Twenty Year Anniversary
Showing 1 - 25 of 57 RSS Feed

Files Date: 2007-03-06

iDEFENSE Security Advisory 2007-03-02.t
Posted Mar 6, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 03.02.07 - Remote exploitation of a denial of service (DoS) vulnerability in Kaspersky Lab's Antivirus could allow an attacker to conduct a DoS attack on a targeted host. The antivirus engine is vulnerable to a DoS condition when processing an executable packed with UPX compression. Malformed compressed data causes the decompression routine to enter an infinite loop. Specifically, a negative data offset results in the same compressed data chunk being processed endlessly. iDefense has confirmed the existence of this vulnerability in Kaspersky Labs Antivirus Engine version 6.0.1.411 for Windows and 5.5-10 for Linux. Previous versions may also be affected. Any products that use the scanning engine are also affected, which includes the Kaspersky e-mail gateway scanner.

tags | advisory, remote, denial of service
systems | linux, windows
MD5 | abd06d19441a10cf0a0631ab4e99f695
woltlab236-xss.txt
Posted Mar 6, 2007
Authored by Samenspender

Woltlab version 2.3.6 appears susceptible to cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | cfb07028d27d24d80fc678a4c7ba4501
Zero Day Initiative Advisory 07-08
Posted Mar 6, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache Tomcat JK Web Server Connector. Authentication is not required to exploit this vulnerability. Tomcat JK Web Server Connector version 1.2.19 and 1.2.20 are affected. Tomcat 4.1.34 and 5.5.20 are affected.

tags | advisory, remote, web, arbitrary
advisories | CVE-2007-0774
MD5 | 2535802235fc407a788406584530831d
maildisable-v4.pl.txt
Posted Mar 6, 2007
Authored by mu-b

Mail Enable Professional/Enterprise version 2.32 through 2.34 (Win32) remote exploit. Binds a shell to port 1337.

tags | exploit, remote, shell
systems | windows
MD5 | a9920e0ee1961c4837e2ccd77f52e245
dbimage-rfi.txt
Posted Mar 6, 2007
Authored by Hasadya Raed

DBImageGallery version 1.2.2 suffers from remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | b7ffe3d09b3c6fd0e6fd07047944bdbe
spaw-rfi.txt
Posted Mar 6, 2007
Authored by Hasadya Raed

SPAW Editor PHP Edition versions 1.2.3 and 1.2.4 suffer from a remote file inclusion vulnerability.

tags | exploit, remote, php, code execution, file inclusion
MD5 | 899df16d74977f3fe997a1a853c739d3
knorrede-sql.txt
Posted Mar 6, 2007
Authored by Sebastian Bauer | Site blog.gjl-network.net

Knorr.de suffers from SQL injection vulnerabilities that allow for login bypass.

tags | exploit, vulnerability, sql injection
MD5 | 7749fe792a080d4e0732233834afef66
vbul365-rssxss.txt
Posted Mar 6, 2007
Authored by meto5757

vBulletin version 3.6.5 suffers from a cross site scripting flaw in its RSS feed functionality.

tags | exploit, xss
MD5 | 65d132a9f7e4ed171d9166096ad8b8aa
Ubuntu Security Notice 428-2
Posted Mar 6, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 428-2 - USN-428-1 fixed vulnerabilities in Firefox 1.5. However, changes to library paths caused applications depending on libnss3 to fail to start up. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
MD5 | ec1197bb4064525a19187ab03b62c30f
Gentoo Linux Security Advisory 200703-6
Posted Mar 6, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-06 - An integer overflow flaw has been found in the pixmap handling of Qt, making the AMD64 x86 emulation Qt library vulnerable as well. Versions less than 10.0 are affected.

tags | advisory, overflow, x86
systems | linux, gentoo
advisories | CVE-2006-4811
MD5 | 670ba1eabf17812b84ec4d806b1544e5
Gentoo Linux Security Advisory 200703-5
Posted Mar 6, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-05 - Several vulnerabilities ranging from code execution with elevated privileges to information leaks affect the Mozilla Suite. Versions less than or equal to 1.7.13 are affected.

tags | advisory, vulnerability, code execution
systems | linux, gentoo
MD5 | 9488c354f170da6e9cda12e22fed0989
Gentoo Linux Security Advisory 200703-4
Posted Mar 6, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-04 - Tom Ferris reported a heap-based buffer overflow involving wide SVG stroke widths that affects Mozilla Firefox 2 only. Various researchers reported some errors in the JavaScript engine potentially leading to memory corruption. Mozilla Firefox also contains minor vulnerabilities involving cache collision and unsafe pop-up restrictions, filtering or CSS rendering under certain conditions. Versions less than 2.0.0.2 are affected.

