exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2007-03-21

MOPB-hash.txt
Posted Mar 21, 2007
Authored by Stefan Esser | Site hardened-php.net

Month of PHP Bugs - PHP versions 5.2.1 and below hash_update_file() freed resource usage exploit.

tags | exploit, php
SHA-256 | e652b275f5af74b30e28ae26e1d3ae9676875b9e3511eb6ab4432ae190113864
MOPB-already.txt
Posted Mar 21, 2007
Authored by Stefan Esser | Site hardened-php.net

Month of PHP Bugs - PHP versions 4.4.6 and below and versions 5.2.1 and below ext/gd already fixed resources usage exploit.

tags | exploit, php
SHA-256 | d59910398469036df4bf066bb414d7e6b581ed535fbec4ab6630a641c607ebfe
phpraid-rfi.txt
Posted Mar 21, 2007
Authored by Cold Zero

phpRaid versions 3.0.7 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 51657e9f73937a81c2d85110244913741a2fa4e20a544aa9dfecfc0b4024ca02
htmltonuke-rfi.txt
Posted Mar 21, 2007
Authored by Cold Zero

PHP-Nuke module htmltonuke version 2.0alpha suffers from a remote file inclusion vulnerability.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | d14edac8ad1d6b8dd287a7c2935b9662de640638eb448b211043d0cc557134fe
geblog01-lfi.txt
Posted Mar 21, 2007
Authored by GolD_M | Site tryag.cc

GeBlog version 0.1 local file inclusion exploit.

tags | exploit, local, file inclusion
SHA-256 | 721ab0cad67eb6811b2c5dea088623b45571c4a70430362c982e05df42162437
Ubuntu Security Notice 438-1
Posted Mar 21, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 438-1 - A flaw was discovered in Inkscape's use of format strings. If a user were tricked into opening a specially crafted URI in Inkscape, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-1463
SHA-256 | f2b35298e2a943b4dc3c48ea468c2918ffe8accf76da0789c798e4f16ccd8b51
Mandriva Linux Security Advisory 2007.066
Posted Mar 21, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - By default, OpenAFS prior to 1.44 and 1.5.17 supports setuid programs within the local cell, which could allow attackers to obtain privileges.

tags | advisory, local
systems | linux, mandriva
advisories | CVE-2007-1507
SHA-256 | 1a31b1a9ae1ba8b786e797e19e3190c19c3691a4b1c5223f27307acea8bedd6e
Mandriva Linux Security Advisory 2007.065
Posted Mar 21, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Luigi Auriemma discovered a number of problems with the nas (Network Audio System) daemon that could be used to crash nasd.

tags | advisory
systems | linux, mandriva
SHA-256 | 4e74bda94b89f0070dbd5c60146e11cfd024550c6faba146b3b37c9c21c5574d
Gentoo Linux Security Advisory 200703-23
Posted Mar 21, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-23 - Wordpress contains several cross-site scripting, cross-site request forgery and information leak vulnerabilities. Versions less than or equal to 2.1.2 are affected.

tags | advisory, vulnerability, xss, csrf
systems | linux, gentoo
advisories | CVE-2007-1049, CVE-2007-1230, CVE-2007-1244, CVE-2007-1409
SHA-256 | 1f104b4392583bd1176e47a233b0dece5acd97d66d1b15c5c0f29569aca7d6ca
Gentoo Linux Security Advisory 200703-22
Posted Mar 21, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-22 - iDefense has reported two potential buffer overflow vulnerabilities found by researcher regenrecht in the code implementing the SSLv2 protocol. Versions less than 3.11.5 are affected.

tags | advisory, overflow, vulnerability, protocol
systems | linux, gentoo
advisories | CVE-2007-0008, CVE-2007-0009
SHA-256 | 72a04b8fd36b196d5d79f64d9f94bfdc9b93cdc6b9aa31fbee63aed8a7fc945e
Gentoo Linux Security Advisory 200703-21
Posted Mar 21, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-21 - Several vulnerabilities were found in PHP by the Hardened-PHP Project and other researchers. These vulnerabilities include a heap-based buffer overflow in htmlentities() and htmlspecialchars() if called with UTF-8 parameters, and an off-by-one error in str_ireplace(). Other vulnerabilities were also found in the PHP4 branch, including possible overflows, stack corruptions and a format string vulnerability in the *print() functions on 64 bit systems. Versions less than 5.2.1-r3 are affected.

