exploit the possibilities
Showing 1 - 25 of 36 RSS Feed

Files Date: 2008-08-22

gallery-xss.txt
Posted Aug 22, 2008
Authored by r45c4l | Site darkc0de.com

Gallery version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 884d325c621639312f1f07d6d3d591d7
TOR Virtual Network Tunneling Tool 0.2.0.30
Posted Aug 22, 2008
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Multiple major and minor fixes and enhancements.
tags | tool, remote, local, peer2peer
MD5 | d37b582ee35b4f69564b0635a449b5f6
netbeware.txt
Posted Aug 22, 2008
Authored by Jeremy Brown | Site jbrownsec.blogspot.com

The remote manager in Novell Netware version 6.5 suffers from an HTML injection vulnerability.

tags | exploit, remote
MD5 | f4d83cea9d6dcd226ee4aae32d114574
Debian Linux Security Advisory 1631-1
Posted Aug 22, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1631-1 - Andreas Solberg discovered that libxml2, the GNOME XML library, could be forced to recursively evaluate entities, until available CPU & memory resources were exhausted.

tags | advisory
systems | linux, debian
advisories | CVE-2008-3281
MD5 | 4e11a0bf3ea05140834d932f3231418d
Open Source CERT Security Advisory 2008.8
Posted Aug 22, 2008
Authored by Will Drewry, Open Source CERT | Site ocert.org

The xine free multimedia player suffers from a number of vulnerabilities ranging in severity. The worst of these vulnerabilities results in arbitrary code execution and the least, in unexpected process termination. xine-lib versions 1.1.14 and below are affected.

tags | advisory, arbitrary, vulnerability, code execution
MD5 | 030d4b684f35e92aea985834e35cd251
Secunia Security Advisory 31574
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in La!cooda WIZ, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks, and malicious users to compromise a vulnerable system.

tags | advisory, vulnerability, xss, csrf
MD5 | cbab1158fe45786c263e6f68c29ab9b9
noname-lfi.txt
Posted Aug 22, 2008
Authored by SirGod | Site insecurity.ro

NoName Script version 1.0 suffers from a local file inclusion vulnerability in index.php.

tags | exploit, local, php, file inclusion
MD5 | e08938492ce16785a939d37592f50395
vim-sanitize.txt
Posted Aug 22, 2008
Authored by Jan Minar

Vim version 3 suffers from multiple arbitrary code execution vulnerabilities.

tags | exploit, arbitrary, vulnerability, code execution
MD5 | 743819ed6f6edc557eb5e0a21ba43aec
openvas-contest.txt
Posted Aug 22, 2008
Site openvas.org

The OpenVAS Team (Open Vulnerability Assessment System) has started a contest and calls for submission of patches, scripts, converters or anything else that significantly improves the OpenVAS framework and extends Open Source Network Vulnerability Testing.

tags | paper
MD5 | 7e7ad7671b776d96a194bfc749f20e2f
H2HC-CFP-2008.txt
Posted Aug 22, 2008
Site h2hc.com.br

The call for papers is open for the Hackers to Hackers Conference being held in November, 2008. It will take place in Sao Paulo, Brazil.

tags | paper, conference
MD5 | 6d9f8171b263a0206de941f3abf26e34
ProCheckUp Security Advisory 2008.20
Posted Aug 22, 2008
Authored by ProCheckUp | Site procheckup.com

Microsoft ASP.NET ValidateRequest filters can be bypassed allowing for cross site scripting and HTML injection attacks.

tags | advisory, xss, asp
MD5 | 55f98a75179a16092e86c4dbcd9340b2
secunia-trendmicro.txt
Posted Aug 22, 2008
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in certain Trend Micro products, which can be exploited by malicious people to bypass authentication. The vulnerability is caused by insufficient entropy being used to create a random session token for identifying an authenticated manager using the web management console. The entropy in the session token comes solely from the system time when the real manager logs in with a granularity of one second. This can be exploited to impersonate a currently logged on manager by brute forcing the authentication token. Successful exploitation further allows execution of arbitrary code via manipulation of the configuration.

tags | advisory, web, arbitrary
advisories | CVE-2008-2433
MD5 | b5bcc9775cd18024e81e9933c9fa97da
wms-overflow.txt
Posted Aug 22, 2008
Authored by Jeremy Brown | Site jbrownsec.blogspot.com

Windows Media Services (nskey.dll) on Windows 2000 Server, Advanced Server, and Datacenter Edition all suffer from a stack overflow vulnerability. Using an Active-X control that is safe for scripting/initialize, passing at least 9752 bytes to CallHTMLHelp will overwrite the EIP and remote code execution may be possible.

