exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 45 RSS Feed

Files Date: 2007-10-11

Core Security Technologies Advisory 2007.0928
Posted Oct 11, 2007
Authored by Core Security Technologies, Gerardo Richarte, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability found in OpenBSD's dhcpd allows attackers on the local network to remotely cause the DHCP server to corrupt its process memory and crash; or continue functioning erratically thus denying service to all DHCP clients on the network and, if PF updates are in use, potentially affecting egress/ingress filtering as well. OpenBSD 4.0, 4.1, and 4.2 are affected.

tags | advisory, local
systems | openbsd
advisories | CVE-2007-0063
SHA-256 | cc127679daebed5635aaa505605a453c6446720485c7a6f386cb9d149b3fdbbc
TPTI-07-18.txt
Posted Oct 11, 2007
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of EMC RepliStor Server. User interaction is not required to exploit this vulnerability. The specific flaw exists in the RepliStor Server Service that listens by default on TCP port 7144. The vulnerable function trusts a user-supplied size value allowing an attacker to create an undersized buffer. A later call to recv() overflows that buffer allowing for arbitrary code execution in the context of the SYSTEM user. Replistor version 6.1.3 is affected.

tags | advisory, overflow, arbitrary, tcp, code execution
advisories | CVE-2007-5323
SHA-256 | ba2bd1a7c717a800a7057447c14bef7fce8c127fa3bf9f8f8c5852e8b926ca7e
Zero Day Initiative Advisory 07-057
Posted Oct 11, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firebird SQL server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the database service fbserver.exe, which binds to TCP port 3050. When processing an overly long request, a stack buffer can be overflowed through a vulnerable call to sprintf() within the function process_packet(). If properly exploited, remote control of the affected system can be attained with SYSTEM credentials.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2007-4992
SHA-256 | eb7e74a789975155ed378a43a35f407b6b817ac69a9b3d170f716707de4cd694
Zero Day Initiative Advisory 07-056
Posted Oct 11, 2007
Authored by Tipping Point | Site zerodayinitiative.com

Multiple vulnerabilities including a stack overflow and some denial of service issues exist in the IBM DB2 Universal Database versions 8.1 and 8.2.

tags | advisory, denial of service, overflow, vulnerability
advisories | CVE-2007-5324
SHA-256 | 41d50920d2a9c8e8d91691d642f0b3e775f5579126dcb7b6697e9fd1be958e1b
Zero Day Initiative Advisory 07-055
Posted Oct 11, 2007
Authored by Tipping Point, Tenable Network Security | Site zerodayinitiative.com

A vulnerability allows remote attackers to crash systems with vulnerable installations of the Microsoft Windows operating system. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RPC runtime library rpcrt4.dll during the parsing of RPC-level authentication messages. When parsing packets with the authentication type of NTLMSSP and the authentication level of PACKET, an invalid memory dereference can occur if the verification trailer signature is initialized to 0 as opposed to the standard NTLM signature. Successful exploitation crashes the RPC service and subsequently the entire operating system.

tags | advisory, remote
systems | windows
advisories | CVE-2007-2228
SHA-256 | 81c3eb66a83ea337ccd5a2db389db399942be188bee24be99a592d845a95a2b3
Debian Linux Security Advisory 1385-1
Posted Oct 11, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1385-1 Sean Larsson discovered that two code paths inside the X Font Server handle integer values insecurely, which may lead to the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2007-4568
SHA-256 | 7d2351d6bbaaa26298488b154c33c30a4f4f804aa58415cb559dec4380f72994
eleytt-CAvarious.txt
Posted Oct 11, 2007
Authored by Michal Bucko | Site eleytt.com

Eleytt has discovered various buffer overflow and denial of service vulnerabilities in CA Erwin, G Data Antivirus, CA eTrust, VMware, and CA eTrust ITM.

