exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 33 RSS Feed

Files Date: 2008-10-14

Technical Cyber Security Alert 2008-288A
Posted Oct 14, 2008
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA08-288A - Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Internet Explorer, and Microsoft Office as part of the Microsoft Security Bulletin Summary for October 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code.

tags | advisory, remote, arbitrary, vulnerability
systems | windows
SHA-256 | c8b73e33ba25736f307e55bdb8f6e01b3fb903043ab1b0819f71282c39ae40c4
iDEFENSE Security Advisory 2008-10-14.1
Posted Oct 14, 2008
Authored by iDefense Labs, Stephen Fewer | Site idefense.com

iDefense Security Advisory 10.14.08 - Remote exploitation of an arbitrary command execution vulnerability in Microsoft Corp.'s Host Integration Server 2006 could allow an attacker to execute arbitrary code with the privileges of the affected service. The RPC interface exposes several methods that an unauthenticated attacker can use to execute arbitrary programs on the server. RPC opcodes 1 and 6 both allow an attacker to call the CreateProcess() function with full control over the application started, as well as the command line passed to it. This allows an attacker to run arbitrary programs on the server. iDefense has confirmed the existence of this vulnerability in Host Integration Server 2006. Previous versions may also be affected.

tags | advisory, remote, arbitrary
advisories | CVE-2008-3466
SHA-256 | b9fe753909d642655b6aa83a4515cd2e1b53dc02408456d1fb3e5c5f01d9aca4
Debian Linux Security Advisory 1654-1
Posted Oct 14, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1654-1 - It was discovered that libxml2, the GNOME XML library, didn't correctly handle long entity names. This could allow the execution of arbitrary code via a malicious XML file.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2008-3529
SHA-256 | 3456d3287114e5611a846a0aaa0ab69bd054462ed067b13c15903ffbf12a7970
phpnukereview2-sql.txt
Posted Oct 14, 2008
Authored by boom3rang | Site khq-crew.ws

Remote SQL injection exploit for the Reviews2 module for PHP-Nuke.

tags | exploit, remote, php, sql injection
SHA-256 | 0b540da46c357ae5ca1a0d7bbd4a978a0aff8369e4ffff3107ae62bed9683a9a
webscene-sql.txt
Posted Oct 14, 2008
Authored by Angela Chang

Webscene eCommerce suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e0a3a0be3d8d9652ba6e25b7bf21030f69520cd8e8a2477768ff48c0e929e81b
nukedklan-multi.txt
Posted Oct 14, 2008
Authored by real | Site real.o-n.fr

Nuked-Klan versions 1.7.7 and below and SP4.4 and below remote SQL injection and remote shell upload exploit.

tags | exploit, remote, shell, sql injection
SHA-256 | 8946ccce8c05f1f5c15686d53d5da7d4012332cc4b5c86fdc39ec97506eb9b80
RISE-2008001.txt
Posted Oct 14, 2008
Authored by Adriano Lima | Site risesecurity.org

There exists a vulnerability within a function of the Sun Solstice AdminSuite sadmind, which when properly exploited can lead to remote compromise of the vulnerable system.

tags | advisory, remote
SHA-256 | 8ac2013b17795600d5228efb512a53587caa34b658cc30dbd1fd5363ec38e008
phpwebsite152-sql.txt
Posted Oct 14, 2008
Authored by d3v1l

phpWebSite version 1.5.2 suffers from a remote SQL injection vulnerability in article.php.

tags | exploit, remote, php, sql injection
SHA-256 | 569ff0d9844cf66a5386e2912f4616e1a0b8e36b122f3dde83ef524de631816c
assh-2.0.tgz
Posted Oct 14, 2008
Authored by ZZZ Team | Site assh.sourceforge.net

Assh is an anonymous ssh client for GNU/Linux and Mac OS X. It use proxies to get connected on remote ssh servers.

tags | remote, encryption
systems | linux, apple, osx
SHA-256 | c474dc8ccea42ebc81faf4295f21a02a57e1e410ffd051c8c4f56a6988832b2f
Secunia Security Advisory 32138
Posted Oct 14, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 76e9bef2d0abf4b477d241ab4a7ebb34095434ea19131c4deadb7bdcab5d372c
Secunia Security Advisory 32247
Posted Oct 14, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | windows
SHA-256 | 882ecf8a5e43d5b7339dd18a73c78f88a0a735ec380aa4036c49feed10f59269
Secunia Security Advisory 32251
Posted Oct 14, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | windows
SHA-256 | 66aded7d1861654d5faaa86f6d90ca147972e8a8b2b5f6e0431d0f9b468fa82b
sezhoo-rfi.txt
Posted Oct 14, 2008
Authored by DaRkLiFe

