Twenty Year Anniversary
Showing 1 - 25 of 43 RSS Feed

Files Date: 2007-03-14

Gentoo Linux Security Advisory 200703-11
Posted Mar 14, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-11 - The Magnatune downloader doesn't quote the m_currentAlbumFileName parameter while calling the unzip shell command. Versions less than 1.4.5-r1 are affected.

tags | advisory, shell
systems | linux, gentoo
MD5 | 44c1d37cdcb79f0a2e70c7b2ff391880
Debian Linux Security Advisory 1266-1
Posted Mar 14, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1266-1 - Gerardo Richarte discovered that GnuPG, a free PGP replacement, provides insufficient user feedback if an OpenPGP message contains both unsigned and signed portions. Inserting text segments into an otherwise signed message could be exploited to forge the content of signed messages. This update prevents such attacks; the old behaviour can still be activated by passing the --allow-multiple-messages option.

tags | advisory
systems | linux, debian
advisories | CVE-2007-1263
MD5 | 8b2c522c226b2b6ee8864850a13d2b8f
Core Security Technologies Advisory 2007.0219
Posted Mar 14, 2007
Authored by Core Security Technologies, Gerardo Richarte, Alfredo Ortega, Mario Vilas | Site coresecurity.com

Core Security Technologies Advisory - The OpenBSD kernel contains a memory corruption vulnerability in the code that handles IPv6 packets. Exploitation of this vulnerability can result in remote execution of arbitrary code at the kernel level on the vulnerable systems and/or a remote denial of service condition. Affected systems include OpenBSD 4.1 prior to Feb. 26th, 2006, OpenBSD 4.0 Current, OpenBSD 4.0 Stable, OpenBSD 3.9, OpenBSD 3.8, OpenBSD 3.6, and OpenBSD 3.1. Proof of concept exploit included.

tags | exploit, remote, denial of service, arbitrary, kernel, proof of concept
systems | openbsd
advisories | CVE-2007-1365
MD5 | f37a6332b213078f5620d3413f0db749
Mandriva Linux Security Advisory 2007.062
Posted Mar 14, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The DS_VideoDecoder_Open function in DirectShow/DS_VideoDecoder.c in xine-lib does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-1387
MD5 | 06e46c8ad429f82aa08b671166e7a5a8
Mandriva Linux Security Advisory 2007.061
Posted Mar 14, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The DS_VideoDecoder_Open function in loader/dshow/DS_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-1387
MD5 | 7e80324ab7031cdc524cedfc2ddcfa30
vbulletin-sql.txt
Posted Mar 14, 2007
Authored by meto5757, disfigure

vBulletin suffers from a SQL injection flaw via the admin panel.

tags | exploit, sql injection
MD5 | 042481c1835d861987d864fecce66eb1
jgbbs-sql.txt
Posted Mar 14, 2007
Authored by UniquE-Key

JGBBS version 3.0beta1 Search.ASP "Author" SQL injection exploit.

tags | exploit, sql injection, asp
MD5 | a0a173b66e3337563c419b5eb13a8a62
Echo Security Advisory 2007.74
Posted Mar 14, 2007
Authored by Echo Security, Dedi Dwianto | Site advisories.echo.or.id

WebCreator versions 0.2.6-rc3 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
MD5 | e448c301abd93785a07ae00e5e83190f
Echo Security Advisory 2007.72
Posted Mar 14, 2007
Authored by Echo Security, Dedi Dwianto | Site advisories.echo.or.id

CARE2X version 1.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
MD5 | 96440d59386266eb5ccacec41b1ce6fd
Echo Security Advisory 2007.71
Posted Mar 14, 2007
Authored by Echo Security, Dedi Dwianto | Site advisories.echo.or.id

Activist Mobilization Platform (AMP) version 3.2 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
MD5 | 92afb27e69f76ef319f7e6bc9e05101e
adv73-K-159-2007.txt
Posted Mar 14, 2007
Authored by M.Hasran Addahroni | Site advisories.echo.or.id

MySQL Commander versions 2.7 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
MD5 | ed9732d43ff33a1dcd0de05938417283
unrarlib-overflow.txt
Posted Mar 14, 2007
Authored by starcadi

Unrarlib version 0.4.0 suffers from a local buffer overflow condition.

