exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 320 RSS Feed

Files Date: 2006-08-27 to 2006-08-28

Ubuntu Security Notice 337-1
Posted Aug 27, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-337-1 - Damian Put discovered a buffer overflow in imagemagick's SGI file format decoder. By tricking an user or automated system into processing a specially crafted SGI image, this could be exploited to execute arbitrary code with the user's privileges.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2006-4144
SHA-256 | b0a994a1d3a25e132895df0d702e1195e96cffaef8cbdc41935e7d54f1d1e857
Ubuntu Security Notice 336-1
Posted Aug 27, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-336-1 - A buffer overflow was discovered in gas (the GNU assembler). By tricking an user or automated system (like a compile farm) into assembling a specially crafted source file with gcc or gas, this could be exploited to execute arbitrary code with the user's privileges.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
SHA-256 | 38d939b17fa0214853a1addeae072d2362df1352902572dc53c468af9a186a85
cubecart_3011_sql.html
Posted Aug 27, 2006
Authored by rgod | Site retrogod.altervista.org

CubeCart versions 3.0.11 and below "x_invoice_num" blind SQL injection / admin credentials disclosure exploit.

tags | exploit, sql injection
SHA-256 | 5e9a928c7148b01b50cad53afece6f67472f69766063fd0ca94325e988350bad
cubecart_3011_sql_mqg_bypass.html
Posted Aug 27, 2006
Authored by rgod | Site retrogod.altervista.org

CubeCart versions 3.0.11 and below "oid" blind SQL injection / admin credentials disclosure exploit.

tags | exploit, sql injection
SHA-256 | b0668df87bb7d60eceafe98ac84e2fe759a486ec5184e33da418856352982331
cubecart_3011_adv.txt
Posted Aug 27, 2006
Authored by rgod | Site retrogod.altervista.org

CubeCart versions 3.0.11 and below suffer from cross site scripting flaws.

tags | exploit, xss
SHA-256 | fd87e86a0f7bedddd0d3276475643923cdef6f516abe98d1222d6d97efeb0050
TelmexAdvisory.pdf
Posted Aug 27, 2006
Authored by Luis Alberto Cortes Zavala | Site securitynation.com

A security issue exists in Telmex, Mexico's largest ISP. Advisory is written in Spanish.

tags | advisory
SHA-256 | a8606b5409713925372cb4cd6c17c3410f853be40afebe9a4b2fa39615b5c2f2
flushiptables.c
Posted Aug 27, 2006
Authored by Kris Katterjohn

41 byte shellcode to flush iptables for Linux/x86.

tags | x86, shellcode
systems | linux
SHA-256 | df755db433463f4873e6b1571f278daa6a3415a152f0a9a9e69bb8aa3b2ae13e
EEYEB-20060703.txt
Posted Aug 27, 2006
Authored by Andre Derek Protas | Site eeye.com

eEye Digital Security has discovered a security vulnerability in IBM's eGatherer ActiveX control. This is the second vulnerability found in this control by eEye Research, the first being from Drew Copley. This control is typically installed by default on IBM workstations and laptops, and is used by default for auto-finding drivers/updates on IBM's/Lenovo's support site.

tags | advisory, activex
SHA-256 | 9c84908e1b617bcd8bdf8c955b46130747f8f7e108a5d3bf442c32fe17b7a573
discloser.txt
Posted Aug 27, 2006
Authored by Outlaw, Dr.t3rr0r1st | Site aria-security.net

discloser version 0.0.4 remote file inclusion exploit.

tags | exploit, remote, file inclusion
SHA-256 | 441c63bfd7d275fdcf07c50ed311f71e153edaace28bc89f405a0cf4fbae23d7
Mandriva Linux Security Advisory 2006.143
Posted Aug 27, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-143 - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2006-2613, CVE-2006-2894, CVE-2006-2775, CVE-2006-2776, CVE-2006-2777, CVE-2006-2778, CVE-2006-2779, CVE-2006-2780, CVE-2006-2782, CVE-2006-2783, CVE-2006-2784, CVE-2006-2785, CVE-2006-2786, CVE-2006-2787, CVE-2006-2788, CVE-2006-3677, CVE-2006-3803, CVE-2006-3804
SHA-256 | 4ea8be5cbf740393a2e029272fa3cb4f90a624cde42c0cf0a7fc0f010f1b3f12
HeaderFlash.txt
Posted Aug 27, 2006
Authored by Amit Klein

Formal write up discussing how arbitrary HTTP requests can be crafted using Flash 7/8 with Internet Explorer.

tags | paper, web, arbitrary
SHA-256 | 255a3d2253e2f6988647d919e94f2316e545debac79aa3bd39fd8c4906113f23
SYM06-015_signed.txt
Posted Aug 27, 2006
Site symantec.com

Symantec Security Advisory - Symantec discovered a security issue in Symantec's Veritas NetBackup 6.0 PureDisk Remote Office Edition. An unauthorized user with access to the network and the server hosting the management interface can potentially bypass the management interface authentication to gain access and elevate their privileges on the system.

tags | advisory, remote
SHA-256 | 8e974c7fc009ae3e7308711422221b19beca99e579c11126f553bda2721afcd1
symantecOddity.txt
Posted Aug 27, 2006
Authored by Chris Faigle

Symantec Anti-Virus Corporate Edition clients controlled via the Symantec System Center Console do not follow the "Download product updates using LiveUpdate" setting.

