what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files Date: 2008-05-09

wpgallery-sql.txt
Posted May 9, 2008
Authored by THE_MILLER

The WordPress Photo Gallery module suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 719359aa85b21086d1095eded92268c25a77428acde35791f74e34179c01fad3
Gentoo Linux Security Advisory 200805-8
Posted May 9, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200805-08 - The namesx and uhnames modules do not properly validate network input, leading to a buffer overflow. Versions less than 1.1.19 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2008-1925
SHA-256 | 5e507ee83dd4d3b8389548ad707c7aac948470813ce176533bdce320200609a2
Gentoo Linux Security Advisory 200805-7
Posted May 9, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200805-07 - LTSP version 4.2, ships prebuilt copies of programs such as the Linux Kernel, the X.org X11 server (GLSA 200705-06, GLSA 200710-16, GLSA 200801-09), libpng (GLSA 200705-24, GLSA 200711-08), Freetype (GLSA 200705-02, GLSA 200705-22) and OpenSSL (GLSA 200710-06, GLSA 200710-30) which were subject to multiple security vulnerabilities since 2006. Please note that the given list of vulnerabilities might not be exhaustive. Versions less than 5.0 are affected.

tags | advisory, kernel, vulnerability
systems | linux, gentoo
SHA-256 | 74f7cf9f0ddd4ec6a0c5a4f28fc08f79c1d73098e569fc0abbf4cb2a3be65592
Gentoo Linux Security Advisory 200805-6
Posted May 9, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200805-06 - Viesturs reported that the default configuration for Gentoo's init script (/etc/conf.d/firebird) sets the ISC_PASSWORD environment variable when starting Firebird. It will be used when no password is supplied by a client connecting as the SYSDBA user. Versions less than 2.0.3.12981.0-r6 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2008-1880
SHA-256 | 8bf45df376202d6711eed20603390cb4b0b0c422e4421f246c238374d723008f
oracleasp-bypass.txt
Posted May 9, 2008
Authored by Deniz Cevik | Site intellectpro.com.tr

The Oracle Application Server Portal 10G suffers from an authentication bypass vulnerability. Details are provided.

tags | exploit, bypass
SHA-256 | 0c2ed4b2c1e511b8299cfe9fcacff6058ce880614d068dd399bb8d9b4104f115
browserrecon-1.0-php.tar.gz
Posted May 9, 2008
Authored by Marc Ruef | Site computec.ch

browserrecon is a framework that performs client-side HTTP fingerprinting. Be sure to hit their site to download the latest fingerprints database.

tags | web
SHA-256 | d37d7efea8951475554a42f5248c7e1de2b4115e3f323ebdd096383e01fbbb38
cyberfolio-rfi.txt
Posted May 9, 2008
Authored by RoMaNcYxHaCkEr

Cyberfolio version 7.2 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 4a36f9dc637fd62dcb97b4f1cca94f8279aa7891d6b8960e9a74c5fd0c54d2ae
sazcart151-rfi.txt
Posted May 9, 2008
Authored by RoMaNcYxHaCkEr

SazCart version 1.5.1 suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | 39b655fac0fbfd552e663af393414770e97f1c391baf3fcaece23917a1ecf3ed
Mandriva Linux Security Advisory 2008-099
Posted May 9, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A heap-based buffer overflow vulnerability was found in how ImageMagick parsed XCF files. If ImageMagick opened a specially-crafted XCF file, it could be made to overwrite heap memory beyond the bounds of its allocated memory, potentially allowing an attacker to execute arbitrary code on the system running ImageMagick. Another heap-based buffer overflow vulnerability was found in how ImageMagick processed certain malformed PCX images. If ImageMagick opened a specially-crafted PCX image file, an attacker could possibly execute arbitrary code on the system running ImageMagick.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2008-1096, CVE-2008-1097
SHA-256 | 4714c0d9f8e5dfaf1b5ce24fdf58eea6f2209d9897c0195f9f9bf6a91cdf86e7
cpanel-xssxsrf.txt
Posted May 9, 2008
Authored by Matteo Carli | Site matteocarli.com

cPanel versions below 11.18.4 and 11.22.3 suffer from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2008-2070, CVE-2008-2071
SHA-256 | 1dd189e68d90bffd276d1e91cd22ddf00a141d88a385a1ee2bb8568ce473d976
apache-utf7xss.txt
Posted May 9, 2008
Authored by Yaniv Miron, Yossi Yakubov

Apache versions 2.2.x and 1.3.x suffer from a cross site scripting vulnerability leveraging UTF-7 encoding on 403 forbidden pages.

tags | exploit, xss
SHA-256 | 8fffd3a81ffabcbd3507f0163054297820bd7db26ac5b1589bffae4cacbe171d
minibloggie-delete.txt
Posted May 9, 2008
Authored by Cod3rZ | Site cod3rz.helloweb.eu

miniBloggie version 1.0 suffers from an arbitrary post deletion vulnerability in del.php.

