exploit the possibilities
Showing 1 - 25 of 138 RSS Feed

Files Date: 2007-01-27

iDEFENSE Security Advisory 2007-01-26.t
Posted Jan 27, 2007
Authored by iDefense Labs, Sean Larsson | Site idefense.com

CHM files contain various tables and objects stored in "pages." When parsing a page of objects, CHMlib passes an unsanitized value from the file to the alloca() function. This allows an attacker to shift the stack pointer to point to arbitrary locations in memory. Consequently it is possible to write arbitrary data from the file to arbitrary memory locations. Successful exploitation of this vulnerability allows an attacker to execute arbitrary code with the permissions of the user viewing the file. An attacker would have to first convince the user to view the CHM file through some type of social engineering. iDefense has confirmed the existence of this vulnerability in CHMlib version 0.38.

tags | advisory, arbitrary
MD5 | eae5775da2f691edeea7b2a245121c02
s21sec-034-en.txt
Posted Jan 27, 2007
Authored by David Barroso, Alfredo Andres Omella | Site s21sec.com

The Cisco Catalyst switch suffers from a denial of service vulnerability related to VTP.

tags | advisory, denial of service
systems | cisco
MD5 | b3082b8ca4f186890b46273bcf213f60
phpmm-xss.txt
Posted Jan 27, 2007
Authored by DoZ | Site hackerscenter.com

PHP Membership Manager version 1.5 suffers from a cross site scripting condition.

tags | advisory, php, xss
MD5 | b0f350e5e7c837064fc9a3c6078d436b
yim-xss.txt
Posted Jan 27, 2007
Authored by Hai Nam Luke

Yahoo! Messenger versions 8.1.0.29 and below suffer from a javascript injection flaw.

tags | advisory, javascript, xss
MD5 | 27d35218f889720d1bc6ff53479c97f6
MOAB-25-01-2007.rb.txt
Posted Jan 27, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - Ruby exploit that demonstrates how CFNetwork fails to handle certain HTTP responses properly, causing the _CFNetConnectionWillEnqueueRequests() function to dereference a NULL pointer, leading to a denial of service condition.

tags | exploit, web, denial of service, ruby
systems | apple
advisories | CVE-2007-0464
MD5 | d7a1cfb7ab5a8a173db599dc81d957de
MOAB-25-01-2007.c
Posted Jan 27, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - C exploit that demonstrates how CFNetwork fails to handle certain HTTP responses properly, causing the _CFNetConnectionWillEnqueueRequests() function to dereference a NULL pointer, leading to a denial of service condition.

tags | exploit, web, denial of service
systems | apple
advisories | CVE-2007-0464
MD5 | ac9a8250d37eaab982f149693cdcbca0
Mandriva Linux Security Advisory 2007.027
Posted Jan 27, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors. XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain M3U file that contains a long #EXTINF line and contains format string specifiers in an invalid udp:// URI, possibly a variant of CVE-2007-0017.

tags | advisory, remote, denial of service, arbitrary, udp
systems | linux, mandriva
advisories | CVE-2007-0254, CVE-2007-0255
MD5 | 9d6e9715986128f1272f30d7cbe75298
Gentoo Linux Security Advisory 200701-24
Posted Jan 27, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200701-24 - Kevin Finisterre has discovered that when handling media locations, various functions throughout VLC media player make improper use of format strings. Versions less than 0.8.6-r1 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 3a87d60d4bd0556d18867ef4c2c999b7
intel-dos.txt
Posted Jan 27, 2007
Authored by Breno Silva

The Intel wireless mini-pci driver provided with Intel 2200BG cards is vulnerable to a remote memory corruption flaw. Malformed disassociation packets can be used to corrupt internal kernel structures, causing a denial of service (BSOD). Proof of concept exploit included.

tags | exploit, remote, denial of service, kernel, proof of concept
MD5 | 3d71353fc88cf43b77b3b6cf44f6cb52
Gentoo Linux Security Advisory 200701-23
Posted Jan 27, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200701-23 - rgod discovered that the Cacti cmd.php and copy_cacti_user.php scripts do not properly control access to the command shell, and are remotely accessible by unauthenticated users. This allows SQL injection via cmd.php and copy_cacti_user.php URLs. Further, the results from the injected SQL query are not properly sanitized before being passed to a command shell. The vulnerabilities require that the register_argc_argv option is enabled, which is the Gentoo default. Also, a number of similar problems in other scripts were reported. Versions less than 0.8.6i-r1 are affected.

tags | advisory, shell, php, vulnerability, sql injection
systems | linux, gentoo
MD5 | 20755595642f5525d446d60a180d6784
Ubuntu Security Notice 410-2
Posted Jan 27, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 410-2 - USN-410-1 fixed vulnerabilities in the poppler PDF loader library. This update provides the corresponding updates for a copy of this code in tetex-bin in Ubuntu 5.10. Versions of tetex-bin after Ubuntu 5.10 use poppler directly and do not need a separate update. The poppler PDF loader library did not limit the recursion depth of the page model tree. By tricking a user into opening a specially crafter PDF file, this could be exploited to trigger an infinite loop and eventually crash an application that uses this library.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-0104
MD5 | 9e90300be556dfebee280bc8f1cd8a60
bluebugger-0.1.tar.gz
Posted Jan 27, 2007
Authored by Martin J. Muench | Site codito.de

bluebugger is an implementation of the bluebug technique which was discovered by Martin Herfurt from the Trifinite Group. It was tested with the Nokia 6310i, Nokia N72 and Sony Ericsson T68i.

