exploit the possibilities
Showing 1 - 25 of 45 RSS Feed

Files Date: 2007-10-11

Core Security Technologies Advisory 2007.0928
Posted Oct 11, 2007
Authored by Core Security Technologies, Gerardo Richarte, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability found in OpenBSD's dhcpd allows attackers on the local network to remotely cause the DHCP server to corrupt its process memory and crash; or continue functioning erratically thus denying service to all DHCP clients on the network and, if PF updates are in use, potentially affecting egress/ingress filtering as well. OpenBSD 4.0, 4.1, and 4.2 are affected.

tags | advisory, local
systems | openbsd
advisories | CVE-2007-0063
MD5 | 4f54934bbd0acff7397c83a86dcce243
TPTI-07-18.txt
Posted Oct 11, 2007
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of EMC RepliStor Server. User interaction is not required to exploit this vulnerability. The specific flaw exists in the RepliStor Server Service that listens by default on TCP port 7144. The vulnerable function trusts a user-supplied size value allowing an attacker to create an undersized buffer. A later call to recv() overflows that buffer allowing for arbitrary code execution in the context of the SYSTEM user. Replistor version 6.1.3 is affected.

tags | advisory, overflow, arbitrary, tcp, code execution
advisories | CVE-2007-5323
MD5 | 12f108e9e28d674761caca444b1da76b
Zero Day Initiative Advisory 07-057
Posted Oct 11, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firebird SQL server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the database service fbserver.exe, which binds to TCP port 3050. When processing an overly long request, a stack buffer can be overflowed through a vulnerable call to sprintf() within the function process_packet(). If properly exploited, remote control of the affected system can be attained with SYSTEM credentials.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2007-4992
MD5 | b5735efeaeed792730317961bd7ea7bf
Zero Day Initiative Advisory 07-056
Posted Oct 11, 2007
Authored by Tipping Point | Site zerodayinitiative.com

Multiple vulnerabilities including a stack overflow and some denial of service issues exist in the IBM DB2 Universal Database versions 8.1 and 8.2.

tags | advisory, denial of service, overflow, vulnerability
advisories | CVE-2007-5324
MD5 | 7c162f9c28d01305de933fd6f76e4a7e
Zero Day Initiative Advisory 07-055
Posted Oct 11, 2007
Authored by Tipping Point, Tenable Network Security | Site zerodayinitiative.com

A vulnerability allows remote attackers to crash systems with vulnerable installations of the Microsoft Windows operating system. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RPC runtime library rpcrt4.dll during the parsing of RPC-level authentication messages. When parsing packets with the authentication type of NTLMSSP and the authentication level of PACKET, an invalid memory dereference can occur if the verification trailer signature is initialized to 0 as opposed to the standard NTLM signature. Successful exploitation crashes the RPC service and subsequently the entire operating system.

tags | advisory, remote
systems | windows
advisories | CVE-2007-2228
MD5 | 8bc0b6bda857bf489e188ca6910a1499
Debian Linux Security Advisory 1385-1
Posted Oct 11, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1385-1 Sean Larsson discovered that two code paths inside the X Font Server handle integer values insecurely, which may lead to the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2007-4568
MD5 | 8b40c5f4eb1b84db7866ac70b44eb4e8
eleytt-CAvarious.txt
Posted Oct 11, 2007
Authored by Michal Bucko | Site eleytt.com

Eleytt has discovered various buffer overflow and denial of service vulnerabilities in CA Erwin, G Data Antivirus, CA eTrust, VMware, and CA eTrust ITM.

tags | advisory, denial of service, overflow, vulnerability
MD5 | ef00c71b2c72acfd3df7574903ac6026
iDEFENSE Security Advisory 2007-10-10.1
Posted Oct 11, 2007
Authored by iDefense Labs, Stephen Fewer | Site idefense.com

iDefense Security Advisory 10.10.07 - Remote exploitation of a format string vulnerability in Kaspersky Lab's Online Scanner virus scanner service could allow an attacker to execute arbitrary code within the security context of the targeted user. iDefense has confirmed the existence of this vulnerability within version 5.0.93.0 of Kaspersky Lab's kavwebscan.dll. Previous versions are suspected to be vulnerable.

tags | advisory, remote, arbitrary, virus
advisories | CVE-2007-3675
MD5 | 3e0b4dc5a2a3f864e788a00519e4dc3a
russian-multi.txt
Posted Oct 11, 2007
Site securityvulns.ru

Multiple vulnerabilities from Russian blogs have been aggregated. These findings discuss vulnerabilities in PHP versions 4 and 5, WordPress MultiUser version 1.0, ActiveKB version 1.5, Joomla! versions 1.0.13 and below, ActiveKB NX version 2.5.4, UMI CMS, Nucleus, Stride CMS versions 1.0, and more. Exploitation details provided.

