exploit the possibilities
Showing 1 - 25 of 43 RSS Feed

Files Date: 2007-01-14

phpmyadmin-xss.txt
Posted Jan 14, 2007
Authored by AlFa | Site virtuax.be

PhpMyAdmin versions 2.8.1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 480f958eb72938c4a17576d9aa97a1ec
trevorchan07-rfi.txt
Posted Jan 14, 2007
Authored by Ilker Kandemir

Trevorchan version 0.7 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 889ea11f23cc815c4d0ed66a151e830f
phpnuke79-sql.txt
Posted Jan 14, 2007
Authored by Paisterist | Site neosecurityteam.net

PHP-Nuke versions 7.9 and below suffer from a SQL injection vulnerability.

tags | exploit, php, sql injection
MD5 | 2d627eefbe9e3e5b9a936bf946f919c9
ipswitch2007.txt
Posted Jan 14, 2007
Authored by sapheal

Ipswitch WS_FTP 2007 Professional suffers from an access violation vulnerability.

tags | advisory
MD5 | 287a3ed0e588dd0aa0e24b95b2c9b39d
Mandriva Linux Security Advisory 2007.013
Posted Jan 14, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - An array index error in the URI parser in neon 0.26.0 to 0.26.2 could possibly allow remote malicious servers to cause a crash via a URI with non-ASCII characters. This vulnerability may only exist on 64bit systems.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2007-0157
MD5 | 08a754e1e98b6355e11aa33ba8e648ad
Debian Linux Security Advisory 1248-1
Posted Jan 14, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1248-1 - Roland Lezuo and Josselin Mouette discovered that the libsoup HTTP library performs insufficient sanitizing when parsing HTTP headers, which might lead to denial of service.

tags | advisory, web, denial of service
systems | linux, debian
advisories | CVE-2006-5876
MD5 | 32c1a2838b83eedbbb78902ad3106ac2
naig052-rfi.txt
Posted Jan 14, 2007
Authored by BorN To K!LL

Naig versions 0.5.2 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | a4d7756e4f08c3630a58c27ec9694c69
aiocp-bypass.txt
Posted Jan 14, 2007
Authored by Coloss

AIOCP versions 1.3.009 and below suffer from a login bypass vulnerability due to another SQL injection flaw.

tags | exploit, sql injection, bypass
MD5 | d9029f6c2fc59e53e0d3c2f01c26a401
aiocp-sql.txt
Posted Jan 14, 2007
Authored by Coloss

AIOCP versions 1.3.009 and below suffer from a SQL injection vulnerability.

tags | exploit, sql injection
MD5 | 8619a6df1ea243916f1196a897b36e21
Gentoo Linux Security Advisory 200701-8
Posted Jan 14, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200701-08 - Christoph Deal discovered that JPEG files with a specially crafted DHT marker can be exploited to cause a heap overflow. Furthermore, an anonymous person discovered that Opera does not correctly handle objects passed to the createSVGTransformFromMatrix() function. Versions less than 9.10 are affected.

tags | advisory, overflow
systems | linux, gentoo
MD5 | b9390704b0a88f412d42778f70031082
Gentoo Linux Security Advisory 200701-7
Posted Jan 14, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200701-07 - John Heasman of NGSSoftware has discovered integer overflows in the EMR_POLYPOLYGON and EMR_POLYPOLYGON16 processing and an error within the handling of META_ESCAPE records. Versions less than 2.1.0 are affected.

tags | advisory, overflow
systems | linux, gentoo
MD5 | 773ed98805fd2342a933048ee1b95508
Gentoo Linux Security Advisory 200701-6
Posted Jan 14, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200701-06 - w3m in -dump or -backend mode does not correctly handle printf() format string specifiers in the Common Name (CN) field of an X.509 SSL certificate. Versions less than 0.5.1-r4 are affected.

tags | advisory
systems | linux, gentoo
MD5 | a2e780abc83c689cf3dc1a79d7828c0c
Gentoo Linux Security Advisory 200701-5
Posted Jan 14, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200701-05 - Marcus Meissner of the SUSE security team discovered a stack overflow vulnerability in the code processing EXIF information in the kfile JPEG info plugin. Versions less than 3.5.5-r1 are affected.

tags | advisory, overflow
systems | linux, suse, gentoo
MD5 | 5ba8a757a118bf3dad2108eab8225def
Mandriva Linux Security Advisory 2007.012
Posted Jan 14, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Quite a few vulnerabilities were discovered and corrected in the Linux 2.6 kernel.

