what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 49 RSS Feed

Files Date: 2008-08-04

Core Security Technologies Advisory 2008.0716
Posted Aug 4, 2008
Authored by Core Security Technologies, Anibal Sacco | Site coresecurity.com

Core Security Technologies Advisory - The Sun xVM VirtualBox suffers from a privilege escalation vulnerability due to insufficient input validation in VboxDrv.sys. Proof of concept code included.

tags | exploit, proof of concept
advisories | CVE-2008-3431
SHA-256 | 5b2b609eef7799da6366c7eee24f5704c537ed42e64f375f1f17a0cad4017929
webmail-passwordleak.txt
Posted Aug 4, 2008
Authored by Xc0re Security Research Group | Site xc0re.net

It appears that both Horde and Roundcube leak username and password credentials by sending them base64 encoded with every POST.

tags | exploit
SHA-256 | 97b08619867c34b35aec04024d165af4b305d0dd191b1b372d1902b28ac961e4
Secunia Security Advisory 31323
Posted Aug 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in HTTrack, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 163fcaac00b709953212382595b60b9cd0b544a09447df0e8b70a68624834af1
Secunia Security Advisory 31346
Posted Aug 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Corwin has reported a vulnerability in Online Dating, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | c6521c2c698a4058c04d5b41600878c0b2d0f826fde2e9f884b8a4d47efb4d32
Secunia Security Advisory 31350
Posted Aug 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in OpenTTD, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.

tags | advisory, denial of service
SHA-256 | 619596e9998b0ee7abb8e642b3166d01bfcc2bf50735a8c73a3a1c0629ffb7f7
Secunia Security Advisory 31353
Posted Aug 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in America's Army Special Forces, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | d85fa30663ca215acd6db177557450b6fffb9733c02aad8cb8e5eb49fd9d09fe
Secunia Security Advisory 31357
Posted Aug 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Ingres, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local, vulnerability
SHA-256 | e2cd74476f29a23acd609161bc100d23a414db52b9ccd44bfcd931c08e449555
Secunia Security Advisory 31360
Posted Aug 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for opensc. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, debian
SHA-256 | 18b51ae5f8207e6350f320b810f344ef4ab4cd80d59f6977997a6ce612bc5db1
Secunia Security Advisory 31379
Posted Aug 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Apache Tomcat, which can be exploited by malicious people to conduct cross-site scripting attacks or to bypass certain security restrictions.

tags | advisory, vulnerability, xss
SHA-256 | 9e6022562fca1ccdcfb08a0887680abe3fbcdfc6ad391bd4cbc151b5c51a64d4
Secunia Security Advisory 31380
Posted Aug 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for httracker. This fixes a security issue, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
systems | linux, debian
SHA-256 | 54898dc85c6a86735fc8f7ee21abd5031f338dca98f7cf273afd2b91ddcd1a35
Secunia Security Advisory 31381
Posted Aug 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Apache Tomcat, which can be exploited by malicious people to conduct cross-site scripting attacks or to bypass certain security restrictions.

tags | advisory, vulnerability, xss
SHA-256 | e24cfa31093897fe4b364bffa9a3efb9d4ee8c8065e7982d3eb6ef4a1c5f0232
shatter-oemxss2.txt
Posted Aug 4, 2008
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - The Oracle Enterprise Manager Database Control 10gR1, 10gR2, and 11g (11.1.0.6) all suffer from a cross site scripting vulnerability in the REFRESHHOME parameter.

tags | advisory, xss
advisories | CVE-2008-2603
SHA-256 | b7c3fb502ff84d70e4c0c2fb66964c3536ba8b850a9298c13cc3362c7bf78ea1
shatter-oemxss.txt
Posted Aug 4, 2008
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - The Oracle Enterprise Manager Database Control 10gR1 and Oracle Enterprise Manager Grid Control 10gR1 suffer from a cross site scripting vulnerability in the REFRESHHOME parameter.

tags | advisory, xss
advisories | CVE-2008-2590
SHA-256 | 56edf5d6ee5dd6510a508c7efc4ac11881f97678fe069b1fecb203351962fe80
shatter-dbmsdefer.txt
Posted Aug 4, 2008
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - The Oracle Database Server versions 9iR1, 9kiR2, 10gR1, 10gR2, and 11gR1 all suffer fro a SQL injection vulnerability in DBMS_DEFER_SYS.DELETE_TRAN.

