exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 529 RSS Feed

Files Date: 2005-03-01 to 2005-03-31

answerbook2.txt
Posted Mar 29, 2005
Authored by Thomas Liam Romanis

PTT Security Advisory - Sun Answerbook2 version 1.4.4 is susceptible to cross site scripting and administration attacks. Exploitation provided.

tags | exploit, xss
advisories | CVE-2005-0548, CVE-2005-0549
SHA-256 | f84f8926bae5020beca593a0122297f5f39ac778c3820f5996098cd6a9e123be
iDEFENSE Security Advisory 2005-03-28.2
Posted Mar 29, 2005
Authored by iDefense Labs, Gael Delalleau | Site idefense.com

iDEFENSE Security Advisory 03.28.05 - Remote exploitation of a buffer overflow vulnerability in multiple telnet clients could allow the execution of arbitrary code. The vulnerability specifically exists in the env_opt_add() function of telnet.c. iDEFENSE has confirmed the existance of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. It is suspected that most BSD based telnet clients are affected by this vulnerability.

tags | advisory, remote, overflow, arbitrary
systems | solaris, bsd
advisories | CVE-2005-0468
SHA-256 | de99e8ea1329dbc1f15a968b8c0756e881aa440162190742655fdb287e67ea1c
iDEFENSE Security Advisory 2005-03-28.1
Posted Mar 29, 2005
Authored by iDefense Labs, Gael Delalleau | Site idefense.com

iDEFENSE Security Advisory 03.28.05 - Remote exploitation of an buffer overflow vulnerability error in multiple telnet clients may allow execution of arbitrary commands. The vulnerability specifically exists in the handling of the LINEMODE suboptions, in that there is no size check made on the output, which is stored in a fixed length buffer. iDEFENSE has confirmed the existence of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. It is suspected that most BSD based telnet clients are affected by this vulnerability.

tags | advisory, remote, overflow, arbitrary
systems | solaris, bsd
advisories | CVE-2005-0469
SHA-256 | 9a3b7b73eb08fc8817b92e7dac30a75b72f3c015d5bbd074dbfb8f930414a6f2
blackmagic.txt
Posted Mar 29, 2005
Authored by detach | Site hackaholic.org

Practical guide to advanced network attack and reconnaissance techniques using Python. Includes topics such as firewalking, port scanning, ARP poisoning, and DNS poisoning.

tags | paper, python
SHA-256 | 916232dd57df1886350cf72bfea0c2c2b0deabc436b2c432950fbf0ce8bdd015
tincat2bof.zip
Posted Mar 29, 2005
Authored by Luigi Auriemma | Site aluigi.altervista.org

Proof of concept exploit for a remotely exploitable buffer overflow in the Tincat network library used in various games.

tags | exploit, overflow, proof of concept
SHA-256 | 59a3b89267c5dd0e34a3c1f1ddfd3867902e562a8c7054b2a8a2a37ea1878f70
tincat2bof.txt
Posted Mar 29, 2005
Authored by Luigi Auriemma | Site aluigi.altervista.org

The Tincat network library used in various games is susceptible to a remote buffer overflow in the code that logs players entering the server. This flaw allows for remote code execution.

tags | advisory, remote, overflow, code execution
SHA-256 | c211634e8ceb1aabbd24adf99b61d5686e280b0581dced699b041982f50b4780
Gentoo Linux Security Advisory 200503-34
Posted Mar 29, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200503-34 - A routine security audit of the mpg321 package revealed a known security issue remained unpatched. The vulnerability is a result of mpg321 printing embedded ID3 data to the console in an unsafe manner. Versions less than 0.2.10-r2 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | e3b4a0926c6deb1e52dbd27635780082fa5bbda54ada9fec46a0718dc8882384
thaiXSS.txt
Posted Mar 29, 2005
Authored by CorryL | Site x0n3-h4ck.org

THai's Shoutbox is susceptible to a cross site scripting bug.

tags | exploit, xss
SHA-256 | ed49a7e339d0891d132dc79e327caf12fabaf981cbcaf07676c4f8b3aa3c5658
adv1.pdf
Posted Mar 29, 2005
Authored by Ilja van Sprundel | Site suresec.org

The Bluetooth code in the Linux kernel has a flaw that allows for local privilege escalation. Versions affected are greater than or equal to 2.4.6, less than or equal to 2.4.30-rc1, and 2.6.x up to 2.6.11.5.

tags | advisory, kernel, local
systems | linux
SHA-256 | 3af1e2b575930a55ef4b0186165f28931f8a985f60a7c3067e9481a97e6a86a3
vladersoft30.txt
Posted Mar 29, 2005
Authored by Diabolic Crab | Site hackerscenter.com

Vladersoft Shopping Cart version 3.0 is susceptible to multiple cross site scripting and SQL injection vulnerabilities. Sample exploitation provided.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | ff883a1159901250b604c992c505e6b30d38334d06fe39e24596c33f727d5e37
as400ldap.txt
Posted Mar 29, 2005
Authored by Shalom Carmel

The LDAP service on an iSeries server can be used to enumerate the AS400 user profiles.

tags | advisory
SHA-256 | c2b8bdaf2439c1b48e6be48182c9ebeacfaefa836bef1783fbc6e7ad751c62b1
relayscanner.zip
Posted Mar 28, 2005
Authored by CIRTDK | Site cirt.dk

