what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 46 RSS Feed

Files Date: 2007-07-25

CA Security Advisory 35527
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

Multiple CA products that utilize CA Message Queuing (CAM / CAFT) software contain a buffer overflow vulnerability. The vulnerability is a buffer overflow that can allow a remote attacker to execute arbitrary code by sending a specially crafted message to TCP port 3104.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2007-0060
SHA-256 | 46fe72c71f2b06a14afa104372ad4b44357e43e92eabdb5b2e93b341ebb45541
CA Security Advisory 35525
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA products that utilize the Arclib library contain two denial of service vulnerabilities. The first vulnerability is due to an application hang when processing a specially malformed CHM file. The second vulnerability is due to an application hang when processing a specially malformed RAR file.

tags | advisory, denial of service, vulnerability
advisories | CVE-2007-3875, CVE-2007-5645
SHA-256 | 01a0d7692b70c516c3cfb44baa9d756e9080e6e2262ee925e1c28f0efba48ff3
CA Security Advisory 35524
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

eTrust Intrusion Detection contains a vulnerability associated with the caller.dll ActiveX control. The vulnerability is due to the caller.dll ActiveX control being marked safe for scripting. An attacker, who can lure a user into visiting a malicious website, can potentially gain complete control of an affected installation.

tags | advisory, activex
advisories | CVE-2007-3302
SHA-256 | bf7652ef856974e523274a458f8762421906e746b5daddbe7db3072d50c9cec1
Gentoo Linux Security Advisory 200707-8
Posted Jul 25, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200707-08 - Tavis Ormandy of the Gentoo Linux Security Team discovered that NVClock makes usage of an insecure temporary file in the /tmp directory. Versions less than 0.7-r2 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-3531
SHA-256 | 49bc101496f913c58830c992e62e2dec2b3bc40995cba3b81c1831c3513e55fd
Gentoo Linux Security Advisory 200707-7
Posted Jul 25, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200707-07 - Secunia Research discovered several boundary errors in the functions cddb_query_parse(), cddb_parse_matches_list() and cddb_read_parse(), each allowing for a stack-based buffer overflow. Versions less than 1.0.20070622 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-2948
SHA-256 | b2192a9441e36df98290d94e602d1a6f20bb03b1df7f9121ef8d02097dc28623
philboard-xss.txt
Posted Jul 25, 2007
Authored by GeFORC3

W1L3D4 Philboard version 0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0b78628d4f19f5a0cb45fb7269ba6256f18c4b68696e642f29519ac121efe0e7
iDEFENSE Security Advisory 2007-07-24.2
Posted Jul 25, 2007
Authored by iDefense Labs, Sebastian Apelt | Site idefense.com

iDefense Security Advisory 07.24.07 - Remote exploitation of a design error vulnerability in Computer Associates International Inc.'s (CA) eTrust Intrusion Detection allows attackers to execute arbitrary code. iDefense has confirmed that CA eTrust Intrusion Detection version 3.0.5 on Windows is vulnerable. The file version of caller.dll tested was 3.0.5.55.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2007-3302
SHA-256 | dd433f38cbabc80db9006ffd84b9047b05a53fde7911950b55cdcb6f78112bb8
iDEFENSE Security Advisory 2007-07-24.1
Posted Jul 25, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 07.24.07 - Remote exploitation of a denial of Service (DoS) vulnerability in Computer Associates Inc.'s eTrust Antivirus products could allow attackers to create a DoS condition on the affected computer. When eTrust Antivirus engine scans a malformed CHM file that has an invalid 'previous listing chunk number' field, the scanner will enter an infinite loop and be unable to process any other files. iDefense has confirmed this vulnerability in eTrust AntiVirus version r8. Previous versions of eTrust Antivirus are suspected vulnerable. Other Computer Associates products, as well as derived products, may also be vulnerable.

tags | advisory, remote, denial of service
advisories | CVE-2007-3875
SHA-256 | 04c66f8b25bb6d61d26d34c817ccf1842cdfb1a9e492bfaf3dba8ca5cc441556
linkedin-overflow.txt
Posted Jul 25, 2007
Authored by Jared DeMott

LinkedIn Toolbar version 3.0.2.1098 remote buffer overflow exploit.

tags | exploit, remote, overflow
SHA-256 | 276f04e00b22be1aa1f8eeb897869e012c20428c2d4000dd5978aad2ff6f3647
php523-win32std.txt
Posted Jul 25, 2007
Authored by shinnai | Site shinnai.altervista.org

PHP version 5.2.3 win32std extension safe_mode and disable_functions protections bypass exploit.

tags | exploit, php
SHA-256 | c0b5210c1eba3d173dcdc775bb24372cee07dd000fcf24441a3e82205403229f
articledir-rfi.txt
Posted Jul 25, 2007
Authored by mozi, magenkyo.sharingan

Article Directory suffers from a remote file inclusion vulnerability in index.php.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | 814c803a7ba594692f6ed748ac55519436e5a70167f1634c81512e76199b512d
TPTI-07-13.txt
Posted Jul 25, 2007
Authored by Cody Pierce | Site dvlabs.tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Borland Interbase. Authentication is not required to exploit this vulnerability. The specific flaw exists within the database service, ibserver.exe, which binds to TCP port 3050.

