exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 62 RSS Feed

Files Date: 2007-01-20

kismet-2007-01-R1b.tar.gz
Posted Jan 20, 2007
Authored by Mike Kershaw | Site kismetwireless.net

Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.

Changes: Various additions and fixes.
tags | tool, wireless
systems | cisco, linux, freebsd, openbsd, apple, osx
SHA-256 | 1b998b34e2e9377f5ac7704295d64507234fe7656e49d384f8bf95604e97e05b
flawfinder-1.27.tar.gz
Posted Jan 20, 2007
Authored by David A. Wheeler | Site dwheeler.com

Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.

Changes: Added various support, feature enhancements, and bug fixes.
systems | unix
SHA-256 | 8825a9742db29da329ec57861d702a744452f84fbc02f617c037becafaf6f546
RISE-2007001.txt
Posted Jan 20, 2007
Authored by RISE Security | Site risesecurity.org

The Apple Mac OS X 10.4.x kernel suffers from a memory corruption vulnerability in shared_region_map_file_np().

tags | advisory, kernel
systems | apple, osx
SHA-256 | 9608385af0e3310b37dac0ddba1c1fd934d65eed1f276a0fd34c722cf524876d
hpj-x01.cpp
Posted Jan 20, 2007
Authored by porkythepig

Proof of concept exploit for the .HPJ project file buffer overflow vulnerability in Microsoft Help Workshop version 4.03.0002.

tags | exploit, overflow, proof of concept
SHA-256 | 2176350da42f6699691043843040ceb6141b11c25ebe25cf004b226832127ea2
mhw-hpj.txt
Posted Jan 20, 2007
Authored by porkythepig

Microsoft Help Workshop is prone to stack based memory corruption vulnerability during processing (.HPJ) help project files. This vulnerability could be exploited to execute arbitrary code within the remote user context.

tags | advisory, remote, arbitrary
SHA-256 | 9526f9c77e0380edc2c0eb2b0975468780e4be72aa61b3f7d912c2d771fd4f8e
s21sec-033-en.txt
Posted Jan 20, 2007
Authored by Jose Miguel Esparza | Site s21sec.com

WzdFTPD versions 8.0 and below suffer from a remote denial of service condition.

tags | advisory, remote, denial of service
SHA-256 | 2ba1620efce67c106b58a229d7cc8aa6c53222876b7d5c6d8814adc2b87e382e
lds-18.txt
Posted Jan 20, 2007
Authored by Deral Heiland | Site LayeredDefense.com

A format string vulnerability has been discovered within BitDefender Client Professional Plus build 8.02.

tags | advisory
SHA-256 | aae2a9aab9a8ac2ada062219db23d7fb06500ea56412d9d71b0e791d9299b51b
cacti086i-remote.txt
Posted Jan 20, 2007
Authored by rgod | Site retrogod.altervista.org

Cacti versions 0.8.6i and below remote injection exploit that makes use of cmd.php and allows for arbitrary code execution.

tags | exploit, remote, arbitrary, php, code execution
SHA-256 | e46a9232d7fe021c52e56ee695dc5627a24abc10115d61289092c7b5978f2f93
cacti1-086i.txt
Posted Jan 20, 2007
Authored by rgod | Site retrogod.altervista.org

Cacti 0.8.6i remote create admin SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | d1602ff5981da0eb52538d77ad64b295854913666d1fda406d3ace212889f61f
intel-pwn.c
Posted Jan 20, 2007
Authored by Giuseppe Gottardi

Intel Centrino ipw2200 wireless driver remote overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
SHA-256 | fcfe9fb62aa80358a5da4f2500c15e2eca5470dbe5ec10cfe5d31b592ef3800d
Mandriva Linux Security Advisory 2007.023
Posted Jan 20, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in gnome-system-monitor.