tags | exploit, remote, overflow, code execution, activex
systems | windows, 2k
MD5 | 90d989c0208552bc19a8cc29a895d467
Secunia Security Advisory 31545
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Uniwin eCart Professional, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | ca6a14bb506a9e3534dddd9e665e1930
Secunia Security Advisory 31555
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - e.wiZz! has discovered a vulnerability in phpBazar, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 513d6f6d762d35975dea2a8db748e052
Secunia Security Advisory 31557
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Doz has discovered two vulnerabilities in TimeTrex, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 97fed88f241f091e03e67e0bb44a51fd
Secunia Security Advisory 31561
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Xen, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially bypass certain security restrictions.

tags | advisory, denial of service, local
MD5 | cf2a5eba4a94a775db927428a5233e70
Secunia Security Advisory 31570
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SirGod has discovered two vulnerabilities in Easy Site, which can be exploited by malicious people to disclose sensitive information.

tags | advisory, vulnerability
MD5 | 5f7919fb9da48740f8b3f828ef61e6c6
Secunia Security Advisory 31575
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for openssh, which corrects a small number of OpenSSH packages that have been tampered with.

tags | advisory
systems | linux, redhat
MD5 | 3bdb98ee640e0ebe78bc123ff3e3ebfb
Secunia Security Advisory 31579
Posted Aug 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux
MD5 | 768a778cc191de3734e2cbe66d9ac0ea
Mandriva Linux Security Advisory 2008-180
Posted Aug 22, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding. The updated packages have been patched to prevent this issue.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2008-3281
MD5 | d020ce82b78a55691be3b77a8258749f
Mandriva Linux Security Advisory 2008-179
Posted Aug 22, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - An input validation flaw was found in X.org's MIT-SHM extension. A client connected to the X.org server could read arbitrary server memory, resulting in the disclosure of sensitive data of other users of the X.org server. Multiple integer overflows were found in X.org's Render extension. A malicious authorized client could exploit these issues to cause a denial of service (crash) or possibly execute arbitrary code with root privileges on the X.org server. The Metisse program is likewise affected by these issues; the updated packages have been patched to prevent them.

tags | advisory, denial of service, overflow, arbitrary, root
systems | linux, mandriva
advisories | CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362
MD5 | 7fa23a387b9a6aa48f33a17134658e9b
Mandriva Linux Security Advisory 2008-178
Posted Aug 22, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Alin Rad Pop found an array index vulnerability in the SDP parser of xine-lib. If a user or automated system were tricked into opening a malicious RTSP stream, a remote attacker could possibly execute arbitrary code with the privileges of the user using the program. The ASF demuxer in xine-lib did not properly check the length of ASF headers. If a user was tricked into opening a crafted ASF file, a remote attacker could possibly cause a denial of service or execute arbitrary code with the privileges of the user using the program. The Matroska demuxer in xine-lib did not properly verify frame sizes, which could possibly lead to the execution of arbitrary code if a user opened a crafted ASF file. Luigi Auriemma found multiple integer overflows in xine-lib. If a user was tricked into opening a crafted FLV, MOV, RM, MVE, MKV, or CAK file, a remote attacker could possibly execute arbitrary code with the privileges of the user using the program. Guido Landi found A stack-based buffer overflow in xine-lib that could allow a remote attacker to cause a denial of service (crash) and potentially execute arbitrary code via a long NSF title. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2008-0073, CVE-2008-1110, CVE-2008-1161, CVE-2008-1482, CVE-2008-1878
MD5 | f81b67007a37ee028b814f93f17b95cb
Debian Linux Security Advisory 1630-1
Posted Aug 22, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1630-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution.

tags | advisory, denial of service, arbitrary, kernel, vulnerability, code execution
systems | linux, debian
advisories | CVE-2007-6282, CVE-2008-0598, CVE-2008-2729, CVE-2008-2812, CVE-2008-2826, CVE-2008-2931, CVE-2008-3272, CVE-2008-3275
MD5 | 367b80017310ff6cee24b30977a80f99
tinycms-lfi.txt
Posted Aug 22, 2008
Authored by cOndemned | Site condemned.r00t.la

tinyCMS version 1.1.2 suffers from a local file inclusion vulnerability in templater.php.

tags | exploit, local, php, file inclusion
MD5 | 0598b8185b84b91e434f2ed18e03dd3a
Page 1 of 2
Back12Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    17 Files
  • 23
    Mar 23rd
    1 Files
  • 24
    Mar 24th
    1 Files
  • 25
    Mar 25th
    16 Files
  • 26
    Mar 26th
    21 Files
  • 27
    Mar 27th
    6 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close