exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 36 RSS Feed

Files Date: 2008-08-22

gallery-xss.txt
Posted Aug 22, 2008
Authored by r45c4l | Site darkc0de.com

Gallery version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 229c231ed66b5072f0c7252f95e68d812e05b303a3c4d0c7da35829d556a4e5c
TOR Virtual Network Tunneling Tool 0.2.0.30
Posted Aug 22, 2008
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Multiple major and minor fixes and enhancements.
tags | tool, remote, local, peer2peer
SHA-256 | bc9e8bf841ef64f8b06eef91eeab430f91147a3c4d7a6919826fa33b20453387
netbeware.txt
Posted Aug 22, 2008
Authored by Jeremy Brown | Site jbrownsec.blogspot.com

The remote manager in Novell Netware version 6.5 suffers from an HTML injection vulnerability.

tags | exploit, remote
SHA-256 | d55104ed15bb268ae818564d5a27a9f645fab016c404a789b83dd37ee602b8f7
Debian Linux Security Advisory 1631-1
Posted Aug 22, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1631-1 - Andreas Solberg discovered that libxml2, the GNOME XML library, could be forced to recursively evaluate entities, until available CPU & memory resources were exhausted.

tags | advisory
systems | linux, debian
advisories | CVE-2008-3281
SHA-256 | 6c9094554c9bda05ea0527025db2031ca7ecdcbbd3fbd883d35e2efbd4657bd8
Open Source CERT Security Advisory 2008.8
Posted Aug 22, 2008
Authored by Will Drewry, Open Source CERT | Site ocert.org

The xine free multimedia player suffers from a number of vulnerabilities ranging in severity. The worst of these vulnerabilities results in arbitrary code execution and the least, in unexpected process termination. xine-lib versions 1.1.14 and below are affected.

tags | advisory, arbitrary, vulnerability, code execution
SHA-256 | 6ca037f9e8d51e3f07cc53661d3f13706366e6df2b215a8e1e7ad67c75a07c41
Secunia Security Advisory 31574
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in La!cooda WIZ, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks, and malicious users to compromise a vulnerable system.

tags | advisory, vulnerability, xss, csrf
SHA-256 | dddce2566ca62ebf43305489e657b15b449fc0e6bd919b159536de6783de3ab9
noname-lfi.txt
Posted Aug 22, 2008
Authored by SirGod | Site insecurity.ro

NoName Script version 1.0 suffers from a local file inclusion vulnerability in index.php.

tags | exploit, local, php, file inclusion
SHA-256 | b5059165ce522db5dd2e0b5206223b1d4b94a64fe55acb6439d7c5039ff49ecb
vim-sanitize.txt
Posted Aug 22, 2008
Authored by Jan Minar

Vim version 3 suffers from multiple arbitrary code execution vulnerabilities.

tags | exploit, arbitrary, vulnerability, code execution
SHA-256 | 0df0a0a662b76dfb71b8da8346939e317d1a638e718c3ebbea161707aec73cf4
openvas-contest.txt
Posted Aug 22, 2008
Site openvas.org

The OpenVAS Team (Open Vulnerability Assessment System) has started a contest and calls for submission of patches, scripts, converters or anything else that significantly improves the OpenVAS framework and extends Open Source Network Vulnerability Testing.

tags | paper
SHA-256 | 1c902166709d7c8418dfe56f54563cd1fe810521ea6823311102d7a389bdd9f5
H2HC-CFP-2008.txt
Posted Aug 22, 2008
Site h2hc.com.br

The call for papers is open for the Hackers to Hackers Conference being held in November, 2008. It will take place in Sao Paulo, Brazil.

tags | paper, conference
SHA-256 | ca3ffb6085d139655ca4126b5ac7c5b71af894cfc51d4d84edd39f71d5f94d05
ProCheckUp Security Advisory 2008.20
Posted Aug 22, 2008
Authored by ProCheckUp | Site procheckup.com

Microsoft ASP.NET ValidateRequest filters can be bypassed allowing for cross site scripting and HTML injection attacks.

tags | advisory, xss, asp
SHA-256 | 991d123ab5c384f1961576752ae8de0178e17504175d1d5b7d6c72a0c878c48b
secunia-trendmicro.txt
Posted Aug 22, 2008
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in certain Trend Micro products, which can be exploited by malicious people to bypass authentication. The vulnerability is caused by insufficient entropy being used to create a random session token for identifying an authenticated manager using the web management console. The entropy in the session token comes solely from the system time when the real manager logs in with a granularity of one second. This can be exploited to impersonate a currently logged on manager by brute forcing the authentication token. Successful exploitation further allows execution of arbitrary code via manipulation of the configuration.

tags | advisory, web, arbitrary
advisories | CVE-2008-2433
SHA-256 | ca4e60fcbf1cd56bcfc9d59316819297548491779e2e6b28a1bfa5e6428c35cd
wms-overflow.txt
Posted Aug 22, 2008
Authored by Jeremy Brown | Site jbrownsec.blogspot.com

Windows Media Services (nskey.dll) on Windows 2000 Server, Advanced Server, and Datacenter Edition all suffer from a stack overflow vulnerability. Using an Active-X control that is safe for scripting/initialize, passing at least 9752 bytes to CallHTMLHelp will overwrite the EIP and remote code execution may be possible.

