what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2007-06-20

HP Security Bulletin 2007-13.34
Posted Jun 20, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP System Management

tags | advisory
SHA-256 | 6d87d50fb9824e334817a07fa88b27c6537eab444d9cab61219d0000901cc177
Debian Linux Security Advisory 1314-1
Posted Jun 20, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1314-1 - Several local and remote vulnerabilities have been discovered in open-iscsi, a transport-independent iSCSI implementation. Olaf Kirch discovered that due to a programming error access to the management interface socket was insufficiently protected, which allows denial of service. He also discovered that access to a semaphore used in the logging code was insufficiently protected, allowing denial of service.

tags | advisory, remote, denial of service, local, vulnerability
systems | linux, debian
advisories | CVE-2007-3099, CVE-2007-3100
SHA-256 | 2e3112d455b4181c431639e215f8985ead559c096d2fbaab69a734e13de5e615
ips-evasion.txt
Posted Jun 20, 2007
Authored by H D Moore

Various commercial IPS products fail to decode HTTP requests that contain 0x0c, 0x0b, and 0x0d instead of normal 0x20/0x09 separators.

tags | exploit, web
SHA-256 | 8bd2fb21a6f9fe779b10b9809f5d7d778051d40abcfa264fa44340d85608f90a
Debian Linux Security Advisory 1313-1
Posted Jun 20, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1313-1 - Stefan Cornelius and Reimar Doeffinger discovered that the MPlayer movie player performs insufficient boundary checks when accessing CDDB data, which might lead to the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2007-2948
SHA-256 | 249deea05498f73ad4a3f06eaa45d4b64df7f87b34781ca7512de62b516383b5
wppersist-xss.txt
Posted Jun 20, 2007
Authored by Matteo Carli | Site matteocarli.com

A persistent cross site scripting vulnerability exists in the Wordpress.com dashboard.

tags | exploit, xss
SHA-256 | dfaba2f61102da0059c193b2576ec0cfd98b29788b91f7a724667e8fc3e02e19
ACM-CFP2007.txt
Posted Jun 20, 2007
Site auto.tuwien.ac.at

The 5th ACM Workshop On Recurring Malcode (WORM) 2007 Call For Papers has been announced. It will be held on November 2, 2007 in Alexandria, VA, USA.

tags | paper, worm, conference
SHA-256 | 7ab6cf12db2ea05d1265b04647eb4163b4b0157453df2402b32375452ad9bdcd
yabb-lfi.txt
Posted Jun 20, 2007
Authored by krasza | Site krasza.int.pl

YaBB versions 2.1 and below suffer from a local file inclusion vulnerability that allows for remote code execution.

tags | exploit, remote, local, code execution, file inclusion
SHA-256 | af958fb5a94edadc7e8f93f91b70ddb2da76329318f1774e91870c90573fdf8e
maradns-dos.txt
Posted Jun 20, 2007
Authored by Joao Antunes

MaraDNS versions 1.2.12.05-stable and below and 1.3.04-testing and below suffer from a denial of service condition.

tags | advisory, denial of service
SHA-256 | cca3d3cbe71291d82a55ef07a0fd35c34a7406574ef85478cf3e3bce4d8b2042
fusetalkpoc-sql.txt
Posted Jun 20, 2007
Authored by Ivan Almuina | Site fastcom-technology.com

FuseTalk version 2.0 suffers from a SQL injection vulnerability in autherror.cfm.

tags | exploit, sql injection
SHA-256 | 5ebbcffcaeb54aea7359861858adc1e00f52b63b66cc98e800d62c35c2366cd1
igshop14-eval.txt
Posted Jun 20, 2007
Authored by IFX

iG Shop version 1.4 suffers from an eval inclusion vulnerability.

tags | exploit
SHA-256 | 503e256e013dda3871574a243225434a0123140b50e47040b3018897fbd6b358
CVE-2007-1358.txt
Posted Jun 20, 2007
Site tomcat.apache.org

Apache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.34, 5.0.0 to 5.0.30, 5.5.0 to 5.5.20, and 6.0.0 to 6.0.5 suffer from a cross site scripting flaw in Accept-Language header processing.

