what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 88 RSS Feed

Files Date: 2007-03-08

HP Security Bulletin 2006-12.37
Posted Mar 8, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with the version of GZIP delivered by HP-UX Software Distributor (SD). The vulnerability could be remotely exploited leading to a Denial of Service (DoS).

tags | advisory, denial of service
systems | hpux
advisories | CVE-2006-4334, CVE-2006-4335, CVE-2006-4336, CVE-2006-4337, CVE-2006-4338
SHA-256 | d0ae6580d774a6d54290f2105648643ccaad8d051dcad97ab862a7eeadc3b778
aqatom-overflow.txt
Posted Mar 8, 2007
Authored by Sowhat | Site nevisnetworks.com

Apple QuickTime player versions below 7.1.5 suffer from a udta ATOM integer overflow vulnerability.

tags | advisory, overflow
systems | apple
advisories | CVE-2007-0714
SHA-256 | e03394245274b6b00e5fa22b4c2814fab82e21766b6d438a9e3795daf1e5fb32
quicktime-heap-adv-7.1.txt
Posted Mar 8, 2007
Authored by Piotr Bania | Site piotrbania.com

Apple QuickTime player version 7.1 on Windows suffers from a remote heap overflow vulnerability.

tags | advisory, remote, overflow
systems | windows, apple
SHA-256 | 65da3ab8f46f0b132528896188ac81e77e60eee67849338401fb5ac40456b761
php_446_mssql_connect_bof.txt
Posted Mar 8, 2007
Authored by rgod | Site retrogod.altervista.org

PHP versions 4.4.6 and below mssql_connect() and mssql_pconnect() local buffer overflow exploit.

tags | exploit, overflow, local, php
SHA-256 | 92d4547d24e68dddd983ba158385a312924951aeaa3d8dccb81e10b405a832f7
Core Security Technologies Advisory 2007.0115
Posted Mar 8, 2007
Authored by Core Security Technologies, Gerardo Richarte | Site coresecurity.com

Core Security Technologies Advisory - GnuPG and GnuPG clients suffer from an unsigned data injection vulnerability.

tags | advisory
advisories | CVE-2007-1263, CVE-2007-1264, CVE-2007-1265, CVE-2007-1266, CVE-2007-1267, CVE-2007-1268, CVE-2007-1269
SHA-256 | 105bc292cde7181a51838486efb114fc2b42ca52c8eb7401d9334c18e0c47625
iDEFENSE Security Advisory 2007-03-05.1
Posted Mar 8, 2007
Authored by iDefense Labs, Ruben Santamarta | Site idefense.com

iDefense Security Advisory 03.05.07 - Remote exploitation of a heap corruption vulnerability in Apple Computer Inc.'s QuickTime media player could allow an attacker to execute arbitrary commands in the context of the current user. The vulnerability specifically exists in QuickTime players handling of Video media atoms. When the 'Color table ID' field in the Video Sample Description is 0, QuickTime expects a color table to be present immediately after the description. A byte swap process is then performed on the memory following the description, regardless if a table is present or not. Heap corruption will occur in the case when the memory following the description is not part of the heap chunk being processed. iDefense Labs confirmed this vulnerability exists in version 7.1.3 of QuickTime on Windows. Previous versions are suspected to be vulnerable.

tags | advisory, remote, arbitrary
systems | windows, apple
advisories | CVE-2007-0718
SHA-256 | fec5cfa3ca512e52554badeb637b6197568fa66695d6a4894d6a34b8670d4953
sava-sql.txt
Posted Mar 8, 2007
Authored by Belsec Team | Site belsec.com

Sava's Guestbook version 23.11.2006 is susceptible to SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 4b81cf03f82bc3f5072fccfcdf278134f7e8f1d7da28b000f7859912b360c878
liguestbook-sql.txt
Posted Mar 8, 2007
Authored by Belsec Team | Site belsec.com

LI-Guestbook version 1.1 is susceptible to SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 590295790e9c6394f46eac6d6aa675cb7140685a838bef447c02a4e364cde498
eportfolio10-multi.txt
Posted Mar 8, 2007
Authored by Stefan Friedli | Site scip.ch

ePortfolio version 1.0 suffers from java related input validation vulnerabilities.

tags | advisory, java, vulnerability
SHA-256 | d580e5ce9cef125f074ae8c920d55a8cfb0d446d4ef395be40632278026b0f21
HITB-2007-CFP-Malaysia.txt
Posted Mar 8, 2007
Site conference.hitb.org

The call for papers for the upcoming Hack in The Box Security Conference 2007 in Malaysia is now open.

tags | paper, conference
SHA-256 | 6504485a29aad2f92cef6c8e35787de7c8126e0d0a79da54a13e9027dd4a371d
advisory-php-gaestebuch-en.txt
Posted Mar 8, 2007
Authored by Ruben Ventura Pina | Site trew.icenetx.net

