
Authored by Expanders, Greg Linares

XMPlay version 3.3.0.4 .M3U filename local buffer overflow exploit that executes CALC.exe.

tags | exploit, overflow, local
MD5 | 863a37a16135b9e651098390601fbffb
seditio110.txt
Posted Nov 22, 2006
Authored by Mustafa Can Bjorn

Seditio versions 1.10 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d4decc97bbeeb9f5a384b167bbc41179
Mandriva Linux Security Advisory 2006.208
Posted Nov 22, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-208-1 - An unspecified vulnerability in OpenLDAP allows remote attackers to cause a denial of service (daemon crash) via a certain combination of SASL Bind requests that triggers an assertion failure in libldap.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2006-5779
MD5 | 14c7d1c0f256a254d7a72f446ac2239c
gnutar.txt
Posted Nov 22, 2006
Authored by Teemu Salmela

GNU tar suffers from a directory traversal condition. Exploit included.

tags | exploit
MD5 | b75b4261882868cdd43c6337473277d5
nmap-runtimebadsum.patch
Posted Nov 22, 2006
Authored by Kris Katterjohn

Patch for Nmap 4.20RC1 (and some 4.20ALPHA versions) that adds a runtime option to toggle the sending of packets with bad TCP/UDP checksums.

tags | tool, udp, tcp, nmap
systems | unix
MD5 | 46fd3fea42a6a93813bf3e39625bdcef
contentnow_139_sqlinj.pl.txt
Posted Nov 22, 2006
Authored by Alfredo Pesoli | Site 0xcafebabe.it

ContentNow CMS version 1.39 'pageid' SQL injection exploit that discloses administrative credentials. Works regardless of magic quotes.

tags | exploit, sql injection
MD5 | 6ba3307da59901cb75fc5c7ce34506b5
contentnow_139_sqlinjection.txt
Posted Nov 22, 2006
Authored by Alfredo Pesoli | Site 0xcafebabe.it

ContentNow CMS version 1.39 is susceptible to SQL injection and path disclosure vulnerabilities.

tags | advisory, vulnerability, sql injection
MD5 | a10022d4edd802ca3ff517fe940b1c20
Ubuntu Security Notice 382-1
Posted Nov 22, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 382-1 - USN-352-1 fixed a flaw in the verification of PKCS certificate signatures. Ulrich Kuehn discovered a variant of the original attack which the original fix did not cover. Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page containing JavaScript.

tags | advisory, web, arbitrary, javascript
systems | linux, ubuntu
advisories | CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748
MD5 | 521f19287302bd9e6b41cffda2f5f7d1
Ubuntu Security Notice 381-1
Posted Nov 22, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 381-1 - USN-351-1 fixed a flaw in the verification of PKCS certificate signatures. Ulrich Kuehn discovered a variant of the original attack which the original fix did not cover. Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page containing JavaScript.

tags | advisory, web, arbitrary, javascript
systems | linux, ubuntu
advisories | CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748
MD5 | 0f560f6f914a8eceb4ade850d5c7feb8
GoogleCall.zip
Posted Nov 22, 2006
Authored by Jeffball55

GoogleCall uses Google's Click-to-Call service to send a number with a forged Caller ID. It automates the process of sending multiple calls to someone with multiple forged Caller IDs.

tags | web
MD5 | ecc5f5cdd45cdbf9167e4bdba6c87bd4
photocart39.txt
Posted Nov 22, 2006
Authored by irvian

PhotoCart version 3.9 suffers from a remote file inclusion vulnerability in adminprint.php.

tags | exploit, remote, php, file inclusion
MD5 | e8564dee6cfcf26d5dde412c49fa4b91
oscommerce-xss.txt
Posted Nov 22, 2006
Authored by Lostmon | Site lostmon.blogspot.com

osCommerce contains a flaw in the admin section that allows a remote cross site scripting attack.

tags | exploit, remote, xss
MD5 | 3cb37dc6e040a3c9c250f622a85e47c0
Debian Linux Security Advisory 1218-1
Posted Nov 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1218-1 - It was discovered that the proftpd FTP daemon performs insufficient validation of FTP command buffer size limits, which may lead to denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2006-5815
MD5 | c3381ad5319b7494c53a33d43df063b4
secunia-myfirewall.txt
Posted Nov 22, 2006
Site secunia.com

Secunia Research has discovered a vulnerability in My Firewall Plus, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the application windows running with SYSTEM privileges and the application not checking if explorer.exe is running before performing certain actions. This can be exploited to launch iexplore.exe with SYSTEM privileges by terminating explorer.exe and then use the "Test Your Firewall" functionality. Affected is My Firewall Plus version 5.0 Build 1119.

tags | advisory, local
systems | windows
advisories | CVE-2006-3973
MD5 | 9faab7bc2bb1515a63b18a8e102f8af2
Gentoo Linux Security Advisory 200611-16
Posted Nov 22, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200611-16 - Miloslav Trmac from Red Hat discovered a buffer overflow in the readline() function of texindex.c. The readline() function is called by the texi2dvi and texindex commands. Versions less than 4.8-r5 are affected.

tags | advisory, overflow
systems | linux, redhat, gentoo
MD5 | 289a1002c49e7c82725e0f9bff9ed3d0
Gentoo Linux Security Advisory 200611-15
Posted Nov 22, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200611-15 - qmailAdmin fails to properly handle the PATH_INFO variable in qmailadmin.c. The PATH_INFO is a standard CGI environment variable filled with user supplied data. Versions less than 1.2.10 are affected.

tags | advisory, cgi
systems | linux, gentoo
MD5 | 8a37e12e6d0589fa9a69f9da509f73dd
Secunia Security Advisory 23043
Posted Nov 22, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for avahi. This fixes a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
systems | linux, gentoo
MD5 | 4a7304501ed9f50babcc531a27e75073
LSsec Security Advisory 2006-03-30
Posted Nov 22, 2006
Authored by LSsec | Site lssec.com

LSsec has discovered a vulnerability in Computer Associates BrightStor ARCserve Backup version 11.5, which could be exploited by an anonymous attacker in order to execute arbitrary code with SYSTEM privileges on an affected system.

tags | advisory, arbitrary
MD5 | 31e92d00fbcd76854d1b61346e9c44e1
comparison.pdf
Posted Nov 22, 2006
Authored by David Litchfield | Site ngssoftware.com

Whitepaper entitled "Which is more secure? Oracle vs. Microsoft". This article looks at the number of security flaws in Oracle and Microsoft database offerings.

tags | paper
MD5 | 9dccc7de3a92b181a9683759b66dabce
Secunia Security Advisory 21142
Posted Nov 22, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in My Firewall Plus, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | 6ffe276e84598b58f18782c46c7d049e
Secunia Security Advisory 22961
Posted Nov 22, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tavis Ormandy has reported a security issue in FVWM, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
MD5 | d76bffdb8c4b8dfcc33b3f0898d88786
Secunia Security Advisory 22977
Posted Nov 22, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Fuzzball MUCK, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | fde26fd68675614b412a22f9b832ad91
Page 1 of 2
Back12Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    4 Files
  • 9
    Jul 9th
    9 Files
  • 10
    Jul 10th
    7 Files
  • 11
    Jul 11th
    4 Files
  • 12
    Jul 12th
    4 Files
  • 13
    Jul 13th
    14 Files
  • 14
    Jul 14th
    19 Files
  • 15
    Jul 15th
    11 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close