what you don't know can hurt you
Showing 1 - 25 of 26 RSS Feed

Files Date: 2007-09-26

Ubuntu Security Notice 520-1
Posted Sep 26, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 520-1 - Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions. As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user's authentication credentials. Earl Chew discovered that fetchmail can be made to de-reference a NULL pointer when contacting SMTP servers. This vulnerability can be used by attackers who control the SMTP server to crash fetchmail and cause a denial of service.

tags | advisory, denial of service, protocol
systems | linux, ubuntu
advisories | CVE-2007-1558, CVE-2007-4565
MD5 | 621ad48ba21f2b4e89798b6e8580294e
thc-orakelcrackert11g.tar.gz
Posted Sep 26, 2007
Authored by thc, vonJeek | Site thc.org

OrakelCrackert is a tool that can crack passwords which are stored using the latest SHA1 based password hashing algorithm. To speed up cracking, the tool exploits a weakness in the Oracle password storage strategy. Therefore, cracking - for most passwords - is still just as fast as it was before the introduction of Oracle 11g.

MD5 | 66d8dc57670a3e30c146927819db46ae
Secunia Security Advisory 26962
Posted Sep 26, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - K3ZZAP66345 has discovered two vulnerabilities in FrontAccounting, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 5d25e1dbd3f7d3fbd878d78cd779a8b6
Secunia Security Advisory 26898
Posted Sep 26, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for tomcat. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information or to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, redhat
MD5 | 79762b51d68831f3d1eae9d0d2aa1785
Secunia Security Advisory 26918
Posted Sep 26, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose potentially sensitive information.

tags | advisory, kernel, local
systems | linux
MD5 | 74cbbf9dfd5ff654dd80044ae6d920fa
Secunia Security Advisory 26969
Posted Sep 26, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for bugzilla. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, fedora
MD5 | 6c27508da24de99a33f8210220932edd
Secunia Security Advisory 26974
Posted Sep 26, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Jesper Jurcenoks has reported some vulnerabilities in SimpGB, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.

tags | advisory, vulnerability, xss
MD5 | b0c0b000f19c47d67406e23a6a74f2eb
Secunia Security Advisory 26965
Posted Sep 26, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Jesper Jurcenoks has reported two vulnerabilities in SimpNews, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | b26fede461319d98b76190730bc12221
Ubuntu Security Notice 519-1
Posted Sep 26, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 519-1 - Kalle Olavi Niemitalo discovered that if elinks makes a POST request to an HTTPS URL through a proxy, information may be sent in clear-text between elinks and the proxy. Attackers with access to the network could steal sensitive information (such as passwords).

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2007-5034
MD5 | c9962b22257c7973907caa686b5d7f71
Mandriva Linux Security Advisory 2007.188
Posted Sep 26, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - PostgreSQL 8.1 and probably later and earlier versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1. PostgreSQL 8.1 and probably later and earlier versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote attackers to create and execute functions, as demonstrated by functions that perform local brute-force password guessing attacks, which may evade intrusion detection. The Database Link library (dblink) in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system function in libc.so.6 to gain shell access.

tags | advisory, remote, arbitrary, shell, local
systems | linux, mandriva
advisories | CVE-2007-3280, CVE-2007-3278, CVE-2007-3279
MD5 | 2e812643b0f00032f1b34401724f05be
Core Security Technologies Advisory 2007.0817
Posted Sep 26, 2007
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - Remote command execution, HTML and JavaScript injection vulnerabilities in AOL's Instant Messaging software. Versions 6.1, 6.2, Pro, and Lite are affected.

tags | exploit, remote, javascript, vulnerability
advisories | CVE-2007-4901
MD5 | 9f6886148c8923f1548101c7a3d286c4
simpnews24103-fdisclose.txt
Posted Sep 26, 2007
Authored by Jesper Jurcenoks | Site netvigilance.com

SimpNews version 2.41.03 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion, info disclosure
advisories | CVE-2007-4873
MD5 | f201adbb8842c41ffbceb0012ac67bc1
simpgb14602-infodis.txt
Posted Sep 26, 2007
Authored by Jesper Jurcenoks | Site netvigilance.com

