exploit the possibilities
Showing 1 - 25 of 108 RSS Feed

Files Date: 2008-09-03

Mandriva Linux Security Advisory 2008-185
Posted Sep 3, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A cross-site request forgery vulnerability was discovered in Django that, if exploited, could be used to perform unrequested deletion or modification of data. Updated versions of Django will now discard posts from users whose sessions have expired, so data will need to be re-entered in these cases. The versions of Django shipping with Mandriva Linux have been updated to the latest patched versions that include the fix for this issue. In addition, they provide other bug fixes.

tags | advisory, csrf
systems | linux, mandriva
MD5 | 6ac0b104186085519706b8c2c66e09d3
Mandriva Linux Security Advisory 2008-184
Posted Sep 3, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Drew Yaro of the Apple Product Security Team reported multiple uses of uninitialized values in libtiff's LZW compression algorithm decoder. An attacker could create a carefully crafted LZW-encoded TIFF file that would cause an application linked to libtiff to crash or potentially execute arbitrary code. The updated packages have been patched to prevent this issue.

tags | advisory, arbitrary
systems | linux, apple, mandriva
advisories | CVE-2008-2327
MD5 | a603583eb6b1e7b4ab9c84a0ebade1c6
Cisco Security Advisory 20080903-asa
Posted Sep 3, 2008
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances that may result in a reload of the device or disclosure of confidential information.

tags | advisory, vulnerability
systems | cisco
advisories | CVE-2008-2732, CVE-2008-2733, CVE-2008-2734, CVE-2008-2735, CVE-2008-2736
MD5 | dcc3833fe405434e423da50c55a28149
cisco-sr-20080903-csacs.txt
Posted Sep 3, 2008
Site cisco.com

Cisco Security Advisory - A specially crafted Remote Authentication Dial In User Service (RADIUS) Extensible Authentication Protocol (EAP) Message Attribute packet sent to the Cisco Secure Access Control Server (ACS) can crash the CSRadius and CSAuth processes of Cisco Secure ACS. Because this affects CSAuth all authentication requests via RADIUS or TACACS+ will be affected during exploitation of this vulnerability.

tags | advisory, remote, protocol
systems | cisco
advisories | CVE-2008-2441
MD5 | 115410313bc62c93c6e6d1391b58bab4
cisco-acs.txt
Posted Sep 3, 2008
Authored by Laurent Butti, Gabriel Campana

Cisco Secure ACS does not correctly parse the length of EAP-Response packets which allows remote attackers to cause a denial of service and possibly execute arbitrary code. A remote attacker (acting as a RADIUS client) could send a specially crafted EAP Response packet against a Cisco Secure ACS server in such a way as to cause the CSRadius service to crash (reliable). This bug may be triggered if the length field of an EAP-Response packet has a certain big value, greater than the real packet length.

tags | advisory, remote, denial of service, arbitrary
systems | cisco
advisories | CVE-2008-2441
MD5 | af42d10de51f46d9fd8a6bf7ca0cf4ad
Secunia Security Advisory 31719
Posted Sep 3, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been discovered in Open Media Collectors Database (OpenDb), which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.

tags | advisory, vulnerability, xss, csrf
MD5 | cbad228bca857f35e076936c302cbaf2
distack-1.1.0-dev.tar.gz
Posted Sep 3, 2008
Site tm.uka.de

Distack is a framework for local and distributed attack detection and traffic analysis. It can run on live interfaces or traces files, as well as in simulation environments. Therefore it provides easy ways to develop attack detection mechanisms and evaluate them on a large-scale in simulated networks.

tags | tool, local, intrusion detection
systems | unix
MD5 | 3fb4c5502309f3badd504a961d5c19db
fusil-0.9.1.tar.gz
Posted Sep 3, 2008
Authored by Victor Stinner | Site fusil.hachoir.org

Fusil the fuzzer is a Python library used to write fuzzing programs. It helps to start process with a prepared environment (limit memory, environment variables, redirect stdout, etc.), start network client or server, and create mangled files. Fusil has many probes to detect program crash: watch process exit code, watch process stdout and syslog for text patterns (eg. "segmentation fault"), watch session duration, watch cpu usage (process and system load), etc.

tags | python, library, fuzzer
MD5 | 68ab675bee4c53dc2b7929121401e99c
livinglocal-sql.txt
Posted Sep 3, 2008
Authored by Hussin X | Site tryag.cc

Living Local Website suffers from a SQL injection vulnerability in listtest.php.

tags | exploit, local, php, sql injection
MD5 | aed2227fccc75ee8c058fc811ae683b7
moodle-exec.txt
Posted Sep 3, 2008
Authored by zurlich.ipt