tags | advisory, virus
SHA-256 | 7f8bf6003e1c7290c318f9ecbc1ba7b2b429be7b939001daa508fe0ee2062c11
msterminal.txt
Posted Aug 27, 2006
Authored by Bill Littlejohn

There is a vulnerability in Microsoft Terminal Server when an application is specified for the user instead of a full Windows Desktop. It is possible to easily cause an error in explorer.exe and to gain access to a full Desktop. This is an issue for anyone publishing applications through TS to domain users who also logon to full desktops either on the TS or on another machine.

tags | advisory
systems | windows
SHA-256 | d64c9d402f1bb8e25e76432b26bcff82f0808bc359afaae44e10c6fe851b3e67
reporterinclude.txt
Posted Aug 27, 2006
Authored by Crackers_Child

The Reporter Mambo component suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | b90399a04651b723f8945dc9811db4f71474e870391e69d0c9a8b5aa8aa4e7db
ophcrack-2.3.1.tar.gz
Posted Aug 27, 2006
Site ophcrack.sourceforge.net

Ophcrack is a cracker aimed at NT-style (LANMAN) password-hashes. It uses a large precomputed hash database to crack the majority of all passwords within a matter of seconds, rather than hours or days as would be the case if you search the entire likely keyspace each time you are looking for a specific password. This type of cracking is based on a technique referred to as "rainbow tables".

Changes: Bug fixes.
tags | cracker
SHA-256 | b8ad977b2c1835f6ce705ef6c2faf13a0dbf98445b72b60c7697fb5077503a3d
hoagie_php_sscanf.txt
Posted Aug 27, 2006
Authored by BigHawk, Andi, Heintz, Greuff | Site void.at

PHP versions 4.4.3 / 5.1.4 and below local buffer overflow exploit. Yields webserver uid.

tags | exploit, overflow, local, php
SHA-256 | 76d2a73f8fb3743433f837c194707701127c12b5166a020c2396aef7f6d354a4
hordeXSS-2.txt
Posted Aug 27, 2006
Authored by Marc Ruef | Site scip.ch

The Horde Framework and Horde IMP systems are susceptible to cross site scripting attacks in search.php. Flaws are verified in Horde versions 3.0.4 through 3.1.2 and IMP versions prior to 4.1.3.

tags | advisory, php, xss
SHA-256 | 26c3ceb148d5508570a99beb7063062a83fe03cece6d91d209c274554ed67c30
hordeXSS.txt
Posted Aug 27, 2006
Authored by Marc Ruef | Site scip.ch

The Horde Framework and Horde IMP systems are susceptible to cross site scripting attacks in index.php. Flaws are verified in Horde versions 3.0.4 through 3.1.2 and IMP versions prior to 4.1.3.

tags | advisory, php, xss
SHA-256 | 7c57bc41e7ce313d1d89a5dbbcc9d4f11333e6aa61b26698f67ec4ec0f4dc009
beanshell.pdf
Posted Aug 27, 2006
Authored by Stephen de Vries | Site corsaire.com

Accessing Java Clients with the BeanShell. This whitepaper goes into detail discussing the assessment of Java applications utilizing the BeanShell.

tags | paper, java
SHA-256 | d88b3a4015272cba9306c073c84c23f81966ed4e83fa15e3f4ca6721bd9b240e
Ubuntu Security Notice 335-1
Posted Aug 27, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-335-1 - Yan Rong Ge discovered that heartbeat did not sufficiently verify some packet input data, which could lead to an out-of-boundary memory access. A remote attacker could exploit this to crash the daemon (Denial of Service).

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2006-3121
SHA-256 | 10b5c007fe31344262afb6cdf2244273a82b0015a9dc9facad3621e9b7c8e64b
comlminclude.txt
Posted Aug 27, 2006
Authored by Crackers_Child

The Mambo com_lm component suffers from a remote file inclusion flaw in archive.php.

tags | exploit, remote, php, file inclusion
SHA-256 | 75f3b3cbc3c4293082b46dbddecf0819b0ee2c354e3e0998ace5cf6a4dbd27b9
XSec-06-05.txt
Posted Aug 27, 2006
Authored by nop | Site xsec.org

VMWare version 5.5.1 suffers from an arbitrary partition table deletion issue with Windows.

tags | exploit, arbitrary
systems | windows
SHA-256 | 7f917510e7dbb12bafe725f2b5e7efca1f35f44bc7b1882ac3c14a764e7a76cc
Ubuntu Security Notice 334-1
Posted Aug 27, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-334-1 - Michael Calmer and Marcus Meissner discovered that several krb5 tools did not check the return values from setuid() system calls. On systems that have configured user process limits, it may be possible for an attacker to cause setuid() to fail via resource starvation. In that situation, the tools will not reduce their privilege levels, and will continue operation as the root user.

tags | advisory, root
systems | linux, ubuntu
advisories | CVE-2006-3083, CVE-2006-3084
SHA-256 | 12f66fc37c6dc081c7884cf969144db2f616dc6f0bb1fe070d82c2b129fcea1e
cpanel10xss.txt
Posted Aug 27, 2006
Authored by PRETH00NKER | Site mexhackteam.org

CPanel 10 is susceptible to multiple cross site scripting flaws.

tags | exploit, xss
SHA-256 | a2146f8cb3e35cb7189d1e023df78bf1089c9012c2a5c1f2211ee45d4720cb50
Page 5 of 13
Back34567Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close