tags | advisory, overflow, php, vulnerability
systems | linux, gentoo
advisories | CVE-2006-5465, CVE-2007-0906, CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0911, CVE-2007-0988, CVE-2007-1286, CVE-2007-1375, CVE-2007-1376, CVE-2007-1380, CVE-2007-1383
SHA-256 | 2a68bf4d09b8bcea9389593696b002f77d4faf366a29f85257aee2053ef4e678
Debian Linux Security Advisory 1271-1
Posted Mar 21, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1271-1 - A design error has been identified in the OpenAFS, a cross-platform distributed filesystem included with Debian.

tags | advisory
systems | linux, debian
advisories | CVE-2007-1507
SHA-256 | 0c44d847b6eb7dcdebf7013ee1e46bc1c3dd0d0e39e071bfedb66147f572c557
Debian Linux Security Advisory 1270-1
Posted Mar 21, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1270-1 - iDefense reported several integer overflow bugs in libwpd, a library for handling WordPerfect documents that is included in OpenOffice.org. Attackers are able to exploit these with carefully crafted WordPerfect files that could cause an application linked with libwpd to crash or possibly execute arbitrary code. Next Generation Security discovered that the StarCalc parser in OpenOffice.org contains an easily exploitable stack overflow that could be used exploited by a specially crafted document to execute arbitrary code. It has been reported that OpenOffice.org does not escape shell meta characters and is hence vulnerable to execute arbitrary shell commands via a specially crafted document after the user clicked to a prepared link.

tags | advisory, overflow, arbitrary, shell
systems | linux, debian
advisories | CVE-2007-0002, CVE-2007-0238, CVE-2007-0239
SHA-256 | 0ddd6cae3eb3b01c6b9bd54992ea7953866af3e4536c39cf818f233f33040e70
helix-heap.txt
Posted Mar 21, 2007
Authored by Evgeny Legerov | Site gleg.net

Helix Server version 11.1.2 suffers from a remote heap overflow vulnerability that allows a remote attacker to gain root privileges. Proof of concept exploit included.

tags | exploit, remote, overflow, root, proof of concept
SHA-256 | 20b0284d9e9d99fca43d85291edbe9351bd0685595b37229833f630cb7c7d7ab
mercur-v1.txt
Posted Mar 21, 2007
Authored by mu-b | Site digit-labs.org

Mercur IMAPD exploit that makes use of several bugs in the NTLM implementation. It gives the attacker complete control over a memcpy to a stack variable and the outcome is a denial of service (crash).

tags | exploit, denial of service
SHA-256 | 84fc3e80797cb6515674112ded1476d513c92ca06b47bff1373db7fed2520cff
wagora-multi.txt
Posted Mar 21, 2007
Authored by laurent gaffie

w-agora suffers from file upload, full patch disclosure, cross site scripting and SQL injection flaws.

tags | exploit, xss, sql injection, file upload
SHA-256 | 3efd765d970df008d312b5e83159a95f0e0ff9bac3d35929954a7b793a1a3995
webwiz805-sql.txt
Posted Mar 21, 2007
Authored by Ivan Fratric | Site ifsec.blogspot.com

The MySQL version of Web Wiz version 8.05 suffers from a SQL injection vulnerability.

tags | exploit, web, sql injection
SHA-256 | 46e06067662bde321441a6d0fe076931e11a8bd16508818d4205deda46b5aa56
mshtmldll.txt
Posted Mar 21, 2007
Authored by SaiedHacker

It appears that Microsoft Internet Explorer 6 suffers from some denial of services vulnerabilities that result in a browser crash.

tags | advisory, denial of service, vulnerability
SHA-256 | 9e51edcb416e9349611acf43e4113af5fd75a2b16f05995f12e3f6b0c30ac448
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close