what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 88 RSS Feed

Files Date: 2007-02-13

Secunia Security Advisory 24143
Posted Feb 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for gd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | 93f31d85a23185d05d20bda3fdfff59ac8be4022e809c0cceeaaddee1293f11e
Secunia Security Advisory 24120
Posted Feb 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - kcope has reported a vulnerability in Solaris, which can be exploited by malicious people to bypass certain security restrictions and gain access to a vulnerable system.

tags | advisory
systems | solaris
SHA-256 | a25b5287a19c945816a677beb6f442689e4fd8197a7e3f64e53694646dec43fa
Posted Feb 13, 2007
Authored by 3APA3A | Site SecurityVulns.com

Microsoft Visual C++ version 8.0 suffers from a denial of service condition.

tags | advisory, denial of service
advisories | CVE-2007-0842
SHA-256 | f7fe00818ea85c70a2896433664c42f3b88ce3298aa19b8e8bdf63471623ff38
Posted Feb 13, 2007
Authored by Aditya K Sood | Site zeroknock.metaeye.org

Whitepaper entitled Ambiguity In Ajax Lockdown Framework - Unveiling Some Contradictory Facts.

tags | paper, web
SHA-256 | c72d1fdf0586fb064c35e73407382130
Posted Feb 13, 2007
Authored by phoby

www.splinder.com suffers from a cross site scripting flaw.

tags | exploit, xss
SHA-256 | 6c042b9b540a40ea9a4fff8746e2e01d18701d9c89da1d6dbc86aa648cc5d4d3
Posted Feb 13, 2007
Authored by Pedro Alexander Garcia

Raditech's Portal Search suffers from URL redirection and cross site scripting flaws.

tags | exploit, xss
SHA-256 | 4e870c54f6163a70cd45f4f54c1408c2ceb18c69c84e3d2741bc5f8e6790d1fa
Posted Feb 13, 2007
Authored by Iman Karim | Site home.inf.fh-rhein-sieg.de

MD5 hash brute forcing utility.

SHA-256 | 33d7e9e56e18e575f25076691fa9321cf18d5d0a1578fbed06bedead098bf7ad
Posted Feb 13, 2007
Authored by Daniel Nystrom, Fredrik Wessberg

Miniwebsvr version 0.0.6 appears to be susceptible to a one level directory traversal flaw.

tags | exploit, file inclusion
SHA-256 | e4a1d7d3b80e79f93838d2c8f59e236705a2a65ce62953485b6d42a12fec6fa1
Posted Feb 13, 2007
Authored by dzitu

JPortal version 2.3.1 is susceptible to a CSRF vulnerability.

tags | advisory, csrf
SHA-256 | d37661d2e4746acdde98359d7e9ae4800cad9127e118f681fbbe06d753506bb0
Posted Feb 13, 2007
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

There is an interesting logic flaw in Mozilla Firefox web browser. The vulnerability allows the attacker to silently redirect focus of selected key press events to an otherwise protected file upload form field.

tags | advisory, web, file upload
SHA-256 | d6e171034211a73ba7ee2c759671ca5bd17c9e11f2acca63372a0c1b68272997
Posted Feb 13, 2007
Authored by Fernando Gont, M. Larsen

Recently, awareness has been raised about a number of "blind" attacks that can be performed against the Transmission Control Protocol (TCP) and similar protocols. The consequences of these attacks range from throughput-reduction to broken connections or data corruption. These attacks rely on the attacker's ability to guess or know the four- tuple (Source Address, Destination Address, Source port, Destination Port) that identifies the transport protocol instance to be attacked. This document describes a simple and efficient method for random selection of the client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. Both text and pdf formats of this paper are included.

tags | paper, tcp, protocol
SHA-256 | a3c77823856bb629693170ad41bbf3eb04803b3943bb64a88f319af02d2327db
Posted Feb 13, 2007
Authored by Sebastian Wolfgarten | Site devtarget.org

PHP RRD Browser versions below 0.2.1 suffer from an arbitrary file disclosure vulnerability.

tags | exploit, arbitrary, php
SHA-256 | 28ed47f78f884651caee9b78a4633b35de6589214231d8d99dc0548005a1ef66
OpenPKG Security Advisory 2007.9
Posted Feb 13, 2007
Authored by OpenPKG Foundation | Site openpkg.com

OpenPKG Security Advisory - According to a vendor security advisory, a vulnerability exists in the SessionPlugin extension of the Wiki engine TWiki, version up to and including 4.1.0. The vulnerability allows local users to cause TWiki to execute arbitrary Perl code with the privileges of the web server process by creating CGI session files on the local filesystem.

