exploit the possibilities
Showing 1 - 25 of 99 RSS Feed

Files Date: 2007-11-26

nah-sql.txt
Posted Nov 26, 2007
Site aria-security.net

NetAuctionHelp suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 41a2c90839c20b1b56debdc6d721e3a5
aurigma-overflows.txt
Posted Nov 26, 2007
Authored by Elazar Broad

Proof of concept exploit for multiple stack overflows in Aurigma ImageUploader ActiveX control version 4.1.

tags | exploit, overflow, activex, proof of concept
MD5 | 89a2d6bee0208fe86ae2fc32955302b1
Mandriva Linux Security Advisory 2007.224
Posted Nov 26, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service. As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges. The patch that fixed CVE-2007-4572 introduced a regression that would prevent shares from being mounted properly and would cause the remote (patched) smbd to crash. This update contains another fix from upstream to correct the problem.

tags | advisory, remote, denial of service, overflow, arbitrary, root
systems | linux, mandriva
advisories | CVE-2007-5398, CVE-2007-4572
MD5 | 1fda8ef98ab122a72043e22e01082e10
ucms-backdoor.txt
Posted Nov 26, 2007
Authored by D4m14n, shadowleet | Site opencosmo.com

Ucms version 1.4, 1.7, and 1.8 suffer from a backdoor vulnerability allowing for remote code execution.

tags | exploit, remote, code execution
MD5 | 6a5aa795bdc40928324f9ff3666bcbb6
talkback-rfi.txt
Posted Nov 26, 2007
Authored by NoGe

TalkBack version 2.2.7 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | cc7d590f8622e596e03485bd1abd7962
Debian Linux Security Advisory 1408-1
Posted Nov 26, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1408-1 - Alin Rad Pop discovered a buffer overflow in kpdf, which could allow the execution of arbitrary code if a malformed PDF file is displayed.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-5393
MD5 | d3bd82722c3c37c0e3e39ebceeb95f80
gwextranet-include.txt
Posted Nov 26, 2007
Authored by Joseph Giron

GWextranet suffers from local file inclusion and script insertion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
MD5 | ab6cd14518521d06a796739f30e98227
evanced-sqlxss.txt
Posted Nov 26, 2007
Authored by Joseph Giron

E-vanced Solutions suffers from cross site scripting and SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
MD5 | 2eda6235ab8f905bdbdc1c8654869f80
vumailer-sql.txt
Posted Nov 26, 2007
Authored by The-0utl4w | Site aria-security.net

The VU Mailer mass mailer suffers from a SQL injection vulnerability.

tags | exploit, sql injection
MD5 | 62dd5319bd21d0d15166a5116967f170
Mandriva Linux Security Advisory 2007.230
Posted Nov 26, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A flaw in the t1lib library where an attacker could create a malicious file that would cause tetex to crash or possibly execute arbitrary code when opened. Alin Rad Pop found several flaws in how PDF files are handled in tetex. An attacker could create a malicious PDF file that would cause tetex to crash or potentially execute arbitrary code when opened. A stack-based buffer overflow in dvips in tetex allows for user-assisted attackers to execute arbitrary code via a DVI file with a long href tag. A vulnerability in dvips in tetex allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place. Multiple buffer overflows in dviljk in tetext may allow users-assisted attackers to execute arbitrary code via a crafted DVI input file.

tags | advisory, overflow, arbitrary, local
systems | linux, mandriva
advisories | CVE-2007-5937, CVE-2007-4352, CVE-2007-5392, CVE-2007-5393, CVE-2007-5935, CVE-2007-5936, CVE-2007-4033
MD5 | 187635521c833ac66c89ca720f5fcc3d
Mandriva Linux Security Advisory 2007.229
Posted Nov 26, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A few vulnerabilities and security-related issues have been fixed in phpMyAdmin since the 2.11.1.2 release. This update provides version 2.11.2.2 which is the latest stable release of phpMyAdmin.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2007-5976, CVE-2007-5977
MD5 | 5c5d7c1ed94a2f310fe3954e7a959f2e
Gentoo Linux Security Advisory 200711-32
Posted Nov 26, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-32 - Kevin B. McCarty discovered that the feynmf.pl script creates a temporary properly list file at the location $TMPDIR/feynmf$PID.pl, where $PID is the process ID. Versions less than 1.08-r2 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-5940
MD5 | bc3c2237199688d83b19f00a7ff8e45b
Gentoo Linux Security Advisory 200711-31
Posted Nov 26, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-31 - The SNMP agent (snmpd) does not properly handle GETBULK requests with an overly large max-repetitions field. Versions less than 5.4.1-r1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-5846
MD5 | 6450376a8f26ae23f45184edccf54575
Gentoo Linux Security Advisory 200711-30
Posted Nov 26, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-30 - Tavis Ormandy (Google Security) discovered multiple vulnerabilities in PCRE. He reported an error when processing \Q\E sequences with unmatched \E codes that can lead to the compiled bytecode being corrupted. PCRE does not properly calculate sizes for unspecified multiple forms of character class, which triggers a buffer overflow. Further improper calculations of memory boundaries were reported when matching certain input bytes against regex patterns in non UTF-8 mode and when searching for unmatched brackets or parentheses. Multiple integer overflows when processing escape sequences may lead to invalid memory read operations or potentially cause heap-based buffer overflows. PCRE does not properly handle \P and \P{x} sequences which can lead to heap-based buffer overflows or trigger the execution of infinite loops, PCRE is also prone to an error when optimizing character classes containing a singleton UTF-8 sequence which might lead to a heap-based buffer overflow. Versions less than 7.3-r1 are affected.

