what you don't know can hurt you
Showing 1 - 25 of 49 RSS Feed

Files Date: 2007-09-20

Secunia Security Advisory 26890
Posted Sep 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in various VMware products, which can be exploited by malicious, local users to gain escalated privileges or cause a DoS (Denial of Service) or by malicious people to compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
MD5 | 69e4a933876b192e79cd5ee6b804200e
Secunia Security Advisory 26889
Posted Sep 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Doz has reported a vulnerability and a security issue in WebBatch, which can be exploited by malicious people to disclose system information or conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | ef46cb8a709b7998cdfc96380a942504
Secunia Security Advisory 26908
Posted Sep 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - nights_shadow has discovered a vulnerability in PhpWebGallery, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
MD5 | 86df89e9ef257187c7db8a4751a9d5ee
VMware Security Advisory 2007-0006
Posted Sep 20, 2007
Authored by VMware | Site vmware.com

VMware Security Advisory - Updates have been released for arbitrary code execution, denial of service, and other various vulnerabilities in VMware.

tags | advisory, denial of service, arbitrary, vulnerability, code execution
advisories | CVE-2007-2446, CVE-2007-2447, CVE-2007-0494, CVE-2007-2442, CVE-2007-2443, CVE-2007-2798, CVE-2007-0061, CVE-2007-0062, CVE-2007-0063, CVE-2007-4059, CVE-2007-4155, CVE-2007-4496, CVE-2007-4497, CVE-2007-1856, CVE-2006-1174, CVE-2006-4600, CVE-2004-0813, CVE-2007-1716
MD5 | 75a1ac8862ee8690edac336336695646
Debian Linux Security Advisory 1364-2
Posted Sep 20, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1364-2 - Several vulnerabilities have been discovered in the vim editor. Ulf Harnhammar discovered that a format string flaw in helptags_one() from src/ex_cmds.c (triggered through the "helptags" command) can lead to the execution of arbitrary code. Editors often provide a way to embed editor configuration commands (aka modelines) which are executed once a file is opened. Harmful commands are filtered by a sandbox mechanism. It was discovered that function calls to writefile(), feedkeys() and system() were not filtered, allowing shell command execution with a carefully crafted file opened in vim. This updated advisory repairs issues with missing files in the packages for the oldstable distribution (sarge) for the alpha, mips, and mipsel architectures.

tags | advisory, arbitrary, shell, vulnerability
systems | linux, debian
advisories | CVE-2007-2953, CVE-2007-2438
MD5 | b58a312c9824db35ed8b97aedf36ed0a
Gentoo Linux Security Advisory 200709-12
Posted Sep 20, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200709-12 - Poppler and Xpdf are vulnerable to an integer overflow in the StreamPredictor::StreamPredictor function, and a stack overflow in the StreamPredictor::getNextLine function. The original vulnerability was discovered by Maurycy Prodeus. Note: Gentoo's version of Xpdf is patched to use the Poppler library, so the update to Poppler will also fix Xpdf. Versions less than 0.5.4-r2 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-3387
MD5 | 4ba5f6def2b0f95aee10b243b6c4f937
Ubuntu Security Notice 515-1
Posted Sep 20, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 515-1 - It was discovered that t1lib does not properly perform bounds checking which can result in a buffer overflow vulnerability. An attacker could send specially crafted input to applications linked against t1lib which could result in a DoS or arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2007-4033
MD5 | b7118d409a112d9371ea0dc2ee682004
gmotor2.zip
Posted Sep 20, 2007
Authored by Luigi Auriemma | Site aluigi.org

Proof of concept exploit for rFactor versions 1.250 and below that suffer from buffer overflow and code execution vulnerabilities.

tags | exploit, overflow, vulnerability, code execution, proof of concept
MD5 | 2c04ffd658ffb146eb12c1a46c568bfb
auracms-upload.txt
Posted Sep 20, 2007
Authored by TaMBaRuS

AuraCMS version 2.1 suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
MD5 | 08ddf89a5cf41e1da156839ca1ff7a5e
wbr-xss.txt
Posted Sep 20, 2007
Authored by Azizov Emin

The WBR3404TX broadband router suffers from a cross site scripting vulnerability in the web based management interface.

tags | exploit, web, xss
MD5 | c18e371c0722c81031ca3c2952e3a109
HP Security Bulletin 2007-14.39
Posted Sep 20, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified in HP-UX running the logins(1M) command. This command incorrectly reports password status. As a result password issues may not be detected, allowing remote unauthorized access.