tags | exploit, arbitrary, php
SHA-256 | 8fe10757424a3d3524f530f11dca4370dff80fab079992bb16d49a3802d63e95
vshare-sql.txt
Posted May 9, 2008
Authored by Saime

vShare Youtube Clone version 2.6 suffers from a remote SQL injection vulnerability in group_posts.php.

tags | exploit, remote, php, sql injection
SHA-256 | cb3b0812c571c358a2d81dabcd88591f70e8fc32f927cc2fe30d43b4f079f9a1
shadertv-sql.txt
Posted May 9, 2008
Authored by U238 | Site noexec.blogspot.com

Shader TV Beta suffers from multiple SQL injection vulnerabilities allowing for login bypass and more.

tags | exploit, vulnerability, sql injection
SHA-256 | c43b2c1b733de28e96f42f0c4b99fa9a6a818f1beb6381495fe83a7b603b102f
runcms161-sql.txt
Posted May 9, 2008
Authored by The:Paradox | Site inj3ct-it.org

RunCMS versions 1.6.1 and below remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 24bea4343f175f034cfb33962271d7f6f0a4a13ca3bae96cf92d51f9e2099d51
Ubuntu Security Notice 611-3
Posted May 9, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 611-3 - USN-611-1 fixed a vulnerability in Speex. This update provides the corresponding update for GStreamer Good Plugins. It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-1686
SHA-256 | 4cbec392d9a6486af7b1b38947ab436be9dbfde7a3c25c85d952ad43583db738
Ubuntu Security Notice 611-2
Posted May 9, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 611-2 - USN-611-1 fixed a vulnerability in Speex. This update provides the corresponding update for ogg123, part of vorbis-tools. It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-1686
SHA-256 | cb9affb10e35e3e0cbe5ad83fb78323765de48ee9f6fa04423c630dfb3db55a8
Ubuntu Security Notice 611-1
Posted May 9, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 611-1 - It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-1686
SHA-256 | 632eb63a27faa7f638c2e4c17fd874db900b4d4b30dfa91ddd206d98a106c675
musicbox-sql.txt
Posted May 9, 2008
Authored by HaCkeR_EgY | Site PaL-HaCker.com

Musicbox versions 2.3.7 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bbac1ad70b18bca772744d4d9ec5c68067ed78e3871e7f78077ed602bd646f08
cmsfaethon-rfixss.txt
Posted May 9, 2008
Authored by RoMaNcYxHaCkEr

CMS Faethon version 2.2 Ultimate suffers from remote file inclusion and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, file inclusion
SHA-256 | 8fb4c0f344fc81a0f694bacc305e9c4a4de5c1ce989a73d6138ab30f5df22e4a
rdesktop-underflow.txt
Posted May 9, 2008
Authored by Guido Landi

rdesktop version 1.5.0 integer underflow proof of concept exploit that takes advantage of iso_recv_msg().

tags | exploit, proof of concept
advisories | CVE-2008-1801
SHA-256 | 76fb7c0182f22162b10ef53dc34f0663fab8c3ad651d898e08ac4c9bfc0f266a
tftpwin-bssoverflow.txt
Posted May 9, 2008
Authored by tix

TFTP Server for Windows version 1.4 ST remote .bss overflow exploit that binds a shell to port 4444.

tags | exploit, remote, overflow, shell
systems | windows
SHA-256 | bf929207dc1e5ff6dd571d1a7e1dfdf799f9d9335376aeabc741e66fa685c92d
zyxel-xss.txt
Posted May 9, 2008
Authored by Deniz Cevik | Site intellectpro.com.tr

The Zyxel ZYWall 100 suffers from a cross site scripting vulnerability via the Referer: header.

tags | exploit, xss
SHA-256 | cc7041be52252b1ce26e0f38eb43a0dd6aeeb46b920bb6dfa9085716ca030fd5
sonicwall-xss.txt
Posted May 9, 2008
Authored by Deniz Cevik | Site intellectpro.com.tr

SonicWall E-mail Security version 6.1.1 suffers from a cross site scripting vulnerability via the Host: header.

tags | exploit, xss
SHA-256 | f7fcac283c39a39b7ba7514782f15b4fc283957bfc523140dbe2cbdef590cfd5
novell-stackoverflow.txt
Posted May 9, 2008
Authored by laurent gaffie

Novell Client versions 4.91 SP4 and below suffer from a local stack overflow vulnerability.

tags | advisory, overflow, local
SHA-256 | 0b94490a39176cad3cbe223bd377faf018f0fa52d93312a7bb2ef9b00caa4e9f
Page 1 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close