Exploit the possiblities
Showing 1 - 25 of 786 RSS Feed

Files Date: 2007-12-01 to 2007-12-31

Linux IPTables Firewall 1.4.0
Posted Dec 29, 2007
Site iptables.org

iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.

Changes: Various fixes in this release.
tags | tool, firewall
systems | linux
MD5 | 90cfa8a554a29b0b859a625e701af2a7
sptrace-1.4.1.tar.gz
Posted Dec 29, 2007
Authored by Krzysztof Burghardt | Site underground.org.pl

sptrace is a secure ptrace() module for Linux. It limits users' access to the ptrace() call. It can disable ptrace altogether, or if you add a ptrace group to your system, only users in that group will be able to use ptrace().

systems | linux
MD5 | d0b58eced8f60e696c39dfaf4b306771
mihalism-rfi.txt
Posted Dec 29, 2007
Authored by GolD_M | Site tryag.cc

Mihalism Multi Forum Host versions 3.0.x and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | bfdefa79b928c3f68a21aafde8c26220
jportal-exec.txt
Posted Dec 29, 2007
Authored by irk4z

jPORTAL version 2.3.1 and UserPatch remote PHP code execution exploit that makes use of forum.php.

tags | exploit, remote, php, code execution
MD5 | 5e3b261d3856d240743784d21dcec82e
Gentoo Linux Security Advisory 200712-21
Posted Dec 29, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-21 - Jesse Ruderman and Petko D. Petkov reported that the jar protocol handler in Mozilla Firefox and Seamonkey does not properly check MIME types (CVE-2007-5947). Gregory Fleischer reported that the window.location property can be used to generate a fake HTTP Referer (CVE-2007-5960). Multiple memory errors have also been reported (CVE-2007-5959). Versions less than 2.0.0.11 are affected.

tags | advisory, web, protocol
systems | linux, gentoo
advisories | CVE-2007-5947, CVE-2007-5959, CVE-2007-5960
MD5 | 62d7fd5d1e0e1068e081617596992ee8
Gentoo Linux Security Advisory 200712-20
Posted Dec 29, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-20 - iDefense reported an integer overflow vulnerability in the cli_scanpe() function when parsing Portable Executable (PE) files packed in the MEW format, that could be exploited to cause a heap-based buffer overflow (CVE-2007-6335). Toeroek Edwin reported an off-by-one error when decompressing MS-ZIP compressed CAB files (CVE-2007-6336). An unspecified vulnerability related to the bzip2 decompression algorithm has also been discovered (CVE-2007-6337). Versions less than 0.91.2-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-6335, CVE-2007-6336, CVE-2007-6337
MD5 | d24f2caf1e6066ee693b8371b745cbde
Gentoo Linux Security Advisory 200712-19
Posted Dec 29, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-19 - Oriol Carreras reported a NULL pointer dereference in the log_msg_parse() function when processing timestamps without a terminating whitespace character. Versions less than 2.0.6 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-6437
MD5 | 5e698d3b561576cc13d4422b5922d9f2
Gentoo Linux Security Advisory 200712-18
Posted Dec 29, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-18 - nnp discovered multiple vulnerabilities in the XML-RPC handler in the file webserver.c. The ws_addarg() function contains a format string vulnerability, as it does not properly sanitize username and password data from the Authorization: Basic HTTP header line (CVE-2007-5825). The ws_decodepassword() and ws_getheaders() functions do not correctly handle empty Authorization header lines, or header lines without a ':' character, leading to NULL pointer dereferences (CVE-2007-5824). Versions less than 0.2.4.1 are affected.

tags | advisory, web, vulnerability
systems | linux, gentoo
advisories | CVE-2007-5824, CVE-2007-5825
MD5 | 42ba0e2495aa71dc5c890aaff6b91084
Gentoo Linux Security Advisory 200712-17
Posted Dec 29, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-17 - Meder Kydyraliev (Google Security) discovered that Exif metadata is not properly sanitized before being processed, resulting in illegal memory access in the postprop() and other functions (CVE-2007-6354). He also discovered integer overflow vulnerabilities in the parsetag() and other functions (CVE-2007-6355) and an infinite recursion in the readifds() function caused by recursive IFD references (CVE-2007-6356). Versions less than 1.01 are affected.