SMTP relay scanner checks for open relays and misconfigurations that allow spoofing via the tested mailserver or for internal mail to internal address from external nets. Supports plugins for additional tests. Approximately 20 different misconfigurations are checked for, using a total of around 150 different tests. Written in Perl and tested on Windows and Linux.

tags | perl, spoof
systems | linux, windows, unix
SHA-256 | 3669766cc3a5e54ff8da711f3496bc595261900c567146943c589828eff68dae
Secunia Security Advisory 14692
Posted Mar 28, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - mircia has reported a vulnerability in phpMyDirectory, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | e8a6e19f1ef60fa7a111e1c9333d6f9481732db3cfd7e295faea8a9a6c45c852
Secunia Security Advisory 14727
Posted Mar 28, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for ipsec-tools. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, gentoo
SHA-256 | 04f78b9e0f3290e05eee71a01560c624a1f050960e2d99ff7159323f243b3c49
Secunia Security Advisory 14714
Posted Mar 28, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Slackware has issued an update for mozilla. This fixes some vulnerabilities, which can be exploited to bypass certain security restrictions, conduct spoofing and script insertion attacks, disclose various information, or compromise a user's system.

tags | advisory, spoof, vulnerability
systems | linux, slackware
SHA-256 | 9dc034d44353294bf6fbe5904b11f53ce243451d423981aef7a1fbd5bf444060
Secunia Security Advisory 14697
Posted Mar 28, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Diabolic Crab has reported some vulnerabilities in exoops, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 5a3f3b4985fa46f3baa0f538930c008b8890e365d6b62f428263eb4b01b6b1a4
Secunia Security Advisory 14712
Posted Mar 28, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Aviv Raff has reported a vulnerability in Maxthon, which can be exploited by malicious people to disclose some potentially sensitive information.

tags | advisory
SHA-256 | 87440c1dab3a4f2df2e1ad7124a012979bb9e82c5efc0d10443604666bdc6377
Secunia Security Advisory 14735
Posted Mar 28, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for Thunderbird. This fixes four vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, gentoo
SHA-256 | 3fe5b367857e0869dfa98f0b26c693163c74db4393ed4b4961689077c2ee878e
Secunia Security Advisory 14715
Posted Mar 28, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gerardo 'Astharot' Di Giacomo has reported some vulnerabilities in the Nuke Bookmarks module for PHP-Nuke, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, php, vulnerability, xss, sql injection
SHA-256 | deaa338c13d08b2030eb64ce45b5ad57c433c9d138d36cd4008008d8d845448e
dcrab-e-xoops.txt
Posted Mar 28, 2005
Authored by Diabolic Crab | Site icis.digitalparadox.org

Easy Community Management System Forum (E-XOOPS) contains multiple SQL injection and cross-site scripting vulnerabilities. Some of these may not be exploitable depending on how PHP, Apache, and MySQL have been configured. Advisory contains proof-of-concept exploit URLs.

tags | exploit, php, vulnerability, xss, sql injection
SHA-256 | 383b99f55a4400a2bec840c614876918516b6901632de122f0ebc7126617cb4f
timbuktu_userbrute.c
Posted Mar 28, 2005
Authored by Conehead

Timbuktu Pro Remote Control user enumeration program. Wordlist-based bruteforce tool that checks whether a given username exists on the target server or not, which is possible due to a difference in the error message returned when the username is invalid versus when the password is invalid.

tags | exploit, remote
SHA-256 | c1316cb0a42dbdc8c71076a0435e16160c2cbab2ffe04ba0757c56504e85b033
ZH2005-03SA.txt
Posted Mar 28, 2005
Authored by Astharot | Site zone-h.org

NukeBookmarks version 6 contains SQL injection, cross site scripting, and path-disclosure vulnerabilities. Advisory contains example exploit URLs.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | aa04cadcaf0e6dc00925b0ece1251381dcb2058c48cddd82c5318bc21db41adc
limehack.pl
Posted Mar 27, 2005
Authored by Marco van Berkum | Site jammerjoh.xs4all.nl

Limewire directory traversal exploit. Exploits bug in versions 4.1.2 - 4.5.6, inclusive.

tags | exploit
SHA-256 | a0dfa08e39acd486c6491f79f378b661f19d8d1edb4b5a89ab50190a58682691
Bastille-2.2.8-1.0.noarch.rpm
Posted Mar 26, 2005
Authored by Jay Beale | Site bastille-linux.org

The Bastille Hardening program locks down an operating system, configuring the system for increased security. It currently supports Red Hat, Fedora Core, Red Hat Enterprise, SuSE, SuSE Enterprise, Mandrake, Debian, and Gentoo, HP-UX, and Apple's Mac OS X. Screenshot available here..

Changes: Bug fixes.
systems | linux, redhat, suse, debian, hpux, mandrake, apple, osx, gentoo, fedora
SHA-256 | 91af27a0f4b60daaadc83e622e9e24685dddb3a546a59e4ea5e2177d5e1e6905
ida_rpc_enum.zip
Posted Mar 26, 2005
Authored by Pedram Amini | Site idefense.com

This IDC script will scan through an IDA database locating and marking the relevant RPC server data structures. It will then enumerate the dispatch routines from the DispatchTable. The script outputs the addresses of the discovered structs / functions and was designed to automate the otherwise tedious manual process of locating RPC routines to audit.

SHA-256 | 09a462953000492e97d310f1b0d80939c4d23e6a76122104321941414c268117
Page 3 of 22
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close