exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2007-11-14

exophpdesk-sql.txt
Posted Nov 14, 2007
Authored by Joseph Giron

ExoPHPdesk may be susceptible to cross site scripting and SQL injection vulnerabilities via the profile functionality.

tags | exploit, vulnerability, xss, sql injection
MD5 | 37980891375b0f8b53768543f244f101
iDEFENSE Security Advisory 2007-11-12.2
Posted Nov 14, 2007
Authored by iDefense Labs, Stephen Fewer | Site idefense.com

iDefense Security Advisory 11.12.07 - Local exploitation of an input validation error vulnerability within Novell NetWare Client could allow an unprivileged attacker to execute arbitrary code within the kernel. iDefense has confirmed the existence of this vulnerability in nwfilter.sys, file version 4.91.1.1, as included with Novell's NetWare Client 4.91 SP4. Other versions are suspected vulnerable as well.

tags | advisory, arbitrary, kernel, local
advisories | CVE-2007-5667
MD5 | 1649d7033630962f4294717eba16002e
Ubuntu Security Notice 542-1
Posted Nov 14, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 542-1 - Secunia Research discovered several vulnerabilities in poppler. If a user were tricked into loading a specially crafted PDF file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the user's privileges in applications linked against poppler.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
MD5 | 6a3cdb4262a56a28bb1e8531133cb0e7
Ubuntu Security Notice 541-1
Posted Nov 14, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 541-1 - Drake Wilson discovered that Emacs did not correctly handle the safe mode of "enable-local-variables". If a user were tricked into opening a specially crafted file while "enable-local-variables" was set to the non-default ":safe", a remote attacker could execute arbitrary commands with the user's privileges.

tags | advisory, remote, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2007-5795
MD5 | c10a63bd4549947ef08024c1805fa296
Ubuntu Security Notice 540-1
Posted Nov 14, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 540-1 - Sean de Regge discovered that flac did not properly perform bounds checking in many situations. An attacker could send a specially crafted FLAC audio file and execute arbitrary code as the user or cause a denial of service in flac or applications that link against flac.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-4619
MD5 | ea879a662e58a1fdb8ade00919919880
Technical Cyber Security Alert 2007-317A
Posted Nov 14, 2007
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA07-317A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Microsoft Windows DNS Server. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary commands or to cause a Windows DNS server to provide incorrect DNS responses.

tags | advisory, remote, arbitrary, vulnerability
systems | windows
MD5 | abf903fcb717f2ac6de1f00ee75983b9
oracle-default.txt
Posted Nov 14, 2007
Authored by David Litchfield | Site ngssoftware.com

Oracle 11g and 10g have a default password vulnerability during the install process.

tags | advisory
MD5 | 6877588c15ae734aed258e5039993c83
wpslimstat-xss.txt
Posted Nov 14, 2007
Site xssworm.com

It appears that wp-slimstat version 0.92 for Wordpress 2.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c6e9edb5f838715f199597eed0ed9c61
phpstream-dos.txt
Posted Nov 14, 2007
Authored by laurent gaffie

PHP versions 5.2.5 and below suffer from a denial of service vulnerability in stream_wrapper_register().

tags | advisory, denial of service, php
MD5 | 5b4db4e5101ce323537b625a3cbded22
phpgettext-dos.txt
Posted Nov 14, 2007
Authored by laurent gaffie

PHP versions 5.2.5 and below suffer from denial of service vulnerabilities in the Gettext Lib.

tags | advisory, denial of service, php, vulnerability
MD5 | 229781eceee8ae4657cfbd4b2f7bee22
Windows DNS Cache Poisoning Whitepaper
Posted Nov 14, 2007
Authored by Amit Klein | Site trusteer.com

The paper shows that Microsoft Windows DNS Server outgoing queries are predictable, allowing for cache poisoning attacks.

tags | paper
systems | windows
MD5 | c7dca7c83704ebd8758d6992e6a13942
phcct-0.1.tgz
Posted Nov 14, 2007
Authored by Steffen Wendzel | Site wendzel.de

phcct (protocol hopping covert channel tool) is a tiny and basic proof of concept implementation of a protocol hopping covert channel.

tags | protocol, proof of concept
systems | unix
MD5 | 7a0b69dbf9826172e37f46d29cf63be4
protocolhopping.txt
Posted Nov 14, 2007
Authored by Steffen Wendzel | Site wendzel.de

Whitepaper titled Protocol Hopping Covert Channels - Protocol Hopping Covert Channels (PHCC) are a way to realize covert channels that switch between different protocols while a covert channel is established. PHCCs even can use a randomized protocol order and a mixed packet order to transfer packets what makes them hard to detect.

tags | paper, protocol
MD5 | 5d320776e626989ea1b25f67aac58b25
Mandriva Linux Security Advisory 2007.217
Posted Nov 14, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered in libpng including an off-by-one error and out of bounds read errors.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2007-5266, CVE-2007-5268, CVE-2007-5269
MD5 | d0a84f963c24ab0415c2c15d08d85eca
Mandriva Linux Security Advisory 2007.216
Posted Nov 14, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - About a half dozen vulnerabilities were discovered and corrected in the Linux 2.6 kernel. These range from buffer overflows to denial of service flaws.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2007-2172, CVE-2007-2242, CVE-2007-2453, CVE-2007-2525, CVE-2007-3105, CVE-2007-4133
MD5 | d8fcfc5806de2fc7a2e7be34ad4f632e
myspaceclone-sql.txt
Posted Nov 14, 2007
Authored by t0pp8uzz, xprog

MySpace Clone Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 75c895c8ba777b89181a948cb170de95
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close