exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 87 RSS Feed

Files Date: 2006-01-25 to 2006-01-26

Ubuntu Security Notice 246-1
Posted Jan 25, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-246-1 - Multiple vulnerabilities in imagemagick.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 2c932a143e5c6db4068bb308eb07016d50b4791ae71c7affa3c4b64147c4a086
Ubuntu Security Notice 245-1
Posted Jan 25, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-245-1 - Maksim Orlovich discovered that kjs, the Javascript interpreter engine used by Konqueror and other parts of KDE, did not sufficiently verify the validity of UTF-8 encoded URIs. Specially crafted URIs could trigger a buffer overflow. By tricking an user into visiting a web site with malicious JavaScript code, a remote attacker could exploit this to execute arbitrary code with user privileges.

tags | advisory, remote, web, overflow, arbitrary, javascript
systems | linux, ubuntu
SHA-256 | 137d1369fa980e9e557cf30490ce57d1b20d218f248ea94f0754accf74da61c1
kde-20060119-1.txt
Posted Jan 25, 2006
Authored by KDE | Site kde.org

KDE Security Advisory: kjs encodeuri/decodeuri heap overflow vulnerability - Maksim Orlovich discovered an incorrect bounds check in kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE, that allows a heap based buffer overflow when decoding specially crafted UTF-8 encoded URI sequences.

tags | advisory, overflow, javascript
SHA-256 | de2920898469668b8477e01dd441a86ad76defc9f97dee827f74e04b4fc113f6
sqmailchpasswd.c
Posted Jan 25, 2006
Authored by rod hedor | Site lezr.com

Multiple buffer overflows are present in the handling of command line arguments in chpasswd leading to the execution of arbitrary code.

tags | exploit, overflow, arbitrary
SHA-256 | 0ebfb70ca1e7383337063fc89108d5c1d67d8ded700ce5d04a9207952c6d22bd
Critical-006.txt
Posted Jan 25, 2006
Authored by Critical Security | Site critical.lt

Critical Security - 22:03 2006.01.19 - Tftpd32 2.81 Format String + DoS PoC

tags | exploit
SHA-256 | 49cd1a133d19b760994fc7b65be963ff64ea036b547d9b3018548f5a1df333d9
WebspotBlogging.txt
Posted Jan 25, 2006
Authored by Aliaksandr Hartsuyeu | Site evuln.com

WebspotBlogging v3.0 suffers from SQL injection due to improper input sanitization. POC included.

tags | exploit, sql injection
SHA-256 | 85a9df049d3f72684a1b10ce845c1dee3ebc9faad3840e981056139f84e67ae0
IRM015.txt
Posted Jan 25, 2006
Authored by IRM Advisories | Site irmplc.com

IRM Security Advisory No. 015 - IRM has discovered an information leakage vulnerability in TYPO3 that allows remote users to disclose the file system path of the application when requesting certain files.

tags | advisory, remote
SHA-256 | b385aa7f32f1b3f660c029e843151ccaf36a908f5c9b73246ebe93270c894671
ldu-inject.txt
Posted Jan 25, 2006
Authored by Night_Warrior

Land Down Under website engine is vulnerable to HTML injection via a stylesheet tag.

tags | exploit
SHA-256 | a8cbf703b7746d10df0e7ff480a88000007779de01f74161fce93404a6ebf855
MyBB-sig.txt
Posted Jan 25, 2006
Authored by Night_Warrior

MyBB suffers from HTML code injection in the signature field via an image tag.

tags | exploit
SHA-256 | c410da084c108cd59068f82241a35d6600c0f7a3a16281bfbfccadcdd1c372d9
XMB-XSS.txt
Posted Jan 25, 2006
Authored by Night_Warrior

XMB Forum suffers from HTML code injection in image tags.

tags | exploit, xss
SHA-256 | 7635b757365c91a8a05b5cf0791a698f16e07b42b86fe7d373ccce24e7b0b875
Technical Cyber Security Alert 2006-18A
Posted Jan 25, 2006
Authored by CERT, US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA06-018A - Various Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.

