exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2007-09-30

netkamp-sql.txt
Posted Sep 30, 2007
Authored by GeFORC3

Netkamp Emlak Scripti is susceptible to a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 89b14bb41b6db98788e40f03d8fc3047cb99245f794eb3fa30c9bc6b2b7db1bf
ohesa-sql.txt
Posted Sep 30, 2007
Authored by GeFORC3

Ohesa Emlak Portal is susceptible to a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | a3f8a7412f9eb1c696cf443bddce0e3b995c95732615ddf57512fd11f0343788
Ubuntu Security Notice 522-1
Posted Sep 30, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 522-1 - It was discovered that OpenSSL did not correctly perform Montgomery multiplications. Local attackers might be able to reconstruct RSA private keys by examining another user's OpenSSL processes. Moritz Jodeit discovered that OpenSSL's SSL_get_shared_ciphers function did not correctly check the size of the buffer it was writing to. A remote attacker could exploit this to write one NULL byte past the end of an application's cipher list buffer, possibly leading to arbitrary code execution or a denial of service.

tags | advisory, remote, denial of service, arbitrary, local, code execution
systems | linux, ubuntu
advisories | CVE-2007-3108, CVE-2007-5135
SHA-256 | 07593e231df1e5dc0f594139f370e808bd38529d8959b1b5b701f3d15f5be2e0
Debian Linux Security Advisory 1378-2
Posted Sep 30, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1378-2 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2007-3731, CVE-2007-3739, CVE-2007-3740, CVE-2007-4573, CVE-2007-4849
SHA-256 | 0605e3e63d0b2b1a9ed33c2af397d4bac98e7c643acc8edde998a2b4b02aa190
gmailsteal_remote.scpt.txt
Posted Sep 30, 2007
Authored by poplix | Site px.dynalias.org

This script can be used to steal G-Mail's keychained password by injecting javascript into Safari. When executed it opens G-Mail's login page, reads the saved password and sends it to a logging server by creating an hidden iframe into G-Mail's page.

tags | exploit, javascript
SHA-256 | 20de0e897ec70cae2d19020dbc28f0afb395ff11a21cf566e2d898f6373105e1
gmailsteal_local.scpt.txt
Posted Sep 30, 2007
Authored by poplix | Site px.dynalias.org

This script can be used to steal G-Mail's keychained password by injecting javascript into Safari. When executed it opens G-Mail's login page, reads the saved password and prompts it into an alert box.

tags | exploit, javascript
SHA-256 | d1666deab432edbc9e59a484712e616f3e4b12ccc20689e06d1d5c0bc471f7ea
tor01216-rewrite.txt
Posted Sep 30, 2007
Authored by elgCrew

Tor versions below 0.1.2.16 ControlPort remote rewrite exploit.

tags | exploit, remote
SHA-256 | 60b86debafefb6d4092a83ca2af33ae8129a47368aa7ce9d92ec93a733810284
mxbb233-rfi.txt
Posted Sep 30, 2007
Authored by bd0rk | Site soh-crew.it.tt

mxBB module mx_glance version 2.3.3 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 2452ced34c50af4690d62b6fe58791ab3b0d2ded240e907461225e7342a0a5da
mambads-sql.txt
Posted Sep 30, 2007
Authored by Sniper456

Mambo component Mambads versions 1.5 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bc2e66c74f97bc49fce32b0cc68da588ed69741137f1b8c385c35065f452beb1
mdpro1076-sql.txt
Posted Sep 30, 2007
Authored by undefined1_ | Site undefl.com

MDPro version 1.0.76 remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 64eaf5d131bd08a7e3e3c5b3b5c444e628ed3dcb7fa505197104b5c034e53233
zomplog381-upload.txt
Posted Sep 30, 2007
Authored by InATeam | Site inattack.ru

Zomplog versions 3.8.1 and below suffer form an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | 51229d2b0d699b76e2f2d85f2160f5d3f9583f5d8bec1e486329a2849f66fd41
pmm-rfi.txt
Posted Sep 30, 2007
Authored by 0in

Public Media Manager versions 1.3 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 73c24490fa872998ce87aa181b956bc916cdd6b48ba86c301e654ff1fd49ae10
phfito-rfi.txt
Posted Sep 30, 2007
Authored by w0cker

PhFiTo version 1.3.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 6f201de717e60b3590a98f42735faca4702aa76c08b947c8b723f015079fc7ae
nmapstripper-1.3.1.tar.gz
Posted Sep 30, 2007
Authored by Marshall Whittaker | Site fluxnet.no-ip.org

Nmap Log Stripper is a Bash script intended to be a way to condense all, or some, of the IPs of a "random" (-iR) Nmap scan into a file for later usage. Common uses are to be able to feed the file back into nmap with the -iL switch, or feeding it into another port or vulnerability scanner of your choice. Stripper supports stripping the Nmap log of all but the IPs of hosts running a certain service, a version of a service, or even an arbitrary banner, and writing them to a file.

Changes: Various fixes including the removal of a backdoor.
tags | tool, arbitrary, nmap, bash
systems | unix
SHA-256 | 1a67ab5aaf2d8f6c3040cead6ca0ae4fd6fe5fee712ed7f7bd4f06ca75842110
Mandriva Linux Security Advisory 2007.190
Posted Sep 30, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A vulnerability was discovered in KDM by Kees Huijgen where under certain circumstances and in particular configurations, KDM could be tricked into allowing users to login without a password.

tags | advisory
systems | linux, mandriva
advisories | CVE-2007-4569
SHA-256 | 282e85a63e64b85c7cc421aee20e564b2296562cd10fd53bc8702125c618ef7f
Ubuntu Security Notice 521-1
Posted Sep 30, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 521-1 - Luigi Auriemma discovered that libmodplug did not properly sanitize its input. A specially crafted AMF file could be used to exploit this situation to cause buffer overflows and possibly execute arbitrary code as the user.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2006-4192
SHA-256 | fedcc331c95208511c21b229acf97430edf70aba3923ab9b666e62fad87f864e
Trustix Secure Linux Security Advisory 2007.6
Posted Sep 30, 2007
Authored by Chris Clark | Site isecpartners.com

A vulnerability results from the Net::HTTPS library from Ruby versions 1.8.5 and 1.8.6 failing to validate the name on the SSL certificate against the DNS name requested by the user. By not validating the name, the library allows an attacker to present a cryptographically valid certificate with an invalid CN.

tags | advisory, web, ruby
SHA-256 | 30fcafc5523a3be23deee577529d910574c4482ca24286ec62b4815b2b3dcf84
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close