tags | advisory, overflow, local
MD5 | 722cf49eec9653ea65c0736e23ef0c19
Ubuntu Security Notice 432-2
Posted Mar 14, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 432-2 - USN-432-1 fixed a vulnerability in GnuPG. This update provides the corresponding updates for GnuPG2 and the GPGME library. Gerardo Richarte from Core Security Technologies discovered that when gnupg is used without --status-fd, there is no way to distinguish initial unsigned messages from a following signed message. An attacker could inject an unsigned message, which could fool the user into thinking the message was entirely signed by the original sender.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2007-1263
MD5 | 8a90ad61541ac9fcd89bcbaa69897621
wdc-lfi.txt
Posted Mar 14, 2007
Authored by BorN To K!LL

Weekly Drawing Contest version 0.0.1 suffers from a local file disclosure vulnerability.

tags | exploit, local, file inclusion
MD5 | 6c0d144e61bb69493ad6e8181ff77ef7
aonat-xss.txt
Posted Mar 14, 2007
Authored by Florian Stinglmayr

aon.at suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9a1005a55999ceb7c7a0ede1b9eaecbb
adv69-K-159-2007.txt
Posted Mar 14, 2007
Authored by M.Hasran Addahroni | Site advisories.echo.or.id

OES (Open Educational System) version 0.1beta suffers from a remote file inclusion vulnerability.

tags | advisory, remote, file inclusion
MD5 | 8a1a2a03c82ac9b2068f434e82961323
alucard-0.1.tar.bz2
Posted Mar 14, 2007
Authored by Matthew Ranostay

Alucard is a UPnP port redirection application that allows a user to open ports on a UPnP enabled router.

tags | tool, peer2peer
MD5 | e5b00e2591b1ee589228e04072fa1dfd
Ubuntu Security Notice 436-1
Posted Mar 14, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 436-1 - Bryan Burns of Juniper Networks discovered that KTorrent did not correctly validate the destination file paths nor the HAVE statements sent by torrent peers. A malicious remote peer could send specially crafted messages to overwrite files or execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, juniper, ubuntu
advisories | CVE-2007-1384, CVE-2007-1385
MD5 | d8fc06197e1961113b0ab85d1d976242
Ubuntu Security Notice 435-1
Posted Mar 14, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 435-1 - Moritz Jodeit discovered that the DirectShow loader of Xine did not correctly validate the size of an allocated buffer. By tricking a user into opening a specially crafted media file, an attacker could execute arbitrary code with the user's privileges.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-1387
MD5 | 85ce8bc9f5fb53091f8de673817d7bc9
eplus-xss.txt
Posted Mar 14, 2007
Authored by Hanno Boeck | Site hboeck.de

www.eplus.de suffers from cross site scripting and remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, xss, file inclusion
MD5 | 750d332b1b3783554163c56392c909ca
deepsec2007-cfp.txt
Posted Mar 14, 2007
Site deepsec.net

Call for papers for the first annual European DeepSec In-Depth security conference.

tags | paper, conference
MD5 | c4da64eac742d849274126cf9abf2346
blackberry-dos.txt
Posted Mar 14, 2007
Authored by Michael Kemp | Site clappymonkey.com

A vulnerability has been discovered that could impact upon the availability of the BlackBerry 8100 Wireless handheld version 4.2.0.51.

tags | advisory, denial of service
MD5 | f397fc522258233fb850e781e638abac
assetman24-lfi.txt
Posted Mar 14, 2007
Authored by BorN To K!LL

AssetMan version 2.4a suffers from a local file disclosure vulnerability.

tags | exploit, local, file inclusion
MD5 | f4ee51ef7a944b6317ed9db89bf3ac60
fantastico-lfi.txt
Posted Mar 14, 2007
Authored by cyb3rt, 020

Fantastico in all versions of CPanel 10.x suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 44959ebb638a503a2e52ed963cd48840
clipshare-rfi.txt
Posted Mar 14, 2007
Authored by Hasadya Raed

A remote file inclusion vulnerability exists in ClipShare version 1.5.3.

tags | exploit, remote, code execution, file inclusion
MD5 | 05367d1dc7ac867e07172b32de3d6777
Page 1 of 2
Back12Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    7 Files
  • 21
    Apr 21st
    10 Files
  • 22
    Apr 22nd
    2 Files
  • 23
    Apr 23rd
    17 Files
  • 24
    Apr 24th
    35 Files
  • 25
    Apr 25th
    14 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close