exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 50 RSS Feed

Files Date: 2008-11-19

Mandriva Linux Security Advisory 2008-220
Posted Nov 19, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2008-220-1 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. The issues include insecure misconfigurations, an integer overflow, and more.

tags | advisory, overflow, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2008-3272, CVE-2008-0598, CVE-2008-3275, CVE-2008-3525, CVE-2007-6716, CVE-2008-4210
SHA-256 | e803d23944406498cc82562b5aacca71783278c00443005d7d17e49f592f75ce
Mandriva Linux Security Advisory 2008-232
Posted Nov 19, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2008-232 - The ACL plugin in dovecot prior to version 1.1.4 treated negative access rights as though they were positive access rights, which allowed attackers to bypass intended access restrictions. The ACL plugin in dovecot prior to version 1.1.6 allowed attackers to bypass intended access restrictions by using the 'k' right to create unauthorized 'parent/child/child' mailboxes.

tags | advisory
systems | linux, mandriva
advisories | CVE-2008-4577, CVE-2008-4578
SHA-256 | 3dcb5d843d56558227e4581b0d21854b12e0ece4e41854a8044f583cb9217495
Ubuntu Security Notice 674-1
Posted Nov 19, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-674-1 - It was discovered that the hpssd tool of hplip did not validate privileges in the alert-mailing function. A local attacker could exploit this to gain privileges and send e-mail messages from the account of the hplip user. This update alters hplip behavior by preventing users from setting alerts and by moving alert configuration to a root-controlled /etc/hp/alerts.conf file. It was discovered that the hpssd tool of hplip did not correctly handle certain commands. A local attacker could use a specially crafted packet to crash hpssd, leading to a denial of service.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2008-2940, CVE-2008-2941
SHA-256 | d2c4d7347624881811ac3d78377e58ca2ac8f982b257415af5e7f2543208a54a
Debian Linux Security Advisory 1667-1
Posted Nov 19, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1667-1 - Several vulnerabilities have been discovered in the interpreter for the Python language.

tags | advisory, vulnerability, python
systems | linux, debian
advisories | CVE-2008-2315, CVE-2008-3142, CVE-2008-3143, CVE-2008-3144
SHA-256 | 12fdf078391ae1df310f450b4a5d9467ff078cdcdaab7caaf897fa6ed1464822
revsense-sql.txt
Posted Nov 19, 2008
Authored by d3b4g

RevSense suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 27fd270fe55804876934187b8d779434d2923613fc7c278a8e2c78752f9c1489
maurycms-upload.txt
Posted Nov 19, 2008
Authored by StAkeR

MauryCMS versions 0.53.2 and below remote shell upload exploit.

tags | exploit, remote, shell, file upload
SHA-256 | 8d6f5b68189c2bafbc37df905885c56bdf5ebf61f48ede5cfeb450391b7386d1
linksautomation-sql.txt
Posted Nov 19, 2008
Authored by d3v1l

LinksAutomation Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 52eca462044051c914f3bd91e80412422c5a19379cf39af95385d1bb7a82f16f
linksxs-sql.txt
Posted Nov 19, 2008
Authored by d3v1l

Linksxs Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2c801ae9badf9e6c7c0d8a05198dafbd554fc4a4697e6af4752833125902e3ae
ethiclinks-sql.txt
Posted Nov 19, 2008
Authored by d3v1l

Ethiclinks suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | dc02473a04a77ea4b45f077c01e61d0b3581ba664278b302aecf5f573dd62f0e
easyeditcms-sql.txt
Posted Nov 19, 2008
Authored by d3v1l

Easyedit CMS suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | e56537569465cd143e885896d146ffc293267dfa4bfcc1243d624f64ce6c0b66
msvista-overflow.txt
Posted Nov 19, 2008
Authored by Carson Hounshell, Marius Wachtler, Michael Burgbacher, Michael Craggs, Thomas Unterleitner | Site phion.com

The Microsoft Device IO Control wrapped by the iphlpapi.dll API shipping with Windows Vista 32 bit and 64 bit contains a possibly exploitable, buffer overflow corrupting kernel memory. Proof of concept test code included.

tags | exploit, overflow, kernel, proof of concept
systems | windows
SHA-256 | 9c59cd0285343f1201a99c2ae856a531dd0980b02fffd729fa5baeb8130f4c80
mytopix-sql.txt
Posted Nov 19, 2008
Authored by cOndemned | Site condemned.r00t.la

