exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 104 RSS Feed

Files Date: 2006-05-22 to 2006-05-23

Debian Linux Security Advisory 1064-1
Posted May 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1064-1 - Jason Duell discovered that cscope, a source code browsing tool, does not verify the length of file names sourced in include statements, which may potentially lead to the execution of arbitrary code through specially crafted source code files.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2004-2541
SHA-256 | a8f89bb398482ee717fa362c1ff589782d14c3ee78fc72897267ebcae14a238c
Debian Linux Security Advisory 1063-1
Posted May 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1063-1 - It was discovered that the Avatar upload feature of FUD Forum, a component of the web based groupware system phpgroupware, does not sufficiently validate uploaded files, which might lead to the execution of injected web script code.

tags | advisory, web
systems | linux, debian
advisories | CVE-2005-2781
SHA-256 | f7dac0190d87de2d92872a8ed14a750a541584f1a2bf3647c72cb9bd5a4dd07e
Debian Linux Security Advisory 1062-1
Posted May 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1062-1 - Sven Dreyer discovered that KPhone, a Voice over IP client for KDE, creates a configuration file world-readable, which could leak sensitive information like SIP passwords.

tags | advisory
systems | linux, debian
advisories | CVE-2006-2442
SHA-256 | e43eb68f8838660ad158fd5e58baf434c116bd1ae06411fbb74caf6694f547af
Debian Linux Security Advisory 1061-1
Posted May 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1061-1 - It has been discovered that popfile, a bayesian mail classifier, can be forced into a crash through malformed character sets within email messages, which allows denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2006-0876
SHA-256 | 794c9be43b21a0e1c3a7e613d8510132482984ce6f881246103a76d22c8b6fa1
Debian Linux Security Advisory 1060-1
Posted May 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1060-1 - Jan Rekorajski discovered that the kernel patch for virtual private servers does not limit context capabilities to the root user within the virtual server, which might lead to privilege escalation for some virtual server specific operations.

tags | advisory, kernel, root
systems | linux, debian
advisories | CVE-2006-2110
SHA-256 | 3aed17cd99ab1e88ef9b9ecf145d04d6aab679c71dbb3ee300592441a9776506
Debian Linux Security Advisory 1059-1
Posted May 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1059-1 - Konstantin Gavrilenko discovered several vulnerabilities in quagga, the BGP/OSPF/RIP routing daemon.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2006-2223, CVE-2006-2224, CVE-2006-2276
SHA-256 | 05a4815402c308b3630832927737df765e27fab26aad5aa38609893c47f07684
secunia-CAM.txt
Posted May 22, 2006
Authored by Tan Chew Keong | Site secunia.com

Secunia Research has discovered a vulnerability in CAM UnZip versions 4.0 and 4.3, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when listing the contents of a ZIP archive. This can be exploited to cause a stack-based buffer overflow when a malicious ZIP archive containing a file with an overly long filename is opened.

tags | advisory, overflow
advisories | CVE-2006-2161
SHA-256 | 15e13f5a99e65b3adbc306a4ea2fa32d802e0121972b3078e9f2fecd56fb97b1
zeppoo-0.0.3.tar.gz
Posted May 22, 2006
Site zeppoo.net

Zeppoo is a tool that attempts to detect if a rootkit is installed on your system. It also makes it possible to detect hidden tasks, modules, syscalls, some corrupted symbols and also hidden connections.

Changes: Rewritten in C.
systems | linux
SHA-256 | 1439e67ba34b17d65f91964b263fe41d50d6bfb583255b37e624438d716f2378
Debian Linux Security Advisory 1058-1
Posted May 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1058-1 - Hendrik Weimer discovered that specially crafted web requests can cause awstats, a powerful and featureful web server log analyzer, to execute arbitrary commands.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2006-2237
SHA-256 | bf251c2b8efacad2aecb9fedc70d83cd7632034bd70224a9c351cddfaf835dcf
CYBSEC-SAPlocal.txt
Posted May 22, 2006
Authored by Leandro Meiners | Site cybsec.com

CYBSEC Security Advisory - The SAP sapdba command for Informix versions prior to 700 and version 700 up to patch number 100 is susceptible to a local privilege escalation flaw.

tags | advisory, local
SHA-256 | d0bb0296b74b8630d49c49d2a5a2b787bb7acd1aa5e70e8c1d5bfd9da9d8fd23
aspbbXSS.txt
Posted May 22, 2006
Authored by Teufel

AspBB version 0.5.2 is susceptible to cross site scripting attacks.

tags | exploit, xss
SHA-256 | 81092cd7b89b337d129aedbb50429aae3ae520a3542cb4e14884f6a58b0553c9
dieselPHP.txt
Posted May 22, 2006
Authored by Matt Gibson

When an unsuspecting user installs Diesel PHP Job Site on their webserver, all information is emailed back to the original programmers of this software. This information is sent from install.php, which includes the database host, database name, username, and password used to connect.

tags | advisory, php
SHA-256 | 5d5b0dd0d3e52882f08f1ee23035cf6d6d17e1037ea7dd9e74b2ca1c2e0a0c95
cosmoshop.txt
Posted May 22, 2006
Authored by l0om | Site excluded.org