PHP-Gaestebuch versions 6.3 and below suffer from a HTML injection vulnerability that can allow for cross site scripting attacks.

tags | exploit, php, xss
SHA-256 | 2e93b4d81779ca64b2a6b178843c2da8f2564aa45d9289efe4ab6618d10fa2cd
rrdbrowse-advisory-03-2007.txt
Posted Mar 8, 2007
Authored by Sebastian Wolfgarten | Site devtarget.org

rrdbrowse versions 1.6 and below suffer from an arbitrary file disclosure vulnerability.

tags | exploit, arbitrary
SHA-256 | cca8d4336f4a7dd8d011665d3a65fb9d0b0656fdacef8ac9fe5e6dff2d1478e9
Debian Linux Security Advisory 1262-1
Posted Mar 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1262-1 - "Mu Security" discovered that a format string vulnerability in the VoIP solution GnomeMeeting allows the execution of arbitrary code

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2007-1007
SHA-256 | fd3a3dd2ccd3984ed7096275fad1986e440af7e5ab5d6241f5577d25b8a7f850
konq-dos.txt
Posted Mar 8, 2007
Authored by mark | Site bindshell.net

Konqueror crashes if Javascript code tries to read the source of a child iframe when it is set to a ftp:// URL.

tags | advisory, denial of service, javascript
SHA-256 | ffbeac05613ea571f4126734b453bc72f30bdd4b66c8470af2cfc41577833dd9
vcard26-xss.txt
Posted Mar 8, 2007
Authored by Hasadya Raed

vCard version 2.6 suffers from a cross site scripting flaw.

tags | exploit, xss
SHA-256 | e1147a89a3994e21c9d5b36eaee74aa8ed77228883fbe59a7cba3406729c9699
asterisk-sip-kill.c
Posted Mar 8, 2007
Authored by anonymous

Remote denial of service exploit for Asterisk PBX that makes use of a bug in the SIP channel driver. Versions below 1.2.16 and below 1.4.1 are affected.

tags | exploit, remote, denial of service
SHA-256 | 5a35585cb02179c081c481b527bb9d32dd489f17cdc09a9fbdc837c8bfa91a2c
rps62-sql.txt
Posted Mar 8, 2007
Authored by s0cratex

RPS version 6.2 SQL injection exploit.

tags | exploit, sql injection
SHA-256 | e3e7f1bf0133f64fb0a116a1bbdef3784a4b0ac39907ed817f0822cc8e5d5bcd
rapidleech.txt
Posted Mar 8, 2007
Authored by Red_Dragon, Dark L0rD | Site onhackerline.com

Rapidleech remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 47a91b634d79fb830254956b731b301636d7ebe298c0f61b6ed34b09600f5956
tyger-sqlxss.txt
Posted Mar 8, 2007
Authored by CorryL

Tyger bug tracking system version 1.1.3 suffers from SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | 0a6b81b6f0f669ee5e6eebdb06a55621e97da19d9ed0ef0bd07b8fa5c834cf26
bj-xss.txt
Posted Mar 8, 2007
Authored by sn0oPy

BJ Webring suffers from a cross site scripting flaw.

tags | exploit, xss
SHA-256 | b2d1f90bffbe032f022a3e17b4bd6644751dc808374a207f9de684cabad91a9a
webspell-exec.txt
Posted Mar 8, 2007
Authored by DarkFig

webSPELL versions 4.01.02 and below remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 29547bcb116a8a5c976676f6723cca0288b40635aecde39ddaec964f24859f18
wp-compromise.txt
Posted Mar 8, 2007
Authored by Ivan Fratric

It appears that the WordPress blogging software was compromised and backdoored on Feb 25th, 2007 on the WordPress site.

tags | exploit
SHA-256 | 34ddea36404bae61b3ed5fc2e049d2e8e59f33ea3c70b17cba90e92bcbaf2098
Mandriva Linux Security Advisory 2007.050
Posted Mar 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.10.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2006-6077, CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996, CVE-2007-1092
SHA-256 | a6c727c9c55b7a3d9a6b157a2ab03de066cd8481902e55ee8a61cf7b1109a114
netrekfs.zip
Posted Mar 8, 2007
Authored by Luigi Auriemma | Site aluigi.org

Proof of concept exploit for Netrek versions 2.12.0 and below which suffer from a format string vulnerability.

tags | exploit, proof of concept
SHA-256 | 93c912a65f97bc2caa9814c08bf6f13b9a409e47d7b90b10ac88e62c3795baaf
netrekfs.txt
Posted Mar 8, 2007
Authored by Luigi Auriemma | Site aluigi.org

Netrek versions 2.12.0 and below suffer from a format string vulnerability.

tags | advisory
SHA-256 | 41c173dd96c828918b04020674893aaebeedf56a458fb39de4e1d091992fd623
Page 1 of 4
Back1234Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close