the original cloud security
Showing 1 - 25 of 35 RSS Feed

Files Date: 2008-05-09

wpgallery-sql.txt
Posted May 9, 2008
Authored by THE_MILLER

The WordPress Photo Gallery module suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6ad18afafb09a0396e624aa6cdc26680
Gentoo Linux Security Advisory 200805-8
Posted May 9, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200805-08 - The namesx and uhnames modules do not properly validate network input, leading to a buffer overflow. Versions less than 1.1.19 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2008-1925
MD5 | cdb2393100a4faec5400559fd35ff0f8
Gentoo Linux Security Advisory 200805-7
Posted May 9, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200805-07 - LTSP version 4.2, ships prebuilt copies of programs such as the Linux Kernel, the X.org X11 server (GLSA 200705-06, GLSA 200710-16, GLSA 200801-09), libpng (GLSA 200705-24, GLSA 200711-08), Freetype (GLSA 200705-02, GLSA 200705-22) and OpenSSL (GLSA 200710-06, GLSA 200710-30) which were subject to multiple security vulnerabilities since 2006. Please note that the given list of vulnerabilities might not be exhaustive. Versions less than 5.0 are affected.

tags | advisory, kernel, vulnerability
systems | linux, gentoo
MD5 | b99107d7cc4efe620d3b52050bad0f8f
Gentoo Linux Security Advisory 200805-6
Posted May 9, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200805-06 - Viesturs reported that the default configuration for Gentoo's init script (/etc/conf.d/firebird) sets the ISC_PASSWORD environment variable when starting Firebird. It will be used when no password is supplied by a client connecting as the SYSDBA user. Versions less than 2.0.3.12981.0-r6 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2008-1880
MD5 | 85f645f65baa0b3fe9c141d775831681
oracleasp-bypass.txt
Posted May 9, 2008
Authored by Deniz Cevik | Site intellectpro.com.tr

The Oracle Application Server Portal 10G suffers from an authentication bypass vulnerability. Details are provided.

tags | exploit, bypass
MD5 | 949ba1c17d5c6ccbaf300ec9175e3dd4
browserrecon-1.0-php.tar.gz
Posted May 9, 2008
Authored by Marc Ruef | Site computec.ch

browserrecon is a framework that performs client-side HTTP fingerprinting. Be sure to hit their site to download the latest fingerprints database.

tags | web
MD5 | 8dc3b53449d21666803e0b051280d3af
cyberfolio-rfi.txt
Posted May 9, 2008
Authored by RoMaNcYxHaCkEr

Cyberfolio version 7.2 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | b1f29ba626cf616a3523dd8a19714c8f
sazcart151-rfi.txt
Posted May 9, 2008
Authored by RoMaNcYxHaCkEr

SazCart version 1.5.1 suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | f6972dda22f21e2d1b7c152ccfebae41
Mandriva Linux Security Advisory 2008-099
Posted May 9, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A heap-based buffer overflow vulnerability was found in how ImageMagick parsed XCF files. If ImageMagick opened a specially-crafted XCF file, it could be made to overwrite heap memory beyond the bounds of its allocated memory, potentially allowing an attacker to execute arbitrary code on the system running ImageMagick. Another heap-based buffer overflow vulnerability was found in how ImageMagick processed certain malformed PCX images. If ImageMagick opened a specially-crafted PCX image file, an attacker could possibly execute arbitrary code on the system running ImageMagick.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2008-1096, CVE-2008-1097
MD5 | 80671fb91b231ddf51ff6f60aef286c4
cpanel-xssxsrf.txt
Posted May 9, 2008
Authored by Matteo Carli | Site matteocarli.com

cPanel versions below 11.18.4 and 11.22.3 suffer from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2008-2070, CVE-2008-2071
MD5 | 93fe9c2917908f3542033fd1c3bee6b3
apache-utf7xss.txt
Posted May 9, 2008
Authored by Yaniv Miron, Yossi Yakubov

Apache versions 2.2.x and 1.3.x suffer from a cross site scripting vulnerability leveraging UTF-7 encoding on 403 forbidden pages.

