Exploit the possiblities
Showing 1 - 25 of 58 RSS Feed

Files Date: 2007-02-24

xtcommerce-lfi.txt
Posted Feb 24, 2007
Authored by laurent gaffie

xtcommerce suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 54491a12c6ec084136ae5078654e94f0
SYM07-002.txt
Posted Feb 24, 2007
Authored by Mark Litchfield | Site symantec.com

Symantec Security Advisory SYM07-002 - Vulnerabilities were identified in third-party trouble-shooting ActiveX controls, developed by SupportSoft, www.supportsoft.com. Two of these controls were signed, shipped and installed with the identified versions of Symantec's consumer products and as part of the Symantec Automated Support Assistant support tool. The vulnerability identified in the Symantec shipped controls could potentially result in a stack overflow requiring user interaction to exploit. If successfully exploited this vulnerability could potentially compromise a user's system possibly allowing execution of arbitrary code or unauthorized access to system assets with the permissions of the user's browser.

tags | advisory, overflow, arbitrary, vulnerability, activex
advisories | CVE-2006-6490
MD5 | ef738e6cc836e4b569b9df1624c54701
shopkitplus-lfi.txt
Posted Feb 24, 2007
Authored by laurent gaffie

shopkitplus suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | cf64e7219e80bfb09d781f7e051bb96a
Hardened-PHP Project Security Advisory 2007-03.142
Posted Feb 24, 2007
Authored by Stefan Esser, Hardened-PHP Project | Site hardened-php.net

Hardened PHP Project Security Advisory - Multiple browsers suffers from a cross domain charset inheritance vulnerability. Affected include Firefox versions 2.0.0.1 and below, Internet Explorer 7,and Opera 9.

tags | advisory, php
MD5 | 0c406f7eda7195f1dc12ae3ca465699a
iDEFENSE Security Advisory 2007-02-23.2
Posted Feb 24, 2007
Authored by iDefense Labs, regenrecht | Site idefense.com

iDefense Security Advisory 02.23.07 - Remote exploitation of an input validation error causing an integer underflow in version 3.10 of the Mozilla Foundation's Network Security Services (NSS) may allow an attacker to cause a stack-based buffer overflow and execute arbitrary code on the affected application. The vulnerability specifically exists in code responsible for handling the client master key. While negotiating an SSLv2 session, a client can specify invalid parameters which causes an integer underflow. The resulting value is used as the amount of memory to copy into a fixed size stack buffer. As a result, a potentially exploitable stack-based buffer overflow condition occurs. iDefense has confirmed this vulnerability exists in versions 3.10 and 3.11.3 of the Mozilla Network Security Services. These libraries are used in a variety of products from multiple vendors including Sun Microsystems, Red Hat and Mozilla. Previous versions are also likely to be affected. The names 'libnss3.so' on Linux based systems or 'nss3.dll' on Windows based systems may indicate the library is being used by an application.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat, windows
advisories | CVE-2007-0009
MD5 | 8c91b8eddd1ccac797ef1086095470ef
iDEFENSE Security Advisory 2007-02-23.1
Posted Feb 24, 2007
Authored by iDefense Labs, regenrecht | Site idefense.com

iDefense Security Advisory 02.23.07 - Remote exploitation of an input validation error causing an integer underflow in version 3.10 of the Mozilla Foundation's Network Security Services (NSS) may allow an attacker to execute arbitrary code in the context of the affected application. The vulnerability specifically exists due to a design error in the processing of malformed SSLv2 server messages. By sending a certificate with a public key too small to encrypt the "Master Secret", heap corruption can be triggered which may result in the execution of arbitrary code. iDefense has confirmed this vulnerability exists in versions 3.10 and 3.11.3 of Mozilla Network Security Services. These libraries are used in a variety of products from multiple vendors including Sun Microsystems, Red Hat and Mozilla. Previous versions are also likely to be affected. The names 'libnss3.so' on Linux based systems or 'nss3.dll' on Windows based systems may indicate the library is being used by an application.

tags | advisory, remote, arbitrary
systems | linux, redhat, windows
advisories | CVE-2007-0008
MD5 | f7504baa6cc0b0fa891f4666537695f2
OpenPKG Security Advisory 2007.10
Posted Feb 24, 2007
Authored by OpenPKG Foundation | Site openpkg.com

OpenPKG Security Advisory - According to a vendor release announcement, multiple vulnerabilities exist in the programming language PHP, versions up to and including 5.2.0.

