seeing is believing
Showing 1 - 25 of 39 RSS Feed

Files Date: 2008-05-13

Secunia Security Advisory 30143
Posted May 13, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | b1311808e2a5a87ca34dece2f5fe12d3
Secunia Security Advisory 30183
Posted May 13, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - BiNgZa has discovered some vulnerabilities in BIGACE Web CMS, which can be exploited by malicious people to disclose sensitive information and to compromise a vulnerable system.

tags | advisory, web, vulnerability
MD5 | 21325c5bffef38b0ab1b1242da1eaab6
Secunia Security Advisory 30200
Posted May 13, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in RakNet, which can potentially be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 1e869238e3198f762722014331d15d8a
Secunia Security Advisory 30205
Posted May 13, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Vieira-Kurz has reported a vulnerability in ActualAnalyzer, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 1ac6820fea0c1151d1f2839db7e00a0c
Gentoo Linux Security Advisory 200805-14
Posted May 13, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200805-14 - Alfredo Ortega (Core Security Technologies) reported a boundary error within the Read32s_64() function when processing CDF files. Versions less than 3.2.1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2008-2080
MD5 | fb60597d6c2b729facceb809547eadbd
ciscobbsm-xss.txt
Posted May 13, 2008
Authored by Brad Antoniewicz

Cisco BBSM Captive Portal suffers from a cross site scripting vulnerability.

tags | exploit, xss
systems | cisco
advisories | CVE-2008-2165
MD5 | 2ca2083dc04f5038f679e2cf05a831d8
metoforum-sql.txt
Posted May 13, 2008
Authored by U238 | Site noexec.blogspot.com

Meto Forum version 1.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 02d328a7a5f0480e1032bb421629f838
calogic-sql.txt
Posted May 13, 2008
Authored by His0k4

CaLogic Calendars version 1.2.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5fdfcd69e2d4b0ce12411c5ea8574b5a
wgcc-sql.txt
Posted May 13, 2008
Authored by myvx

Web Group Communication Center versions 1.0.3 PreRelease #1 and below suffer from cross site scripting and SQL injection vulnerabilities.

tags | exploit, web, vulnerability, xss, sql injection
MD5 | 0cb95f9f4ef457ba2b4bacab721211ed
Technical Cyber Security Alert 2008-134A
Posted May 13, 2008
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA08-134A - Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Office, Jet Database Engine, Windows Live OneCare, Antigen, Windows Defender, and Forefront Security as part of the Microsoft Security Bulletin Summary for May 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code. For more information, see the US-CERT Vulnerability Notes Database.

tags | advisory, remote, arbitrary, vulnerability
systems | windows
MD5 | 1b674f3df657c92d13731b2e7392126e
iDEFENSE Security Advisory 2008-05-13.1
Posted May 13, 2008
Authored by iDefense Labs, Jun Mao | Site idefense.com

iDefense Security Advisory 05.13.08 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Word could allow attackers to execute arbitrary code with the privileges of the logged in user. This vulnerability exists in the way Word handles CSS rules in an HTML document. When the number of CSS selectors is above some specific amount, an unspecified object will be corrupted causing Word to access a memory region that has already been freed. iDefense has confirmed fully patched Microsoft Word 2003 SP2, Microsoft Word XP SP3, Microsoft Word 2000 SP3 are vulnerable. Microsoft Word 2003 SP3 and Microsoft Word 2007 do not appear to be affected. Microsoft reports that all supported versions of Word, Word Viewer, and Outlook 2007 are vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2008-1434
MD5 | fd7486dbe9fda5cc2883cbfa6ad3cc65
Zero Day Initiative Advisory 08-023
Posted May 13, 2008
Authored by Tipping Point, wushi | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page, open a malicious email, or open a malicious file. The specific flaw exists when parsing malformed RTF documents. When processing a combination of RTF tags a heap overflow occurs. Successful exploitation can lead to remote compromise of a system under the credentials of the currently logged in user.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2008-1091
MD5 | 3a4c70d8165cb815e52e832667c68280
Ubuntu Security Notice 612-3
Posted May 13, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 612-3 - A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of shared encryption keys and SSL/TLS certificates in OpenVPN. This vulnerability only affects operating systems which (like Ubuntu) are based on Debian. However, other systems can be indirectly affected if weak keys are imported into them.