Moodle versions 1.8.4 and below remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 7f3beb6819cc88f01ffaf5f6e7718031
uploader6-xss.txt
Posted Sep 3, 2008
Site xc0re.net

Uploader version 6.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d3868d8d336ff7a3919446693fca6528
secunia-iprintboundary.txt
Posted Sep 3, 2008
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "IppCreateServerRef()" function in nipplib.dll. This can be exploited to cause a heap-based buffer overflow by passing an overly long, specially crafted string as argument to either "GetPrinterURLList()", "GetPrinterURLList2()", or "GetFileList2()" as provided by the Novell iPrint ActiveX control (ienipp.ocx). Successful exploitation may allow execution of arbitrary code.

tags | advisory, overflow, arbitrary, activex
advisories | CVE-2008-2436
MD5 | 5f0735fc1bc5e620690fa1fac9a4c647
google-download.txt
Posted Sep 3, 2008
Authored by nerex

Google Chrome Browser version 0.2.149.27 automatic file download exploit.

tags | exploit
MD5 | eae4601ff8c54d54721be67a4701b9e7
google_chrome.tgz
Posted Sep 3, 2008
Authored by Rishi Narang | Site greyhat.in

Google Chrome Browser version 0.2.149.27 suffers from a denial of service crash vulnerability when mishandling a malicious link. Proof of concept code included.

tags | exploit, denial of service, proof of concept
MD5 | dc520b74c3da64470e484723fa2ccf18
Samhain File Integrity Checker 2.4.6
Posted Sep 3, 2008
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | b707b7b7207b4bfa6357fe70795ef57d
spice-sql.txt
Posted Sep 3, 2008
Authored by Cyb3r-1sT

Spice Classifieds suffers from a remote SQL injection vulnerability in index.php.

tags | exploit, remote, php, sql injection
MD5 | aa454ef31230d003a379d250406a8443
translucid-upload.txt
Posted Sep 3, 2008
Authored by AmnPardaz Security Research Team | Site bugreport.ir

TransLucid version 1.75 suffers from a remote arbitrary file upload vulnerability.

tags | exploit, remote, arbitrary, file upload
MD5 | 061bebb6b88a1774334dcf9c565d595a
aspwebalbum-sqlxssupload.txt
Posted Sep 3, 2008
Authored by Alemin Krali | Site al3m.blogspot.com

aspWebAlbum version 3.2 suffers from cross site scripting, SQL injection, and upload vulnerabilities.

tags | exploit, vulnerability, xss, sql injection, file upload
MD5 | 783696c8eddcb252ce39137aeb79df35
alphanumeric-shellcode.txt
Posted Sep 3, 2008
Authored by koshi

67 byte Win32 PEB Kernel32.dll ImageBase Finger Alphanumeric shellcode.

tags | shellcode
systems | windows
MD5 | 6d2a060c4b5b120608b335f01eabb6bd
imagebase-shellcode.txt
Posted Sep 3, 2008
Authored by koshi

49 byte Win32 PEB Kernel32.dll ImageBase Finger shellcode.

tags | shellcode
systems | windows
MD5 | fc3c982d2817211fd69ee6a7abc76c19
Secunia Security Advisory 31683
Posted Sep 3, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - DarkFig has reported some vulnerabilities in Invision Power Board (IP.Board), which can be exploited by malicious users to disclose sensitive information and compromise a vulnerable system, and by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | f87a3fa1ae53e9536c45e50011aea15e
Digital Defense VRT Advisory 2008.13
Posted Sep 3, 2008
Authored by Digital Defense, Corey LeBleu, r@b13$ | Site digitaldefense.net

PageR versions below 5.0.l7 from AVTECH suffer from a directory traversal vulnerability.

tags | advisory
MD5 | 4f3dc854012982faa1c7229a759a2dd8
Digital Defense VRT Advisory 2008.14
Posted Sep 3, 2008
Authored by Digital Defense, r@b13$, Brandon Shilling | Site digitaldefense.net

The 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point is susceptible to a denial of service condition via the web management interface.

tags | advisory, web, denial of service
MD5 | d3b32a21f0121d23492de63e5c6ed8f2
Secunia Security Advisory 31665
Posted Sep 3, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - noensr has reported a vulnerability in Belkin Wireless G F5D7632-4V6, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 6a74f8a32c1e24dd75e6cf5c07df3dcf
Secunia Security Advisory 31720
Posted Sep 3, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - C1c4Tr1Z has discovered some vulnerabilities in @Mail, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 075a44ec7fd37e97ef2bf153943c3d41
Page 1 of 5
Back12345Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close