accept no compromises
Showing 1 - 25 of 76 RSS Feed

Files Date: 2008-04-04

d3vscan-alpha8.bz2
Posted Apr 4, 2008
Authored by devtar | Site d3vscan.sourceforge.net

d3vscan is a network manager that is able to uniquely identify and graphically plot network and bluetooth devices to provide a higher degree of understanding of a particular network. It is also simple enough to be used by an average end user.

Changes: Windows installer added. Vulnerability scanner plugin released. Several bug fixes.
tags | tool, wireless
MD5 | 0a9312d18748a2db3f19b727cab30ddd
iDEFENSE Security Advisory 2008-04-03.2
Posted Apr 4, 2008
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 04.03.08 - Remote exploitation of multiple buffer overflow vulnerabilities in Computer Associates International Inc.'s Alert Notification Service may allow an authenticated attacker to execute arbitrary code with SYSTEM privileges. iDefense confirmed the existence of these vulnerabilities with Computer Associates' Threat Manager for the Enterprise version 8.1. Other products that contain the Alert Notification Service are suspected to be vulnerable as well.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2007-4620
MD5 | cc1671ff27d2d45ed90d7e7995b9b75a
iDEFENSE Security Advisory 2008-04-03.1
Posted Apr 4, 2008
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 04.03.08 - Local exploitation of a directory traversal vulnerability within the pkgadd program distributed with SCO Group Inc's UnixWare operating system allows attackers to gain root privileges. iDefense confirmed the existence of this vulnerability within version 7.1.4 of UnixWare with all patches available as of August 27th, 2007 installed. Previous versions are suspected to be vulnerable.

tags | advisory, local, root
systems | unixware
advisories | CVE-2008-0310
MD5 | 54a6b6775305fc5d7841e82a9879ee16
Zero Day Initiative Advisory 08-019
Posted Apr 4, 2008
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the parsing of the QuickTime VR 'obji' atom. When the size of the atom is set to 0, a stack overflow condition occurs resulting in the execution of arbitrary code. Version 7.4.1 is affected.

tags | advisory, remote, overflow, arbitrary
systems | apple
advisories | CVE-2008-1022
MD5 | 415cd4d63c1fe26974238ae00be12600
Zero Day Initiative Advisory 08-018
Posted Apr 4, 2008
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of QuickTime files that utilize the Animation codec. A lack of proper length checks can result in a heap based buffer overflow leading to arbitrary code execution under the context of the currently logged in user. Version 7.4.1 is affected.

tags | advisory, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2008-1021
MD5 | fe8354f74872ddc5dccc2455a6d692b7
Zero Day Initiative Advisory 08-017
Posted Apr 4, 2008
Authored by Tipping Point, Ruben Santamarta | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the quicktime.qts library responsible for parsing Kodak encoded images. A lack of proper error checking can result in a heap based buffer overflow leading to arbitrary code execution under the context of the currently logged in user. Version 7.4.1 is affected.

tags | advisory, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2008-1020
MD5 | 71f08357b01b38db42fb821eaa3dce66
Zero Day Initiative Advisory 08-016
Posted Apr 4, 2008
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the parsing of the QuickTime Channel Compositor atom. When the movie file contains a malformed 'chan' atom, a heap corruption occurs resulting in the execution of arbitrary code. Version 7.4.1 is affected.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2008-1018
MD5 | ce95497bee97f6b5779de8557aa8055e
Zero Day Initiative Advisory 08-015
Posted Apr 4, 2008
Authored by Tipping Point, Sanbin Li | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the quicktime.qts library. The vulnerability resides in the component's parsing of 'crgn' atoms. A lack of proper sanity checks on the region size field can result in a heap based buffer overflow leading to arbitrary code execution under the context of the currently logged in user. Version 7.4.1 is affected.

tags | advisory, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2008-1017
MD5 | 9c6642a80f757742c14a9e01a910ccbf
Zero Day Initiative Advisory 08-014
Posted Apr 4, 2008
Authored by Tipping Point, bugfree | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the quickTime.qts while parsing corrupted .pict files. The module contains a vulnerable memory copy loop which searches for a terminator value. When this value is changed or omitted, a heap corruption occurs allowing the execution of arbitrary code. Version 7.4.1 is affected.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2008-1019
MD5 | a58d7e9471769f1cf1501b1e61d2c73c
challenge200804042008.txt
Posted Apr 4, 2008
Site digitalarmaments.com

Digital Armaments officially announce the launch of March-April hacking challenge. The challenge starts on March 1. For the March-April Challenge, Digital Armaments will give a prize of 5,000$ for each submission that results in a Exploitable Vulnerability or Working Exploit for Windows or Windows Diffuse Application. This should include example and documentation.

tags | paper
systems | windows
MD5 | 6f6d91faff044ec96ddab0571d3a07af
OpenNHRP NBMA Next Hop Resolution 0.6.2
Posted Apr 4, 2008
Authored by Timo Teras | Site sourceforge.net

OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.