tags | tool, wireless
MD5 | a94f4356d904622daa69b35b9d13053e
ngs-pgp.txt
Posted Jan 27, 2007
Authored by Peter Winter-Smith | Site ngssoftware.com

NGSSoftware has discovered a medium risk vulnerability in PGP Desktop versions prior to 9.5.1 which can allow a remote authenticated attacker to execute arbitrary code on a system on which PGP Desktop is installed.

tags | advisory, remote, arbitrary
MD5 | 241330362f1a75aea36240a564a5fc2c
tmvwall381v3_adv.txt
Posted Jan 27, 2007
Authored by Sebastian Wolfgarten

A local buffer overflow vulnerability in the VSAPI library in Trend Micro VirusWall version 3.81 on Linux allows arbitrary code execution and leads to privilege escalation.

tags | advisory, overflow, arbitrary, local, code execution
systems | linux
MD5 | 5582921034a6813c8c086f44b44ca424
tmvwall381v3_exp.c
Posted Jan 27, 2007
Authored by Sebastian Wolfgarten

Local root exploit for vscan/VSAPI in Trend Micro VirusWall version 3.81 on Linux.

tags | exploit, local, root
systems | linux
MD5 | 0ab083587b33449c1ee9e02dbb117db5
Gentoo Linux Security Advisory 200701-22
Posted Jan 27, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200701-22 - Squid fails to correctly handle ftp:// URI's. There is also an error in the external_acl queue which can cause an infinite looping condition. Versions less than 2.6.7 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 610c37d0ca0db59710755f281679c3f6
php520-bypass.txt
Posted Jan 27, 2007
Authored by Maksymilian Arciemowicz | Site securityreason.com

In PHP 5.2.0 it is possible to bypass safe_mode using writing mode.

tags | advisory, php, bypass
advisories | CVE-2007-0448
MD5 | 110a8601035386b004ff97317c980229
Netragard Security Advisory 2006-12-18
Posted Jan 27, 2007
Authored by Netragard | Site netragard.com

Netragard, L.L.C Advisory - It is possible to take control of an @Mail webmail email account by exploiting a Cross Site Request Forgery (XRSF) vulnerability in the @Mail webmail product. An attacker can send a specially crafted email to any @Mail webmail user with a forged "img" tag. This forged tag, if crafted properly, will inject new settings into the @Mail webmail users account. Version 4.51 is susceptible.

tags | advisory, csrf
MD5 | 629b483b68e10bb70a63d9f54125e278
siteman1111-disclose.txt
Posted Jan 27, 2007
Authored by CorryL | Site x0n3-h4ck.org

Siteman version 1.1.11 suffers from a remote password disclosure flaw.

tags | exploit, remote, info disclosure
MD5 | 9b044235264b8a4eb132fc8a7df84185
earthlink-activex.txt
Posted Jan 27, 2007
Authored by Ethan Hunt

Earthlink TotalAccess suffers from an unsafe method call that allows remote attackers to add entire individual e-mail addresses or entire domains to the spam whitelist.

tags | advisory, remote, activex
MD5 | d433f72d84e7c858ff023856ccf0ed0f
aztek41-sploit.txt
Posted Jan 27, 2007
Authored by DarkFig

Aztek Forum version 4.1 exploit that demonstrates multiple vulnerabilities including SQL injection and filter bypas flaws.

tags | exploit, vulnerability, sql injection
MD5 | bd590478d05ad6c99ce470ad94c2ffb4
siteman-pass.txt
Posted Jan 27, 2007
Authored by CorryL | Site x0n3-h4ck.org

Siteman version 2.0.x2 suffers from a remote password disclosure flaw.

tags | exploit, remote
MD5 | 5a31a127acf8c785249d78f747c33195
uniforum4-sql.txt
Posted Jan 27, 2007
Authored by ajann

uniForum versions 4 and below suffer from a remote SQL injection vulnerability in wbsearch.aspx.

tags | exploit, remote, sql injection
MD5 | 1dcdf1f915724c9910e127ed1693b232
makit-sql.txt
Posted Jan 27, 2007
Authored by ajann

makit news/blog poster versions 3 and below suffer from a remote SQL injection vulnerability in news_page.asp.

tags | exploit, remote, sql injection, asp
MD5 | 8e70a155264cec17ec06d28f1d885477
aspedge12b-sql.txt
Posted Jan 27, 2007
Authored by ajann

ASP EDGE versions 1.2b and below suffer from a remote SQL injection vulnerability in user.asp.

tags | exploit, remote, sql injection, asp
MD5 | 4b88ee9cef640c3a96c691623ec2b85d
Page 1 of 6
Back12345Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close