tags | advisory, sql injection
SHA-256 | b0e9da563eda5e5add0743b843609004a118c8e56a05f4cd45e4bf698b5f29ea
shatter-oaswwexp.txt
Posted Aug 4, 2008
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - The Oracle Application Server versions 9.0.4.3, 10.1.2.2, and 10.1.4.1 all suffer from a SQL injection vulnerability in WWEXP_API_ENGINE.

tags | advisory, sql injection
SHA-256 | b5e22befb6f5545994e31ab429556c724d4b8074451a9b877ac039fe66e9f6e3
syzygycms-lfi.txt
Posted Aug 4, 2008
Authored by SirGod | Site insecurity.ro

syzygyCMS version 0.3 suffers from a local file inclusion vulnerability in index.php.

tags | exploit, local, php, file inclusion
SHA-256 | 11a2baecf1b93b0b8291665415c0f9659550f62ac36fc379f083887a7527d877
hydralrc-dos.txt
Posted Aug 4, 2008
Authored by securfrog

Hydralrc versions 0.3.164 and below remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 97285351e3b713b8fcad2a902614ad20026cd6ed0b8d2637510ab91cc59ab42d
joomlaez-sql.txt
Posted Aug 4, 2008
Authored by His0k4

The Joomla EZ Store component remote blind SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | a47ac002913e039047d9facff45dde2bf67999cbcf4a42d55827c5c361186267
xampp-xss.txt
Posted Aug 4, 2008
Authored by IRCRASH | Site ircrash.com

Xammp Linux version 1.6.7 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
systems | linux
SHA-256 | 57b8a51ac18dd88975e9ceada38974787acd354c47181ac96fa7e7ef4075c359
Ubuntu Security Notice 626-2
Posted Aug 4, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 626-2 - USN-626-1 fixed vulnerabilities in xulrunner-1.9. The changes required that Devhelp, Epiphany, Midbrowser and Yelp also be updated to use the new xulrunner-1.9. Original advisory details: A flaw was discovered in the browser engine. A variable could be made to overflow causing the browser to crash. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Billy Rios discovered that Firefox and xulrunner, as used by browsers such as Epiphany, did not properly perform URI splitting with pipe symbols when passed a command-line URI. If Firefox or xulrunner were passed a malicious URL, an attacker may be able to execute local content with chrome privileges.

tags | advisory, web, denial of service, overflow, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2008-2785, CVE-2008-2933
SHA-256 | 208d9fa4ec91bae0914c869ff66a50adc922a82314b1dfa26695559e72d2bd49
asciiart-julia.txt
Posted Aug 4, 2008
Authored by SkyLined

ASCII Art / shellcode hybrid called "Julia". This shellcode was created using Ars Ex Machina Coda. The shellcode will only work when it is run in writable and executable memory and if ECX points to the base address of the shellcode.

tags | shellcode
SHA-256 | 89cdfca38f956e1128ed018784978d1e02fff9f7c01ce163ba847b1d3b640bc1
asciiart-skylined2.txt
Posted Aug 4, 2008
Authored by SkyLined

This is a very cool ASCII Art / shellcode hybrid of "SkyLined".

tags | shellcode
SHA-256 | e752389d0a9b04a413b2b3d936d5fcf8f4d6d34efdbbe2e00c65ccfaa79fd27b
asciiart-skylined.txt
Posted Aug 4, 2008
Authored by SkyLined

This is a very cool ASCII Art / shellcode hybrid of "SkyLined".

tags | shellcode
SHA-256 | 3f50a06a3908cc0e38e66c20fcc5a7aff47435b0847640a4d88ce552494096b6
ArpON-1.44.tar.gz
Posted Aug 4, 2008
Authored by Andrea Di Pasquale | Site arpon.sourceforge.net

ArpON (Arp handler inspectiON) is a portable ARP handler. It detects and blocks all ARP poisoning/spoofing attacks with the Static Arp Inspection (SARPI) and Dynamic Arp Inspection (DARPI) approaches on switched/hubbed LAN with/without DHCP protocol.

Changes: Added pid file, added license file, adjusted man page, and added doc directory.
tags | spoof, protocol
systems | unix
SHA-256 | 8dcb8413bdec5b2645c6be276c089ed1840a2bbb09a85acc8a7876e61c9668b3
Secunia Security Advisory 31293
Posted Aug 4, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Raz0r has reported two vulnerabilities in Symphony, which can be exploited by malicious users to compromise a vulnerable system, and by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | f54af7fca221fa5bba8d68871268201e3e0a686d70bff50ce3eea5aded3310bd
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close