tags | advisory, remote, arbitrary, vulnerability, info disclosure
SHA-256 | c32012a8e44781f8409f9639566c1b108afe0366c6ed838709ba52283cf0c8ca
FSA-2006-07.txt
Posted Jan 25, 2006
Authored by Fortinet Research

Fortinet Security Advisory: FSA-2006-07 - Fortinet Security Research Team (FSRT) has discovered a URI buffer overflow Vulnerability in the BitComet P2P Client software. It indicates a possible exploit of buffer overflow vulnerability in BitComet. BitComet is one of the most popular P2P Client for file sharing, which uses bittorrent protocol. There is a bug in BitComet, a remote attacker could construct a special .torrent file and put it on any bt publish web site. When a user downloads the .torrent file and clicks on publishers name, BitComet will crash. An attacker can run arbitrary Command on victims host by specially crafted .torrent file.

tags | advisory, remote, web, overflow, arbitrary, protocol
SHA-256 | 219c9ec0eded6976a100d7e6ae91e416fcf26afd6ecfcd75a5dc11de98fb928e
SaralBlog-sql.txt
Posted Jan 25, 2006
Authored by Aliaksandr Hartsuyeu | Site evuln.com

SaralBlog 1.0 suffers from XSS and SQL injection due to lack of sanitized user input.

tags | exploit, sql injection
SHA-256 | 94535b50dc337b20cea374c540f4ec94c74b3cbd39b4ecb887439f27c6d6f48b
eggblog-sql.txt
Posted Jan 25, 2006
Authored by Aliaksandr Hartsuyeu | Site evuln.com

eggblog v2.0 is vulnerable to XSS and SQL injection.

tags | exploit, sql injection
SHA-256 | 3aa462996ca11ec741e56a7fdd22879b445af11586c5ab9569118179c6c17f00
Cisco Security Advisory 20060118-ccmpe
Posted Jan 25, 2006
Authored by Cisco Systems, Cisco | Site cisco.com

Cisco CallManager (CCM) is the software-based call-processing component of the Cisco IP telephony solution which extends enterprise telephony features and functions to packet telephony network devices such as IP phones, media processing devices, voice-over-IP (VoIP) gateways, and multimedia applications. Cisco CallManager versions with Multi Level Administration (MLA) enabled may be vulnerable to privilege escalation, which may result in read-only users gaining administrative access.

tags | advisory
systems | cisco
SHA-256 | e665fa1c49678a873fbea395221a9b83f27ece918f989d91591c2e9f5d0dc978
Cisco Security Advisory 20060118-ccmdos
Posted Jan 25, 2006
Authored by Cisco Systems, Cisco | Site cisco.com

Cisco CallManager (CCM) is the software-based call-processing component of the Cisco IP telephony solution which extends enterprise telephony features and functions to packet telephony network devices such as IP phones, media processing devices, voice-over-IP (VoIP) gateways, and multimedia applications. All Cisco CallManager versions are vulnerable to these Denial of Service (DoS) attacks, which may result in services being interrupted or servers rebooting.

tags | advisory, denial of service
systems | cisco
SHA-256 | 526b6fe76e55d3f5c29d34c72b425c4259e171e9c336c5a68e64b5de33d68420
Cisco Security Advisory 20060118-sgbp
Posted Jan 25, 2006
Authored by Cisco Systems, Cisco | Site cisco.com

The Cisco IOS Stack Group Bidding Protocol (SGBP) feature in certain versions of Cisco IOS software is vulnerable to a remotely-exploitable denial of service condition. Devices that do not support or have not enabled the SGBP protocol are not affected by this vulnerability.

tags | advisory, denial of service, protocol
systems | cisco
SHA-256 | 893bdafb33b0995fdf5d4d369fdc534ec823c50ba74e4af414716e55597bbcb8
CAID33756.txt
Posted Jan 25, 2006
Authored by Ken Williams | Site www3.ca.com

