exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 216 RSS Feed

Files Date: 2004-07-01 to 2004-07-31

antiboard072.txt
Posted Jul 29, 2004
Authored by Josh Gilmour

SQL Injection and cross site scripting vulnerabilities exist in AntiBoard versions 0.7.2 and below due to a lack of input validation of various variables.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | 12b0c1bd53ad0721a6420f87983d18b9305401bfa84b40954e60d6ee13921cd1
citadel.advisory-04.txt
Posted Jul 29, 2004
Authored by CoKi | Site nosystem.com.ar

Citadel/UX versions 6.23 and below are vulnerable to a buffer overflow that occurs when more than 97 bytes are sent with the USER directive to port 504.

tags | exploit, overflow
SHA-256 | aea378e63801bac88b6f441bca646722e75b24e31337df108dde36bc21e66ee6
asn1.html
Posted Jul 29, 2004
Site checkpoint.com

Checkpoint Security Advisory - An ASN.1 issue has been discovered affecting Check Point VPN-1 products during negotiations of a VPN tunnel which may cause a buffer overrun, potentially compromising the gateway. In certain circumstances, this compromise could allow further network compromise.

tags | advisory, overflow
SHA-256 | e2966120dd7842b90c0ed92aaf808e3c591775ecdf54ad1c5c76debaad9468e6
IRM Security Advisory 9
Posted Jul 28, 2004
Authored by IRM Research | Site irmplc.com

IRM Security Advisory 009 - RiSearch version 1.0.01 and RiSearch Pro 3.2.06 are susceptible to open FTP/HTTP proxying, directory listings, and file disclosure vulnerabilities.

tags | exploit, web, vulnerability
SHA-256 | 4b5da6844da14d869b8b6a8df9ddcc0734547f1dab9d149dc17dea950607f571
SSRT4782.txt
Posted Jul 28, 2004
Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running the CIFS Server. This buffer overflow could potentially be exploited to remotely gain access. HP-UX versions B.11.00, B.11.11, B.11.22, and B.11.23 are all affected.

tags | advisory, overflow
systems | hpux
SHA-256 | 489a467000e80da4a56cf7cd2c7dcda1964dc5e6b63af8dc631919d160685254
squid_nufw_helper-1.0.0-rc1.tar.gz
Posted Jul 28, 2004
Authored by Vincent Deffontaines

squid-nufw-helper is an external ACL helper for Squid that provides Single Sign On capabilities. It uses the NuFW firewall suite and supports the NuFW users SQL logging scheme. The module allows for strict SSO identification and authentication of users on any Squid proxy, including transparent proxies.

tags | web
SHA-256 | 53fe2b87e6a416303c64dee6e76dbddff23fcab234a2495288c6fe63fd11a498
Secunia Security Advisory 12150
Posted Jul 28, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in Hitachi's Web Page Generator versions 1.x and 2.x and also Enterprise releases 3.x and 4.x. These include denial of service, cross site scripting, and content disclosure attacks.

tags | advisory, web, denial of service, vulnerability, xss
SHA-256 | 6f642a621545af420022edb7ef25171ef66ff3e5d62c1f405896ce02cbab0c4e
aescrypt2-rc1.tgz
Posted Jul 28, 2004
Authored by Christophe Devine

aescrypt2 is a command line file encryption program that relies on AES-CBC-128 plus HMAC-MD5. It has been designed to be portable as well as very straightforward to use. Works on all Unix flavors and Win32.

tags | encryption
systems | windows, unix
SHA-256 | 885b5231ce8c86139776bd24f5e67961f4e0cac5142698d44fa1c578c37c68e8
traceproto-0.9.1beta0.tar.gz
Posted Jul 28, 2004
Authored by Eric Hope | Site traceproto.sourceforge.net

Traceproto is a traceroute replacement that allows the user to specify the protocol and port to trace to. It currently supports TCP, UDP, and ICMP traces.

tags | tool, udp, scanner, tcp, protocol
systems | unix
SHA-256 | e9fa2b37c42ba46de92687d08a61aa8f1f9e15d361cb97843a2a39b3ca4c596d
AIX_Security.pdf
Posted Jul 28, 2004
Authored by Andre Derek Protas

White paper on basic security and hardening procedures for AIX. Many of the features and functions shown throughout this guide are applicable to AIX 4.3 and above, but are more directed towards AIX 5.2. This guide attempts to cover a lot of ground and offers useful and necessary insight for anyone administering AIX machines.

tags | paper
systems | unix, aix
SHA-256 | ecfb4a60e0e6196f9d9766af6ece08474e4efe2124ea8315a374f993c5861c7b
Secunia Security Advisory 12107
Posted Jul 28, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Komrade has reported a vulnerability in FTP Surfer, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when handling filenames. This can be exploited to cause a buffer overflow, which is triggered when the application is closed, by tricking a user into opening a file with an overly long filename from a malicious FTP server. Successful exploitation may potentially allow execution of arbitrary code. The vulnerability has been reported in version 1.0.7. Other versions may also be affected.

tags | advisory, overflow, arbitrary
SHA-256 | 7302b41fd2cadac75212f7ad6395ee1793f13632f8a261fa76ebed763f2c0c85
ASPRunner.txt
Posted Jul 28, 2004
Authored by Ferruh Mavituna | Site ferruh.mavituna.com

ASPRunner versions 2.x suffer from multiple vulnerabilities. Various SQL Injection, information disclosure, cross site scripting, and database download flaws exit.