tags | advisory, overflow, javascript, vulnerability
systems | linux, gentoo
advisories | CVE-2006-6077, CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0801, CVE-2007-0981, CVE-2007-0995
MD5 | 6331191602764866f36202dbe22f78c0
Gentoo Linux Security Advisory 200703-3
Posted Mar 6, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-03 - An anonymous researcher discovered a file descriptor leak error in the processing of CAB archives and a lack of validation of the id parameter string used to create local files when parsing MIME headers. Versions less than 0.90 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2007-0897, CVE-2007-0898
MD5 | 33bc6d40f57da6256fc52a70e23f27ee
Gentoo Linux Security Advisory 200703-2
Posted Mar 6, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-02 - SpamAssassin does not correctly handle very long URIs when scanning emails. Versions less than 3.1.8 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-0451
MD5 | d6a4dd1dc1e7c9b0900d955b0eb6c5d2
Gentoo Linux Security Advisory 200703-1
Posted Mar 6, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-01 - The Snort DCE/RPC preprocessor does not properly reassemble certain types of fragmented SMB and DCE/RPC packets. Versions less than 2.6.1.3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2006-5276
MD5 | c8daaa4b64e5525ba0b8065825d98f08
built2go-xss.txt
Posted Mar 6, 2007
Authored by the_Edit0r

Built2Go version 1.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | b9f44dfdc746f792ead1109294056a33
awebnews-rfi.txt
Posted Mar 6, 2007
Authored by ThE dE@Th

aWebNews version 1.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | e0a9d4a78894b3470214cd6a54c0d1cf
Clam AntiVirus Toolkit 0.90.1
Posted Mar 6, 2007
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Various bug fixes and enhancements.
tags | virus
systems | unix
MD5 | cd11c05b5476262eaea4fa3bd7dc25bf
zzuf-0.8.1.tar.gz
Posted Mar 6, 2007
Authored by Sam Hocevar | Site sam.zoy.org

zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.

tags | fuzzer
MD5 | 1970dcf4f77251bea843b0f6ae19231c
SIPcrack-0.2.tar.gz
Posted Mar 6, 2007
Authored by Martin J. Muench | Site codito.de

SIPcrack is a SIP protocol login cracker. It contains 2 programs, SIPdump to sniff SIP logins over the network and SIPcrack to bruteforce the passwords of the sniffed logins.

Changes: Added support for different methods, proxy-authorization, qop, cnonce, etc.
tags | cracker, protocol
MD5 | 4a768bbd2e7df3ea7ced2e9f3d60698a
nmap_update.sh.txt
Posted Mar 6, 2007
Authored by Kris Katterjohn

Simple script that updates Nmap's data files and sticks them in a given directory or cwd.

tags | tool, nmap
systems | unix
MD5 | d0994061ffd0e2b9f0b8d5fa516b1892
Advisory4-20022007.txt
Posted Mar 6, 2007
Authored by ciri

WordPress versions 2.1.0 and below suffer from cross site request forgery with cross site scripting vulnerabilities. Oh, the madness.

tags | exploit, vulnerability, xss, csrf
MD5 | 93806b027a2070a80c055dea2233591a
serendipity-sql.txt
Posted Mar 6, 2007
Authored by Samenspender

Serendipity version 1.1.1 suffers from a SQL injection vulnerability.

tags | exploit, sql injection
MD5 | 499b8b633b3bcc8dd3c8987b3221fc7b
wbnews-rfi.txt
Posted Mar 6, 2007
Authored by ThE dE@Th

WB News suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 23ed5222848e4dfa09b8622d2adf964f
angellms71-sql.txt
Posted Mar 6, 2007
Authored by Guns

Angel LMS version 7.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5a65a6f89b0472d57f99ff8fb110461b
Page 1 of 3
Back123Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

June 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    14 Files
  • 2
    Jun 2nd
    1 Files
  • 3
    Jun 3rd
    3 Files
  • 4
    Jun 4th
    18 Files
  • 5
    Jun 5th
    21 Files
  • 6
    Jun 6th
    9 Files
  • 7
    Jun 7th
    16 Files
  • 8
    Jun 8th
    18 Files
  • 9
    Jun 9th
    5 Files
  • 10
    Jun 10th
    2 Files
  • 11
    Jun 11th
    21 Files
  • 12
    Jun 12th
    34 Files
  • 13
    Jun 13th
    15 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    4 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close