tags | advisory, denial of service, overflow, vulnerability
SHA-256 | e744374fb45a8a99ad3791b2ee6d78d682fbc766adfffd201b3e3161c3d5b70e
iDEFENSE Security Advisory 2007-10-10.1
Posted Oct 11, 2007
Authored by iDefense Labs, Stephen Fewer | Site idefense.com

iDefense Security Advisory 10.10.07 - Remote exploitation of a format string vulnerability in Kaspersky Lab's Online Scanner virus scanner service could allow an attacker to execute arbitrary code within the security context of the targeted user. iDefense has confirmed the existence of this vulnerability within version 5.0.93.0 of Kaspersky Lab's kavwebscan.dll. Previous versions are suspected to be vulnerable.

tags | advisory, remote, arbitrary, virus
advisories | CVE-2007-3675
SHA-256 | f707942595ccab88728e76bcf1c0ea83ad5306251adf6e09c6e313ef8b7a67a1
russian-multi.txt
Posted Oct 11, 2007
Site securityvulns.ru

Multiple vulnerabilities from Russian blogs have been aggregated. These findings discuss vulnerabilities in PHP versions 4 and 5, WordPress MultiUser version 1.0, ActiveKB version 1.5, Joomla! versions 1.0.13 and below, ActiveKB NX version 2.5.4, UMI CMS, Nucleus, Stride CMS versions 1.0, and more. Exploitation details provided.

tags | exploit, php, vulnerability
SHA-256 | fb869b5b3ce55625ab55a47de8fcf2451573a9cbadef41728be9a23809d9f5e8
Debian Linux Security Advisory 1379-2
Posted Oct 11, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1379-2 - An off-by-one error has been identified in the SSL_get_shared_ciphers() routine in OpenSSL, an implementation of Secure Socket Layer cryptographic libraries and utilities. This error could allow an attacker to crash an application making use of OpenSSL's libssl library, or potentially execute arbitrary code in the security context of the user running such an application. This update to DSA 1379 announces the availability of the libssl0.9.6 and libssl0.9.7 compatibility libraries for sarge (oldstable) and etch (stable), respectively.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2007-5135
SHA-256 | 48b61603702f71e2ad12ac78902caa5946d15aa9cf52ad2af474632a27152a35
AST-2007-022.txt
Posted Oct 11, 2007
Authored by Russell Bryant, Mark Michelson | Site asterisk.org

Asterisk Project Security Advisory - Multiple buffer overflows were discovered due to the use of sprintf in Asterisk's IMAP-specific voicemail code.

tags | advisory, overflow, imap
SHA-256 | 5e6beed403d366c145b69ef187cb6e89c970ef02a7ab577a2744fdfb90213dcc
Cisco Security Advisory 20071010-wcs
Posted Oct 11, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Customers who use the CiscoWorks Wireless LAN Solution Engine (WLSE) may use a conversion utility to convert over to a Cisco Wireless Control System (WCS). This conversion utility creates and uses administrative accounts with default credentials. Because there is no requirement to change these credentials during the conversion process, an attacker may be able to leverage the accounts that have default credentials to take full administrative control of the WCS after the conversion has been completed.

tags | advisory
systems | cisco
SHA-256 | 2d4f170ce3b5d6b82488777e019f465935b8b4b0f8bd35c0d1173dedfb4f08b0
IRM-CiscoLPD.txt
Posted Oct 11, 2007
Site irmplc.com

IRM Security Advisory 024 - The Line Printer Daemon, which provides print server functionality in Cisco IOS, is vulnerable to a software flaw whereby the length of the hostname of the router is not checked before being copied into a fixed size memory buffer.

tags | advisory
systems | cisco
SHA-256 | c3d16146d2b31bf0699e2084a8907b064711cb6be0decdda1b93a7b85b71b983
overflows.en.linux.x64.spanish.txt
Posted Oct 11, 2007
Authored by RaiSe | Site enye-sec.org

