exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 60 RSS Feed

Files Date: 2008-02-06

Secunia Security Advisory 28723
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Kierznowski has reported a vulnerability in Livelink ECM, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 97f5403da56761a645fbbb03be375dc2c0b973b0c73b81918dd6ef405c2a9d60
Gentoo Linux Security Advisory 200802-2
Posted Feb 6, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200802-02 - Luigi Auriemma discovered multiple buffer overflows in the D_NetPlayerEvent() function, the Msg_Write() function and the NetSv_ReadCommands() function. He also discovered errors when handling chat messages that are not NULL-terminated (CVE-2007-4642) or contain a short data length, triggering an integer underflow (CVE-2007-4643). Furthermore a format string vulnerability was discovered in the Cl_GetPackets() function when processing PSV_CONSOLE_TEXT messages (CVE-2007-4644). Versions less than or equal to 1.9.0-beta5.2 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-4642, CVE-2007-4643, CVE-2007-4644
SHA-256 | eaa061d64b695f84a7e77d113250243eabc4fd57ed8273f7d1d6a82cdd7bf0be
Gentoo Linux Security Advisory 200802-1
Posted Feb 6, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200802-01 - The LWZReadByte() function in file IMG_gif.c and the IMG_LoadLBM_RW() function in file IMG_lbm.c each contain a boundary error that can be triggered to cause a static buffer overflow and a heap-based buffer overflow. The first boundary error comes from some old vulnerable GD PHP code (CVE-2006-4484). Versions less than 1.2.6-r1 are affected.

tags | advisory, overflow, php
systems | linux, gentoo
advisories | CVE-2007-6697, CVE-2008-0544
SHA-256 | 41799460087c27d9ce78174c9f6d82c619d0b53782aabecefe72c169283071b8
Mandriva Linux Security Advisory 2008-036
Posted Feb 6, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Wei Wang found that the SNMP discovery backend in CUPS did not correctly calculate the length of strings. If a user could be tricked into scanning for printers, a remote attacker could send a specially crafted packet and possibly execute arbitrary code. As well, the fix for CVE-2007-0720 in MDKSA-2007:086 caused another denial of service regression within SSL handling.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2007-4045, CVE-2007-5849
SHA-256 | ecabb41b8b78285be0640a5a66957a87738180a417d3ecba60aedebac3f4919e
Secunia Security Advisory 28789
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Alexander Concha has reported a vulnerability in WordPress MU, which can be exploited by malicious users to bypass certain security restrictions and to compromise a vulnerable system.

tags | advisory
SHA-256 | 57bf8f0bc5dc90dc1eeb063bea8a0cb807e122f19235e35fcfc7f961d0e52aba
Secunia Security Advisory 28810
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Pablo Gaston Milano has reported a vulnerability in Documentum Administrator and Documentum Webtop, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 65268d11a405e3192773fd6b74a4a8a0a1a3b1d41e08bacae5a3f816c9793a43
Zero Day Initiative Advisory 08-03
Posted Feb 6, 2008
Authored by Tipping Point, Titon | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Backup Exec System Recovery Manager. Authentication is not required to exploit this vulnerability. Backup Exec System Recovery Manager versions 7.0 and 7.0.1 are affected.

tags | advisory, remote, arbitrary
advisories | CVE-2008-0457
SHA-256 | 2febe6c060baca99c4a70f0ea9a1c410d16626e72a059c4ff90bc5900afd1555
wsftp-disclose.txt
Posted Feb 6, 2008
Authored by Luigi Auriemma | Site aluigi.org

WS_FTP Server versions 6.1.0.0 and below and Ipswitch What's Up Gold version 11.03 suffer from source disclosure and authorization bypass vulnerabilities.

tags | exploit, vulnerability, info disclosure
SHA-256 | 75bd56deca56e47f6a433127d3f88bfefa744db877bae4e083301a26545c72ec
Secunia Security Advisory 28698
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious users to gain escalated privileges or cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, suse
SHA-256 | f9109eb6579a593ed488cb80a9fae06723bbd66b1ae9f0d7a0e0a129ab189374
Secunia Security Advisory 28791
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - An update has been released for Skype, which implements security enhancements to prevent compromise of users' systems.

tags | advisory
SHA-256 | 765e2e7028e7002577eaa139b8afce86866fb92319993e5406ec5bf7e348d402
aircrack-ng-0.9.2.tar.gz
Posted Feb 6, 2008
Site aircrack-ng.org

aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).

Changes: aireplay-ng now works with rtc_cmos and has a compilation fix. Various support was added to airmon-ng. Other fixes have been added to the other tools as well.
tags | tool, wireless
SHA-256 | a8f60982a8a630fc788e6161b1634249aba747c35573bf9f3166261219467b24
Debian Linux Security Advisory 1483-1
Posted Feb 6, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1483-1 - The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value.