tags | advisory, denial of service, overflow, arbitrary, local
systems | linux, mandriva
advisories | CVE-2007-0235
SHA-256 | eeeda33a383f5925f420d0ec7096a041b6e1357f976237a90923dfc8eb0387ad
Mandriva Linux Security Advisory 2007.022
Posted Jan 20, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2007-0104
SHA-256 | 1d36e137255405a514e213711150020100625057e4b420b100f90813a71b870f
Mandriva Linux Security Advisory 2007.021
Posted Jan 20, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2007-0104
SHA-256 | 34d05c5be24e5f1c853052ea6306243c70d3f02d27b791676245ba27956f51cb
Mandriva Linux Security Advisory 2007.020
Posted Jan 20, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2007-0104
SHA-256 | e49ea25be84b581053eb71e5937834c79d5c8c84b6ec8a0a86df12b2236aee29
Mandriva Linux Security Advisory 2007.019
Posted Jan 20, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2007-0104
SHA-256 | 9f0f98829c5fe8e465885833c5117cf5df4ca0d12fe42d47dbbbb274dcd98347
Mandriva Linux Security Advisory 2007.018
Posted Jan 20, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2007-0104
SHA-256 | 61df2f5bb48bd6279593857a29aa7e1043e72843d419b309c20a1eda52d25fb4
arsdigita-traverse.txt
Posted Jan 20, 2007
Authored by Elliot Kendall

Ars Digita Community System (ACS) versions 3.4.10 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 28bf38108a3490ba56539fc9a6818406b5265072836249f9e56dfad64160cffd
HP Security Bulletin 2007-12.90
Posted Jan 20, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential vulnerability has been identified with HP Jetdirect running ftp. The vulnerability could be exploited remotely to create a Denial of Service (DoS).

tags | advisory, denial of service
SHA-256 | 6a7b123efd38cef243cf81ab94497a136e546a206412463c9fc951c221684313
sabros17-xss.txt
Posted Jan 20, 2007
Authored by CorryL | Site x0n3-h4ck.org

sabros.us version 1.7 is susceptible to a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6d802f5d2b42ab368863a90cfce90d4d367652660e2e4acc765cbe103f429e49
Cisco Security Advisory 20070118-certs
Posted Jan 20, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco Security Monitoring, Analysis and Response System (CS-MARS) and the Cisco Adaptive Security Device Manager (ASDM) do not validate the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) certificates or Secure Shell (SSH) public keys presented by devices they are configured to connect to. Malicious users may be able to use this lack of certificate or public key validation to impersonate the devices that these affected products connect to, which could then be used to obtain sensitive information or misreport information.

tags | advisory, shell
systems | cisco
SHA-256 | ccfd62f8ef5c8bdeb0ddd735a47a5501e06d41c18b7a12414c1f951751146e9a
Ubuntu Security Notice 410-1
Posted Jan 20, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 410-1 - The poppler PDF loader library did not limit the recursion depth of the page model tree. By tricking a user into opening a specially crafter PDF file, this could be exploited to trigger an infinite loop and eventually crash an application that uses this library.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2007-0104
SHA-256 | 6ee4af7133bc4242aa929a344913756d206262e5a7e5f3dca27971e32d353312
prdelka-vs-GNU-mbsebbs.c
Posted Jan 20, 2007
Authored by prdelka | Site prdelka.blackart.org.uk

GNU/Linux mbse-bbs versions 0.70.0 and below local root exploit that makes use of a stack overflow.

tags | exploit, overflow, local, root
systems | linux
SHA-256 | b9b6c8e90f30995598ab9252882b6e7bfe68361174d80d1b09bb34e24378764c
CYBSEC-presapigsbo.txt
Posted Jan 20, 2007
Authored by Mariano Nunez Di Croce | Site cybsec.com

CYBSEC Security Advisory - A specially crafted HTTP request can trigger a remote buffer overflow in SAP IGS service.

tags | advisory, remote, web, overflow
SHA-256 | 140dce31f80c33f96fc4f5fb9d11c258d9cfcfeed32188954f44e87decf132c7
MOAB-18-01-2007.rb.txt
Posted Jan 20, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Proof of concept exploit rumpusd. rumpusd is vulnerable to different remotely exploitable heap-based buffer overflows, denial of service conditions and local privilege escalation issues.

tags | exploit, denial of service, overflow, local, proof of concept
systems | apple
advisories | CVE-2007-0019
SHA-256 | 324e1c2a699138a78ea18bf0111256c4c75fe4eedb6f2baead3e5c38d188b60e
MOAB-17-01-2007.rb.txt
Posted Jan 20, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Proof of concept exploit for slpd. slpd is vulnerable to a buffer overflow condition when processing the attr-list field of a registration request, leading to an exploitable denial of service condition and potential arbitrary execution. It would allow unprivileged local (and possibly remote) users to execute arbitrary code under root privileges.

tags | exploit, remote, denial of service, overflow, arbitrary, local, root, proof of concept
systems | apple
SHA-256 | b43cb8369fd15b26f59289ce05b054d9e9b5ee73e4ea4f070c7f378698fc6935
Page 1 of 3
Back123Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close