what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 88 RSS Feed

Files Date: 2005-10-26 to 2005-10-27

phpBB-IE-gif.txt
Posted Oct 26, 2005
Authored by alphakgen

phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit - This exploit details a method which uses the Gif bug in IE to perform a XSS attack.

tags | exploit
SHA-256 | d91dff60352e732640beee7806aa41a9c45b5959d3f48c32e267e9a5b93cc466
Gentoo Linux Security Advisory 200510-21
Posted Oct 26, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200510-21 - Stefan Esser discovered that by calling certain PHP files directly, it was possible to workaround the grab_globals.lib.php security model and overwrite the $cfg configuration array. Systems running PHP in safe mode are not affected. Furthermore, Tobias Klein reported several cross-site-scripting issues resulting from insufficient user input sanitizing. Versions less than 2.6.4_p3 are affected.

tags | advisory, php
systems | linux, gentoo
SHA-256 | bdc34b73151d595048e983ee59c1ac6b53aeef0310b18852111bdc00a67958ec
Gentoo Linux Security Advisory 200510-20
Posted Oct 26, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200510-20 - Zope honors file inclusion directives in RestructuredText objects by default. Versions less than 2.7.8 are affected.

tags | advisory, file inclusion
systems | linux, gentoo
SHA-256 | fa3508d05860a34beb4eaf6ad27147ade6dd88c2ba2ef0d5255a87e4300bf526
Gentoo Linux Security Advisory 200510-19
Posted Oct 26, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200510-19 - iDEFENSE reported that insufficient bounds checking on a memcpy() of the supplied NTLM username can result in a stack overflow. Versions less than 7.15.0 are affected.

tags | advisory, overflow
systems | linux, gentoo
SHA-256 | b403869cb001836a2a8f8c3b58aa4ab7d808f737aa05a63af0cbcdbbd522b133
BMC-Control-M.txt
Posted Oct 26, 2005
Authored by Scott Cromar

BMC's Control M enterprise scheduling facility creates temporary files insecurely.

tags | advisory
SHA-256 | 10159e46cbab518398523ed1786a87cbc0d512a8f648293114d56d7015f86202
qcrack-v0.17.tgz
Posted Oct 26, 2005
Authored by Q nix | Site 0x11.org

Qcrack is a program written to test the security of md5 passwords by attempting to brute force them. The user can also specify the characters to use when brute-forcing.

Changes: Added Hash Calculate, Full ANSI Colors, Buffer overflow Bug Fixed, Added Verbose & quite mode
tags | cracker
SHA-256 | 67aa24c0dcc7ce582aa9d7359224e4f37030cfa21591ca3eb4a793a2d8e7985d
dmproxss.txt
Posted Oct 26, 2005
Authored by Farhad Koosha | Site kapda.ir

[KAPDA::#8] Domain Manager Pro Vulnerability - A remote user can conduct cross-site scripting attacks.The 'panel' script does not properly validate user-supplied input at the 'err' parameter.So remote user can inject html script to fake login form and steal admin's password.

tags | advisory, remote, xss
SHA-256 | 884d2c7cab6a1fb8491aefd45b26685f951bc1ff50e09b9c0295fdebbf165705
Newsworld-1.5.0.txt
Posted Oct 26, 2005
Authored by Chb | Site incast-security.de

aRCHILLES Newsworld versions less than 1.5.0-rc1 suffer from multiple vulnerabilities including login bypass and information disclosure. POC and workarounds included.

tags | advisory, vulnerability, info disclosure
SHA-256 | 9227656086e77f731c91ef4311c8666b9482d7c9442c448649307de93e6d155c
mwchat.txt
Posted Oct 26, 2005
Authored by rgod | Site retrogod.altervista.org

MWCHAT 6.8 SQL injection and remote command execution exploit.

tags | exploit, remote, sql injection
SHA-256 | 41110b8a0d1dc327dbda05febcf2566569f15a2637fd71c9e8c0e5d01e2bc6f7
fear-lithsock.txt
Posted Oct 26, 2005
Authored by Luigi Auriemma | Site aluigi.altervista.org

F.E.A.R. (First Encounter Assault and Recon) 1.01 is still vulnerable to a bug discovered in December 2004.

tags | advisory
SHA-256 | 1bd561f56fa4976f859ecef647720e1eb9ae93c82482cbb22ccd4ed2d2c48187
Nukedklan1.7.txt
Posted Oct 26, 2005
Authored by papipsycho

Nuked klan 1.7 suffers from multiple XSS vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 007b2b8e0fea92b9aae3119a716f437e8d9879ce0387de9d16846c550ce487a8
UMPNPMGR.c
Posted Oct 26, 2005
Authored by ppwd25

Windows UMPNPMGR wsprintfW Stack Buffer Overflow Vulnerability PoC exploit.

tags | exploit, overflow
systems | windows
SHA-256 | 7feca937d675bf9811db6950dffd927ea8e117fe2e79314cfd11bb88a2b56bcb
SEC-20051021-0.txt
Posted Oct 26, 2005
Authored by Bernhard Mueller | Site sec-consult.com

SEC-CONSULT Security Advisory 20051021-0 - Since april 2005 SEC-Consult has found 5+ serious vulnerabilities within Yahoo's webmail systems. All of them have been fixed in the production environment. Nevertheless SEC-Consult believes that input-validation thru blacklists can just be a temporary solution to problems like this. From our point of view there are many other applications vulnerable to this special type of problem where vulnerabilities of clients and servers can be combined.

tags | advisory, vulnerability
SHA-256 | 7a64cb8ab3b8e5a8f4156e727abc3f37614cab2407e89b76e8fa54c19d9a2919
SNS Advisory 85
Posted Oct 26, 2005
Authored by Little eArth Corporation | Site lac.co.jp