tags | advisory, remote
systems | hpux
MD5 | 49084d4aa243b4dd35a9878e3d7681e6
HP Security Bulletin 2007-14.71
Posted Sep 20, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.

tags | advisory, vulnerability
MD5 | bec42473e5d89d7c4cd6864e9a6ac162
mercury-overflow.txt
Posted Sep 20, 2007
Authored by void | Site ph4nt0m.org

Mercury/32 version 4.52 IMAPD search command post-auth overflow exploit.

tags | exploit, overflow
MD5 | e7d12adf8d60215adacc5347c0b7ee3d
yim-download.txt
Posted Sep 20, 2007
Authored by shinnai | Site shinnai.altervista.org

Yahoo! Messenger version 8.1.0.421 CYFT Object arbitrary file download exploit.

tags | exploit, arbitrary
MD5 | d198d92639457575d34c81e3bf8d009b
jetaudio-exec.txt
Posted Sep 20, 2007
Authored by Krystian Kloskowski

jetAudio version 7.x ActiveX code execution exploit that makes use of DownloadFromMusicStore().

tags | exploit, code execution, activex
MD5 | 55bc80287bbab71a6271c82ff7fd7dec
p0f-2.0.8-db-20070919.tar.gz
Posted Sep 20, 2007
Authored by Michal Zalewski, David Coomber | Site lcamtuf.coredump.cx

p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to the remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Note that this version is the win32 compiled version. Original code by Michal Zalewski, compiling by David Coomber.

Changes: Insufficient OS description escapes fixed. Other fixes.
tags | tool, remote, local, scanner
systems | windows, unix
MD5 | fb66dfbdde92a2e8f81bb057a16205b5
flip30-pass.txt
Posted Sep 20, 2007
Authored by undefined1_ | Site undefl.com

Flip versions 3.0 and below remote password hash disclosure exploit.

tags | exploit, remote
MD5 | 70661dab3d3fc5f17b36e8dd18e9dec1
flip30-create.txt
Posted Sep 20, 2007
Authored by undefined1_ | Site undefl.com

Flip versions 3.0 and below remote admin creation exploit.

tags | exploit, remote
MD5 | 72cd124ae963f9060ec332bb4eb9870e
phpbbplus-rfi.txt
Posted Sep 20, 2007
Authored by Mehrad Ansari Targhi

phpBB Plus versions 1.53 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 773fdae05d4d3177f6aab9fb83c7bc30
onecms24-sql.txt
Posted Sep 20, 2007
Authored by str0ke | Site milw0rm.com

OneCMS version 2.4 remote SQL injection exploit that makes use of userreviews.php.

tags | exploit, remote, php, sql injection
MD5 | b93f48a7a3fe2c49a9bfaa3cb7d74db5
streamline-rfi.txt
Posted Sep 20, 2007
Authored by BiNgZa

Streamline PHP Media Server version 1.0-beta4 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, php, code execution, file inclusion
MD5 | ad30d84d02d9411294ad87cba00c052e
waraxe-2007-SA052.txt
Posted Sep 20, 2007
Authored by Janek Vind aka waraxe | Site waraxe.us

dBlog CMS is susceptible to a direct database download vulnerability.

tags | exploit
MD5 | 4857d269c5d84522220d4d7f38f81dbf
TPTI-07-15.txt
Posted Sep 20, 2007
Authored by Ganesh Devarajan | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the Automated Solutions Modbus TCP Slave ActiveX Control. Authentication is not required to exploit this vulnerability. The specific flaw exists within MiniHMI.exe which binds to TCP port 502. When processing malformed Modbus requests on this port a controllable heap corruption can occur which may result in execution of arbitrary code.

tags | advisory, remote, arbitrary, tcp, activex
advisories | CVE-2007-4827
MD5 | 0d534b93256518fcf493b72761cb45fa
Secunia Security Advisory 26786
Posted Sep 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Shell has discovered a vulnerability in AOL Instant Messenger, which can be exploited by malicious people to execute arbitrary script code.

tags | advisory, arbitrary, shell
MD5 | f034b83e3019261d0138f2ef398b5f18
Secunia Security Advisory 26787
Posted Sep 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Krystian Kloskowski has discovered a vulnerability in jetAudio, which can be exploited by malicious people to overwrite arbitrary files or to compromise a user's system.

tags | advisory, arbitrary
MD5 | b2e5edaea3fdfb14f470bf8def11b4d2
Page 1 of 2
Back12Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close