what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 45 of 45 RSS Feed

Files Date: 2005-03-03 to 2005-03-04

AuraCMS.txt
Posted Mar 3, 2005
Authored by y3dips | Site y3dips.echo.or.id

Aura CMS version 1.5 is susceptible to full path disclosure and cross site scripting flaws.

tags | exploit, xss
SHA-256 | 22e6513e068d86c89136d785bf64b15bc83811190025db52b304037ba642137a
Secunia Security Advisory 14449
Posted Mar 3, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Filip Groszynski has reported a vulnerability in PHPNews, allowing malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 50809f6a72f63d1c28f64be60e277cec3946bcbabaa9f5b87e948a477b227e7a
Secunia Security Advisory 14454
Posted Mar 3, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Three vulnerabilities have been reported in CA Unicenter Asset Management, which can be exploited to gain knowledge of sensitive information or conduct script insertion and SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 500b37d26900a858db46fce3d49e80ce8df4ef086f179e73e2773e1a6f0250a0
Secunia Security Advisory 14455
Posted Mar 3, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Kozan has discovered a security issue in Einstein, which can be exploited by malicious, local users to gain knowledge of sensitive information.

tags | advisory, local
SHA-256 | 4e6078ba54cc2c3d58a7ff432fa9dffc3ca03b2781f6895c1586bc789b1750b8
realHeap.txt
Posted Mar 3, 2005
Authored by Mark Litchfield | Site ngssoftware.com

Various versions of Realplayer are susceptible to a heap overflow vulnerability in the .WAV file format when being opened. Under Windows, the following versions are affected: RealPlayer 10.5 (6.0.12.1056 and below), RealPlayer 10, RealOne Player V2, RealOne Player V1, RealPlayer 8, RealPlayer Enterprise. Under Linux, the following versions are affected: RealPlayer 10 (10.0.0.2 and below), Helix Player.

tags | advisory, overflow
systems | linux, windows
SHA-256 | 359c580e54c96a6991290df4135edc4fda022168df80da8721508a4c75bfe410
foxmail.txt
Posted Mar 3, 2005
Authored by xouyang

Foxmail server version 2.0 is susceptible to a boundary error condition in the handling of the USER command. Sample denial of service exploit provided.

tags | exploit, denial of service
SHA-256 | 9c68bae6af3a4d5f3cef5524179a812796007785a8030de3e0267b20cad992fc
Gentoo Linux Security Advisory 200503-4
Posted Mar 3, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200503-04 - NST discovered that, when submitting an announcement, uploaded files aren't correctly checked for malicious code. They also found out that phpWebSite is vulnerable to a path disclosure. Versions less than 0.10.0-r2 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | df226c3a49d66b05d66cd77cfcaeaa0c611a664db9b99058b57ebae61bd6595d
iDEFENSE Security Advisory 2005-03-01.t
Posted Mar 3, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.01.05 - Remote exploitation of a stack-based buffer overflow vulnerability in the The Synchronized Multimedia Integration Language (smil) file format parser within various versions of RealNetworks Inc.'s RealPlayer could allow attackers to execute arbitrary code.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-0455
SHA-256 | 2632879bb5375cffc7b6de250f1ab88228e76ba9eb83439be161087ec3c781cd
phpnews124.txt
Posted Mar 3, 2005
Authored by Filip Groszynski

PHP News version 1.2.4 is susceptible to a remote file inclusion vulnerability.

tags | exploit, remote, php, file inclusion
SHA-256 | 1c306241a4253d288b7a6ffb7325eb604683c91d5bb1d2758c5e2b424b827321
Gentoo Linux Security Advisory 200503-3
Posted Mar 3, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200503-03 - Specially crafted SNAC packets sent by other instant-messaging users can cause Gaim to loop endlessly (CVE-2005-0472). Malformed HTML code could lead to invalid memory accesses (CVE-2005-0208 and CVE-2005-0473). Versions less than 1.1.4 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2005-0208, CVE-2005-0472, CVE-2005-0473
SHA-256 | a9b09c5829b2777d1130c2249d11cad703352dfadec48b89a16cc99c6e9f3683
Gentoo Linux Security Advisory 200503-2
Posted Mar 3, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200503-02 - It was discovered that phpBB contains a flaw in the session handling code and a path disclosure bug. AnthraX101 discovered that phpBB allows local users to read arbitrary files, if the Enable remote avatars and Enable avatar uploading options are set (CVE-2005-0259). He also found out that incorrect input validation in usercp_avatar.php and usercp_register.php makes phpBB vulnerable to directory traversal attacks, if the Gallery avatars setting is enabled (CVE-2005-0258). Versions less than 2.0.13 are affected.

