what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2008-04-11

ioactive-python.txt
Posted Apr 11, 2008
Site ioactive.com

PyString_FromStringAndSize() incorrectly validates input in Python version 2.5.2. Earlier versions may also be vulnerable.

tags | advisory, python
SHA-256 | acdffd19a5b36cf9a44eb0ee3ce3dda152701c5d20c417990d3d9dd1d9b1ff11
trillian-overflow.txt
Posted Apr 11, 2008
Authored by david130490

Trillian version 3.1.9.0 suffers from a buffer overflow vulnerability while parsing xml .dtd file types. Earlier versions may already be affected.

tags | advisory, overflow
SHA-256 | fcafe4643044474b29db9e7f7c0acf7a3ba00aa2bc7e6ecf5ae67940bc247807
WiKID wClient-PHP 3.0-2 Cross Site Scripting
Posted Apr 11, 2008
Authored by Francesco Ongaro, Antonio Parata | Site ictsc.it

WiKID wClient-PHP versions 3.0-2 and below suffer from multiple cross site scripting vulnerabilities.

tags | advisory, php, vulnerability, xss
SHA-256 | 67d10cd0b31c2647b3ef2d33f5dd1920c1101c3453e62e3516e332f15ae75f08
closedviewx.zip
Posted Apr 11, 2008
Authored by Luigi Auriemma | Site aluigi.org

Exploit for HP OpenView Network Node Manager versions 7.53 and below that demonstrates null pointer, process termination, and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
SHA-256 | 062e9d945b9df97d9120162f8199ce03b02e5ca30110f3b2b605d9e90f2ba9b9
closedviewx.txt
Posted Apr 11, 2008
Authored by Luigi Auriemma | Site aluigi.org

HP OpenView Network Node Manager versions 7.53 and below suffer from directory traversal, denial of service, null pointer, and process termination vulnerabilities. Traversal details included.

tags | exploit, denial of service, vulnerability
SHA-256 | b678c64f1a63e714fbcbef0b8342dac2ddf40114c6dcf9e9ee0b39b9b5e0daef
Gentoo Linux Security Advisory 200804-12
Posted Apr 11, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200804-12 - gnome-screensaver incorrectly handles the results of the getpwuid() function in the file src/setuid.c when using directory servers (like NIS) during a network outage, a similar issue to GLSA 200705-14. Versions less than 2.20.0-r3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2008-0887
SHA-256 | 1c166bbb47281153c9a39e490981d486f4ed1c6a8735bf3de4ea53c10bcbc55a
Gentoo Linux Security Advisory 200804-11
Posted Apr 11, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200804-11 - Chris Howells reported that policyd-weight creates and uses the /tmp/.policyd-weight/ directory in an insecure manner. Versions less than 0.1.14.17 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2008-1569
SHA-256 | 766f699d0c2d9306218b4336e8c6654f935d83d203878f66b9da42a9d22ca10d
phpkb-sql.txt
Posted Apr 11, 2008
Authored by parad0x | Site inso.host.sk

PHPKB Knowledge Base version 1.5 suffers from a SQL injection vulnerability in comment.php.

tags | exploit, php, sql injection
SHA-256 | 29363879659492f90d2d8f268a7f38271aaba4f7f13f2e2a6056779be2a93c2a
borland2007-overflow.txt
Posted Apr 11, 2008
Authored by Liu Zhen Hua

Borland Interbase 2007 Service Pack 2 using ibserver.exe version 8.0.0.123 is susceptible to a buffer overflow vulnerability. Denial of service code included.

tags | exploit, denial of service, overflow
SHA-256 | f8d13cf0ecdd3ed188f41a0ed89fb1542f73bef455232beaaa6e0d99a05ce05a
Ubuntu Security Notice 600-1
Posted Apr 11, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 600-1 - Sebastian Krahmer discovered that rsync could overflow when handling ACLs. An attacker could construct a malicious set of files that when processed by rsync could lead to arbitrary code execution or a crash.

tags | advisory, overflow, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2008-1720
SHA-256 | ccedb1680eb4979f38c133f22c115db7fe4b6eaad17094bfc012870b390b068d
newsoffice-rfi.txt
Posted Apr 11, 2008
Authored by RoMaNcYxHaCkEr