MyTopix versions 1.3.0 and below remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | d6ffcbc9c4384ca4ffc95dc343f307dcd1c2ee1ea7077f7d1e5328bc03e5069b
punbb-lfi.txt
Posted Nov 19, 2008
Authored by StAkeR

PunBB (Private Messaging System versions 1.2.x) multiple local file inclusion exploit.

tags | exploit, local, file inclusion
SHA-256 | bb9169e23999fe6bce73ae380549775e9cf6e794061bbe917d9b5ab942cb4c93
ProCheckUp Security Advisory 2008.9
Posted Nov 19, 2008
Authored by ProCheckUp, Richard Brain | Site procheckup.com

An unauthenticated file retrieval vulnerability exists on the Sun Java System Identity Manager.

tags | advisory, java
SHA-256 | b9cdf1803245bb22824bf0f94a63052849f94ebcd387e642343d714cc5063316
ProCheckUp Security Advisory 2007.40
Posted Nov 19, 2008
Authored by Adrian Pastor, ProCheckUp | Site procheckup.com

The 3Com AP 8760 suffers from authentication bypass, password leakage, and SNMP injection vulnerabilities. Details provided.

tags | exploit, vulnerability
SHA-256 | 23b5cdcfae6b89704fccdcebd00d1ae55e3f48331216d43a26e85f5664b02003
ProCheckUp Security Advisory 2007.11
Posted Nov 19, 2008
Authored by Adrian Pastor, ProCheckUp, Jan Fry | Site procheckup.com

Sun Java System Identity suffers from a cross site request forgery vulnerability. Proof of concept code included.

tags | exploit, java, proof of concept, csrf
SHA-256 | aab83ef3374bf90d0fdb9403e4cc641a2e45c39abb67680b7db155ef488b8ca9
secunia-streamripper.txt
Posted Nov 19, 2008
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user's system. Version 1.63.5 is affected.

tags | advisory, vulnerability
advisories | CVE-2008-4829
SHA-256 | 0c8bfbaaca5cc084c2c85ddbb2c6716f33329be58d9b2d16ad9cc4ec374f5157
tonline-multi.txt
Posted Nov 19, 2008
Authored by Stefan Kanthak

The T-Online software offered by Deutsche Telekom installs and includes the use of vulnerable DLLs.

tags | advisory
SHA-256 | 56d4221ea40f2d628050bcd86316a09eb1feb07cbf4e033614de08ad87fc8d5f
sudoers-shellcode.txt
Posted Nov 19, 2008
Authored by Rick

86 byte Linux/x86 edit /etc/sudoers for full access.

tags | x86, shellcode
systems | linux
SHA-256 | 7d3c24f1326c9839b67cda1c267ce7c0840d066c32b99df5a080ae3f91c26e2f
alexarticle-upload.txt
Posted Nov 19, 2008
Authored by Batter

Alex Article-Engine version 1.3.0 suffers from a remote arbitrary file upload vulnerability.

tags | exploit, remote, arbitrary, file upload
SHA-256 | afa31a1b178fabf354c101511499a42c1db05867c5a2337f291470304e6aaaa1
alexnews-upload.txt
Posted Nov 19, 2008
Authored by Batter

Alex News-Engine version 1.5.1 suffers from a remote arbitrary file upload vulnerability.

tags | exploit, remote, arbitrary, file upload
SHA-256 | f56a33c17e06e03e38fdf7a05a1ac3fa9778d53ef69f3c1a093d9c4e83ae83ca
pysumpas-0.2.0.tar.gz
Posted Nov 19, 2008
Authored by SoDak | Site sourceforge.net

PySumpas is a simple, graphical password generating utility. Using the Python Cryptography Toolkit and Damien Miller's py-bcrypt, it generates a hash or cipher from user input. The resulting output, in part or entirety, can be used as a secure password.

tags | encryption, python
SHA-256 | 459406a1f229c3e7d6ad2a4ee4009c96ba8a5f7189a5df0e6b54c26b1ad72c25
Secunia Security Advisory 32142
Posted Nov 19, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Dejan Levaja has discovered some vulnerabilities in MDaemon Server WorldClient, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | 82a77bc153f67a052b75526f9f06310d4809d99432bcd545920732142f66df1c
Secunia Security Advisory 32562
Posted Nov 19, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 87cfd1e7f07977f96aacd776b8c525b7c51804f8503dd8fb7977dbdedcf5b4ff
Secunia Security Advisory 32739
Posted Nov 19, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Streber, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
SHA-256 | 1819d9852dfef57eaf43c11a5e1ed9b1cf4438b07daadce5bc9f75d0889b434c
Page 1 of 2
Back12Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close