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2007-5846
SHA-256 | 5daffd560a50978facc11fa6d4b0a625eeb355f15b815daf26d5fef26037223f
mihalism-sql.txt
Posted Feb 6, 2008
Authored by Moubik | Site rstzone.org

Mihalism Multi Host Download blind SQL injection exploit that makes use of users.php.

tags | exploit, php, sql injection
SHA-256 | f3e116d3adf45b7ca3cf246522ab345737e81244b487b16f2576a3a766ca435a
joomlaynews-sql.txt
Posted Feb 6, 2008
Authored by Crackers_Child

The Joomla Ynews component version 1.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d4a4d1938055d31983dd1a599ac58c8f616be4a584b14a304ae539585354c502
iDEFENSE Security Advisory 2008-02-04.1
Posted Feb 6, 2008
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 02.04.08 - Remote exploitation of a denial of service vulnerability in Hewlett-Packard's Network Node Manager product allows attackers to crash the ovtopmd process. The ovtopmd process contains an implementation error, in which it attempts to access an invalid memory address based on data within the TCP stream. By sending a specially crafted request, an attacker can cause the service to crash. iDefense has confirmed this vulnerability in HP's OpenView Network Node Manager 7.5 with all updates applied as of May 14th, 2007.

tags | advisory, remote, denial of service, tcp
advisories | CVE-2008-0212
SHA-256 | 729c873c456bce1b31790f282ccf524eff5e30ecb47c3e16b548ea893304c259
planetluc-xss.txt
Posted Feb 6, 2008
Authored by SkyOut | Site core-security.net

MyNews version 1.6.x suffers from HTML and Javascript injection vulnerabilities allowing for cross site scripting attacks.

tags | exploit, javascript, vulnerability, xss
SHA-256 | 7ea731e2ab60cc85afda394d2c913259d2b356b42ef368a1c66d4f0c9dddf581
OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf
Posted Feb 6, 2008
Authored by Amit Klein | Site trusteer.com

The paper describes a weakness in the pseudo random number generator (PRNG) in use by OpenBSD, Mac OS X, Mac OS X Server, Darwin, NetBSD, FreeBSD and DragonFlyBSD to produce random DNS transaction IDs (OpenBSD) and random IP fragmentation IDs.

tags | paper
systems | netbsd, freebsd, openbsd, apple, osx
SHA-256 | f4d5a9167d760de1ba2fee62eca09913ff2bc2b3ccd64974ce7df7c989bc49c5
astanda-sql.txt
Posted Feb 6, 2008
Authored by you_kn0w | Site youknowz.info

Astanda Directory Project version 1.2 suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | fb8cb0a21ee52f94fa2b4c13fe9aef7b001a816c90e279817023a40d84c8bb8a
mybbprivate-sql.txt
Posted Feb 6, 2008
Authored by F

MyBulletinBoard aka MyBB versions 1.2.11 and below SQL injection exploit that makes use of private.php.

tags | exploit, php, sql injection
SHA-256 | 97bb5a7869c51e45e75097a5f9c6e47a0d7e55d856543f8f7f12e49f056c1d24
Secunia Security Advisory 28788
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the KAME Project, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | d22e320f2de5b753dab58846ae91fb315dfb17c1eddb603d770baa4cfc5053ab
Secunia Security Advisory 28795
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Sun JRE, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 3feee2cc6f9f52c19bfa810c9098c8a63fa847cbc67a41f00b14c681829d9d4e
Secunia Security Advisory 28816
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in NetBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | netbsd
SHA-256 | 9c4e9af6188293fc22efe60fe17d47ec1b8e2de2160a6db76ed4c4da41dbfb2b
HP Security Bulletin 2008-00.7
Posted Feb 6, 2008
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP Virtual Rooms (HPVR) running on Microsoft Windows. The vulnerability could be exploited to allow remote execution of arbitrary code.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2008-0213
SHA-256 | b7ef85ae94bbc6efafdee99b55405948fba742201816d8d4e7495877ffa60bc9
HP Security Bulletin 2007-14.74
Posted Feb 6, 2008
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential vulnerabilities have been identified with the HP Storage Essentials, Storage Resource Management (SRM) software. These vulnerabilities could be exploited remotely to allow unauthorized access to a managed device.

tags | advisory, vulnerability
advisories | CVE-2008-0215
SHA-256 | b021491f7dacf0c24f2e58a9ae3a6231327901f042c92f5ab0bfc976ae7c0347
hydra-http-form.patch
Posted Feb 6, 2008
Authored by thc, deanx

The http-form module for hydra 5.4 has a problem which causes incorrect pieces of memory to be free'd. This is as a result of the memory leak plugs which have been applied to this module for this release. This patch removes the unneeded free's and allows the module to work correctly.

tags | web, memory leak
SHA-256 | ac64cac7e7334da4ed8ee10f88a7303460bc4c1f7cbb5b5a81f01e6c8938d0b4
Page 1 of 3
Back123Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close