NewsOffice version 1.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | daf43b89ef8b69375021ba7bf3ff43c606dc57b4d6347b2c3bfd03b5b6cb276c
iDEFENSE Security Advisory 2008-04-09.3
Posted Apr 11, 2008
Authored by iDefense Labs, Stephen Fewer | Site idefense.com

iDefense Security Advisory 04.09.08 - Remote exploitation of a format string vulnerability in EMC Corp.'s DiskXtender could allow an attacker to execute arbitrary code with the privileges of the affected service. When handling requests on the RPC interface with UUID b157b800-aef5-11d3-ae49-00600834c15f, the service does not properly validate the content of a string in requests. Since this string is passed directly to a formatting function, a format string vulnerability occurs. iDefense confirmed the existence of this vulnerability in DiskXtender version 6.20.060 for Windows. Previous versions may also be affected.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2008-0963
SHA-256 | 5b88804d6ae7468d490bc8ef3fe7c0ea5e0670d6692d6006ad9bcc470224792c
iDEFENSE Security Advisory 2008-04-09.2
Posted Apr 11, 2008
Authored by iDefense Labs, Stephen Fewer | Site idefense.com

iDefense Security Advisory 04.09.08 - Remote exploitation of a buffer overflow vulnerability in EMC Corp.'s DiskXtender could allow an attacker to execute arbitrary code with the privileges of the affected service. The File System Manager is prone to a stack-based buffer overflow vulnerability. When handling requests on the RPC interface with UUID b157b800-aef5-11d3-ae49-00600834c15f, the service does not properly validate the length of a string in the request. By making a specially crafted request, a stack based buffer overflow occurs. iDefense confirmed the existence of this vulnerability in DiskXtender version 6.20.060 for Windows. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
systems | windows
advisories | CVE-2008-0962
SHA-256 | cc3f3fbc0041112ee44d533bc22ba56a70fd751510708f2c713a709b97e17abf
iDEFENSE Security Advisory 2008-04-09.1
Posted Apr 11, 2008
Authored by iDefense Labs, Stephen Fewer | Site idefense.com

iDefense Security Advisory 04.09.08 - Remote exploitation of an authentication bypass vulnerability in EMC Corp.'s DiskXtender could allow an attacker to execute arbitrary code. Each of the main components of the DiskXtender suite is vulnerable to an authentication bypass vulnerability. Specifically, the authentication code contains a hard-coded login and password. By connecting to the RPC interface, and logging on with these credentials, it is possible to bypass the normal authentication process. iDefense confirmed the existence of this vulnerability in DiskXtender version 6.20.060 for Windows. Previous versions may also be affected.

tags | advisory, remote, arbitrary, bypass
systems | windows
advisories | CVE-2008-0961
SHA-256 | e7ab9fbbb99710e5ebe00c8010b6d349ef5bccd241e9f3a13af867571d08d281
rxmaxsoft-sql.txt
Posted Apr 11, 2008
Authored by S@BUN | Site hackturkiye.com

RX Maxsoft suffers from a remote SQL injection vulnerability in popup_img.php.

tags | exploit, remote, php, sql injection
SHA-256 | aa951ec6c70fbe826dea83bbf12dbedd3ae257524c1bb1d66c9a9e89fc348c88
lightneasy-hash.txt
Posted Apr 11, 2008
Authored by __GiReX__ | Site girex.altervista.org

LightNEasy version 1.2 remote administrative hash retrieval exploit.

tags | exploit, remote
SHA-256 | c627d5d53c261bee0b83393471c59ae5cf170b1364a582da53455c3fd7b817c1
Debian Linux Security Advisory 1546-1
Posted Apr 11, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1546-1 - Thilo Pfennig and Morten Welinder discovered several integer overflow weaknesses in Gnumeric, a GNOME spreadsheet application. These vulnerabilities could result in the execution of arbitrary code through the opening of a maliciously crafted Excel spreadsheet.

tags | advisory, overflow, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2008-0668
SHA-256 | 137ce427cb51f3a2a9023931ca0ec415e7edf60ee595db65106dd886d1da1c6a
w2b-sql.txt
Posted Apr 11, 2008
Authored by The-0utl4w | Site aria-security.net

The w2b Dating Club script is susceptible to SQL injection attacks. Various other scripts by the same vendor may also be vulnerable.

tags | exploit, sql injection
SHA-256 | eae71d8e4052206b043a4fca8eeec62b90307b330b3bfcd1ef3c7953baeaab46
blindsql.tgz
Posted Apr 11, 2008
Authored by Pepelux | Site enye-sec.org

Blind SQL injection tool for MySQL servers using a true-false method. You can obtain MySQL information and extract data from tables without the use of quotes.

tags | tool, scanner, sql injection
systems | unix
SHA-256 | 6b79a23433909018cede551c9ed5088439fea762c64d36abaf2a90dab8f7a976
Secunia Security Advisory 29762
Posted Apr 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Drupal, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory, vulnerability
SHA-256 | a9a8e8be28c7d1dac14f880eb35d28b2dda9bb65a29579e49c2adabcbfeaf655
Secunia Security Advisory 29766
Posted Apr 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for vlc. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | 41a9e13587ca0d45a375da4b8136ab19240c690cc553689da6689f8503496024
Secunia Security Advisory 29768
Posted Apr 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for ghostscript. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, ubuntu
SHA-256 | 1b0e33954044393c50bf69a42d8c93b9ffbbaa36ab0340945928a5dc27621cfe
Secunia Security Advisory 29775
Posted Apr 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in TIBCO products, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or to compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 21854be4bde75ce7c6b38a5edd7ea9a8e8d48a6e7f1ce0bd355818a6c512fbff
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close