what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files Date: 2007-12-31

Search Engine Assessment Tool 0.2
Posted Dec 31, 2007
Authored by Peter Kacherginsky | Site midnightresearch.com

SEAT (Search Engine Assessment Tool) is the next generation information digging application geared toward the needs of security professionals. SEAT uses information stored in search engine databases, cache repositories, and other public resources to scan a site for potential vulnerabilities. It's multi-threaded, multi-database, and multi-search-engine capabilities permit easy navigation through vast amounts of information with a goal of system security assessment. Furthermore, SEAT's ability to easily process additional search engine signatures as well as custom made vulnerability databases allows security professionals to adapt SEAT to their specific needs.

tags | tool, scanner, vulnerability
systems | unix
SHA-256 | 1dca56a6f60d703faf1e555a7c458656e20afac2c3cc327143a474f79f5a3b53
inotes6w2-overwrite.txt
Posted Dec 31, 2007
Authored by Elazar Broad

IBM Domino Web Access upload module inotes6.dll SEH overwrite exploit that has the same offset as the dwa7w exploit but the same class id as the original inotes6 exploit.

tags | exploit, web
advisories | CVE-2007-4474
SHA-256 | 58ead93457bb90bfbff8414e450da8513143cd665b5b3e055e2f3cc03d82e513
dwa7w-overwrite.txt
Posted Dec 31, 2007
Authored by Elazar Broad

IBM Domino Web Access upload module dwa7w.dll SEH overwrite exploit.

tags | exploit, web
advisories | CVE-2007-4474
SHA-256 | 4be19d2899aa0ce523d06bed33750f7f8e3e3c4e6e8c679af4d50895c9aa08c7
macrovision-overwrite.txt
Posted Dec 31, 2007
Authored by Elazar Broad

Macrovision Installshield isusweb.dll version 5.1.100.47363 SEH overwrite exploit.

tags | exploit
SHA-256 | c4513a5f573d3d412d6822d22f4f48be3db757a88ca544659ec39a426a8f59d9
inotes6-overwrite.txt
Posted Dec 31, 2007
Authored by Elazar Broad

IBM Domino Web Access upload module inotes6.dll SEH overwrite exploit.

tags | exploit, web
advisories | CVE-2007-4474
SHA-256 | 825727e3aded175ca3e3c3e8ad11b552c824070c5e2b4ab525e18606d3e6a02f
livecart-xss.txt
Posted Dec 31, 2007
Authored by DoZ | Site hackerscenter.com

LiveCart version 1.0.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 51548c242d362c34b5329b13cefb47ac86516b360e27cba8ac226e0ca470ef07
Gentoo Linux Security Advisory 200712-25
Posted Dec 31, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-25 - The HSQLDB engine, as used in Openoffice.org, does not properly enforce restrictions to SQL statements. Versions less than 2.3.1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-4575
SHA-256 | 1e53e32e33582247af57b2f25aa112d8a309e06fb922229c61f1d6eb821cf84f
Gentoo Linux Security Advisory 200712-24
Posted Dec 31, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-24 - The Cairo versions used by the AMD64 x86 emulation GTK+ libraries were vulnerable to integer overflow vulnerabilities (GLSA 200712-04). Versions less than 20071214 are affected.

tags | advisory, overflow, x86, vulnerability
systems | linux, gentoo
SHA-256 | 5fa89f604687472d61e96c6bdaf4f50c7dd46ebd2b06a0042eceb8af108a3683
Gentoo Linux Security Advisory 200712-23
Posted Dec 31, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-23 - Multiple buffer overflows and infinite loops were discovered in multiple dissector and parser components, including those for MP3 and NCP (CVE-2007-6111), PPP (CVE-2007-6112), DNP (CVE-2007-6113), SSL and iSeries (OS/400) Communication traces (CVE-2007-6114), ANSI MAP (CVE-2007-6115), Firebird/Interbase (CVE-2007-6116), HTTP (CVE-2007-6117), MEGACO (CVE-2007-6118), DCP ETSI (CVE-2007-6119), Bluetooth SDP (CVE-2007-6120), RPC Portmap (CVE-2007-6121), SMB (CVE-2007-6438), IPv6 amd USB (CVE-2007-6439), WiMAX (CVE-2007-6441), RPL (CVE-2007-6450), CIP (CVE-2007-6451). The vulnerabilities were discovered by Stefan Esser, Beyond Security, Fabiodds, Peter Leeming, Steve and ainsley. Versions less than 0.99.7 are affected.

tags | advisory, web, overflow, vulnerability
systems | linux, gentoo
advisories | CVE-2007-6111, CVE-2007-6112, CVE-2007-6113, CVE-2007-6114, CVE-2007-6115, CVE-2007-6116, CVE-2007-6117, CVE-2007-6118, CVE-2007-6119, CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441, CVE-2007-6450, CVE-2007-6451
SHA-256 | bf36ff899c761e97a5f00149bcd4e716d1df66512c8fe7cd63197ace44cec7f7
Gentoo Linux Security Advisory 200712-22
Posted Dec 31, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-22 - David Bloom reported two vulnerabilities where plug-ins (CVE-2007-6520) and Rich text editing (CVE-2007-6522) could be used to allow cross domain scripting. Alexander Klink (Cynops GmbH) discovered an issue with TLS certificates (CVE-2007-6521). Gynvael Coldwind reported that bitmaps might reveal random data from memory (CVE-2007-6524). Versions less than 9.25 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2007-6520, CVE-2007-6521, CVE-2007-6522, CVE-2007-6524
SHA-256 | 530363e74b05a9c0cab7ab3ccbe4e38646d82e728737b3b36e700bc1f9db60fc
vantage-overflow.txt
Posted Dec 31, 2007
Authored by Elazar Broad

