what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 76 RSS Feed

Files Date: 2008-04-04

d3vscan-alpha8.bz2
Posted Apr 4, 2008
Authored by devtar | Site d3vscan.sourceforge.net

d3vscan is a network manager that is able to uniquely identify and graphically plot network and bluetooth devices to provide a higher degree of understanding of a particular network. It is also simple enough to be used by an average end user.

Changes: Windows installer added. Vulnerability scanner plugin released. Several bug fixes.
tags | tool, wireless
SHA-256 | 3a126fab40bdf37d454ad73832916998084a1fe58d73b0eedba9215a507149bc
iDEFENSE Security Advisory 2008-04-03.2
Posted Apr 4, 2008
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 04.03.08 - Remote exploitation of multiple buffer overflow vulnerabilities in Computer Associates International Inc.'s Alert Notification Service may allow an authenticated attacker to execute arbitrary code with SYSTEM privileges. iDefense confirmed the existence of these vulnerabilities with Computer Associates' Threat Manager for the Enterprise version 8.1. Other products that contain the Alert Notification Service are suspected to be vulnerable as well.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2007-4620
SHA-256 | d2635673c2b1130946fdc1be1208fdda6b3c6b4a0194893ff02ff0286ff13710
iDEFENSE Security Advisory 2008-04-03.1
Posted Apr 4, 2008
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 04.03.08 - Local exploitation of a directory traversal vulnerability within the pkgadd program distributed with SCO Group Inc's UnixWare operating system allows attackers to gain root privileges. iDefense confirmed the existence of this vulnerability within version 7.1.4 of UnixWare with all patches available as of August 27th, 2007 installed. Previous versions are suspected to be vulnerable.

tags | advisory, local, root
systems | unixware
advisories | CVE-2008-0310
SHA-256 | e6b4547375884db2c879ca5739a6c5e714edfebea5ad31056106838c96345215
Zero Day Initiative Advisory 08-019
Posted Apr 4, 2008
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the parsing of the QuickTime VR 'obji' atom. When the size of the atom is set to 0, a stack overflow condition occurs resulting in the execution of arbitrary code. Version 7.4.1 is affected.

tags | advisory, remote, overflow, arbitrary
systems | apple
advisories | CVE-2008-1022
SHA-256 | 6c3e0c5cb211b92cbd7127c5ea1a1f5b750a2a1f367ad2b61a75ddc0965ca9e2
Zero Day Initiative Advisory 08-018
Posted Apr 4, 2008
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of QuickTime files that utilize the Animation codec. A lack of proper length checks can result in a heap based buffer overflow leading to arbitrary code execution under the context of the currently logged in user. Version 7.4.1 is affected.

tags | advisory, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2008-1021
SHA-256 | 3e93a8a16be5bc031e21106b57c90a38d665860800637ac8dcda00f08f77d46d
Zero Day Initiative Advisory 08-017
Posted Apr 4, 2008
Authored by Tipping Point, Ruben Santamarta | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the quicktime.qts library responsible for parsing Kodak encoded images. A lack of proper error checking can result in a heap based buffer overflow leading to arbitrary code execution under the context of the currently logged in user. Version 7.4.1 is affected.

tags | advisory, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2008-1020
SHA-256 | 5a0f77158c978f158930d805cbf54223c82dcde935126e51c91eed9af13d4e95
Zero Day Initiative Advisory 08-016
Posted Apr 4, 2008
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the parsing of the QuickTime Channel Compositor atom. When the movie file contains a malformed 'chan' atom, a heap corruption occurs resulting in the execution of arbitrary code. Version 7.4.1 is affected.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2008-1018
SHA-256 | 9baf29867e60d70514a0820f86774a72ec460c6815f08156f0313155b4967b56
Zero Day Initiative Advisory 08-015
Posted Apr 4, 2008
Authored by Tipping Point, Sanbin Li | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the quicktime.qts library. The vulnerability resides in the component's parsing of 'crgn' atoms. A lack of proper sanity checks on the region size field can result in a heap based buffer overflow leading to arbitrary code execution under the context of the currently logged in user. Version 7.4.1 is affected.

tags | advisory, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2008-1017
SHA-256 | 4417a0eb999d64be74a7f967018ba0da3e32feea59b5f9554d659feb9d5d4925
Zero Day Initiative Advisory 08-014
Posted Apr 4, 2008
Authored by Tipping Point, bugfree | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the quickTime.qts while parsing corrupted .pict files. The module contains a vulnerable memory copy loop which searches for a terminator value. When this value is changed or omitted, a heap corruption occurs allowing the execution of arbitrary code. Version 7.4.1 is affected.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2008-1019
SHA-256 | 151ed5aeb91dc3c238624606c6681270e735a75bd99a572cc28a6df9e5e228f4
challenge200804042008.txt
Posted Apr 4, 2008
Site digitalarmaments.com

Digital Armaments officially announce the launch of March-April hacking challenge. The challenge starts on March 1. For the March-April Challenge, Digital Armaments will give a prize of 5,000$ for each submission that results in a Exploitable Vulnerability or Working Exploit for Windows or Windows Diffuse Application. This should include example and documentation.

tags | paper
systems | windows
SHA-256 | badaf9ade5e301b9799599a64629014f33fb268939093c6ac2f63e654426f13d
OpenNHRP NBMA Next Hop Resolution 0.6.2
Posted Apr 4, 2008
Authored by Timo Teras | Site sourceforge.net

OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.