tags | exploit, php, vulnerability
MD5 | 4b87050e30aa5d9af249766005c08d38
Debian Linux Security Advisory 1379-2
Posted Oct 11, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1379-2 - An off-by-one error has been identified in the SSL_get_shared_ciphers() routine in OpenSSL, an implementation of Secure Socket Layer cryptographic libraries and utilities. This error could allow an attacker to crash an application making use of OpenSSL's libssl library, or potentially execute arbitrary code in the security context of the user running such an application. This update to DSA 1379 announces the availability of the libssl0.9.6 and libssl0.9.7 compatibility libraries for sarge (oldstable) and etch (stable), respectively.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2007-5135
MD5 | 628f0f87d55a87adecd6ac70dc98e253
AST-2007-022.txt
Posted Oct 11, 2007
Authored by Russell Bryant, Mark Michelson | Site asterisk.org

Asterisk Project Security Advisory - Multiple buffer overflows were discovered due to the use of sprintf in Asterisk's IMAP-specific voicemail code.

tags | advisory, overflow, imap
MD5 | dbf2beb4f3b1674e28ae247e6dcc91f6
Cisco Security Advisory 20071010-wcs
Posted Oct 11, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Customers who use the CiscoWorks Wireless LAN Solution Engine (WLSE) may use a conversion utility to convert over to a Cisco Wireless Control System (WCS). This conversion utility creates and uses administrative accounts with default credentials. Because there is no requirement to change these credentials during the conversion process, an attacker may be able to leverage the accounts that have default credentials to take full administrative control of the WCS after the conversion has been completed.

tags | advisory
systems | cisco
MD5 | 88515006ebec8b1fa0285611c0e5dee7
IRM-CiscoLPD.txt
Posted Oct 11, 2007
Site irmplc.com

IRM Security Advisory 024 - The Line Printer Daemon, which provides print server functionality in Cisco IOS, is vulnerable to a software flaw whereby the length of the hostname of the router is not checked before being copied into a fixed size memory buffer.

tags | advisory
systems | cisco
MD5 | 1acb6217db3199d6a424bbb89c2f2d87
overflows.en.linux.x64.spanish.txt
Posted Oct 11, 2007
Authored by RaiSe | Site enye-sec.org

Whitepaper discussing the exploitation of buffer overflows on Linux x86_64. It demonstrates techniques to bypass PaX and ASLR protection and includes two proof of concept exploits. Written in Spanish.

tags | paper, overflow, proof of concept
systems | linux
MD5 | eb346f2f4e074567fe7c7e973419f4b5
egg-serv.c
Posted Oct 11, 2007
Authored by bangbus/magnum, Bow Sineath

Eggdrop server module message handling remote buffer overflow exploit for Eggdrop version 1.6.18.

tags | exploit, remote, overflow
MD5 | c740b2a5596d457930802785ee85e1b2
solaris-fifofs.txt
Posted Oct 11, 2007
Authored by qaaz

Solaris fifofs I_PEEK kernel memory disclosure exploit for x86/sparc.

tags | exploit, x86, kernel
systems | solaris
MD5 | e08e4cd99770e0ae8c488210ef5b41e5
phpstats-multi.txt
Posted Oct 11, 2007
Authored by EgiX

PHP-Stats version 0.1.9.2 proof of concept exploit that demonstrates blind SQL injection and remote code execution vulnerabilities.

tags | exploit, remote, php, vulnerability, code execution, sql injection, proof of concept
MD5 | cb061fa44d25c648a7024caffa6f880e
nuseo-rfi.txt
Posted Oct 11, 2007
Authored by BiNgZa

NuSEO PHP Enterprise version 1.6 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, php, code execution, file inclusion
MD5 | 18c14d93f13564848fe5beb3727fed0f
cpdynalinks-sql.txt
Posted Oct 11, 2007
Authored by s0cratex, ka0x

cpDynaLinks versions 1.02 remote SQL injection exploit that takes advantage of category.php.

tags | exploit, remote, php, sql injection
MD5 | ec3583c777870befdff3b0f6cf47e7a1
drupal-hash.txt
Posted Oct 11, 2007
Authored by ShAnKaR | Site securityvulns.com

Drupal versions 5.2 and below PHP Zend Hash vulnerability exploitation vector.

tags | exploit, php
MD5 | faa698ce19fb35ac550acce29475b2d8
tikiwiki-inject.txt
Posted Oct 11, 2007
Authored by ShAnKaR | Site securityvulns.com

TikiWiki version 1.9.8 suffers from a remote PHP injection vulnerability.

tags | exploit, remote, php
MD5 | db8014ff28b40adea50a53b84fea232c
joomlajcon-rfi.txt
Posted Oct 11, 2007
Authored by NoGe

The Joomla JContentSubscription component version 1.5.8 suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | 7b9d6d1ccda2d8ca86ba61afd368ea32
joomlamp3-rfi.txt
Posted Oct 11, 2007
Authored by NoGe

The Joomla MP3 Allopass component version 1.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 48fba7c462dfb9f6d6dca92d4ebc87b3
nufw-2.2.6.tar.gz
Posted Oct 11, 2007
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: New features and multiple fixes.
tags | tool, remote, firewall
systems | unix
MD5 | 0ed8394987b1ae0d6cd08b5a8076f903
Secunia Security Advisory 27073
Posted Oct 11, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ivan Javier Sanchez has reported some vulnerabilities in MailBee WebMail, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 57407fa7083a492b77aa30cc214c3e94
Page 1 of 2
Back12Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close