what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 113 RSS Feed

Files Date: 2006-09-07 to 2006-09-08

vbzoom.txt
Posted Sep 7, 2006
Authored by Crack_MaN

VBZoom is susceptible to a cross site scripting flaw.

tags | exploit, xss
SHA-256 | 4644051554c7f2e0e1f93618cd0c1e360211a9c7448206e75ca2bdb604c02443
Debian Linux Security Advisory 1165-1
Posted Sep 7, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1165-1 - Lionel Elie Mamane discovered a security vulnerability in capi4hylafax, tools for faxing over a CAPI 2.0 device, that allows remote attackers to execute arbitrary commands on the fax receiving system.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2006-3126
SHA-256 | a4a6e4654ba007d9ee28b9a0a68cc6f7fc0991964feefb2592b681766f05c4eb
TibcoPasswordExtractor.c
Posted Sep 7, 2006
Authored by Andres Tarasco | Site 514.es

TIBCO RendezVous versions 7.4.11 and below local password extractor exploit.

tags | exploit, local
SHA-256 | 37a8f2470720c05fb268d55580ae48abacf5b06355d3ed795e8b36f4da1109d8
tibco_POC.c
Posted Sep 7, 2006
Authored by Andres Tarasco | Site 514.es

TIBCO RendezVous versions 7.4.11 and below remote buffer overflow proof of concept exploit for Win32.

tags | exploit, remote, overflow, proof of concept
systems | windows
SHA-256 | a2acc82193bc944036d11007da642449232210befd672ef7859b1dc487c9713f
p0f-2.0.8.tgz
Posted Sep 7, 2006
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.

tags | tool, remote, local, scanner
systems | linux, netbsd, unix, solaris, freebsd, openbsd
SHA-256 | 6c4d8745f04e59f2ba68d56fd1554551592f08a0497c9fc21b84498f47d1aee0
afick-2.9-0.tgz
Posted Sep 7, 2006
Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Some bug fixes and additions.
tags | tool, integrity
systems | windows, unix
SHA-256 | ab50e8a50f97954eed952f5c93f851f9a88391e760a3e05cc987a1cfe56c3de0
tork-0.07.1.tar.bz2
Posted Sep 7, 2006
Authored by robhogan | Site tork.sf.net

TorK is a Tor Controller for KDE. It allows you to configure, run, and update Tor. It also allows you to view the Tor network and choose how you would like to interact with the it.

tags | tool, peer2peer
SHA-256 | 7fa54887de7beb12d32a209a45f9049e59eee198683a398afee9008c9041b23c
arpalert-1.0.3.tar.gz
Posted Sep 7, 2006
Authored by Thierry Fournier | Site perso.numericable.fr

arpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.

Changes: An addition and some bug fixes.
tags | local
systems | unix
SHA-256 | dc1bd2bb150360cffe93a08bd9a1575697c3f95845e39fa90b2016aa1a1d620f
blackICEpc.txt
Posted Sep 7, 2006
Authored by David Matousek | Site matousec.com

BlackICE PC Protection suffers from a denial of service condition when failing to validate the third argument of NtOpenSection.

tags | advisory, denial of service
SHA-256 | ad322b0aa27a0e340d007804e6b45dbbe64dff3993b8fba713250eda73ce27a1
Mandriva Linux Security Advisory 2006.160
Posted Sep 7, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-160 - X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.

tags | advisory, local
systems | linux, mandriva
advisories | CVE-2006-4447
SHA-256 | de3beccb7fea8f0f8b08112644987888ac712b70536c525e8d8e4ab520f5677a
Mandriva Linux Security Advisory 2006.159
Posted Sep 7, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-159 - Previous sudo updates were made available to sanitize certain environment variables from affecting a sudo call, such as PYTHONINSPECT, PERL5OPT, etc. While those updates were effective in addressing those specific environment variables, other variables that were not blacklisted were being made available.

tags | advisory
systems | linux, mandriva
advisories | CVE-2005-4158, CVE-2006-0151
SHA-256 | f86071435472415301e61cdb8b22e129f5252ec85ef47195a520ed43c6fc516a
Mandriva Linux Security Advisory 2006.158
Posted Sep 7, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-158 - MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects. There is also a bug in the MySQL-Max (and MySQL) init script where the script was not waiting for the mysqld daemon to fully stop. This impacted the restart behavior during updates, as well as scripted setups that temporarily stopped the server to backup the database files.

tags | advisory, denial of service, local
systems | linux, mandriva
advisories | CVE-2006-4389
SHA-256 | 1537456b8766f6b3db02097bf35862004ac7ec4a591efc1491307e32c944095d
rmrootdir.c
Posted Sep 7, 2006
Authored by Kris Katterjohn

