what you don't know can hurt you
Showing 1 - 25 of 59 RSS Feed

Files Date: 2007-07-31

webevent-xss.txt
Posted Jul 31, 2007
Authored by d3hydr8

WebEvent versions 2.61 through 4.03 suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | e845fa92c913ff1e0d252394242d6648
CAL-20070730-1.txt
Posted Jul 31, 2007
Authored by Code Audit Labs | Site vulnhunt.com

The BlueSkyCat ActiveX control suffers from a remote heap overflow vulnerability. Versions 8.1.2.0 and below of v2.ocx are affected.

tags | exploit, remote, overflow, activex
MD5 | fb1f1924ce376325a941c89d2ee1da1d
internic-xss.txt
Posted Jul 31, 2007
Authored by Tosser

InterNIC's whois look-up suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 52c69f700bb337b3ca1c369b766a3d6f
Debian Linux Security Advisory 1342-1
Posted Jul 31, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1342-1 - It was discovered that a race condition in the init.d script of the X Font Server allows the modification of file permissions of arbitrary files if the local administrator can be tricked into restarting the X font server.

tags | advisory, arbitrary, local
systems | linux, debian
advisories | CVE-2007-3103
MD5 | dcfee0c9d0bf3d013082cf2ace2e6fad
woliocms-sql.txt
Posted Jul 31, 2007
Authored by k1tk4t | Site newhack.org

wolioCMS suffers from a SQL injection and administrative bypass vulnerability.

tags | exploit, sql injection, bypass
MD5 | 5aa677adb0ec47525012c9a6643bb812
TISA2007-07-Public.pdf
Posted Jul 31, 2007
Authored by Edi Strosar | Site teamintell.com

iBON 2006 suffers from a memory corruption vulnerability.

tags | advisory
MD5 | 5bf6986298d362e15a3704e2726a3ca9
ASA-2007-018.txt
Posted Jul 31, 2007
Authored by Russell Bryant | Site asterisk.org

Asterisk Project Security Advisory - The IAX2 channel driver in Asterisk is vulnerable to a denial of service attack when configured to allow unauthenticated calls.

tags | advisory, denial of service
MD5 | f10161aaa11ac16f83b440be2b06f0c7
DRUPAL-SA-2007-018.txt
Posted Jul 31, 2007
Authored by Heine Deelstra | Site drupal.org

Drupal security advisory - Drupal versions 4.7.x before version 4.7.7 and 5.x versions before version 5.2 suffer from cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
MD5 | 14ed81a89851a22a0c0d2354917b0018
DRUPAL-SA-2007-017.txt
Posted Jul 31, 2007
Authored by Heine Deelstra | Site drupal.org

Drupal security advisory - Several parts in Drupal core are not protected against cross site request forgeries due to improper use of the Forms API, or by taking action solely on GET requests. Malicious users are able to delete comments and content revisions and disable menu items by enticing a privileged users to visit certain URLs while the victim is logged-in to the targeted site. Drupal versions 5.x below 5.2 are affected.

tags | advisory
MD5 | b734838a39dd108a42a7f302a14031cf
TS-2007-001-0.txt
Posted Jul 31, 2007
Authored by forloop, defaultroute

Template Security has discovered a serious denial of service vulnerability in the BlueCat Networks Adonis DNS/DHCP Appliance. When XHA is configured to place two Adonis servers in an active-passive pair to provide high availability, a remote attacker can transmit a single UDP datagram to crash the heartbeat control process. This can be used for example to create an active/active condition in the cluster pair.

tags | advisory, remote, denial of service, udp
MD5 | 93327c040982d60f65ac09b19795f2e6
Ser_Insec_Bison.pdf
Posted Jul 31, 2007
Authored by Aditya K Sood | Site secniche.org

Whitepaper titled Binary JSON: Insecurity In Implementing Serialization.

tags | paper
MD5 | e87fa0203d5d04e163bdf94de4a6f5bc
Security_Testing_Enterprise_Messaging_Systems.pdf
Posted Jul 31, 2007
Authored by Andy Davis - IRMPLC, Phil Huggins | Site irmplc.com

This paper discusses potential security weaknesses that may be present in messaging systems either as a result of software flaws, application design or the misconfigurations of services. It focuses on TIBCO Rendezvous, as an example of a commonly used enterprise messaging system. Recommendations are then presented which mitigate these security issues.

tags | paper
MD5 | cfb45eac3e565e1e32e3b0effda2bb2c
joomla-sql.txt
Posted Jul 31, 2007
Authored by HACKERS PAL | Site soqor.net

Joomla version 1.0.12 suffers from a SQL injection vulnerability.

tags | exploit, sql injection
MD5 | 1dcc59039c372abdfe8738d8e1657d81
Gentoo Linux Security Advisory 200707-14
Posted Jul 31, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200707-14 - mu-b from Digital Labs discovered that the return value of a snprintf() call is not properly checked before being used. This could lead to an integer overflow. Versions less than 3.9.5-r3 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-3798
MD5 | c0978bd26a6994bc80e14e36548af670
Gentoo Linux Security Advisory 200707-13
Posted Jul 31, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200707-13 - A vulnerability has been discovered in Fail2ban when parsing log files. Versions less than 0.8.0-r1 are affected.

tags | advisory
systems | linux, gentoo
MD5 | e034057bb09ddf0d761efb27dc37dad0
Gentoo Linux Security Advisory 200707-12
Posted Jul 31, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200707-12 - David Thiel from iSEC Partners Inc. discovered format string errors in various plugins when parsing data. The affected plugins include Vorbis, Theora, CDDA and SAP. Versions less than 0.8.6c are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-3316
MD5 | 1e7a2848a581129128432616d7b887fc
dora-bypass.txt
Posted Jul 31, 2007
Authored by Ilker Kandemir

Dora Emlak Script version 1.0 suffers from an administrative bypass vulnerability.

tags | exploit, bypass
MD5 | 81ed2e92b2732d6e8c5549b2c74297e3
phpvoter-rfi.txt
Posted Jul 31, 2007
Authored by Ilker Kandemir

phpVoter version 0.6 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 504b7b0d19e27cc616fd12fdc873437b
phorm-upload.txt
Posted Jul 31, 2007
Authored by Ilker Kandemir

Phorm version 3.0 suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
MD5 | 321a95c57c8eedb6c5f8f33677fda1d9
madoa-rfi.txt
Posted Jul 31, 2007
Authored by Ilker Kandemir

Madoa Poll version 1.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | b752aa4c28bf500442b26255f8f4498e
pwfm-rfi.txt
Posted Jul 31, 2007
Authored by Ilker Kandemir

phpWebFileManager version 0.5 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | bb895c2db5ba21fc3700ca9be21181cb
rig-rfi.txt
Posted Jul 31, 2007
Authored by Ilker Kandemir

RIG Image Gallery suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | e8d4e84ed6f698e083c2c6e14cd31a38
phpcoupon-upgrade.txt
Posted Jul 31, 2007
Authored by hack2prison

phpCoupon appears to have a vulnerability that may allow for account privilege escalation.

tags | exploit
MD5 | 1eabb69b0bf94da3f8a7f2dcd12c4362
itcms-xss.txt
Posted Jul 31, 2007
Authored by h4ck3riran | Site Aria-security.net

itcms version 0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e45473f36c260d6eef3c0814cd273d4e
commute-xss.txt
Posted Jul 31, 2007
Authored by h4ck3riran | Site Aria-security.net

Commute Community is susceptible to a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3ea014b6d2de352fa603848d80a8edfd
Page 1 of 3
Back123Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close