tags | advisory, php, vulnerability
advisories | CVE-2007-0906, CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988
MD5 | aadb3c4d86ec7d6539ffaa6452e67917
Ubuntu Security Notice 427-1
Posted Feb 24, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 427-1 - Mikhail Markin reported that enigmail incorrectly handled memory allocations for certain large encrypted attachments. This caused Thunderbird to crash and thus caused the entire message to be inaccessible.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2006-5877
MD5 | d49b121fc29cd6b664ff39b7cf5c2142
secunia-ie7.txt
Posted Feb 24, 2007
Authored by Jakob Balle | Site secunia.com

Secunia Research has discovered a vulnerability in Internet Explorer 7, which can be exploited by a malicious website to spoof the address bar. The vulnerability is caused due to an error in Internet Explorer 7's handling of "onunload" events, enabling a malicious website to abort the loading of a new website. This can be exploited to spoof the address bar if e.g. the user enters a new website manually in the address bar, which is commonly exercised as best practice. The vulnerability is confirmed on a fully patched Windows XP SP2 system running Internet Explorer 7. Other versions may also be affected.

tags | advisory, spoof
systems | windows, xp
MD5 | cac34bbafb574adea82cc7cf772428a8
zpanel.txt
Posted Feb 24, 2007
Authored by Hamid Ebadi | Site bugtraq.ir

ZPanel suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
MD5 | b3a614a627f1cc00641e4edfc20ae2ef
Mandriva Linux Security Advisory 2007.048
Posted Feb 24, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Security Advisory - Many buffer overflow flaws were discovered in the PHP session extension, the str_replace() function, and the imap_mail_compose() function. An attacker able to use a PHP application using any of these functions could trigger these flaws and possibly execute arbitrary code as the apache user. A one-byte memory read will always occur prior to the beginning of a buffer, which could be triggered, for example, by any use of the header() function in a script. The wddx extension, if used to import WDDX data from an untrusted source, may allow a random portion of heap memory to be exposed due to certain WDDX input packets. The odbc_result_all() function, if used to display data from a database, and if the contents of the database are under the control of an attacker, could lead to the execution of arbitrary code due to a format string vulnerability. Several flaws in the PHP could allow attackers to clobber certain super-global variables via unspecified vectors. The zend_hash_init() function can be forced into an infinite loop if unserializing untrusted data on a 64-bit platform, resulting in the consumption of CPU resources until the script timeout alarm aborts the execution of the script.

tags | advisory, overflow, arbitrary, php
systems | linux, mandriva
advisories | CVE-2007-0906, CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988
MD5 | fcf252091d0bd2a2ca2cc2b59d97ab67
iDEFENSE Security Advisory 2007-02-22.3
Posted Feb 24, 2007
Authored by iDefense Labs, Joshua J. Drake | Site idefense.com

iDefense Security Advisory 02.22.07 - Local exploitation of a multiple vulnerabilities in IBM Corp.'s DB2 Universal Database allow attackers to cause a denial of service condition or elevate privileges to root. Several vulnerabilities exist due to unsafe file access from within several setuid-root binaries. Specifically, when supplying certain environment variables, the DB2 administration binaries will use the specified filename for saving data. This allows an attacker to create or append to arbitrary files as root. A heap-based buffer overflow vulnerability can occur when copying data from an environment variable. The variable contents are copied to a static BSS segment buffer without ensuring proper NUL termination. Consequently, this allows an attacker to cause a heap overflow in a later function call. A stack-based buffer overflow can occur when an environment variable contains a long string. By specifying a specially crafted value, it is possible to overwrite the return address of a function and execute arbitrary code. iDefense has confirmed the existence of these vulnerabilities within IBM Corp.'s DB2 Universal Database 9.1 release installed on Linux. Other versions, including those installed on other architectures, are suspected to be vulnerable as well. These vulnerabilities do not appear to affect DB2 Universal Database running on the windows platform.

tags | advisory, denial of service, overflow, arbitrary, local, root, vulnerability
systems | linux, windows
MD5 | 3c9750c1e4a747af81e04379de4095d8
iDEFENSE Security Advisory 2007-02-22.2
Posted Feb 24, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 02.22.07 - Local exploitation of a file creation vulnerability in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. This vulnerability exists due to unsafe file access from within several setuid-root binaries. Specifically, when supplying the DB2INSTANCE environment variable, the setuid-root DB2 administration binaries will use the home directory of the specified user for loading configuration data. This allows attackers create or append to arbitrary files by creating a specific executing environment. Additionally, the user's umask settings will be honored allowing the creation of root-owned world-writable files. iDefense has confirmed the existence of this vulnerability within IBM Corp.'s DB2 Universal Database 9.1 release installed on Linux. Other versions are suspected to be vulnerable as well. This vulnerability does not affect DB2 Universal Database running on the windows platform.

