ISR-sqlget is a blind SQL injection tool developed in Perl. It supports 20 databases, has various evasions features, SSL and proxy support, and more.
4ac98124e44160901dbd4f0fd6e7b92ffa530dcbfcbc73d2f2122fe5549a1093Simple shellcode generator written in Perl.
03991e43ec5d4d5b8c519651b343e547584481d7614bcb0c1b8961c3ebb016beMandriva Linux Security Advisory - Multiple cross site scripting vulnerabilities were discovered in pam_login.cgi in webmin prior to version 1.350, which could allow a remote attacker to inject arbitrary web scripts or HTML.
1bbbe676ac186d3ae6bd66dd9d54848626a7c80788f138d68e26053c9496a365Debian Security Advisory 1320-1 - Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. It was discovered that the OLE2 parser can be tricked into an infinite loop and memory exhaustion. It was discovered that the NsPack decompression code performed insufficient sanitizing on an internal length variable, resulting in a potential buffer overflow. It was discovered that temporary files were created with insecure permissions, resulting in information disclosure. It was discovered that the decompression code for RAR archives allows bypassing a scan of a RAR archive due to insufficient validity checks. It was discovered that the decompression code for RAR archives performs insufficient validation of header values, resulting in a buffer overflow.
62a4dcd169bebdf40e44a94dd161b10f047c7e6c91ce7107661336b7d9b5089dDebian Security Advisory 1319-1 - Several remote vulnerabilities have been discovered in MaraDNS, a simple security-aware Domain Name Service server.
402998143f0f2092d26bcd32bc571ec697568c6b823e5fe4dee1f4a8ef9c0560Debian Security Advisory 1318-1 - Several remote vulnerabilities have been discovered in ekg, a console Gadu Gadu client.
5c48b9b7359ae496f303d7bea1ef0aabd1f975e1ffc22adfcd9dd2c6442349faDebian Security Advisory 1317-1 - duskwave discovered that tinymux, a text-based multi-user virtual world server, performs insufficient boundary checks when working with user-supplied data, which might lead to the execution of arbitrary code.
3bf1bb01d6597bed9cfb800df13f7d338860554dbaed4e0091223f0bd87bb56cBarCodeAx.dll version 4.9 ActiveX control is susceptible to a remote stack buffer overflow.
5b8f251469b6b6ff16e87adec7af89f0e53ad8ce7a91fe3df07f6af3b97ab875Ubuntu Security Notice 476-1 - Fabio Massimo Di Nitto discovered that cman did not correctly validate the size of client messages. A local user could send a specially crafted message and execute arbitrary code with cluster manager privileges or crash the manager, leading to a denial of service.
e83c4673488457a524361a3367db932545cc68725676633da10de545d14b93c5Orkut fails to expire or disable the session associated with the 'orkut_state' cookie when the user logs out or fails to authenticate himself during a session.
3a90b01bdb461209a1a19adeb541b056df60200c9788a2bc7f1b48172b8ad24ceNdonesia version 8.4 suffers from a SQL injection vulnerability.
39adbd09c3de049026347d06dcda7c3dd848119e60eabdf6004f1b254c5c1dddVarious CA products that embed Ingres products contain multiple vulnerabilities that can allow an attacker to potentially execute arbitrary code.
b9420a8daa8448c325330f47f53519fd6d8bf578d33c969e755fb2c28d048bb8Avaxswf.dll, a library included in the Avax Vector ActiveX version 1.3 software package from the Company Civitech, has a flaw that allows for arbitrary file overwrite on the underlying system.
4ca55d3c8f70a52a5379bf51316724a294795bf8c806940932fe86568b7aca3aNCTAudioEditor2 ActiveX DLL NCTWMAFile2.dll version 2.6.2.157 exploit.
28a728208a8f4004c82fff2c6ff50e58377091a3c0e399bc41dfb3662e338c47NCTAudioStudio2 ActiveX DLL version 2.6.1.148 CreateFile() insecure method exploit.
641ca86b050b1f939e4516b7263fb460927024d0e291ff0eabbbbbf258573c45WordPress version 2.2 arbitrary file upload exploit that makes use of wp-app.php.
e3615ba509c5134cf8c8ab046f0939498ecebfe904efdf37d2c908beacd8ee87EVA-Web versions 1.1 through 2.2 suffer from a remote file inclusion vulnerability in index.php3.
15b51c2ca20967dfed1be0d23d5e9378dde61d5d32bfe061a3caa442b6c2038aphpSiteBackup version 0.1 suffers from a remote file inclusion vulnerability in pcltar.lib.php.
c15f8ed1a607da3a1ac5c714f34eec526bd4bc367a375d3cf0beaedc231ea9d6eDocStore suffers from a remote SQL injection vulnerability in doc.php.
e3be96d036a42982f6fb79111cf74e992a897d3c5b2112c827677d91a90d247ePagetool version 1.07 suffers from a remote SQL injection vulnerability.
bbb74469dd2079489b3d3d016b1faca6605a3d83a5383f894f11e57a120f6391Mambo and Joomla appear to suffer from multiple remote file inclusion vulnerabilities. Versions unavailable.
1f7e53adfcfbceb41bf299873bfc1fb6da23836fc81df035b7f99be016a520e3In Internet Explorer, using the mhtml: protocol handler and using Outlook Express's feature, arbitrary resources (such as HTML, image, application file and so on) can opened as MHTML formatted file and Content-Type: is disregarded.
379ef6bb17aaa05e0d8acff0481a2b322c0bc4e0908f5922391b81fb379775d0Mandriva Linux Security Advisory - xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
92555421d2dc923d15c2bfb45f542e1a5fd7a2573294255b84ddd68b9c72ac36Ubuntu Security Notice 475-1 - Philip Van Hoof discovered that the IMAP client in Evolution did not correctly verify the SEQUENCE value. A malicious or spoofed server could exploit this to execute arbitrary code with user privileges.
ff622ba311e9c8544b1c98b631427e0bd81209035858f95156eb83039afc0983NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
493166dd08a51d3f9649ed02ad91d119b7c4e9944155acc66331ce161a4bb5da
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed