exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 150 RSS Feed

Files Date: 2007-08-08

shellcode-crash.c
Posted Aug 8, 2007
Authored by Touron Guillaume

25 byte shellcode that checks Retrieve PEB->BeingDebugged and if a process is being debugged, it crashes.

tags | shellcode
SHA-256 | 6f80afe28a89782e2ec55e95f793b6cb366bd308000d924a3c962b3714cd8aa7
Ubuntu Security Notice 496-2
Posted Aug 8, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 496-2 - USN-496-1 fixed a vulnerability in koffice. This update provides the corresponding updates for poppler, the library used for PDF handling in Gnome. Derek Noonburg discovered an integer overflow in the Xpdf function StreamPredictor::StreamPredictor(). By importing a specially crafted PDF file into KWord, this could be exploited to run arbitrary code with the user's privileges.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-3387
SHA-256 | b48ad1fd14ab595468a419a8f32c81e18286aa18e1e3e8dc109c6cd072d501c2
iDEFENSE Security Advisory 2007-08-07.2
Posted Aug 8, 2007
Authored by iDefense Labs, mu-b | Site idefense.com

iDefense Security Advisory 08.07.07 - Remote exploitation of a heap overflow vulnerability in Apple Inc.'s mDNSResponder application may allow attackers to execute arbitrary code with root privileges. The vulnerability exists within the Legacy NAT Traversal code. Unlike the core of the mDNSResponder service, this area of code does not rely on Multicast UDP. It listens on a dynamically allocated Unicast UDP port. The vulnerability occurs when parsing a malformed HTTP request. This results in an exploitable heap overflow. iDefense has confirmed the existence of this vulnerability in Mac OS X version 10.4.10, Server and Workstation, with mDNSResponder version 108.5. Previous versions may also be affected.

tags | advisory, remote, web, overflow, arbitrary, root, udp
systems | apple, osx
advisories | CVE-2007-3744
SHA-256 | 6d4ffd82d1feb8bfe7a7063ef0cd7c374ce49e3b42b3308f79af1c4ab79d31a6
ASA-2007-019.txt
Posted Aug 8, 2007
Authored by Wei Wang, Jason Parker | Site asterisk.org

Asterisk Project Security Advisory - The Asterisk Skinny channel driver, chan_skinny, has a remotely exploitable crash vulnerability. A segfault can occur when Asterisk receives a "CAPABILITIES_RES_MESSAGE" packet where the capabilities count is greater than the total number of items in the capabilities_res_message array. Note that this requires an authenticated session.

tags | advisory
SHA-256 | 6782bf2d6ac72f8bab74a44c546cf27f72e55a525d134e95c06a05a5ff82cc07
Debian Linux Security Advisory 1352-1
Posted Aug 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1352-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. pdfkit.framework includes a copy of the xpdf code and required an update as well.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-3387
SHA-256 | 9ca9636a117ba33125cacb14b9d31ddc094e35adfb6f27dca5eb2629053db177
Debian Linux Security Advisory 1351-1
Posted Aug 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1351-1 - Tavis Ormandy discovered that bochs, a highly portable IA-32 PC emulator, is vulnerable to a buffer overflow in the emulated NE2000 network device driver, which may lead to privilege escalation.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2007-2893
SHA-256 | 9ed5c8afb858c9c2a354d2364ee837d57689c94bce926bb2f49654d04cd69604
iDEFENSE Security Advisory 2007-08-07.1
Posted Aug 8, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.07.07 - Remote exploitation of a buffer overflow vulnerability in ldcconn allows attackers to execute arbitrary code with root privileges. By sending a long string to the TCP port that ldcconn listens on, a buffer overflow is triggered. No authentication or data validation is performed. iDefense confirmed the existence of this vulnerability in HP-UX 11.11i. It is suspected that other versions are also vulnerable.

tags | advisory, remote, overflow, arbitrary, root, tcp
systems | hpux
SHA-256 | 6a40f61622abf67fb1152d6b4a99faa9cfeaa866e4d77c4a1f18a5861021c829
Ferite_Language_DoS.zip
Posted Aug 8, 2007
Authored by WarGame | Site vx.netlux.org

The interpreter for the Ferite programming language is susceptible to a denial of service flaw. Exploit code included.

tags | exploit, denial of service
SHA-256 | 0ecbbf35fa412d96096bb0bc89f6da784791689049b08c0d1129131ff4698fb1
googlecustom-xss.txt
Posted Aug 8, 2007
Authored by Lostmon | Site lostmon.blogspot.com

Google's custom search engine suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f055badf6c13861932c4e808371522508f461a1dff85f24b1da694f6a17d4485
vietphp-rfi.txt
Posted Aug 8, 2007
Authored by master-of-desastor

VietPHP suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | f96d85528c734c4a6e084b3e5f9121593cc0718b43f380556b49ceac71f9c058
csam-xss.txt
Posted Aug 8, 2007
Authored by Tushar Vartak