Changes: Multiple bug fixes, some code cleanups, and improvements.
tags | encryption, protocol
systems | cisco, linux
MD5 | 190b49b866dc17288b8fff656b189b56
strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Apr 4, 2008
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: libstrongswan has been modularized to attach crypto algorithms, credential implementations (keys, certificates) and fetchers dynamically through plugins. Various other additions and improvements.
tags | kernel, encryption
systems | linux
MD5 | 279ba39241d08ddff99abdc33860469a
prelude-manager-0.9.12.tar.gz
Posted Apr 4, 2008
Site prelude.sourceforge.net

Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.

Changes: New connection-timeout option, various fixes.
tags | tool, remote, local, intrusion detection
systems | unix
MD5 | 60be3113caa01d3389433aa5b43880b6
msbasic-overflow.txt
Posted Apr 4, 2008
Authored by shinnai | Site shinnai.altervista.org

Microsoft Visual Basic Enterprise Edition version 6 SP 6 DSR file local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | 3ae309460dfc67d52113ee17b2d4a319
scomerge-local.txt
Posted Apr 4, 2008
Authored by qaaz

SCO UnixWare Merge mcd local root exploit.

tags | exploit, local, root
systems | unixware
MD5 | 76ff018af698a2f30708fc6ae779fe7b
scoreliant-local.txt
Posted Apr 4, 2008
Authored by qaaz

SCO UnixWare Reliant HA local root exploit.

tags | exploit, local, root
systems | unixware
MD5 | 8a32ca90830ea8250cc65bec8d17aa50
scopkgadd-local.txt
Posted Apr 4, 2008
Authored by qaaz

SCO UnixWare versions below 7.1.4 p534589 pkgadd local root exploit.

tags | exploit, local, root
systems | unixware
MD5 | cb9d3c1345fb5708a02266e84ca29e31
Secunia Security Advisory 29498
Posted Apr 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.5.0-ibm. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), to bypass certain security restrictions, or to compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
MD5 | 05d050f13738fef13b00d630f7b7841a
Secunia Security Advisory 29604
Posted Apr 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for xpdf. This fixes some vulnerabilities, which can be exploited by malicious people to compromse a vulnerable system.

tags | advisory, vulnerability
systems | linux, debian
MD5 | 37502967b0486304b7fb04ee6fff41e7
Secunia Security Advisory 29657
Posted Apr 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in SCO UnixWare, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | unixware
MD5 | 707110437162ca8b4ab6a704a62db2cc
Secunia Security Advisory 29669
Posted Apr 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Diego Juarez has reported a vulnerability in Orbit Downloader, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 8a0cb27aba6df6bf3e1464ed4888e5fa
Secunia Security Advisory 29670
Posted Apr 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | cisco
MD5 | 0d850cc8def2a46d6afde8d374e04eda
Secunia Security Advisory 29674
Posted Apr 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Webwasher, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | dd83b9661681c396e190a3440154c6e0
iDEFENSE Security Advisory 2008-04-02.3
Posted Apr 4, 2008
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 04.02.08 - Remote exploitation of a design error in an ActiveX control installed with Symantec Norton Internet Security 2008 could allow for the execution of arbitrary code. iDefense confirmed that this vulnerability exists in version 2.7.0.1 of the control that is installed with the 2008 version of Norton Internet Security. Other versions may also be available.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2008-0313
MD5 | c63a4b10122d61c0886a3797d862f1e5
iDEFENSE Security Advisory 2008-04-02.2
Posted Apr 4, 2008
Authored by iDefense Labs, Peter Vreugdenhil | Site idefense.com

iDefense Security Advisory 04.02.08 - Remote exploitation of a buffer overflow vulnerability in an ActiveX control installed by Symantec Norton Internet Security 2008 could allow for the execution of arbitrary code. iDefense confirmed that this vulnerability exists in version 2.7.0.1 of the control that is installed with the 2008 version of Norton Internet Security. Other versions may also be available.

tags | advisory, remote, overflow, arbitrary, activex
advisories | CVE-2008-0312
MD5 | a0998a74f1cfaf08d9aee600fca2915b
Page 1 of 4
Back1234Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close