tags | advisory, remote, arbitrary, tcp
advisories | CVE-2007-3566
SHA-256 | 850c607e9262a42909f4e85e2338159268b92e0d74783621cf9880c4fab9ec83
Zero Day Initiative Advisory 07-043
Posted Jul 25, 2007
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is required to exploit this vulnerability. The specific flaw exists due to a lack of bounds checking during the parsing of arguments to the SUBSCRIBE IMAP command sent to the IMAP daemon listening by default on TCP port 143. By providing an overly long string as the argument, an exploitable stack-based buffer overflow occurs.

tags | advisory, overflow, arbitrary, tcp, imap
advisories | CVE-2007-2795
SHA-256 | 8279df9e3f6628e382b2c7a5a6be9506ada270ff36959ade2e745ffecec11bc0
Zero Day Initiative Advisory 07-042
Posted Jul 25, 2007
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is not required to exploit this vulnerability. The specific flaw resides in IMailsec.dll while attempting to authenticate users. The affected component is used by multiple services that listen on a default installation. The authentication mechanism copies user-supplied data into fixed length heap buffers using the lstrcpyA() function. The unbounded copy operation can cause a memory corruption resulting in an exploitable condition.

tags | advisory, arbitrary
advisories | CVE-2007-2795
SHA-256 | 593b634096faa8f05ad818060f65a33e6146a050e4d9a804b7f9cba05849a6d2
Zero Day Initiative Advisory 07-041
Posted Jul 25, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on affected installations of Panda AdminSecure. Authentication is not required to exploit this vulnerability.

tags | advisory, remote, arbitrary
advisories | CVE-2007-3026
SHA-256 | 7c6246689015589b1e0647c5515fcfbad435e77e592c026cd650b08c4ce851cd
fscan-both.tgz
Posted Jul 25, 2007
Authored by Andres Tarasco | Site 514.es

Fast HTTP Auth Scanner is a new web security scanner for Windows that allows brute-force attacks against web based devices that require HTTP authentication. Source and binary included.

tags | web
systems | windows
SHA-256 | 6fdc2f841cacc72e9f514e6f59a51e63dafb283ee4928442ee10a184d4887dfb
ecms-exec.txt
Posted Jul 25, 2007
Authored by Kw3rLN | Site rstzone.net

Entertainment CMS remote command execution exploit that makes use of a local file inclusion vulnerability.

tags | exploit, remote, local, file inclusion
SHA-256 | 12f4eee9578b995db9f387cf8915ed478f34465662592c890009ec7a7d2004cc
confixx-rfi.txt
Posted Jul 25, 2007
Authored by H4 / Team XPK

Confixx pro versions 3.3.1 and below suffer from a remote file inclusion vulnerablity in saveserver.php.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | acad98881a3c7ecc317be62929385547bfa0ee8b227cc6817d45b135166e8862
Cisco Security Advisory 20070724-arp
Posted Jul 25, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Wireless LAN Controllers (WLC) contain multiple vulnerabilities in the handling of Address Resolution Protocol (ARP) packets that could result in a denial of service (DoS) in certain environments.

tags | advisory, denial of service, vulnerability, protocol
systems | cisco
SHA-256 | 49d4aed524ba4f532bb8f28779708594c0e2d390cac6f96a8448b03d79e8f31c
exploit.c
Posted Jul 25, 2007
Authored by Joey Mengele

Remote buffer overflow exploit for Windows RSHD version 1.7.

tags | exploit, remote, overflow
systems | windows
SHA-256 | 9110674c952064aafb14be264c6e9c8ddc58a09e7d4f6cae51810f67bd0c6415
jgaa-sql.txt
Posted Jul 25, 2007
Authored by fl0 fl0w

jgaa remote SQL injection exploit that allows administrator password hash retrieval.

tags | exploit, remote, sql injection
SHA-256 | 1f985808327542ceaf40c4201340e279d95406ff802e793817633815898a85db
dbdisplay-exec.txt
Posted Jul 25, 2007
Authored by hadihadi

dbdisplay.pl is susceptible to an arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
SHA-256 | 47a5e85ad83ab5cb2548a3e76210ec4cd7cb26a041537257ac1b17baf4fcb9bc
printenv-xss.txt
Posted Jul 25, 2007
Authored by hadihadi

printenv.pl is vulnerable to cross site scripting attacks.

tags | exploit, xss
SHA-256 | 758246a0cd632c7a9c7bb7e8c0d7fbf53ed1ca3d0c7b1f6484c4989f7ae524aa
ProCheckUp Security Advisory 2007.21
Posted Jul 25, 2007
Authored by Adrian Pastor, ProCheckUp

Webbler CMS version 3.1.3 forms are susceptible to spamming and phishing abuse.

tags | advisory
SHA-256 | 5503488e23f6c7be676955ef2ffeb9270118cf81117c979021082d3a7f4cb7b9
ProCheckUp Security Advisory 2007.20
Posted Jul 25, 2007
Authored by Adrian Pastor, ProCheckUp

A path disclosure issue exists in Webbler CMS version 3.1.3.

tags | advisory
SHA-256 | 0267ae1558c984731c4b64348994f7232c96b5bffeaa5da4309b9287b10bbb1c
Page 1 of 2
Back12Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close