tags | advisory, xss
advisories | CVE-2007-1358
SHA-256 | d999b15d8c14e8f9941eb0de2b9fcc406bb711763d4e143d20615de1a557bab6
iDEFENSE Security Advisory 2007-06-18.1
Posted Jun 20, 2007
Authored by iDefense Labs, blurredlogic.com | Site idefense.com

iDefense Security Advisory 06.18.07 - Remote exploitation of a heap overflow vulnerability in Cerulean Studios Trillian Instant Messenger could allow attackers to execute arbitrary code as the currently logged on user. The vulnerability specifically exists due to improper handling of UTF-8 sequences. When word-wrapping UTF-8 text, the window width is improperly used as a buffer size value. As such, heap corruption can occur leading to a potentially exploitable condition. iDefense has confirmed the existence of this vulnerability in Cerulean Studios Trillian 3.1.5.1. Previous versions are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary
SHA-256 | eaec603cc0f1fc35245ab560fc482e2cf32d55c0def227512013cdcf240eb5f1
nufw-2.2.1.tar.gz
Posted Jun 20, 2007
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: IANA has assigned two ports to nufw. Some other minor changes.
tags | tool, remote, firewall
systems | unix
SHA-256 | b681fdbe64e05e8b559c50487a0c4848bd09463d30edb907db2df1c0d2d0001b
vinetto-beta-0.07.tar.gz
Posted Jun 20, 2007
Authored by rukin | Site vinetto.sourceforge.net

Vinetto is a tool intended for forensics examinations. It is a console program to extract thumbnail images and their metadata from those thumbs.db files generated under Microsoft Windows. Vinetto works under Linux, Cygwin(win32) and Mac OS X.

tags | tool, forensics
systems | linux, windows, apple, osx
SHA-256 | 1dccf3385e5654d4cb3bbf6a757e3639b142249f8e4badbdc7f8f2388a1f6367
Nmap-Parser-1.11.tar.gz
Posted Jun 20, 2007
Authored by Anthony G Persaud | Site npx.sourceforge.net

Nmap Parser is a Perl module that simplifies the process of developing scripts and collecting information from the XML nmap scan data, which can be obtained by using nmap's -oX switch or from the file handle of a pipe to an nmap process. It uses the XML twig library for parsing, and supports filters.

Changes: Adding parsing of distance information. Various bug fixes and changes.
tags | tool, perl, nmap
systems | unix
SHA-256 | dac4ca1a6fea3548a0920a2be3347bbd7d46166ad9080a8403533fbca96928dc
php523-overflow.txt
Posted Jun 20, 2007
Authored by rgod | Site retrogod.altervista.org

PHP version 5.2.3 Tidy extension local buffer overflow exploit for win32.

tags | exploit, overflow, local, php
systems | windows
SHA-256 | 77ab4ff0f5a046cb4cf44bd4a513d14d0712af937e419f340866aac22359816d
fusetalk-sql.txt
Posted Jun 20, 2007
Authored by Charles Kim

FuseTalk version 2.0 suffers from a SQL injection vulnerability.

tags | advisory, sql injection
SHA-256 | 79e424a6046bfd9991c3bc4708f02f767edba1870e8667c40d360d161345227f
fuzzylime-xss.txt
Posted Jun 20, 2007
Site serapis.net

fuzzylime forum versions 1.01b and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9ad9b369d80b57ebf091d1522196700efe20e03fd1e34f801017dcbdfef0aadc
webif-lfi.txt
Posted Jun 20, 2007
Authored by maiosyet | Site mawk.org

Webif.cgi suffers from a local file inclusion vulnerability.

tags | exploit, local, cgi, file inclusion
SHA-256 | d547b0f34f12329ecdd8498cec0bf1512aebabcd06b980ebfceddc93406b6a97
phb10-xss.txt
Posted Jun 20, 2007
Site serapis.net

PHP Hosting Biller version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | 7e237f155c2757d24d19d980e4a283173fa888e2c6f77f59c9789af664d74eb8
Debian Linux Security Advisory 1312-1
Posted Jun 20, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1312-1 - It was discovered that the Apache 1.3 connector for the Tomcat Java servlet engine decoded request URLs multiple times, which can lead to information disclosure.

tags | advisory, java, info disclosure
systems | linux, debian
advisories | CVE-2007-1860
SHA-256 | d6e583ec69a0e856aaa4acac15a004b79f0f9e922d60c725400771ac6e3f4fd8
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close