Whitepaper discussing the exploitation of buffer overflows on Linux x86_64. It demonstrates techniques to bypass PaX and ASLR protection and includes two proof of concept exploits. Written in Spanish.

tags | paper, overflow, proof of concept
systems | linux
SHA-256 | e76b4cb8d12c64ae47f45baf42646fd6bd757ea41e372a006a142a0e71d65ca4
egg-serv.c
Posted Oct 11, 2007
Authored by bangbus/magnum, Bow Sineath

Eggdrop server module message handling remote buffer overflow exploit for Eggdrop version 1.6.18.

tags | exploit, remote, overflow
SHA-256 | ee71d0a234984d892e0d28c0475a8fa07dcc5391e652ea3563ed65734a9cbbf9
solaris-fifofs.txt
Posted Oct 11, 2007
Authored by qaaz

Solaris fifofs I_PEEK kernel memory disclosure exploit for x86/sparc.

tags | exploit, x86, kernel
systems | solaris
SHA-256 | cda504ca70a36cef8226f4a95896c7dee7537f1fcc1ed72f7bfd6a7988fea5f7
phpstats-multi.txt
Posted Oct 11, 2007
Authored by EgiX

PHP-Stats version 0.1.9.2 proof of concept exploit that demonstrates blind SQL injection and remote code execution vulnerabilities.

tags | exploit, remote, php, vulnerability, code execution, sql injection, proof of concept
SHA-256 | 411067c6e3ffe3d57a836f7f4d1f2a19542d244fe4aabc630d27e787bebbf4db
nuseo-rfi.txt
Posted Oct 11, 2007
Authored by BiNgZa

NuSEO PHP Enterprise version 1.6 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | 170b82210971000416bf579a9802fa5fc6d3cd7230a8fdcff77e0bbe60ed224d
cpdynalinks-sql.txt
Posted Oct 11, 2007
Authored by s0cratex, ka0x

cpDynaLinks versions 1.02 remote SQL injection exploit that takes advantage of category.php.

tags | exploit, remote, php, sql injection
SHA-256 | f9125aaaf0889b7f6a381f8cb9f42478dddc1f69724c5b4406af0bbfa9dc2bbd
drupal-hash.txt
Posted Oct 11, 2007
Authored by ShAnKaR | Site securityvulns.com

Drupal versions 5.2 and below PHP Zend Hash vulnerability exploitation vector.

tags | exploit, php
SHA-256 | e0ceb8a054f3c90526912645c8617d496ab9245d1bba15d01bd4e70137ae76dc
tikiwiki-inject.txt
Posted Oct 11, 2007
Authored by ShAnKaR | Site securityvulns.com

TikiWiki version 1.9.8 suffers from a remote PHP injection vulnerability.

tags | exploit, remote, php
SHA-256 | 2bbd29dae4a713bb41df08cf2cb1223b6bbfa534b1aa3ad74391d175ae6bfd0a
joomlajcon-rfi.txt
Posted Oct 11, 2007
Authored by NoGe

The Joomla JContentSubscription component version 1.5.8 suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | 1e8c699e4f23dc2d8c73c35769525ab64c9652f7089a36cf56052544d576b21a
joomlamp3-rfi.txt
Posted Oct 11, 2007
Authored by NoGe

The Joomla MP3 Allopass component version 1.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | df9f51de00edcdfd7c30955c7454ca0d582ef1cf839a577df72b0e569b968d55
nufw-2.2.6.tar.gz
Posted Oct 11, 2007
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: New features and multiple fixes.
tags | tool, remote, firewall
systems | unix
SHA-256 | c2d8738fd077ed85d575b183e0bbf215ab2a7f36b2e342926734344d8a3b9520
Secunia Security Advisory 27073
Posted Oct 11, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ivan Javier Sanchez has reported some vulnerabilities in MailBee WebMail, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 7ef4fd87e68b174965a3ad41549bd00cc75d8e1123408f07675f98841e74ed10
Page 1 of 2
Back12Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close