exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 39 RSS Feed

Files Date: 2006-01-10 to 2006-01-11

Clam AntiVirus Toolkit 0.88
Posted Jan 10, 2006
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Fixed a heap overflow as well as other bugs.
tags | virus
systems | unix
SHA-256 | 7912be29d13dae676691fbad7fa5fc1518eb3b8b45f8d147097908533ca1f8db
nufw-1.0.17.tar.gz
Posted Jan 10, 2006
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: UDP support added and a minor bug fix.
tags | tool, remote, firewall
systems | unix
SHA-256 | a09566271773dee2090a2f6f57b4d82c4d055e6e1c29b5eba92935a4a1c6273a
strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Jan 10, 2006
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: Various support and fixes added.
tags | kernel, encryption
systems | linux
SHA-256 | fee591a16e80452e1f77a7f8c104033081aa00ec942c30a3f30833666fc6495d
rident_0.9.3b.tar.bz2
Posted Jan 10, 2006
Authored by Rob J Meijer | Site xs4all.nl

Ridentd is a stand-alone replacement for identd that uses a random selection of a ispell dictionary to use as fake ident responses. This server application is meant for the totally paranoid that need access to servers that require ident and don't want to give any information about local users to the remote server or its other users.

Changes: Better and more complete fix for the 0.9.1 bug thanks to Dominik Vogt.
tags | tool, remote, local
systems | unix
SHA-256 | 7751c7c40a83975aad77f729496ac43e3e79efc8fe3aa0d24023e715c1f22e7a
cijfer-mnxpl.pl.txt
Posted Jan 10, 2006
Authored by cijfer

Magic News Plus versions 1.0.3 and below remote administrative password changing exploit.

tags | exploit, remote
SHA-256 | e913c44b929b58ec02f35a6c2b53e8c0f02721f22335d21763d166a58054998e
webwiz634.txt
Posted Jan 10, 2006
Authored by Mustafa Can Bjorn | Site nukedx.com

Web Wiz Forums versions 6.34 and below are susceptible to a cross site scripting attacks.

tags | exploit, web, xss
SHA-256 | 0affa61efe7fc7d93ee4732db603919e640ba3c9e78084ad2b41ba50c9195532
Debian Linux Security Advisory 934-1
Posted Jan 10, 2006
Authored by Debian | Site debian.org

Debian Security Advisory DSA 934-1 - Two vulnerabilities have been discovered in Pound, a reverse proxy and load balancer for HTTP.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2005-1391, CVE-2005-3751
SHA-256 | 95e9659fa9ba776f046a088f086fdb226558bfa2f86f33f52f71806b335e8c7d
Debian Linux Security Advisory 933-1
Posted Jan 10, 2006
Authored by Debian | Site debian.org

Debian Security Advisory DSA 933-1 - Patrice Fournier found that hylafax passes unsanitized user data in the notify script, allowing users with the ability to submit jobs to run arbitrary commands with the privileges of the hylafax server.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2005-3539
SHA-256 | 1f5fa099b5bf99d93d10fcbd8ea336aad6733df2dc6c93c4ea12c234a3bbbe87
iDEFENSE Security Advisory 2006-01-09.t
Posted Jan 10, 2006
Authored by iDefense Labs, Sparfell | Site idefense.com

iDefense Security Advisory 01.09.06 - Remote exploitation of a format string vulnerability in multiple versions of the mod_auth_pgsql authentication module for the Apache httpd could allow the execution of arbitrary code in the context of the httpd. iDefense has confirmed the existence of this vulnerability in version 2.0.2b1 of mod_auth_pgsql for Apache 2.x. It is suspected that earlier versions are also affected.

tags | advisory, remote, arbitrary
advisories | CVE-2005-3656
SHA-256 | ae77cef4cf235c34da71db3beb1be182bb43f82c88e9232aab6802083553935b
secunia-ADOdb.txt
Posted Jan 10, 2006
Authored by Andreas Sandblad | Site secunia.com

Secunia Research has discovered two security issues in ADOdb, which can be exploited by malicious people to disclose system information, execute arbitrary SQL code, and potentially compromise a vulnerable system. Details provided. ADOdb versions 4.66 and 4.68 for PHP are affected.

tags | exploit, arbitrary, php
SHA-256 | a212b5763393fa5ec35a8dfe35d726cc4f7c2a8000c581074fd8516fbf88411b
2006090173928420.txt
Posted Jan 10, 2006
Authored by Seregorn | Site digitalarmaments.com

Due to an insecure usage of the Apache logging function (ap_log_rerror) in auth_ldap_log_reason of auth_ldap, it is possible to run arbitrary code on the server running the module. Versions 1.6.0 and below are affected.

tags | advisory, arbitrary
SHA-256 | 26a0724e4809bd1f36186743fcdff87c77f1ebb308a33a25c92609b052705ec7
EV0021.txt
Posted Jan 10, 2006
Authored by Aliaksandr Hartsuyeu

Venom Board version 1.22 is susceptible to SQL injection attacks. Exploitation details provided.

tags | exploit, sql injection
SHA-256 | 3428fc1e0da0ce604b5ba5a1b8dafdd1a446a0953647add156d4d23ea007b2da
EV0020.txt
Posted Jan 10, 2006
Authored by Aliaksandr Hartsuyeu

Foxrum BBCode version 4.0.4f is susceptible to cross site scripting attacks.