tags | advisory, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2006-4813, CVE-2006-4997, CVE-2006-5158, CVE-2006-5619, CVE-2006-5749, CVE-2006-5751, CVE-2006-5757, CVE-2006-6106
MD5 | fe34171f128c377fe6cbfa40e3d90265
corsaire-chainkey.txt
Posted Jan 14, 2007
Authored by Stephen de Vries | Site corsaire.com

Corsaire Security Advisory - The aim of this document is to clearly define an issue that exists with the ChainKey Java Code Protection product, that will allow an attacker to circumvent the encryption protection and de-compile any protected Java application.

tags | advisory, java
advisories | CVE-2007-0014
MD5 | a947f900a295b970a1717f7650f7279b
respdiscitunder.ppt
Posted Jan 14, 2007
Authored by Michael Kemp

Responsible Disclosure - A brief presentation concerning 'Responsible Disclosure' and the timely release of security vulnerability information to the wider research community.

tags | paper
MD5 | 134d9095aae7e979ce6021c2820fac88
microcms35.txt
Posted Jan 14, 2007
Authored by Ilker Kandemir

Micro CMS version 3.5 remote file inclusion exploit.

tags | exploit, remote, file inclusion
MD5 | cf1dc9b125479366ba6be62ac8c4766d
Ubuntu Security Notice 406-1
Posted Jan 14, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 406-1 - An integer overflow was discovered in OpenOffice.org's handling of WMF files. If a user were tricked into opening a specially crafted WMF file, an attacker could execute arbitrary code with user privileges.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2006-5870
MD5 | b89f96f7f5345d93c6ba785d83f0efc0
Mandriva Linux Security Advisory 2007.011
Posted Jan 14, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 1.5.0.9.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2006-6497, CVE-2006-6500, CVE-2006-6501, CVE-2006-6502, CVE-2006-6503, CVE-2006-6505
MD5 | 9830564fff7dde388ea88c4f1b52ce21
wp206-disclose.txt
Posted Jan 14, 2007
Authored by xy7

WordPress versions 2.1Alpha and 2.0.6 and below suffer from information disclosure flaws.

tags | advisory, info disclosure
MD5 | cc236f8888abfb5c3e73eee74af3c454
CAID-multi.txt
Posted Jan 14, 2007
Authored by Ken Williams | Site www3.ca.com

CA BrightStor ARCserve Backup contains multiple overflow conditions that can allow a remote attacker to execute arbitrary code with local SYSTEM privileges on Windows. The BrightStor ARCserve Backup Tape Engine service, Mediasvr service, and ASCORE.dll file are affected.

tags | advisory, remote, overflow, arbitrary, local
systems | windows
advisories | CVE-2006-5171, CVE-2006-5172, CVE-2007-0168, CVE-2007-0169, CVE-2006-6076, CVE-2006-6917
MD5 | d42abd52ad2963c70a26b34377196f37
LSsec Security Advisory 2006-03-30
Posted Jan 14, 2007
Authored by LSsec | Site lssec.com

LSsec has discovered a vulnerability in Computer Associates BrightStor ARCserve Backup version 11.5, which could be exploited by an anonymous attacker in order to execute arbitrary code with SYSTEM privileges on an affected system.

tags | advisory, arbitrary
MD5 | 2a88fd2c9cc44efd2cf38e86bd71bb0f
ezboxxezroot.txt
Posted Jan 14, 2007
Authored by Doron P, Eyal G | Site bugsec.com

Ezboxx Portal System Beta versions 0.7.6 and below suffer from numerous cross site scripting, path disclosure, and SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection, xxe
MD5 | 1146e409b61103ec682d7cf92f356491
tnv_source_0.3.7.zip
Posted Jan 14, 2007
Authored by jgood | Site tnv.sourceforge.net

TNV visualizes pcap data to graphically depict network packets, links, and ports for network traffic analysis to facilitate learning what constitutes 'normal' behavior, investigating security events, or network troubleshooting. It depicts network traffic by visualizing packets and links between local and remote hosts. It is intended for network traffic analysis to facilitate learning what constitutes 'normal' activity on a network, investigating packet details and security events, or for network troubleshooting. It can open saved libpcap (from tcpdump, windump, ethereal, etc.) formatted files or capture live packets on the wire, and export data in libpcap format or save the data to a MySQL database to enable the examination of trends over time.

tags | tool, remote, local, sniffer
MD5 | ae655a32264a623c789e8a6bb54a9414
rsbac-common-1.3.1.tar.bz2
Posted Jan 14, 2007
Site rsbac.org

Rule Set Based Access Control (RSBAC) is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) and provides a flexible system of access control implemented with the help of a kernel patch. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions.

Changes: Various updates and code fixes.
tags | kernel
systems | linux
MD5 | a7989821227c60210fd9321f45afc01d
Page 1 of 2
Back12Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close