SNS Advisory No.85 - Software XOOPS for building community websites contains multiple cross-site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 42ef2f7b204282e9348d3748062f73c7a8d9049e88f398ad78a5f593de24a6d8
SNS Advisory 84
Posted Oct 26, 2005
Authored by Little eArth Corporation | Site lac.co.jp

SNS Advisory 84 - Oracle Application Server has vulnerabilities of HTTP Response Splitting. This makes possible to represent an unreal content as if it is real or to cause Cross Site Scripting attacks.

tags | advisory, web, vulnerability, xss
SHA-256 | d2593262db3bce5fcc290a10c71016c69956f1b4127c661c1b9c404cf7abd8d5
SCOSA-2005.40.txt
Posted Oct 26, 2005
Authored by SCO | Site sco.com

SCO Security Advisory - iDEFENSE has identified a Buffer Overflow vulnerability in SCO Openserver backupsh. The backupsh utility is a standard binary distributed with Openserver 5.0.7 and earlier.

tags | advisory, overflow
SHA-256 | 05597ecea3d8a0bd926b0282d3c7164ffc0d5a812b5296d3da2b44ba717b8f45
SCOSA-2005.41.txt
Posted Oct 26, 2005
Authored by SCO | Site sco.com

SCO Security Advisory - iDEFENSE has identified a Buffer Overflow vulnerability in SCO Unixware ppp prompt. Local exploitation of a buffer overflow vulnerability in the ppp binary, allows attackers to gain root privileges.

tags | advisory, overflow, local, root
systems | unixware
SHA-256 | 52844b9a3101e4ce8cadab981c41468ce7e578544ae531927abae4e4d937634b
iDEFENSE Security Advisory 2005-10-20.03
Posted Oct 26, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 10.20.05 - Local exploitation of a design error in the DiskMountNotify component of Symantec Corp.'s Norton Antivirus 9.0 for Macintosh may allow a user to gain elevated privileges. The vulnerability specifically exists in failing to specify an explicit PATH for the "/Library/Application Support/Norton Solutions Support/Norton AntiVirus/DiskMountNotify.app/Contents/MacOS/DiskMountNotify" binary.

tags | advisory, local
SHA-256 | ebecbb36ea10c4ab83e03fc878e06f2189ffdd7121fc3cc14da3f15fa860cb0a
iDEFENSE Security Advisory 2005-10-20.2
Posted Oct 26, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 10.20.05 - Local exploitation of a design error in the LiveUpdate component of Symantec Corp.'s Norton Antivirus 9.0 for Macintosh may allow a user to gain elevated privileges.

tags | advisory, local
SHA-256 | e72e0eb45f151aca7593af2915144cd93a7044b126e87bd6a8c95dd626e2649b
devsec-3.0.6.tar.gz
Posted Oct 26, 2005
Authored by p3r | Site devsec.sourceforge.net

Devolution Security is a video surveillance system for Linux based systems. It supports up to 16 cameras and features unicast and multicast broadcasting, a Web interface, an X11 interface, themes, motion detection, record on motion, eight different camera layouts, camera cycling, fullscreen mode, and more. Devolution Security uses its own toolkit (dtk).

Changes: Updated to work with more systems. Bug fixes.
tags | web
systems | linux
SHA-256 | 80c5017c93f392fba1af09589f808e54259d298f06dc202c8b5b1b5a1f3f6bcd
fortress-0.3.tar.gz
Posted Oct 26, 2005
Authored by Debian | Site steve.org.uk

Fortress is a simple script driven framework for performing security scans. The core of the application is an application which will execute testing scripts written using the embedded LUA scripting engine. The scripts may perform almost arbitrary operations, including making HTTP requests, conducting port scanning, and taking advantage of several other provided primitives.

tags | tool, web, arbitrary, scanner
systems | unix
SHA-256 | 2e7246ed11aa5a9080d05fc1f7fb5438007f88c120542f7775cd9d75184151f7
Nixory_0.2.7.zip
Posted Oct 26, 2005
Authored by Alfredo Spadafina | Site nixory.sourceforge.net

Nixory is an innovative, fast, and powerful anti-spyware program, with a user-friendly graphical interface. It protects Mozilla Firefox from dangerous spyware and harmful cookies. Platform independent source zip file.

SHA-256 | b28c6b8e925dfb99ab64d6a67e90b012c6d6eb666aaa5d6b7361a1a094c46134
Nixory_0.2.7_WinSetup.exe
Posted Oct 26, 2005
Authored by Alfredo Spadafina | Site nixory.sourceforge.net

Nixory is an innovative, fast, and powerful anti-spyware program, with a user-friendly graphical interface. It protects Mozilla Firefox from dangerous spyware and harmful cookies. Windows setup binary installer.

systems | windows
SHA-256 | 5e051bc469dbd75dbfbf7ec38c9be034ef324c27e1adde87083a6467b57fd702
Scapy Packet Manipulation Tool 1.0.1
Posted Oct 26, 2005
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Various bug fixes.
tags | tool, scanner, python
systems | unix
SHA-256 | b0e311e795cc5f4df850bfe4961710d47d5f90d153baa4151c7d1ffd700ffc5e
gsasl-0.2.10.tar.gz
Posted Oct 26, 2005
Authored by Simon Josefsson

GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers such as IMAP and SMTP to request authentication from clients, and in clients to authenticate against servers. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM, and KERBEROS_V5 mechanisms.

Changes: Various minor fixes and additions.
tags | imap, library
SHA-256 | 65852d74699a66ac1fceecfb9265f34a2c157cba10313698a7656567f4800191
Page 2 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close