SimpGB version 1.46.02 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 00efdd2c2ad7840a33a130db04b99cbb
simpgb14602-pdisclose.txt
Posted Sep 26, 2007
Authored by Jesper Jurcenoks | Site netvigilance.com

SimpGB version 1.46.02 suffers from path disclosure vulnerabilities.

tags | advisory, vulnerability, info disclosure
MD5 | ffed5f003b06b19223ec4922e9d140cf
simpnews24103-disclosure.txt
Posted Sep 26, 2007
Authored by Jesper Jurcenoks | Site netvigilance.com

SimpNews version 2.41.03 suffers from path disclosure vulnerabilities.

tags | advisory, vulnerability, info disclosure
advisories | CVE-2007-4872
MD5 | b1fbe61e4715db66a3d4f78fa03ab551
simpgb14602-disclose.txt
Posted Sep 26, 2007
Authored by Jesper Jurcenoks | Site netvigilance.com

SimpGB version 1.46.02 suffers from a file content disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 6452fa3b63eb2c19b0e12dee1621e66a
simpnews24103-xss.txt
Posted Sep 26, 2007
Authored by Jesper Jurcenoks | Site netvigilance.com

SimpNews version 2.41.03 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2007-4874
MD5 | 5204d280d996807cfaade0ded88569ad
simpgb14602-xss.txt
Posted Sep 26, 2007
Authored by Jesper Jurcenoks | Site netvigilance.com

SimpGB version 1.46.02 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | cce3b69d9d925cf3916bd14db96f8b94
iDEFENSE Security Advisory 2007-09-25.1
Posted Sep 26, 2007
Authored by iDefense Labs, mu-b | Site idefense.com

iDefense Security Advisory 09.25.07 - Local exploitation of an information disclosure vulnerability within the ALSA driver included in the Linux Kernel allows attackers to obtain sensitive information from kernel memory. iDefense has confirmed the existence of this vulnerability in version 2.6.22.1 of the Linux Kernel as installed with Fedora CORE 7. It is suspected that other versions are also vulnerable.

tags | advisory, kernel, local, info disclosure
systems | linux, fedora
advisories | CVE-2007-4571
MD5 | b54ceb0a50118fd13539c52516f922cf
waraxe-2007-SA054.txt
Posted Sep 26, 2007
Authored by Janek Vind aka waraxe | Site waraxe.us

The Dance Music module for PHP-Nuke suffers from a local file inclusion vulnerability.

tags | exploit, local, php, file inclusion
MD5 | ce3bacd662121a8748a89b38a862f699
waraxe-2007-SA053.txt
Posted Sep 26, 2007
Authored by Janek Vind aka waraxe | Site waraxe.us

NukeSentinel version 2.5.11 suffers from a critical SQL injection vulnerability.

tags | advisory, sql injection
MD5 | bc18ba31c199b2db4bc0b4efc68dbaca
SSHatter-0.5.tar.gz
Posted Sep 26, 2007
Authored by Tim Brown | Site nth-dimension.org.uk

SSHatter is a remote brute force utility that attempts every password from a given list against a target.

tags | remote
MD5 | f726472f6ff2c4fb523c72942c5665f2
timbuktu_sploit.txt
Posted Sep 26, 2007
Authored by Titon

Motorola Timbuktu Pro version 8.6.3 arbitrary file deletion/creation exploit.

tags | exploit, arbitrary
MD5 | aea197f6e7d8dfeaf01a565807e58b82
sphpblog-multi.txt
Posted Sep 26, 2007
Authored by Luca Carettoni, Luca De Fulgentis | Site securenetwork.it

Simple PHP Blog version 0.5.0.1, 0.4.8, and all previous versions suffer from cross site scripting and arbitrary file upload vulnerabilities.

tags | exploit, arbitrary, php, vulnerability, xss, file upload
MD5 | 8b566b1bcbce191978ade61a76a229b0
jspwiki-xss.txt
Posted Sep 26, 2007
Authored by Jason Kratzer

JSPWiki version 2.4.103 and 2.5.139 suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | e3d808d1f7b3c2b1e57f6f24916f0678
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close