Vantage Linguistics AnswerWorks version 4 API ActiveX control buffer overflow exploit.

tags | exploit, overflow, activex
SHA-256 | 654af9fb383cad5bcfe2ab6f2429c65a3ffd4a0ece41a2c25b8012a68707f6d8
milliscripts-xss.txt
Posted Dec 31, 2007
Authored by JosS | Site spanish-hackers.com

milliscripts suffers from a cross site scripting vulnerability in dir.php.

tags | exploit, php, xss
SHA-256 | 4af36b372999d026d0c14cea9a54205f1803ebed3db2d83499ce372a5bd2abf9
oneschool-sql.txt
Posted Dec 31, 2007
Authored by Guga360

oneSCHOOL remote SQL injection exploit that makes use of admin/login.asp.

tags | exploit, remote, sql injection, asp
SHA-256 | 2519427f24eb4dce14bef2648ed79e0ad1612c8f4c07885a98ae008729aa6365
bitweaver-disclose.txt
Posted Dec 31, 2007
Authored by AmnPardaz Security Research Team | Site bugreport.ir

Bitweaver R2 CMS version 2 suffers from source code disclosure and arbitrary file upload vulnerabilities.

tags | exploit, arbitrary, vulnerability, info disclosure, file upload
SHA-256 | 4bf66d8aabac6e5e914121cc49004372f11d97cd29e23898cd01c72e301f98fd
isd-sql.txt
Posted Dec 31, 2007
Authored by The-0utl4w | Site aria-security.net

Instant Softwares DatingSite suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3d887a0e2e8952f9b1161bc28f4cc0750c2a048d12a9e91aac5745609f58d78a
zenphoto-sql.txt
Posted Dec 31, 2007
Authored by Silentz | Site w4ck1ng.com

Zenphoto version 1.1.3 remote SQL injection exploit that makes use of rss.php.

tags | exploit, remote, php, sql injection
SHA-256 | ebea914d89753aa5cf99f22da03cc2a7cef941eb3aefb589e889de51b5c379ea
cutenews-download.txt
Posted Dec 31, 2007
Authored by Pr0metheuS

CuteNews version 2.6 arbitrary file download exploit.

tags | exploit, arbitrary
SHA-256 | fd63f30fa6afac5d7724bff44aadb2674c704e32efc26e02417a549082674fa4
ccms-sql.txt
Posted Dec 31, 2007
Authored by Pr0metheuS

CCMS version 3.1 Demo remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | ef04ff7d1ca6c0a4deb3f783b974701610941a828b153bfedbdd47a959bc6bf4
tk53-clamav.txt
Posted Dec 31, 2007
Authored by Lolek, Roflek

TK53 Advisory 2 - Multiple vulnerabilities exist in ClamAV version 0.92 including a race condition and bypass flaws.

tags | advisory, vulnerability
SHA-256 | 60f282650db36b99a8714bd90bc91b916c65759e7573026b8b48aaf66bad3ad2
manyssl-1.1.tar.gz
Posted Dec 31, 2007
Site portcullis-security.com

This perl script will enumerate the SSL ciphers in use on any SSL encrypted service, including STARTTLS on SMTP. The script will warn the operator if a self signed certificate is detected on a https encrypted service.

tags | web, perl, encryption
SHA-256 | b072fc02eb3c308b65335f16281547f292d409ddca19c12a820a6fe6a2d9eb2c
nmapfinger-whoops.txt
Posted Dec 31, 2007
Authored by Josh Morin

Fingerprints in Astaro Security Gateway version 7.1 could allow a remote attacker to create malicious payloads.

tags | advisory, remote
SHA-256 | 2f9ea311b09010ad3e8ad33024368042b35a137bbdea00e122e1fe24cf6ed200
myphp-sql.txt
Posted Dec 31, 2007
Authored by x0kster

MyPHP Forum versions 3.0 and below suffer from multiple SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
SHA-256 | 1fa8e47bceeab90f65d0b10d450f56383f090bce02fde02ee8a0a341f3ad1d4a
iptbb-sql.txt
Posted Dec 31, 2007
Authored by MhZ91 | Site inj3ct-it.org

IPTBB versions 0.5.4 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c038d616f12bec1b85aa9758e82a38e84607fc4ddac3d92c1a455e7ce87c362d
sshutout-1.0.5.tar.gz
Posted Dec 31, 2007
Authored by Bil DuPree | Site techfinesse.com

sshutout is a daemon that periodically monitors log files, looking for multiple failed login attempts via the Secure Shell daemon. The daemon is meant to mitigate what are commonly known as "dictionary attacks," i.e. scripted brute force attacks that use lists of user IDs and passwords to effect unauthorized intrusions. The sshutout daemon blunts such attacks by creating firewall rules to block individual offenders from accessing the system. These rules are created when an attack signature is detected, and after a configurable expiry interval has elapsed, the rules are deleted.

tags | shell, encryption
SHA-256 | 567e214628c24ac9db457b67151c215930f9790be908b3898d905e68a6e579c9
ndisc6-0.9.5.tar.bz2
Posted Dec 31, 2007
Authored by Remi Denis-Courmont | Site people.via.ecp.fr

ndisc consists or two small command line tools (ndisc and rdisc) that perform ICMPv6 Neighbor Discovery and ICMPv6 Router Discovery respectively. It is primarily meant for IPv6 networking diagnostics or to detect rogue IPv6 nodes or routers on an Ethernet segment.

Changes: Fixed RDNSSD handling of GID. Various cosmetic fixes.
tags | tool, scanner
systems | unix
SHA-256 | 3aadf5d1f3b4620833527511ee700a2f0365a10d62219ece882ca6424e8ffe0c
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    11 Files
  • 8
    Dec 8th
    36 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close