tags | advisory, remote, arbitrary, local, php
systems | linux, gentoo
advisories | CVE-2005-0258, CVE-2005-0259
SHA-256 | b4cb2c0bc5261f26b321b308ca3bb029882790cb78626aa79aa2b52c25a7c28a
HRG009.txt
Posted Mar 3, 2005
Authored by Raven | Site Hackerlounge.com

A flaw in PBLang 4.63 allows logged in users to delete another user's PM.

tags | exploit
SHA-256 | 5e3cc7c61d07865ddffc43e6b349a3f23d299a4419ae5e573404fb52b77c58d5
HRG008.txt
Posted Mar 3, 2005
Authored by Raven | Site Hackerlounge.com

sendpm.php in PBLang 4.63 allows logged in users to view password hashes of other users.

tags | exploit, php
SHA-256 | ebc77ac7b1bdabadb4c6d15fc2692a10091e6e66b2dc34a73e59a490349604cc
HRG007.txt
Posted Mar 3, 2005
Authored by Raven | Site Hackerlounge.com

The profile.php script in 427BB is susceptible to cross site scripting and remote command execution flaws.

tags | exploit, remote, php, xss
SHA-256 | 609a0dcb3fac72bf68ee3de64dc308e763c54ad82f66729d53d627c903561439
HRG006.txt
Posted Mar 3, 2005
Authored by Raven | Site Hackerlounge.com

The profile.php script in 427BB is susceptible to cross site scripting attacks.

tags | exploit, php, xss
SHA-256 | 4e9b2a108ce0209eee52a787a7d44753ccb13dd0893f2c24c26f69b5cac98cce
HRG005.txt
Posted Mar 3, 2005
Authored by Raven | Site Hackerlounge.com

The search.php script in Forumwa is susceptible to cross site scripting attacks.

tags | exploit, php, xss
SHA-256 | 6911e2b42224dba3a55f9e2c2d8696ec1a86792045002b7986a1b2a090c0c163
Gentoo Linux Security Advisory 200502-33
Posted Mar 3, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200502-33 - A security audit of the MediaWiki project discovered that MediaWiki is vulnerable to several cross-site scripting and cross-site request forgery attacks, and that the image deletion code does not sufficiently sanitize input parameters. Versions less than 1.3.11 are affected.

tags | advisory, xss, csrf
systems | linux, gentoo
advisories | CVE-2005-0534, CVE-2005-0535, CVE-2005-0536
SHA-256 | e2bb16e8ac7ba8087dd169d4a4560ccd2c7f8a3bdfe6571d31faf58c377796d1
kiosk-src-0.61b.tgz
Posted Mar 3, 2005
Authored by Ray Ingles | Site ingles.homeunix.org

Kiosk is a Palm hack/DA combination that can be used to lock a Palm handheld to a single application. When activated, only the current application can run, and a password is needed to launch other applications. This is useful when loaning a PDA to a child or to a co-worker to use for a specific purpose.

SHA-256 | 9edb5cc3c78b10a6d42f3d617273e8eb8e967de77a1498147470f8d351171a6a
traceproto-1.1.1.tar.gz
Posted Mar 3, 2005
Authored by Eric Hope | Site traceproto.sourceforge.net

Traceproto is a traceroute replacement that allows the user to specify the protocol and port to trace to. It currently supports TCP, UDP, and ICMP traces.

tags | tool, udp, scanner, tcp, protocol
systems | unix
SHA-256 | 5310f40c3769577e9604b07ccf1039536eaa4e24486f24a971cb9647278ae69e
Vuurmuur-0.5.62.tar.gz
Posted Mar 3, 2005
Authored by Victor Julien | Site vuurmuur.sourceforge.net

Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.

Changes: Various fixes and some option additions.
tags | tool, firewall, bash
systems | linux
SHA-256 | dea3e44a5931800f0fdd62a326a185fbe338387b2ff711c18d89e2fef050df68
Page 2 of 2
Back12Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close