SezHoo version 0.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | fba61588d4350b5d2661fbbc44c757894e63ca1fa674454f89eaffac8325902e
sweetcms-sql.txt
Posted Oct 14, 2008
Authored by Dapirates, underc | Site darkc0de.com

Sweet CMS version 1.5.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 019babe26f93a26169a6cee2f4ed636a866a5a0868918990514ffc7c13ed7ffe
alicetelecom-backdoor.txt
Posted Oct 14, 2008
Authored by saxdax, drpepperONE

Alice Telecom Italia CPE Modems / Routers manufactured by Pirelli have an embedded backdoor in them that can be used to active telnetd/ftpd/tftpd/httpd.

tags | exploit
SHA-256 | 4ec3ee06eef1a5eee4b3359f37574aa7f2ddaa978f5a693d9d1598689e642b55
mms-03.tgz
Posted Oct 14, 2008
Site scrt.ch

Mini MySqlat0r is a multi-platform application used to audit web sites in order to discover and exploit SQL injection vulnerabilities. It is written in Java and is used through a user-friendly GUI that contains three distinct modules. Program and source code are both included in this tarball.

tags | tool, java, web, scanner, vulnerability, sql injection
systems | unix
SHA-256 | 95902f9cedcdb90d235f803f2d02db948f8175d74924df36c0e7ff6a3dee0ed4
elxis-xss.txt
Posted Oct 14, 2008
Authored by swappie aka faithlove

Elxis 2008.1 Nemesis suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 52e5c51e245da274ad283a3c10f4b45c4b1d8cee2ed3f31a4835edc5494f2b46
parsblogger-sql.txt
Posted Oct 14, 2008
Authored by Hussin X | Site tryag.cc

ParsBlogger suffers from a remote SQL injection vulnerability in links.asp.

tags | exploit, remote, sql injection, asp
SHA-256 | b848146130f51fd66219162df9836c789b2abc044f101f083f930d08904e0ebe
Ubuntu Security Notice 653-1
Posted Oct 14, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 653-1 - Havoc Pennington discovered that the D-Bus daemon did not correctly validate certain security policies. If a local user sent a specially crafted D-Bus request, they could bypass security policies that had a "send_interface" defined. It was discovered that the D-Bus library did not correctly validate certain corrupted signatures. If a local user sent a specially crafted D-Bus request, they could crash applications linked against the D-Bus library, leading to a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2008-0595, CVE-2008-3834
SHA-256 | c6ecb4a24a8541326d35924332ea02e73a30f69fe201a3a3991c2d9c1e9ab12c
Ubuntu Security Notice 652-1
Posted Oct 14, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 652-1 - Chris Evans discovered that certain ICC operations in lcms were not correctly bounds-checked. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could crash applications linked against liblcms1, leading to a denial of service, or possibly execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-2741
SHA-256 | 8356283a00a6c079cc16db3dc7a76af22067536f991ab0a4ef9e2f9964f1083d
xhresim-sql.txt
Posted Oct 14, 2008
Authored by r45c4l | Site darkc0de.com

The XOOPS module xhresim suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4ee5e78d8336e0cbb47a3199026a493741286380cb90f7ea7377ec4b528a70e3
eserv-overflow.txt
Posted Oct 14, 2008
Authored by LiquidWorm | Site zeroscience.mk

Eserv 3.x FTP Server ABOR related remote stack overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
SHA-256 | e2d81347d0a7600243a220a6f77967c179d287dec3b9d73b9e646fbf6077c17d
wpcomment-multi.txt
Posted Oct 14, 2008
Authored by g30rg3_x

WP Comment Remix version 1.4.3 suffers from cross site scripting, cross site request forgery, and SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection, csrf
SHA-256 | 44edf97b2cd78b955622c67fb8230bd28b677939fe34ec4646e5ca24ef73a30a
wpcomment-sql.txt
Posted Oct 14, 2008
Authored by g30rg3_x

WP Comment Remix version 1.4.3 remote SQL injection proof of concept exploit.

tags | exploit, remote, sql injection, proof of concept
SHA-256 | 8a8b6d6df60766770da59cdac75831fdd80ab889a250f9e7d891f9e070ff8135
Secunia Security Advisory 32105
Posted Oct 14, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ENOVIA, which can potentially be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | d9d4652f4776ffe3f088327ed92e3a5172d99eebb0ebfa89942a24a436de1ce5
Page 1 of 2
Back12Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close