48 byte shellcode for Linux/x86 that performs execve("rm -rf /").

tags | x86, shellcode
systems | linux
SHA-256 | 24327527c420ed9ed8d4ba6439251e16b92700e61417c06758f7a081b3a51154
doorman.zip
Posted Sep 7, 2006
Authored by Kanatoko | Site jumperz.net

Doorman@JUMPERZ.NET is a GUI based local HTTP/HTTPS proxy server tool for manual web application testing.

tags | web, local
SHA-256 | 81565b9819dc2aea8d1d93c6b08eff7629484819a4679cc360b80222fc423a65
membrepass15.txt
Posted Sep 7, 2006
Authored by DarkFig | Site acid-root.new.fr

Membrepass version 1.5 is susceptible to cross site scripting, SQL injection, and php code execution flaws.

tags | exploit, php, code execution, xss, sql injection
SHA-256 | 8fdfe505d8b8b35aa2c94bd5f71967c9dbcd5b605ad3c40efeae9e113f198f2f
Debian Linux Security Advisory 1164-1
Posted Sep 7, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1164-1 - A programming error has been discovered in sendmail, an alternative mail transport agent for Debian, that could allow a remote attacker to crash the sendmail process by sending a specially crafted email message.

tags | advisory, remote
systems | linux, debian
advisories | CVE-2006-4434
SHA-256 | b96b17b0d3c4a77b358668969e48fc94d6ed53273c3e36641c0848102b5a2176
lyris895.txt
Posted Sep 7, 2006
Authored by Design Properly

The Lyris ListManager version 8.95 suffers from an arbitrary administrative user addition flaw.

tags | advisory, arbitrary
SHA-256 | 7517d9769056d7392858c94978a82c7712a1c67f09d2f2ad24b399ceff2a2216
Mandriva Linux Security Advisory 2006.157
Posted Sep 7, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-157 - Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location header by the HTTP server, which triggers an overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long URL in RDF data, as demonstrated by a URL in an rdf:resource field in an RDF XML document, which triggers overflows in many functions in lib/rdfparse.c.

tags | advisory, remote, web, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2006-4197
SHA-256 | 55505444ee2fc39789478d1ac838af1e9a4db348552f6f4ea5ae9d37ad72f4d2
Mandriva Linux Security Advisory 2006.156
Posted Sep 7, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-156 - Moritz Jodeit discovered a vulnerability in sendmail when processing very long header lines that could be exploited to cause a Denial of Service by crashing sendmail.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2006-4434
SHA-256 | 2a49d02056993b5be097580ca711fc25b0ca3724f34c31a024635fd3c745ac5e
learncenter.txt
Posted Sep 7, 2006
Authored by Crack_MaN

learncenter.asp suffers from a cross site scripting flaw.

tags | exploit, xss, asp
SHA-256 | 7627161aa3126a176158153c75d9bbb44c150ba66511e0300ce0f7dc58feb03d
feedsplitter.txt
Posted Sep 7, 2006
Authored by Jonathan Rockway

The Feedsplitter script suffers from multiple vulnerabilities including a file inclusion flaw that may allow for code execution.

tags | advisory, vulnerability, code execution, file inclusion
SHA-256 | da9025d8ce899c92d59c418f2a2c06008df9ae7c8cbbeda4f1ba857646837a72
pheapCMS.txt
Posted Sep 7, 2006
Authored by SHiKaA

Pheap CMS suffers from a remote file inclusion flaw.

tags | exploit, remote, file inclusion
SHA-256 | f37ff61888611a6c1a751882db00698b540d051fbbf325a1e74031495d000e80
ezcontents203.txt
Posted Sep 7, 2006
Authored by DarkFig

ezContents version 2.0.3 suffers from remote file inclusion, SQL injection, and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, file inclusion
SHA-256 | 0936f37a1e4dc1a0eddce525419ecd1120d1e93af5308db693169024e031fed7
oscommerce22-php.txt
Posted Sep 7, 2006
Authored by Perseus

Proof of concept exploit written in PHP for osCommerce versions 2.2 Milestone 2 and below with suffer from a SQL injection vulnerability.

tags | exploit, php, sql injection, proof of concept
SHA-256 | 4997afa0f376adee76a61ee7f73488639e215d005d0de7a70f849a296548887d
Debian Linux Security Advisory 1163-1
Posted Sep 7, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1163-1 - Michael Gehring discovered several potential out-of-bounds index accesses in gtetrinet, a multiplayer Tetris-like game, which may allow a remove server to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2006-3125
SHA-256 | 3d7a1d0a428ca44b3adfad3cc9899fa7e8eef0b8bd4dd9962f47da803904ab75
Page 4 of 5
Back12345Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close