tags | exploit, remote, overflow, code execution, activex
systems | windows
SHA-256 | 7dd68791afc2235b0b12444e2fd32dbc8395c768e03a777ceda41ac3bed58fe0
Secunia Security Advisory 31545
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Uniwin eCart Professional, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 64d1ea95b532d350e1f3917c6cb8b48c8e7ec8ca44fcdfef869dc476e99f712f
Secunia Security Advisory 31555
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - e.wiZz! has discovered a vulnerability in phpBazar, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 761fa4d60c1d2b1ec30d44bec7b23b2468f1fa3af0697914fa0492a9082dde8d
Secunia Security Advisory 31557
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Doz has discovered two vulnerabilities in TimeTrex, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 30fd1519a195ddc0ca12be11a80e14a8df9442a91d4e788676341841fe6931e4
Secunia Security Advisory 31561
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Xen, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially bypass certain security restrictions.

tags | advisory, denial of service, local
SHA-256 | c4b8d901e7dc1770dd557f04bb11f4d032e42a8739d26e8e8bfd954a6cd9631d
Secunia Security Advisory 31570
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SirGod has discovered two vulnerabilities in Easy Site, which can be exploited by malicious people to disclose sensitive information.

tags | advisory, vulnerability
SHA-256 | cba64fa0703e020df75bf072ad8c7d5cdc71c21dcf9494b7145a7da9477628a4
Secunia Security Advisory 31575
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for openssh, which corrects a small number of OpenSSH packages that have been tampered with.

tags | advisory
systems | linux, redhat
SHA-256 | cd7d275235c1f477c544de546d82937b5e30ea3baf51fed2c84c991eb3bfbbee
Secunia Security Advisory 31579
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux
SHA-256 | c1448671788db90cc9e0be174b3cc2bbbb7d0498828078c7c7e9b862a77280e2
Mandriva Linux Security Advisory 2008-180
Posted Aug 22, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding. The updated packages have been patched to prevent this issue.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2008-3281
SHA-256 | 0ebde274e431550f35a889527dc2b914d5dea262f2c261477dd76032479d4aaa
Mandriva Linux Security Advisory 2008-179
Posted Aug 22, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - An input validation flaw was found in X.org's MIT-SHM extension. A client connected to the X.org server could read arbitrary server memory, resulting in the disclosure of sensitive data of other users of the X.org server. Multiple integer overflows were found in X.org's Render extension. A malicious authorized client could exploit these issues to cause a denial of service (crash) or possibly execute arbitrary code with root privileges on the X.org server. The Metisse program is likewise affected by these issues; the updated packages have been patched to prevent them.

tags | advisory, denial of service, overflow, arbitrary, root
systems | linux, mandriva
advisories | CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362
SHA-256 | 21ab26995f3e8ac3cf68bea088a9613c7a17cdd32ee933bb7754a04a8a14dea0
Mandriva Linux Security Advisory 2008-178
Posted Aug 22, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Alin Rad Pop found an array index vulnerability in the SDP parser of xine-lib. If a user or automated system were tricked into opening a malicious RTSP stream, a remote attacker could possibly execute arbitrary code with the privileges of the user using the program. The ASF demuxer in xine-lib did not properly check the length of ASF headers. If a user was tricked into opening a crafted ASF file, a remote attacker could possibly cause a denial of service or execute arbitrary code with the privileges of the user using the program. The Matroska demuxer in xine-lib did not properly verify frame sizes, which could possibly lead to the execution of arbitrary code if a user opened a crafted ASF file. Luigi Auriemma found multiple integer overflows in xine-lib. If a user was tricked into opening a crafted FLV, MOV, RM, MVE, MKV, or CAK file, a remote attacker could possibly execute arbitrary code with the privileges of the user using the program. Guido Landi found A stack-based buffer overflow in xine-lib that could allow a remote attacker to cause a denial of service (crash) and potentially execute arbitrary code via a long NSF title. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2008-0073, CVE-2008-1110, CVE-2008-1161, CVE-2008-1482, CVE-2008-1878
SHA-256 | cc1af7aa9af190d5e08578ee557ea3356fcedf52d35bb1e99c652fdbdc04649d
Debian Linux Security Advisory 1630-1
Posted Aug 22, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1630-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution.

tags | advisory, denial of service, arbitrary, kernel, vulnerability, code execution
systems | linux, debian
advisories | CVE-2007-6282, CVE-2008-0598, CVE-2008-2729, CVE-2008-2812, CVE-2008-2826, CVE-2008-2931, CVE-2008-3272, CVE-2008-3275
SHA-256 | a2c27af084e632dacda1f2b548a743f20c48db967b5e065f17020aa096f656a0
tinycms-lfi.txt
Posted Aug 22, 2008
Authored by cOndemned | Site condemned.r00t.la

tinyCMS version 1.1.2 suffers from a local file inclusion vulnerability in templater.php.

tags | exploit, local, php, file inclusion
SHA-256 | 1582e2ca40a2b46e1501addfce561fc531390d74107c85fe4c7b39dd88104320
Page 1 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close