tags | advisory, xss
SHA-256 | cf53f95145b03ae25350b19a64ac8ea002507731c6ab10c4eab317cc14bf91ef
Debian Linux Security Advisory 931-1
Posted Jan 10, 2006
Authored by Debian | Site debian.org

Debian Security Advisory DSA 931-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, that can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2005-3191, CVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627, CVE-2005-3628
SHA-256 | a51d43d11bcb80943a4cc66dcd5742c251907b7bee80f5542ce88d1aaa097349
NetBSD-SA2006-002.txt
Posted Jan 10, 2006
Site NetBSD.org

NetBSD Security Advisory 2006-002 - The prohibition against setting the system time backwards at securelevel > 1 can be circumvented.

tags | advisory
systems | netbsd
SHA-256 | 33a33c215be8aa045ca247a1c0e1ac47c59ae2bd144cf0a07a66691b4e87e4ae
NetBSD-SA2006-001.txt
Posted Jan 10, 2006
Site NetBSD.org

NetBSD Security Advisory 2006-001 - The kernfs filesystem does not validate file offsets properly and a userlevel non-privileged process can read arbitrary kernel memory locations.

tags | advisory, arbitrary, kernel
systems | netbsd
SHA-256 | 56fccbb5673d5da87cdc6963c43be8e91b263483cf2743118931ef3514e00591
rt-sa-2005-16.txt
Posted Jan 10, 2006
Site redteam-pentesting.de

The implementations of securelevels on NetBSD and Linux contain an integer overflow, allowing the protection of system time to be completely circumvented.

tags | advisory, overflow
systems | linux, netbsd
advisories | CVE-2005-4352
SHA-256 | 5d86a7cf0432dc4890c84c7e30065c97959f3e07f3b3ce13d5a6856179985dcf
rt-sa-2005-15.txt
Posted Jan 10, 2006
Site redteam-pentesting.de

BSD Securelevels can be circumvented at runtime. By mounting another filesystem, immutable files can be masked. Masking means placing an arbitrary file at the location of an immutable file, without changing the immutable file itself. Details on how this can be exploited are included.

tags | exploit, arbitrary
systems | bsd
advisories | CVE-2005-4351
SHA-256 | 5f212654aa72d63c5f2b0e62bbabc43d84e3b56af267179ad9b967469a4f15ba
Debian Linux Security Advisory 930-1
Posted Jan 10, 2006
Authored by Debian | Site debian.org

Debian Security Advisory DSA 930-1 - Ulf Harnhammar from the Debian Security Audit project discovered a format string attack in the logging code of smstools, which may be exploited to execute arbitrary code with root privileges.

tags | advisory, arbitrary, root
systems | linux, debian
advisories | CVE-2006-0083
SHA-256 | 0b37ab07b82debbd5f0d166fd43f9d11e80ded3f8e33e2e24cdae9d219d393ab
Debian Linux Security Advisory 929-1
Posted Jan 10, 2006
Authored by Debian | Site debian.org

Debian Security Advisory DSA 929-1 - Steve Kemp from the Debian Security Audit project discovered a buffer overflow in petris, a clone of the Tetris game, which may be exploited to execute arbitrary code with group games privileges.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2005-3540
SHA-256 | 1a16c8d65b310f6769bc3bd5335af4a5e1e61aa948ac75dd6a16de32dd4ba3c2
Ubuntu Security Notice 235-2
Posted Jan 10, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-235-2 - USN-235-1 fixed a vulnerability in sudo's handling of environment variables. Tavis Ormandy noticed that sudo did not filter out the PYTHONINSPECT environment variable, so that users with the limited privilege of calling a python script with sudo could still escalate their privileges.

tags | advisory, python
systems | linux, ubuntu
advisories | CVE-2005-4158
SHA-256 | 9364621ca1386d4eb6039a9c6fc2ed92b24f6445ebcca81ce0c878381741b487
mswGRE.txt
Posted Jan 10, 2006
Authored by cocoruder | Site ruder.cdut.net

Microsoft Windows GRE is susceptible to multiple overrun vulnerabilities when rendering WMF files.

tags | advisory, overflow, vulnerability
systems | windows
SHA-256 | 99e7080b68914b9fcd47bd045150c25a09dec39ddec8ecb67a9f63234b4c6d47
Ubuntu Security Notice 239-1
Posted Jan 10, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-239-1 - Several format string vulnerabilities were discovered in the error logging handling of libapache2-mod-auth-pgsql. By sending specially crafted user names, an unauthenticated remote attacker could exploit this to crash the Apache server or possibly even execute arbitrary code with the privileges of Apache.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2005-3656
SHA-256 | 23b54dba202b1193ff7f41a09eb34ff60b78ed247b392d8f10c370bb15fbcf9d
vbulletin352.txt
Posted Jan 10, 2006
Authored by Liz0ziM, Ejder, The_BeKiR, CyberLord | Site Savsak.com

vBulletin version 3.5.2 is susceptible to cross site scripting attacks.

tags | exploit, xss
SHA-256 | a64a9933a806b595011660fd9c1b7bd3ab7a1df6ed2a9533de689cc75d49cf2a
aimXSS.txt
Posted Jan 10, 2006
Authored by Simo64 | Site morx.org

Various America Online (AOL) Instant Messenger scripts are susceptible to cross site scripting attacks. Full details provided.

tags | exploit, xss
SHA-256 | dedd64e2a408ea9097aad05922bad5eaa3287194a328da1f40e7a1224948cdae
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close