tags | advisory, arbitrary, local, root
systems | linux, windows
MD5 | 2c23d7265527b5338afca6ce75a79b57
iDEFENSE Security Advisory 2007-02-22.1
Posted Feb 24, 2007
Authored by iDefense Labs, David D. Rude II | Site idefense.com

iDefense Security Advisory 02.22.07 - Remote exploitation of a buffer overflow vulnerability in VeriSign Inc.'s ConfigChk ActiveX Control could allow an attacker to execute arbitrary code within the security context of the victim. iDefense has confirmed the existence of this vulnerability within version 2.0.0.2 of VeriSign Inc's VSCnfChk.dll. All versions are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary, activex
MD5 | df82f344e125c06ae77aa1dfeb7c8a42
spydir.c
Posted Feb 24, 2007
Authored by 3APA3A | Site securityvulns.com

Exploit that demonstrates the vulnerability in ReadDirectoryChangesW() for Microsoft Windows 2000/XP/2003/Vista.

tags | exploit
systems | windows, 2k
advisories | CVE-2007-0843
MD5 | f7f6bf6fe0ea633cd5976b0a644ad70c
readirchange.txt
Posted Feb 24, 2007
Authored by 3APA3A | Site securityvulns.com

ReadDirectoryChangesW() in Microsoft Windows 2000/XP/2003/Vista does not check a user's permissions for child objects, making it possible to retrieve information about objects that a user has no LIST permissions for.

tags | advisory
systems | windows, 2k
advisories | CVE-2007-0843
MD5 | 6c04fac47932131d4237f8749f08f6fa
webspell40-multi.txt
Posted Feb 24, 2007
Authored by Robin Verton

WebSpell versions greater than 4.0 suffer from authentication bypass and arbitrary code execution flaws.

tags | exploit, arbitrary, code execution
MD5 | a6d5965c0980c6edd14deac5f17706f0
saphplesson30-sql.txt
Posted Feb 24, 2007
Authored by SwEET-DeViL, HaCKeR sUn

SaphpLesson version 3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1d4c7171f12dd2a696976c27a73fdec1
Ubuntu Security Notice 426-1
Posted Feb 24, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 426-1 - Mu Security discovered a format string vulnerability in Ekiga. If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user's privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-1006, CVE-2007-1007
MD5 | e0b73f01af64972a1d64b16035362623
pheap.txt
Posted Feb 24, 2007
Authored by laurent gaffie

Pheap CMS suffers from a local file inclusion vulnerability that allows for the editing of the file.

tags | exploit, local, file inclusion
MD5 | 723592a21d57dd6e7ba731cd3e1611bd
lovecms14-multi.txt
Posted Feb 24, 2007
Authored by laurent gaffie

LoveCMS version 1.4 suffers from remote file inclusion, local file inclusion, upload, and cross site scripting vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, file inclusion
MD5 | 794c87a701ed83cbf848253d244509b3
plantilla.txt
Posted Feb 24, 2007
Authored by laurent gaffie

Plantilla PHP suffers from local file inclusion and arbitrary file upload vulnerabilities.

tags | exploit, arbitrary, local, php, vulnerability, file inclusion, file upload
MD5 | 73f4ea1c9dc8e4b78621b2278d20ac45
Ubuntu Security Notice 425-1
Posted Feb 24, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 425-1 - A flaw was discovered in the permission checking code of slocate. When reporting matching files, locate would not correctly respect the parent directory's "read" bits. This could result in filenames being displayed when the file owner had expected them to remain hidden from other system users.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2007-0227
MD5 | 613e2881513ca3a66777f911db0bcf02
jbrowser.txt
Posted Feb 24, 2007
Authored by sn0oPy

It appears that JBrowser may allow arbitrary access to admin/config files.

tags | exploit, arbitrary
MD5 | 76269815469d0ef8356da349250ddace
oraclekupv-perm.txt
Posted Feb 24, 2007
Authored by Andrea Purificato | Site rawlab.mindcreations.com

Oracle 10g KUPW$WORKER.MAIN Grant/Revoke dba permission exploit.

tags | exploit
MD5 | 1a6267279e19948c6072527708174f73
Page 1 of 3
Back123Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close