what you don't know can hurt you
Showing 1 - 25 of 82 RSS Feed

Files Date: 2008-09-11

adobe9-dos.txt
Posted Sep 11, 2008
Authored by Jeremy Brown | Site jbrownsec.blogspot.com

Adobe Acrobat 9 Active-X remote denial of service exploit.

tags | exploit, remote, denial of service, activex
MD5 | c1339a3de8e870198bd9f4a5ce5848b3
unrealclient.tgz
Posted Sep 11, 2008
Authored by Luigi Auriemma | Site aluigi.org

The Unreal engine is affected by some format string vulnerabilities which can be exploited by a malicious server when the victim client connects to it. The main format string can be exploited through a malformed CLASS parameter of the DLMGR command but another one seems to be exploitable through the forcing of the download of a malformed package (PKG). Some older games instead can be exploited through a malformed LEVEL parameter of the WELCOME command. The bug is caused by the calling of _vsnwprintf_s or _vsnwprintf for building an error message to visualize to the user (for example for a missing class) using a max size of 4 kilobytes and, naturally, without passing the needed format argument. All related exploit code is included in this tarball.

tags | exploit, vulnerability
MD5 | 1a35fc9bde26ced2c7290a08d0e85a7d
ut3sticle.zip
Posted Sep 11, 2008
Authored by Luigi Auriemma | Site aluigi.org

Unreal engine 3 remote denial of service exploit that leverages a failed memory allocation vulnerability.

tags | exploit, remote, denial of service
MD5 | fd70cb504803f93b8541d7f472ab6239
ut3sticle.txt
Posted Sep 11, 2008
Authored by Luigi Auriemma | Site aluigi.org

Unreal engine 3 suffers from a server termination vulnerability caused by a failed memory allocation.

tags | advisory
MD5 | ce005890075b85c3fe3d0ae75f56b945
Ubuntu Security Notice 644-1
Posted Sep 11, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 644-1 - It was discovered that libxml2 did not correctly handle long entity names. If a user were tricked into processing a specially crafted XML document, a remote attacker could execute arbitrary code with user privileges or cause the application linked against libxml2 to crash, leading to a denial of service. USN-640-1 fixed vulnerabilities in libxml2. When processing extremely large XML documents with valid entities, it was possible to incorrectly trigger the newly added vulnerability protections. This update fixes the problem.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2008-3281, CVE-2008-3281
MD5 | 9cb38a073844679e5e1269c1b72f0bf5
Ubuntu Security Notice 643-1
Posted Sep 11, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 643-1 - Multiple flaws were discovered in the PFB and TTF font handling code in freetype. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges or cause the application linked against freetype to crash, leading to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-1806, CVE-2008-1807, CVE-2008-1808
MD5 | 84c6436a1b5656564dc41cea84d1ad1c
Secunia Security Advisory 31705
Posted Sep 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Vastal I-Tech Mag Zone, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 59cc95e4048d2e7224be15f523991afe
n.runs-SA-2008.007.txt
Posted Sep 11, 2008
Authored by Alexios Fakos | Site nruns.com

The Horde project relies on code similar to Popoon's externalinput.php to filter out potential cross site scripting attacks on user-supplied input. Other projects are using the same code base. Therefore this vulnerability affects also the popular Cake-PHP framework. Hence, all users that rely on the externalinput sanitization functionality are affected by this vulnerability, as in addition to many other unrelated, open source projects.

tags | advisory, php, xss
advisories | CVE-2008-3824
MD5 | ad1720b9f16fc2599c4fdbcc3ed68302
n.runs-SA-2008.006.txt
Posted Sep 11, 2008
Authored by Alexios Fakos | Site nruns.com

Horde versions 3.2 through 3.2.1 suffer from a cross site scripting vulnerability due to the handling of MIME attachments.

tags | advisory, xss
advisories | CVE-2008-3823
MD5 | bf32ba69f3c9096083f5409d8aeeb442
Secunia Security Advisory 31835
Posted Sep 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in various Tor World CGI Scripts, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, cgi, vulnerability, xss
MD5 | e6b05fc732b4951078a8f15f857ad609
joomla-weakpassword.txt
Posted Sep 11, 2008
Authored by Stefan Esser | Site sektioneins.de

Joomla versions 1.5.7 and below suffer form a weak random password reset token vulnerability.

tags | advisory
MD5 | ce8995c4e02765965d4bfe8c79abd367
dynamicmp3-xss.txt
Posted Sep 11, 2008
Authored by Xylitol | Site xylitol.free.fr

dynamic MP3 lister version 2.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0c68bb7023c5e6c22ffa222bbc46b47a
paranews-xss.txt
Posted Sep 11, 2008
Authored by Xylitol | Site xylitol.free.fr

Paranew version 3.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f0fa9e88a6f888e62aa924ea720d5b10
unicode-fun.txt
Posted Sep 11, 2008
Authored by Gary O'Leary-Steele | Site sec-1.com

Ruby Script to generate URL encoded Unicode UTF-8 URL.

tags | web, ruby
MD5 | e24f08221794bf016d8296477ded5427
Secunia Security Advisory 31769
Posted Sep 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 30aa957f5e144aa27c30ba543029a086
Secunia Security Advisory 31810
Posted Sep 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Cyb3r-1sT has reported a vulnerability in AvailScript Jobs Portal Script, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | b0762abafd388c67c7c8f1e3953850a6
Secunia Security Advisory 31818
Posted Sep 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IRCRASH has discovered multiple vulnerabilities in Stash, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 6e45f11f65628f24be412914f085ff8b
graffiti-sql.txt
Posted Sep 11, 2008
Authored by SirGod | Site insecurity.ro

Graffiti Forums version 1.0 suffers from remote SQL injection and HTML injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 7a1190ad9f8fbcda5783092b5839423b
discussionboard-lfi.txt
Posted Sep 11, 2008
Authored by SirGod | Site insecurity.ro

D-iscussion Board version 3.01 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 3b1310beacc993fe28e321e01eb95b9c
zonealarm-overflow.txt
Posted Sep 11, 2008
Authored by Juan Pablo Lopez Yacubian

ZoneAlarm Security Suite suffers from a buffer overflow condition.

tags | advisory, overflow
MD5 | 5154497b153b21c91a6c4923d79fcd15
Secunia Security Advisory 31704
Posted Sep 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stack has reported a vulnerability in Vastal I-Tech MMORPG Zone, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 079af055873bde1cea75dc1ea55a379f
Secunia Security Advisory 31799
Posted Sep 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for freetype. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, debian
MD5 | 68bc3b6f9b0b3a353698c00bd60d4750
sportsclubs-lfi.txt
Posted Sep 11, 2008
Authored by StAkeR

Sports Clubs Web Panel version 0.0.1 suffers from a local file inclusion vulnerability.

tags | exploit, web, local, file inclusion
MD5 | 07f6565f89e444c14a34443730b09986
Debian Linux Security Advisory 1636-1
Posted Sep 11, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1636-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or leak sensitive data.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2008-3272, CVE-2008-3275, CVE-2008-3276, CVE-2008-3526
MD5 | 5962c70a4ac2dca9d0570a3f6a6572a1
razorcommerce-sql.txt
Posted Sep 11, 2008
Authored by r45c4l | Site darkc0de.com

Razor Commerce suffers from a remote SQL injection vulnerability in category_search.php.

tags | exploit, remote, php, sql injection
MD5 | 0b1c613ddf45d4e18ecc562d3a3a28a5
Page 1 of 4
Back1234Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close