tags | advisory
systems | linux, debian, ubuntu
advisories | CVE-2008-0166
MD5 | fbc9eb044bb2cb99c735320b168eeffe
TPTI-08-04.txt
Posted May 13, 2008
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the target opens an Office file that contains malicious Jet DB Engine objects. The specific flaw exists within the parsing of a column structure. The DWORD value from the structure that specifies the column count is trusted. If this value is changed, an inline memcpy to the stack can overflow while reading a column name. Typically Jet DB structures are used within MDB files which are considered unsafe. However, it is possible to embed such files within a trusted format, such as an Office Document (.doc). This issue allows for remote code execution under the context of the currently logged in user.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2007-6026
MD5 | b0741f928fbcdfe0d4a4a46f4d209d1b
Secunia Security Advisory 30150
Posted May 13, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Publisher, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 5bf958eb7e53a52b0c81fcb50049fc3f
Secunia Security Advisory 30172
Posted May 13, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in various Microsoft products, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | 26e2aad9399de5a9686f792d7e1ffd20
Secunia Security Advisory 30220
Posted May 13, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for OpenSSL. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system, and a security issue, which can lead to weak cryptographic key material.

tags | advisory, denial of service, vulnerability
systems | linux, debian
MD5 | d12ee4238859f20e114301c00d2d8b16
e107zogo-sql.txt
Posted May 13, 2008
Authored by Cr@zy_King

The e107 zogo-shop plugin version 1.16 Beta 13 suffers from a SQL injection vulnerability.

tags | exploit, sql injection
MD5 | 322ae457f7fde32d03fcfd45c84f7249
aih-sql.txt
Posted May 13, 2008
Authored by Stack-Terrorist | Site v4-team.com

Advanced Image Hosting version 2.1 remote SQL injection exploit.

tags | exploit, remote, sql injection
MD5 | 2fe3fbda650d07c9ad79a11a1e801859
e107blog-blindsql.txt
Posted May 13, 2008
Authored by Saime

The e107 BLOG engine plugin version 2.2 suffers from a blind SQL injection vulnerability.

tags | exploit, sql injection
MD5 | b05712a59df33220ff5ee6e3f89dc461
ajhyip-sql.txt
Posted May 13, 2008
Authored by Cyb3r-1sT

AJ HYIP ACME suffers from a remote SQL injection vulnerability in topic_detail.php.

tags | exploit, remote, php, sql injection
MD5 | 458ef9a0a2a7bbf650eacfbbef348da7
eqdkp-bypass.txt
Posted May 13, 2008
Authored by vortfu

EQDKP version 1.3.2f authentication bypass proof of concept exploit.

tags | exploit, proof of concept, bypass
MD5 | fe7b232aa60e6af31f20bdfe14a8ecdf
Ubuntu Security Notice 612-2
Posted May 13, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 612-2 - A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of encryption keys in OpenSSH. This vulnerability only affects operating systems which (like Ubuntu) are based on Debian. However, other systems can be indirectly affected if weak keys are imported into them. We consider this an extremely serious vulnerability, and urge all users to act immediately to secure their systems.

tags | advisory
systems | linux, debian, ubuntu
advisories | CVE-2008-0166
MD5 | 08b7a276f7d12fdf3ce857fbdc45404e
Debian Linux Security Advisory 1571-1
Posted May 13, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1571-1 - Luciano Bello discovered that the random number generator in Debian's openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package. As a result, cryptographic key material may be guessable. This is a Debian-specific vulnerability which does not affect other operating systems which are not based on Debian. However, other systems can be indirectly affected if weak keys are imported into them. It is strongly recommended that all cryptographic key material which has been generated by OpenSSL versions starting with 0.9.8c-1 on Debian systems is recreated from scratch. Furthermore, all DSA keys ever used on affected Debian systems for signing or authentication purposes should be considered compromised; the Digital Signature Algorithm relies on a secret random value used during signature generation.

tags | advisory
systems | linux, debian
advisories | CVE-2008-0166
MD5 | 3519042f913d5ce265ca79a43a1d7f92
articlelive-xss.txt
Posted May 13, 2008
Authored by SkyOut | Site wired-security.net

Interspire ArticleLive NX is vulnerable to a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9fa199b5cd48bc7fdf7cc96985762f98
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close