tags | exploit, xss
MD5 | 776e48651cff4b6c45bf15019e486f5c
minibloggie-delete.txt
Posted May 9, 2008
Authored by Cod3rZ | Site cod3rz.helloweb.eu

miniBloggie version 1.0 suffers from an arbitrary post deletion vulnerability in del.php.

tags | exploit, arbitrary, php
MD5 | 48a0ab7a653384c0a40f7474400937f7
vshare-sql.txt
Posted May 9, 2008
Authored by Saime

vShare Youtube Clone version 2.6 suffers from a remote SQL injection vulnerability in group_posts.php.

tags | exploit, remote, php, sql injection
MD5 | f6ed0f3a4f6d2bf9adf61c3530025f07
shadertv-sql.txt
Posted May 9, 2008
Authored by U238 | Site noexec.blogspot.com

Shader TV Beta suffers from multiple SQL injection vulnerabilities allowing for login bypass and more.

tags | exploit, vulnerability, sql injection
MD5 | 9f14c2db07c26bca40e8b991829c03ee
runcms161-sql.txt
Posted May 9, 2008
Authored by The:Paradox | Site inj3ct-it.org

RunCMS versions 1.6.1 and below remote SQL injection exploit.

tags | exploit, remote, sql injection
MD5 | 507caf1b34d7af378169f6ce71ed6a6d
Ubuntu Security Notice 611-3
Posted May 9, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 611-3 - USN-611-1 fixed a vulnerability in Speex. This update provides the corresponding update for GStreamer Good Plugins. It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-1686
MD5 | 26dd30b7333f05b291b099650b8a9e89
Ubuntu Security Notice 611-2
Posted May 9, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 611-2 - USN-611-1 fixed a vulnerability in Speex. This update provides the corresponding update for ogg123, part of vorbis-tools. It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-1686
MD5 | a2c8b46ce1f3301d099c7eb67973f3b0
Ubuntu Security Notice 611-1
Posted May 9, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 611-1 - It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-1686
MD5 | 218704e90625568f9bf94f8cb18d0063
musicbox-sql.txt
Posted May 9, 2008
Authored by HaCkeR_EgY | Site PaL-HaCker.com

Musicbox versions 2.3.7 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2003e3ac8207707f1593dfbc5f401e9f
cmsfaethon-rfixss.txt
Posted May 9, 2008
Authored by RoMaNcYxHaCkEr

CMS Faethon version 2.2 Ultimate suffers from remote file inclusion and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, file inclusion
MD5 | e73c1fd433238869a0a88fd59698841b
rdesktop-underflow.txt
Posted May 9, 2008
Authored by Guido Landi

rdesktop version 1.5.0 integer underflow proof of concept exploit that takes advantage of iso_recv_msg().

tags | exploit, proof of concept
advisories | CVE-2008-1801
MD5 | bfe5e7576091da077e34f5dc84361bd2
tftpwin-bssoverflow.txt
Posted May 9, 2008
Authored by tix

TFTP Server for Windows version 1.4 ST remote .bss overflow exploit that binds a shell to port 4444.

tags | exploit, remote, overflow, shell
systems | windows
MD5 | 16317866e53ea413c0a1945cd00e6346
zyxel-xss.txt
Posted May 9, 2008
Authored by Deniz Cevik | Site intellectpro.com.tr

The Zyxel ZYWall 100 suffers from a cross site scripting vulnerability via the Referer: header.

tags | exploit, xss
MD5 | c5be130c55cae1959617d7e1a373046b
sonicwall-xss.txt
Posted May 9, 2008
Authored by Deniz Cevik | Site intellectpro.com.tr

SonicWall E-mail Security version 6.1.1 suffers from a cross site scripting vulnerability via the Host: header.

tags | exploit, xss
MD5 | 8159b57282138fb40f7ab2525f6f2057
novell-stackoverflow.txt
Posted May 9, 2008
Authored by laurent gaffie

Novell Client versions 4.91 SP4 and below suffer from a local stack overflow vulnerability.

tags | advisory, overflow, local
MD5 | dcfbc10b009f3e54667c1a67566d1691
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close