The following security vulnerability issues have been identified in the DM Primer part of the DM Deployment Common Component being distributed with some CA products.

tags | advisory
SHA-256 | 3bb77b73a739e829a3825d2e8abbaa2acbef94cd5a8a75f892c2a5e96d8e7d82
icq-xss.txt
Posted Jan 25, 2006
Authored by _6mO_HaCk | Site morx.org

An ICQ.com search script (search_result.php) is vulnerable to cross-site scripting attacks. An attacker can exploit the vulnerable script to have arbitrary script code executed in the browser of an authenticated ICQ user in the context of the ICQ webpage. resulting in the theft of cookie-based authentication giving the attacker temporary access to the victim's account, as well as other type of attacks.

tags | exploit, arbitrary, php, xss
SHA-256 | a5257e8e1d2af84aed2b72552a5755e7eeb34b71c8d79f623e480c71900ec7bf
ar-blogv5.2.txt
Posted Jan 25, 2006
Authored by SAUDI | Site lezr.com

ar-blog v 5.2 suffers from several XSS vulnerabilities.

tags | exploit, vulnerability
SHA-256 | e52814ba6ace4fd1b6449020b50302b0d952dd9587fa59c21d3137813b00171f
Blogger_HTTP_response_splitting.txt
Posted Jan 25, 2006
Authored by Meder Kydyraliev | Site o0o.nu

Blogger's personal page redirection mechanism contains a classic HTTP response splitting vulnerability in the "Location" HTTP header. The problem occurs due to use of unsanitized user-supplied data in the "Location" HTTP header, which enables attacker to inject CRLF(%0d%0a) characters thus splitting server's response taking full control over the contents of second HTTP response. Exploitation of the vulnerability can lead to cross-site scripting (XSS), cache poisoning and phishing attacks.

tags | advisory, web, xss
SHA-256 | b1bba7cc5beca200d483fb1ac898c490176fc394f70bf51480e8ff51ed266fc0
FreeBSD-SA-06-05.txt
Posted Jan 25, 2006
Site freebsd.org

FreeBSD-SA-06:05.80211 - An integer overflow in the handling of corrupt IEEE 802.11 beacon or probe response frames when scanning for existing wireless networks can result in the frame overflowing a buffer.

tags | overflow
systems | freebsd
SHA-256 | c7e92da25652f196a0c236de3b89e2bc5b35fabba4031b08e7c6f82cba7d1af8
oracle_sql_injection_kupvft.txt
Posted Jan 25, 2006
Authored by Alexander Kornbrust | Site red-database-security.com

The package SYS.KUPV$FT contains 3 SQL injection vulnerabilities in the functions ATTACH_JOB, OPEN_JOB, HAS_PRIVS. Oracle fixed these vulnerabilities with the package dbms_assert.

tags | advisory, vulnerability, sql injection
SHA-256 | cacfccadb67c767daee94524725fa95624e17dcb4d30045bcd1abbb1c25e6f85
phpxplorer.txt
Posted Jan 25, 2006
Authored by liz0 | Site biyosecurity.be

phpxplorer allows anyone to view any file on the system via a specially crafted URL.

tags | exploit
SHA-256 | 0e2a165833039e14f64fe587b7e6c02b6d694d30df05d0bd7a27d0241ce52f8f
iDEFENSE Security Advisory 2006-01-17.2
Posted Jan 25, 2006
Authored by iDefense Labs, iDefense | Site idefense.com

iDefense Security Advisory 01.17.06 - Remote exploitation of a denial of service vulnerability in EMC Corp.'s Legato Networker allows attackers to crash the nsrd service.

tags | advisory, remote, denial of service
SHA-256 | 3dd9e50232b3ed57286616217dd334d37e267dd9f103b98f1d2c925be61ba489
Page 2 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close