tags | advisory, web, arbitrary, local, cgi, perl
advisories | CVE-2007-0669
SHA-256 | 51621d8c871de933a4c4b0ef815d8d632f8d803fcb9b63ba065faf6cc822d1b3
Posted Feb 13, 2007
Authored by Nicob

phpMyVisites versions prior to 2.2 stable suffer from cross site scripting, HTTP response splitting, and local file inclusion flaws.

tags | exploit, web, local, xss, file inclusion
SHA-256 | 34f74cdcafeaf7a2c88c13c040bac637888b5cbfab8d3963056479c384f38e34
Posted Feb 13, 2007
Authored by Andrea Purificato | Site rawlab.mindcreations.com

Qdig version suffers from cross site scripting flaws.

tags | exploit, xss
SHA-256 | d8a2ee0115af2e59af04ff0ebee1a29cc129671e1a6406819d45a904d2987ffc
Posted Feb 13, 2007
Authored by BLacK ZeRo

JBoss Portal appears susceptible to a cross site scripting flaw.

tags | exploit, xss
SHA-256 | 80ca88da31e627e074226b66f4318545634703ca5ab84b9f226790c2972c7d93
Ubuntu Security Notice 421-1
Posted Feb 13, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 421-1 - A flaw was discovered in MoinMoin's page name sanitizer which could lead to a cross-site scripting attack. By tricking a user into viewing a crafted MoinMoin page, an attacker could execute arbitrary JavaScript as the current MoinMoin user, possibly exposing the user's authentication information for the domain where MoinMoin was hosted.

tags | advisory, arbitrary, javascript, xss
systems | linux, ubuntu
advisories | CVE-2007-0857
SHA-256 | 33f82ae361d2568cfb06709812eb4b3bdf0af824d2c03d39d5ba97bb8af4b293
Posted Feb 13, 2007
Authored by defsec | Site defacedsecurity.com

uTorrent version 1.6 remote heap overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
SHA-256 | 2ba9174c60fb90eba407cd033af8b77578bb8cf57ec70f4149416a30774be2b4
Posted Feb 13, 2007
Authored by Kingcope

SunOS 5.10/5.11 in.telnetd remote root exploit. This has to be the easiest remote root ever.. wait.. there was that other SunOS telnetd remote root.

tags | exploit, remote, root
systems | solaris
SHA-256 | 717ba32b723518e0fae9769ba3d757fa95ff039e7d79b97b2e23ab1a16df2c18
Posted Feb 13, 2007
Authored by Sebastian Wolfgarten

IP3 NetAccess versions below suffer from a classic directory traversal flaw allowing for arbitrary file disclosure.

tags | exploit, arbitrary
SHA-256 | 310f2d07e19e3ea468a8c1d5cc58ebdd56897b0302b6e3e2addb84979717e77e
Posted Feb 13, 2007
Authored by XORON

Philboard versions 1.14 and below suffer from a SQL injection vulnerability in philboard_forum.asp.

tags | exploit, sql injection, asp
SHA-256 | afaae9e0da9f0a8417278c7fa2a71653acc06b67406418dd990557be86c9d11d
Echo Security Advisory 2007.64
Posted Feb 13, 2007
Authored by y3dips, Echo Security | Site echo.or.id

Open-CMS Site Protection Plugin suffers from a remote file inclusion flaw.

tags | exploit, remote, file inclusion
SHA-256 | b00b936a466c7e928f730c2e1bdcc7e3110d59930de2a9be235f38693ece67b5
Posted Feb 13, 2007
Authored by BLacK ZeRo

CommunityServer Commercial Edition suffers from a cross site scripting flaw.

tags | exploit, xss
SHA-256 | d69ee1a0dda3f8ddeb35d3ca0b9a9f67dda8ff93cc0fb2118db36b0b3f4b3d16
Mandriva Linux Security Advisory 2007.041
Posted Feb 13, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Security Advisory - Vladimir Nadvornik discovered a buffer overflow in GraphicsMagick and ImageMagick allows user-assisted attackers to cause a denial of service and possibly execute execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-0770
SHA-256 | b06cca870f03e4163f5234dd049d33713a4729c8ba5fca52d537d8097de87718
Posted Feb 13, 2007
Site security.freebsd.org

FreeBSD Security Advisory - A remote attacker sending a type * (ANY) query to an authoritative DNS server for a DNSSEC signed zone can cause the named(8) daemon to exit, resulting in a Denial of Service.

tags | advisory, remote, denial of service
systems | freebsd
advisories | CVE-2007-0493, CVE-2007-0494
SHA-256 | 8468eb2d18ed5e62f05cc1b12e5a16a332d905bf12993f6630719308f3901887
Page 1 of 4

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By