tags | advisory, overflow, vulnerability
systems | linux, gentoo
advisories | CVE-2007-6354, CVE-2007-6355, CVE-2007-6356
MD5 | a584664894341f424cd8e43143f62ef8
Gentoo Linux Security Advisory 200712-16
Posted Dec 29, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-16 - Meder Kydyraliev (Google Security) discovered an integer overflow vulnerability in the JpegThumbnail::setDataArea() method leading to a heap-based buffer overflow. Versions less than 0.13-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-6353
MD5 | fc872ddcea86f6cda5645bb69903878b
Gentoo Linux Security Advisory 200712-15
Posted Dec 29, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-15 - Meder Kydyraliev (Google Security) discovered an integer overflow vulnerability in the exif_data_load_data_thumbnail() function leading to a memory corruption (CVE-2007-6352) and an infinite recursion in the exif_loader_write() function (CVE-2007-6351). Versions less than 0.6.16-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-6351, CVE-2007-6352
MD5 | 0036504c0eb90eb8567eeebf7ed675d9
Debian Linux Security Advisory 1442-1
Posted Dec 29, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1442-1 - Rubert Buchholz discovered that libsndfile, a library for reading / writing audio files performs insufficient boundary checks when processing FLAC files, which might lead to the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2007-4974
MD5 | 57b37d2a4f4496939ae7a1675e08b537
DIMVA-2008.txt
Posted Dec 29, 2007
Site dimva.org

Call For Papers for DIMVA 2008, the Fifth GI International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment; which is to be held in Paris, France, July 10-11, 2008.

tags | paper, conference
MD5 | f1e328c3fb0b9d3d765eb9a3a62f1c1a
phcdownload-xss.txt
Posted Dec 29, 2007
Authored by Lostmon | Site lostmon.blogspot.com

PHCDownload suffers from a cross site scripting vulnerability in search.php.

tags | exploit, php, xss
MD5 | a12bd0e79671216f9a7f1c56d27268e8
makale-xss.txt
Posted Dec 29, 2007
Authored by GeFORC3

Makale Scripti suffers form a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 91e364318741f97ec6b1a586df101bcc
seclog-2007-001.txt
Posted Dec 29, 2007
Authored by Felix Groebert | Site seclog.de

NoseRub versions 0.5.2 and below suffer from a SQL injection vulnerability.

tags | exploit, sql injection
MD5 | 082b8e4c54ce3efe96c596a7cfe889dc
coolplayer-overflow.txt
Posted Dec 29, 2007
Authored by Luigi Auriemma | Site aluigi.org

CoolPlayer versions 217 and below suffer from a buffer overflow vulnerability in CPLI_Readtag_OGG.

tags | advisory, overflow
MD5 | 2ce29fda2f085a9662141dc8d5b8db3c
Debian Linux Security Advisory 1441-1
Posted Dec 29, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1441-1 - Luigi Auriemma discovered that PeerCast, a P2P audio and video streaming server, is vulnerable to a heap overflow in the HTTP server code, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.

tags | advisory, remote, web, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-6454
MD5 | 1cc219462c7386396c86f93e433fbada
Debian Linux Security Advisory 1440-1
Posted Dec 29, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1440-1 - It was discovered that a buffer overflow in the filename processing of the inotify-tools, a command-line interface to inotify, may lead to the execution of arbitrary code. This only affects the internal library and none of the frontend tools shipped in Debian.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-5037
MD5 | 6d8f37da4c823567251a11b86460b9b6
Debian Linux Security Advisory 1439-1
Posted Dec 29, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1439-1 - Henning Pingel discovered that TYPO3, a web content management framework, performs insufficient input sanitising, making it vulnerable to SQL injection by logged-in backend users.

tags | advisory, web, sql injection
systems | linux, debian
advisories | CVE-2007-6381
MD5 | e6a6d67fe7190ab1580b7f1d8cb23e1d
Debian Linux Security Advisory 1438-1
Posted Dec 29, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1438-1 - Several vulnerabilities have been discovered in GNU Tar. A directory traversal vulnerability enables attackers using specially crafted archives to extract contents outside the directory tree created by tar. A stack-based buffer overflow in the file name checking code may lead to arbitrary code execution when processing maliciously crafted archives.

tags | advisory, overflow, arbitrary, vulnerability, code execution
systems | linux, debian
advisories | CVE-2007-4131, CVE-2007-4476
MD5 | 9876b5a2363d163e5bd48c7c91cf6a80
hp-snmp.txt
Posted Dec 29, 2007
Authored by uncleron

The HP Photosmart C6280 network printer ships with unchangeable insecure default settings.

tags | advisory
MD5 | 526cb2ee10c1bd7f0a8519a5b5fabf46
2zproject-multi.txt
Posted Dec 29, 2007
Authored by Alexandr Polyakov, Stas Svistunovich

2z project version 0.9.6.1 suffers from cross site scripting and disclosure vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 6a6d35e720d4f19593df620e1add5276
hellsing-0.2.tar.gz
Posted Dec 29, 2007
Authored by Ben

Hellsing is a utility designed for attacking web applications. It supports multiple vulnerabilities through the use of a configuration file.

tags | tool, web, scanner, vulnerability
systems | unix
MD5 | cba08e78e868169474623a4bd3ce0ea4
faqmaster-multi.txt
Posted Dec 29, 2007
Authored by Juan Galiana Lara

FAQMasterFlexPlus suffers from cross site scripting and SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
MD5 | c761ff5b85434505508ed324adc3dc62
Page 1 of 32
Back12345Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close