tags | advisory, vulnerability, xss, sql injection, info disclosure
SHA-256 | 49fdab9c6e54038eccdf55c5a3fa83ec824ccbc7158bd11e4f789fdb4f2b64d6
Secunia Security Advisory 12165
Posted Jul 28, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ziv Kamir has reported a security issue in FTPGlide, which can be exploited by malicious, local users to view usernames and passwords. The problem is that the profiles used for connecting to FTP servers are stored in clear text and are readable by any local user. This has been reported to affect version 2.43.

tags | advisory, local
SHA-256 | b7c427c23a9a0a477750e18bd0e160dc84cfddbc8fca0bb3e5daefbcfbd55a8e
phpMyFAQ Security Advisory 2004-07-27
Posted Jul 28, 2004
Authored by The phpMyFAQ Team | Site phpmyfaq.de

A flaw in phpMyFaq version 1.4.0 allows malicious users the ability to upload or delete arbitrary images.

tags | advisory, arbitrary
SHA-256 | a95f22c88cf675223d49ae295c041d7cc10be88f9073b173b71766fd0da99725
GLSA200407-19.txt
Posted Jul 27, 2004
Site gentoo.org

Gentoo Linux Security Advisory GLSA 200407-19 - Pavuk 0.x contains a bug that can allow an attacker to run arbitrary code via a buffer overflow in the Digest authentication code.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
SHA-256 | e1f348cdd9478b5879ac32d090e420e4987fb67070b7c89c956718a1fb300cfb
bitlanceOpera.txt
Posted Jul 27, 2004
Authored by bitlance winter

A vulnerability in the Opera 7.x series allows phishing attacks due to not updating the address bar if a web page is opened using the window.open function and then replaced using the location.replace function.

tags | exploit, web
SHA-256 | 2b64c28e854d3abd60765551937f3f7fd6835b5e59e4664a7233b171d8bbb4de
leer_advisory.html
Posted Jul 27, 2004
Authored by Jordi Corrales | Site shellsec.net

An authentication error in Mensajeitor allows users to post messages with administrative privileges.

tags | advisory
SHA-256 | 291267c432e66e9bfea519ab11126bb85b5315d038d9b6ec81877b346c0c1ca8
Scapy Packet Manipulation Tool 0.9.17
Posted Jul 27, 2004
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do about the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

tags | tool, scanner, python
systems | unix
SHA-256 | 2068e0dc61189a37487dcf432909540e30579e452907ccbbd97d914fd0e06911
keychain-2.3.4.tar.bz2
Posted Jul 27, 2004
Authored by Aron Griffis | Site gentoo.org

keychain is a utility that helps manage ssh keys in a convenient and secure manner. It acts as a frontend to ssh-agent, but allows the user to easily have one long running ssh-agent process per system, rather than the norm of one ssh-agent per login session. It also makes it easy for remote cron jobs to securely hook-in to a long running ssh-agent process, allowing your scripts to take advantage of key-based logins.

tags | remote, encryption
SHA-256 | 44b4e56288e77205a3719abecaf7ce059e72ca0593ff6a43b05c029739da2ba1
taskSched.c
Posted Jul 27, 2004

Microsoft Windows 2K/XP Task Scheduler local exploit that will spawn notepad.exe.

tags | exploit, local
systems | windows
advisories | CVE-2004-0212
SHA-256 | 20e1631372e049c682c8f434c7e218433de0a741f529452b367684f45b732aee
nucleusCMSSQL.txt
Posted Jul 27, 2004
Authored by aCiDBiTS

Nucleus CMS version 3.01 addcoment/itemid SQL Injection Proof of Concept PHP exploit that dumps the username and md5 hash of the password for the administrator user.

tags | exploit, php, sql injection, proof of concept
SHA-256 | f381b9e4184efeb21af8394ab8bfa4585b0b12a1ecc75b4d37d1c396de95e22d
eSeSIX.txt
Posted Jul 26, 2004
Authored by Dirk Loss | Site it-consult.net

eSeSIX Thintune with a firmware equal to or below 2.4.38 is susceptible to multiple vulnerabilities. These include having a backdoored service on a high port with an embedded password giving a remote root shell, various other passwords being stored locally in clear text, and a local root shell vulnerability.

tags | exploit, remote, shell, local, root, vulnerability
SHA-256 | c7d6d010b7722058b4e87e183838984d6663484de3c895b5781af6297637e073
mod_authz_svn-copy-advisory.txt
Posted Jul 26, 2004
Site subversion.tigris.org

Subversion versions up to and including 1.0.5 have a bug in mod_authz_svn that allows users with write access to read portions of the repository that they do not have read access to.

tags | advisory
SHA-256 | aefe57e387f1f845c751e1078943c6c758ae74b2db1ff47970653f4b44b69547
priv8wst.c
Posted Jul 26, 2004
Authored by konewka | Site priv8security.com

Simple utility that will generate Linux x86 shellcode from provided text.

tags | x86, shellcode
systems | linux
SHA-256 | 8f5e0de853ec45a6ed5484d10e28fb3854b1f9fe91fb9937f26a01d6e7b7e7b8
priv8hex.c
Posted Jul 26, 2004
Authored by konewka | Site priv8security.com

Simple utility to view hex.

SHA-256 | aac4af0dd11b60dd8e9c9f7d53aac544ce99b0e1fedce792e18d52f71a54f3c7
Page 1 of 9
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close