The C-SAM oneWallet web admin interface suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
SHA-256 | 15fe21b92c8c2e05f33cd1600df0ce66dbf1fed15db78d41640ab7acb4a29a88
Zero Day Initiative Advisory 07-045
Posted Aug 8, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the Novell Netware Client. Authentication is not required to exploit this vulnerability. The specific flaw exists in nwspool.dll which is responsible for handling RPC requests through the spools named pipe. Several RPC functions exposed by this DLL do not properly verify argument sizes and subsequently copy user-supplied data to a stack-based buffer resulting in an exploitable overflow.

tags | advisory, remote, overflow, arbitrary
SHA-256 | 2aa85c8573749f248e3c8693b58a6f7e6de06d9494966a16468c73f6670eb079
konq-spoof.txt
Posted Aug 8, 2007
Authored by Robert Swiecki | Site alt.swiecki.net

Konqueror version 3.5.7 suffers from a URL address spoofing vulnerability.

tags | advisory, spoof
SHA-256 | 53cf2249e77cbd494d6b351f2f6b62156b2a3abe63908fe6f0efeac2dcb62025
ariadnecms-rfi.txt
Posted Aug 8, 2007
Site aria-security.net

Ariadne CMS suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 26f0be4e087bb27c13f73b3833745d69e2151e751654b070e6a42900864e8a06
ezphotosales-multi.txt
Posted Aug 8, 2007
Authored by Seth Fogie | Site airscanner.com

EZPhotoSales version 1.9.3 suffers from cross site scripting and php shell upload vulnerabilities.

tags | advisory, shell, php, vulnerability, xss
SHA-256 | 70518c493709d823450218e62d3369de7998ea2cc23a3b49e38a1385c539ec0d
Debian Linux Security Advisory 1350-1
Posted Aug 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1350-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. tetex-bin includes a copy of the xpdf code and required an update as well.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-3387
SHA-256 | fffb21c8991279690441a2515c661592680f44480edf89a3d6e3cabe1d0849b2
cisspcom-sql.txt
Posted Aug 8, 2007
Authored by Tonu Samuel

It appears that cissp.com suffers from yet another SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 3b2f4c0c7353d9fa05c3755227594ebfc61ecd2b11132fdd6f8b419075175095
TS-2007-002-0.txt
Posted Aug 8, 2007
Authored by Template Security

Template Security has discovered a serious user input validation vulnerability in the BlueCat Networks Proteus IPAM appliance. Proteus can be used to upload files to managed Adonis appliances to be downloadable by TFTP from the appliance. A Proteus administrator with privilege to add TFTP files and perform TFTP deployments can overwrite existing files and create new files as root on the Adonis DNS/DHCP appliance. This can be used for example to overwrite the system password database and change the root account password. Exploitation details provided. E

tags | exploit, root
SHA-256 | b0eb22efabd9f01f0e33d402c05a54ce9da6497be21f0ffd6bbb01e08c0d5664
HP Security Bulletin 2007-14.49
Posted Aug 8, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to poison the DNS cache.

tags | advisory
systems | hpux
advisories | CVE-2007-2926
SHA-256 | d938f8755a2b2e12e0b9d6384c695b73abab4ee365c4eb74e0f96fd31d576393
HP Security Bulletin 2006-12.75
Posted Aug 8, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified HP System Management

tags | advisory, vulnerability
advisories | CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-4339, CVE-2006-4343
SHA-256 | bad94072ba0de67832d1266e25833ffd96de150db9736aa61c3b1fa67d1c6f2d
Debian Linux Security Advisory 1349-1
Posted Aug 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1349-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. libextractor includes a copy of the xpdf code and required an update as well.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-3387
SHA-256 | a1b3246eafc60040081f3d8c0ba1f846370ca79519efc89287e6ded95b7b3642
trsec2007-cfp.txt
Posted Aug 8, 2007
Authored by Gadi Evron

Call For Papers for the TRsec conference which will be held September 8th, 2007 in Istanbul, turkey.

tags | paper, conference
SHA-256 | 30a72ba2d8d51978e55f377ee185c8181e6c2179aeb9d94c9fdf9bf517de1f9b
gool-alpha.tar.gz
Posted Aug 8, 2007
Authored by l0om | Site excluded.org

C library written to implement the functionality of Google queries into C related projects.

tags | library
SHA-256 | 135efb82700e7d3117b9caeffbc267fd572f84133cfe5a370c23d799c910c8da
alathkar-rfi.txt
Posted Aug 8, 2007
Authored by Hasadya Raed

AL-Athkar version 2.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 4e595aed5810f15d05d860bf6e2ccce6b8ed3bcf48f9c0e505c90aac63773d57
vgallite-rfi.txt
Posted Aug 8, 2007
Authored by Hasadya Raed

All versions of vgallite suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | a1e255eedc76f5a079c412451c825407890c01dd98a0bba16f392315c642d4fc
Page 1 of 6
Back12345Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    19 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close