Exploit the possiblities
Showing 1 - 25 of 150 RSS Feed

Files Date: 2007-08-08

shellcode-crash.c
Posted Aug 8, 2007
Authored by Touron Guillaume

25 byte shellcode that checks Retrieve PEB->BeingDebugged and if a process is being debugged, it crashes.

tags | shellcode
MD5 | b1c3b715dfffadd5dcc701ba4de12731
Ubuntu Security Notice 496-2
Posted Aug 8, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 496-2 - USN-496-1 fixed a vulnerability in koffice. This update provides the corresponding updates for poppler, the library used for PDF handling in Gnome. Derek Noonburg discovered an integer overflow in the Xpdf function StreamPredictor::StreamPredictor(). By importing a specially crafted PDF file into KWord, this could be exploited to run arbitrary code with the user's privileges.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-3387
MD5 | 3e8891c25b0a5051bf52ab27fde68e06
iDEFENSE Security Advisory 2007-08-07.2
Posted Aug 8, 2007
Authored by iDefense Labs, mu-b | Site idefense.com

iDefense Security Advisory 08.07.07 - Remote exploitation of a heap overflow vulnerability in Apple Inc.'s mDNSResponder application may allow attackers to execute arbitrary code with root privileges. The vulnerability exists within the Legacy NAT Traversal code. Unlike the core of the mDNSResponder service, this area of code does not rely on Multicast UDP. It listens on a dynamically allocated Unicast UDP port. The vulnerability occurs when parsing a malformed HTTP request. This results in an exploitable heap overflow. iDefense has confirmed the existence of this vulnerability in Mac OS X version 10.4.10, Server and Workstation, with mDNSResponder version 108.5. Previous versions may also be affected.

tags | advisory, remote, web, overflow, arbitrary, root, udp
systems | apple, osx
advisories | CVE-2007-3744
MD5 | 4b45f03094f51eb2ad0bf0fa50c47eaa
ASA-2007-019.txt
Posted Aug 8, 2007
Authored by Wei Wang, Jason Parker | Site asterisk.org

Asterisk Project Security Advisory - The Asterisk Skinny channel driver, chan_skinny, has a remotely exploitable crash vulnerability. A segfault can occur when Asterisk receives a "CAPABILITIES_RES_MESSAGE" packet where the capabilities count is greater than the total number of items in the capabilities_res_message array. Note that this requires an authenticated session.

tags | advisory
MD5 | e798ca193e72739ce8e5faa034a34d2a
Debian Linux Security Advisory 1352-1
Posted Aug 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1352-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. pdfkit.framework includes a copy of the xpdf code and required an update as well.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-3387
MD5 | 3cabb4059d5c1c5a9dee2614e03a023a
Debian Linux Security Advisory 1351-1
Posted Aug 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1351-1 - Tavis Ormandy discovered that bochs, a highly portable IA-32 PC emulator, is vulnerable to a buffer overflow in the emulated NE2000 network device driver, which may lead to privilege escalation.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2007-2893
MD5 | b355f33b1d184bfa2fc585b248dcfb59
iDEFENSE Security Advisory 2007-08-07.1
Posted Aug 8, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.07.07 - Remote exploitation of a buffer overflow vulnerability in ldcconn allows attackers to execute arbitrary code with root privileges. By sending a long string to the TCP port that ldcconn listens on, a buffer overflow is triggered. No authentication or data validation is performed. iDefense confirmed the existence of this vulnerability in HP-UX 11.11i. It is suspected that other versions are also vulnerable.

tags | advisory, remote, overflow, arbitrary, root, tcp
systems | hpux
MD5 | 74d1ebba3dba3848decd2b5aede69fa5
Ferite_Language_DoS.zip
Posted Aug 8, 2007
Authored by WarGame | Site vx.netlux.org

The interpreter for the Ferite programming language is susceptible to a denial of service flaw. Exploit code included.

tags | exploit, denial of service
MD5 | 7b31864ef778e1a6d5d03398d59009b9
googlecustom-xss.txt
Posted Aug 8, 2007
Authored by Lostmon | Site lostmon.blogspot.com

Google's custom search engine suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c8df88553da70f7cedff0ee8aacaea10
vietphp-rfi.txt
Posted Aug 8, 2007
Authored by master-of-desastor