tags | advisory, overflow, vulnerability
systems | linux, gentoo
advisories | CVE-2006-7227, CVE-2006-7228, CVE-2006-7230, CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768
MD5 | 52301116aa5ae4963242b6577a6a61d2
Gentoo Linux Security Advisory 200711-29
Posted Nov 26, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-29 - Two vulnerabilities have been reported in nmbd. Alin Rad Pop (Secunia Research) discovered a boundary checking error in the reply_netbios_packet() function which could lead to a stack-based buffer overflow. The Samba developers discovered a boundary error when processing GETDC logon requests also leading to a buffer overflow. Versions less than 3.0.26a-r2 are affected.

tags | advisory, overflow, vulnerability
systems | linux, gentoo
advisories | CVE-2007-4572, CVE-2007-5398
MD5 | 59576880c4488e87c92b0899e49e96d3
skyportal-multi.txt
Posted Nov 26, 2007
Site bugreport.ir

SkyPortal version RC6 suffers from multiple SQL injection vulnerabilities along with an unauthorized access to messages flaw.

tags | exploit, vulnerability, sql injection
MD5 | b916ffb36caad8a8ac0a3170e14a8987
bcoos-lfisql.txt
Posted Nov 26, 2007
Authored by trueend5 | Site kapda.ir

bcoos version 1.0.10 suffers from local file inclusion and SQL injection vulnerabilities.

tags | exploit, local, vulnerability, sql injection, file inclusion
MD5 | a8799da8a6452464a0e42945f675d93e
wirelessg-multi.txt
Posted Nov 26, 2007
Authored by petko d. petkov | Site gnucitizen.org

The Wireless-G ADSL Gateway with SpeedBooster (WAG54GS) suffers from persistent cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | f1d10a2945b94f818b8b22f60726bcc7
EEYE-bitdefender.txt
Posted Nov 26, 2007
Authored by Greg Linares | Site eeye.com

eEye Digital Security has discovered a critical remote code execution condition within OScan8.ocx and Oscan81.ocx included by default in BitDefender Online Anti-Virus Scanner 8.0 released on May 24th 2006.

tags | advisory, remote, code execution, virus
MD5 | 4799d99db7d7b71c17ec8dac9f47f60d
HP Security Bulletin 2007-14.61
Posted Nov 26, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential vulnerability has been identified with HP-UX running BIND 8. The vulnerability could be exploited remotely to cause DNS cache poisoning.

tags | advisory
systems | hpux
advisories | CVE-2007-2930
MD5 | 0ba5ce2c58f488f4b6a9a7f8cfb737bd
wellsfargo-notsogood.txt
Posted Nov 26, 2007
Authored by joel

It appears that Wells Fargo's online banking is now allowing third party javascript from Akamai. Hopefully they come to their senses.

tags | advisory, javascript
MD5 | f70c4aad89a603207703fcc4f9b66d8e
Mandriva Linux Security Advisory 2007.228
Posted Nov 26, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in cups. An attacker could create a malicious PDF file that would cause cups to crash or potentially execute arbitrary code when opened.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
MD5 | 3b63964426b583b7859d5d456d6c969d
Mandriva Linux Security Advisory 2007.227
Posted Nov 26, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in poppler. An attacker could create a malicious PDF file that would cause poppler to crash or potentially execute arbitrary code when opened.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
MD5 | 89d580be4bc84ec7277dde50a2f6dd89
Mandriva Linux Security Advisory 2007.226
Posted Nov 26, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. The minix filesystem code allows local users to cause a denial of service (hang) via a malformed minix file stream. An integer underflow in the Linux kernel prior to 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set.

tags | advisory, remote, denial of service, kernel, local, vulnerability
systems | linux, minix, mandriva
advisories | CVE-2006-6058, CVE-2007-4997
MD5 | 78821709b8c62321dd92c246f966efc7
ezchatbox-xss.txt
Posted Nov 26, 2007
Authored by ShAy6oOoN

EZChatbox version 1.01 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 05559475ba427958d8cb5fa2c9f423c7
Page 1 of 4
Back1234Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close