Cosmoshop versions 8.11.106 and below suffer from SQL injection and directory traversal flaws.

tags | exploit, sql injection
SHA-256 | 8b27208612e77657b4af85607e71e76051898f89a6acde4b8fb317e982698949
bitrixXSS.txt
Posted May 22, 2006
Authored by Gogi The Georgian

Bitrix CMS version 4.1.x suffers from cross site scripting flaws.

tags | advisory, xss
SHA-256 | 0a9cf4670ec929144c3b5ac12abe825fb3c9fc9d4113ac66499d5bad270cf005
CodeScanLabs_AvatarMod.txt
Posted May 22, 2006
Authored by Paul Craig

The Avatar MOD gives portal administrators the ability to upload avatar images to be used within the forum. CodeScan located a file upload vulnerability in the avatar_upload.asp which can be exploited by a remote user to upload any arbitrary file. Affected is Avatar MOD versions 1.3 for Snitz Forums version 3.4.

tags | advisory, remote, arbitrary, asp, file upload
SHA-256 | 2eb62ab93715f9d4ee641a79883e816bcfc429ad114f94872a12317cca26fde8
libextho.zip
Posted May 22, 2006
Authored by Luigi Auriemma | Site aluigi.org

Proof of concept exploit for heap overflow vulnerabilities in libextractor versions 0.5.13 and below.

tags | exploit, overflow, vulnerability, proof of concept
SHA-256 | 82207e575d47751f0ae1e30db5cf23f98ea05d95b35f094cfcb0cd9d730403e5
libextho.txt
Posted May 22, 2006
Authored by Luigi Auriemma | Site aluigi.org

libextractor versions 0.5.13 and below suffer from multiple heap overflows.

tags | advisory, overflow
SHA-256 | 67e762bfcd88ce4d4a552497a2bbc957de99d2ca971120e729381cad99d4e5f1
mobotixXSS.txt
Posted May 22, 2006
Authored by Jaime Blasco | Site eazel.es

Mobotix IP Network Cameras suffer from multiple cross site scripting flaws. M10 version 2.0.5.2 and M1 version 1.9.4.7 are affected.

tags | exploit, xss
SHA-256 | 4cb8a42bae57c9821b121d9e4fffd82812f0a361d2b80bfac2bf0cc4ff91b998
sunSingle.txt
Posted May 22, 2006
Authored by Doug Hughes

Single CPU Sun systems running Solaris 7, 8, and 9 are all susceptible to a simple denial of service attack using ping.

tags | advisory, denial of service
systems | solaris
SHA-256 | d315910b29d305a1f62fa06a1d5db2fe016935aa6e141bdc1fdb2d57ba66a3a9
spymacXSSflaws.txt
Posted May 22, 2006
Authored by Lostmon | Site lostmon.blogspot.com

Spymac WOS V is susceptible to multiple cross site scripting flaws.

tags | exploit, xss
SHA-256 | 1d37ec6d926fe9255f317bcdeffa9eb829783c5b33b7aeacd0774e7b8a4ce248
firenull.txt
Posted May 22, 2006
Authored by Debasis Mohanty | Site hackingspirits.com

Firefox version 1.5.0.3 with IE Tab version 1.0.9 on Windows XP/2k suffers from a null pointer dereference bug.

tags | advisory
systems | windows
SHA-256 | cc0015c8a3dbf991cbe4abdd828b84520776ba42c305e028b8812cb6094baab5
injectpaper.txt
Posted May 22, 2006
Authored by Monte Toren | Site AlertPool.com

This paper discusses a simple technique for injecting code by manipulating hidden form fields.

tags | paper
SHA-256 | 0b4cb3450ed6fb3cf6fe7f9d2db8b581e808fc233c702aef0904dc6adfa52162
newsportalsploit.txt
Posted May 22, 2006
Authored by Philipp Niedziela

Newsportal versions 0.36 and below are susceptible to a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | 32c4e976a967338de5ae840b79ab388e3060aed45b545db64ded9e4d59ab81cd
HYSA-2006-008.txt
Posted May 22, 2006
Authored by matrix killer | Site h4cky0u.org

myBloggie version 2.1.3 is susceptible to CRLF and SQL injection attacks.

tags | exploit, sql injection
SHA-256 | 450a90581b32d4d771b1b5c3e091773978e9e5146b232cb85a5acaf3d71f4d15
whatsupwiththat.txt
Posted May 22, 2006
Authored by Kenneth F. Belva | Site ftusecurity.com

Ipswitch What's Up Professional 2006 is vulnerable to a spoofing attack whereby the attacker can trick the application into thinking he/she is making a request from the console (which is considered trusted). This attack will allow the attacker to bypass the authentication mechanism of the application and login without credentials.

tags | advisory, spoof
SHA-256 | c45af487c7e701523e3170d31c0f127bc7bab3856ae1e9d76f301b7c98ab5dcd
Page 2 of 5
Back12345Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    11 Files
  • 30
    Jun 30th
    7 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close