VietPHP suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 703a6524e3f9e46d74e9362211e8e251
csam-xss.txt
Posted Aug 8, 2007
Authored by Tushar Vartak

The C-SAM oneWallet web admin interface suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
MD5 | b75d789d1a43f48a75ec35ec0b7f0ed4
Zero Day Initiative Advisory 07-045
Posted Aug 8, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the Novell Netware Client. Authentication is not required to exploit this vulnerability. The specific flaw exists in nwspool.dll which is responsible for handling RPC requests through the spools named pipe. Several RPC functions exposed by this DLL do not properly verify argument sizes and subsequently copy user-supplied data to a stack-based buffer resulting in an exploitable overflow.

tags | advisory, remote, overflow, arbitrary
MD5 | cd418df7def7fa08d91aa73fdbe6c118
konq-spoof.txt
Posted Aug 8, 2007
Authored by Robert Swiecki | Site alt.swiecki.net

Konqueror version 3.5.7 suffers from a URL address spoofing vulnerability.

tags | advisory, spoof
MD5 | db4642e8f59aab6d9cd54bd2d9e9ce27
ariadnecms-rfi.txt
Posted Aug 8, 2007
Site aria-security.net

Ariadne CMS suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | eb85bdcfe978f1bac9676ff01c58c969
ezphotosales-multi.txt
Posted Aug 8, 2007
Authored by Seth Fogie | Site airscanner.com

EZPhotoSales version 1.9.3 suffers from cross site scripting and php shell upload vulnerabilities.

tags | advisory, shell, php, vulnerability, xss
MD5 | cfe5e3a790d009e0a0861f78666dae22
Debian Linux Security Advisory 1350-1
Posted Aug 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1350-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. tetex-bin includes a copy of the xpdf code and required an update as well.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-3387
MD5 | cad9e69d6d7884146a02903695c20b11
cisspcom-sql.txt
Posted Aug 8, 2007
Authored by Tonu Samuel

It appears that cissp.com suffers from yet another SQL injection vulnerability.

tags | exploit, sql injection
MD5 | 47ec728fb981298258d42d8a05ef5c51
TS-2007-002-0.txt
Posted Aug 8, 2007
Authored by Template Security

Template Security has discovered a serious user input validation vulnerability in the BlueCat Networks Proteus IPAM appliance. Proteus can be used to upload files to managed Adonis appliances to be downloadable by TFTP from the appliance. A Proteus administrator with privilege to add TFTP files and perform TFTP deployments can overwrite existing files and create new files as root on the Adonis DNS/DHCP appliance. This can be used for example to overwrite the system password database and change the root account password. Exploitation details provided. E

tags | exploit, root
MD5 | 8a4de76d6997f2dba9b93bea297d4831
HP Security Bulletin 2007-14.49
Posted Aug 8, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to poison the DNS cache.

tags | advisory
systems | hpux
advisories | CVE-2007-2926
MD5 | 39021d82f847d79c5714b130df3847bc
HP Security Bulletin 2006-12.75
Posted Aug 8, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified HP System Management

tags | advisory, vulnerability
advisories | CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-4339, CVE-2006-4343
MD5 | 15f77edb82a22775889e3fe56157dbb0
Debian Linux Security Advisory 1349-1
Posted Aug 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1349-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. libextractor includes a copy of the xpdf code and required an update as well.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-3387
MD5 | 4e547b20a0fce299ec88f2efd0304a27
trsec2007-cfp.txt
Posted Aug 8, 2007
Authored by Gadi Evron

Call For Papers for the TRsec conference which will be held September 8th, 2007 in Istanbul, turkey.

tags | paper, conference
MD5 | 9886ab8b23f16f87c2d5d8fe1cec42b6
gool-alpha.tar.gz
Posted Aug 8, 2007
Authored by l0om | Site excluded.org

C library written to implement the functionality of Google queries into C related projects.

tags | library
MD5 | 56122e6e5da2c246e6f4fb910a1bb919
alathkar-rfi.txt
Posted Aug 8, 2007
Authored by Hasadya Raed

AL-Athkar version 2.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 80f36f8da4ecef4b4c55f01f52549dc1
vgallite-rfi.txt
Posted Aug 8, 2007
Authored by Hasadya Raed

All versions of vgallite suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 7aa1282b0bb4f8d046466a9f5001a7c3
Page 1 of 6
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close