Changes: Multiple bug fixes, some code cleanups, and improvements.
tags | encryption, protocol
systems | cisco, linux
SHA-256 | 2ccfa668e7572fdc470e6561f8c8ab4d69a1b0b6b8222699490b9d7193ebb661
strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Apr 4, 2008
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: libstrongswan has been modularized to attach crypto algorithms, credential implementations (keys, certificates) and fetchers dynamically through plugins. Various other additions and improvements.
tags | kernel, encryption
systems | linux
SHA-256 | 702e7ef743dea0bf658d1526c3ad95bc859813a5c762a600cd0fc03021c28050
prelude-manager-0.9.12.tar.gz
Posted Apr 4, 2008
Site prelude.sourceforge.net

Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.

Changes: New connection-timeout option, various fixes.
tags | tool, remote, local, intrusion detection
systems | unix
SHA-256 | 6a0a223b14a5eedea751d2674b35b90bd2e88928ff8791c8d19dd1d5da45e06c
msbasic-overflow.txt
Posted Apr 4, 2008
Authored by shinnai | Site shinnai.altervista.org

Microsoft Visual Basic Enterprise Edition version 6 SP 6 DSR file local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | ed4d787e9973a5566ae6707044eda9ca12236913f12acae8689d9011cebc6c40
scomerge-local.txt
Posted Apr 4, 2008
Authored by qaaz

SCO UnixWare Merge mcd local root exploit.

tags | exploit, local, root
systems | unixware
SHA-256 | 9033a32bbdecaf9ad9d1ca14f1d6763128b45d3d45516d8745019fa6bb0b8c39
scoreliant-local.txt
Posted Apr 4, 2008
Authored by qaaz

SCO UnixWare Reliant HA local root exploit.

tags | exploit, local, root
systems | unixware
SHA-256 | 7962d0fbe4f0cb88c507acc5f45caea618cd091bb18a8f78bbc336fdcabf4001
scopkgadd-local.txt
Posted Apr 4, 2008
Authored by qaaz

SCO UnixWare versions below 7.1.4 p534589 pkgadd local root exploit.

tags | exploit, local, root
systems | unixware
SHA-256 | 5fde799a26564979a52b0a9b15b4452b6e72cf2d3bad31d1c6998b8f1204412f
Secunia Security Advisory 29498
Posted Apr 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.5.0-ibm. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), to bypass certain security restrictions, or to compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 1250c7518b0152e74aefadfe5da57f0f2045e0a90cb9dd95fd0e8492879bdca6
Secunia Security Advisory 29604
Posted Apr 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for xpdf. This fixes some vulnerabilities, which can be exploited by malicious people to compromse a vulnerable system.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | 133e6285862f900ad36b92b429c9df43318a849304d76169696bd76122034819
Secunia Security Advisory 29657
Posted Apr 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in SCO UnixWare, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | unixware
SHA-256 | dc2c2d4ac8119866d93cb7ce822b4d4eb0ffb9fa3f21fa07437dd6d73cf563b2
Secunia Security Advisory 29669
Posted Apr 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Diego Juarez has reported a vulnerability in Orbit Downloader, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 497ba8d675300bf3ec377b053f5636437471a9c783c5c90334b53c6f4a55557e
Secunia Security Advisory 29670
Posted Apr 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | cisco
SHA-256 | b927a73a5cd00216ecca69b70ff6d2fef38eb2422045ff5be8ff91228bc0fe72
Secunia Security Advisory 29674
Posted Apr 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Webwasher, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 72ab03c95ebb98980ac55c050ba6409e391f9e0f5fbd838cb00cad5a87577209
iDEFENSE Security Advisory 2008-04-02.3
Posted Apr 4, 2008
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 04.02.08 - Remote exploitation of a design error in an ActiveX control installed with Symantec Norton Internet Security 2008 could allow for the execution of arbitrary code. iDefense confirmed that this vulnerability exists in version 2.7.0.1 of the control that is installed with the 2008 version of Norton Internet Security. Other versions may also be available.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2008-0313
SHA-256 | 5be4b9d21805341d776a7b716a5a5f1eb50df26bccc1ca202afa95016e8145d0
iDEFENSE Security Advisory 2008-04-02.2
Posted Apr 4, 2008
Authored by iDefense Labs, Peter Vreugdenhil | Site idefense.com

iDefense Security Advisory 04.02.08 - Remote exploitation of a buffer overflow vulnerability in an ActiveX control installed by Symantec Norton Internet Security 2008 could allow for the execution of arbitrary code. iDefense confirmed that this vulnerability exists in version 2.7.0.1 of the control that is installed with the 2008 version of Norton Internet Security. Other versions may also be available.

tags | advisory, remote, overflow, arbitrary, activex
advisories | CVE-2008-0312
SHA-256 | ca21fd621e3cf9ded91bc115596d8b243f9c036394ddb1f9f3db5e74c636c369
Page 1 of 4
Back1234Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close