what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 115 RSS Feed

Files Date: 2006-10-20 to 2006-10-21

XNetMine.txt
Posted Oct 20, 2006
Authored by federico | Site defsol.plugs.it

XNetMine suffers from multiple buffer overflow exploits. PoC included that crashes XNetMine.

tags | exploit, overflow
SHA-256 | a2fc3791deffb5ecd911059e7f5a82944a96906478013639e2b12aabd27d7c48
Exploit Labs Security Advisory 2006.5
Posted Oct 20, 2006
Authored by Donnie Werner, Exploit Labs | Site exploitlabs.com

EXPL-A-2006-005 exploitlabs.com Retro Advisory 002 - SHTTPD: SHTTPD is vulnerable to an overly long GET request.

tags | advisory
SHA-256 | 9ecaa0cca2d02c7da5a4e9a9cc79e5eee2bc762ddd43342d7059ab4877555440
MU Security Advisory 2006-10.01
Posted Oct 20, 2006
Authored by MU Dynamics | Site labs.musecurity.com

Mu Security MU-200610-01: Denial of Service in XORP OSPFv2: OSPF carries link state information using Link State Advertisements. Each LSA contains a length field as well as a checksum. XORP performs a checksum verification when processing an LSA. During the checksum verification, the length field is used to calculate the payload. An invalid length field causes an out of bounds read, causing the OSPF daemon to crash.

tags | advisory, denial of service
SHA-256 | ba8f5f4a3cbb2887f475beee8d4367ae57c087c94175bdd0caae9389252befbd
ECHO_ADV_56_2006.txt
Posted Oct 20, 2006
Authored by Matdhule | Site advisories.echo.or.id

[ECHO_ADV_46$2006] P-Book 1.17 and prior (pb_lang) Remote File Inclusion: Input passed to the "pb_lang" parameter in admin.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local or external resources.

tags | advisory, remote, arbitrary, local, php, file inclusion
SHA-256 | 81bf25ee0d5dd0d6f1459a06b803e61f88bbb1fde82e375f7e6e5cc43daf6a4f
zorum_3_5.txt
Posted Oct 20, 2006
Authored by Mohandko

zorum 3.5 suffers from a remote file inclusion vulnerability in dbproperty.php.

tags | exploit, remote, php, file inclusion
SHA-256 | d16eae0869a87e7715681594d43c4471856d7e45050f4953e2b6fcb31d2c7f8a
Simplog0.9.3.1.txt
Posted Oct 20, 2006
Authored by disfigure | Site w4ck1ng.com

Simplog 0.9.3.1 suffers from SQL injection which can used to obtain the admin password hash.

tags | exploit, sql injection
SHA-256 | 9e38649c360eb89e8498ad3cbead6a6e56a419e110a63b1dac341a4df2793676
ComdevOneAdmin4.1.txt
Posted Oct 20, 2006
Authored by disfigure | Site w4ck1ng.com

Comdev One Admin 4.1 suffers from a remote file inclusion vulnerability in adminfoot.php

tags | exploit, remote, php, file inclusion
SHA-256 | a74c4799cc2bfc85910e4030a8ed33976c64655abe817b900745dd98f4458457
BoonexDolphin5.2.txt
Posted Oct 20, 2006
Authored by disfigure | Site w4ck1ng.com

Boonex Dolphin 5.2 suffers from a remote file inclusion vulnerability in index.php.

tags | exploit, remote, php, file inclusion
SHA-256 | 10382511a7952419b4cb9ccede485143d9d50eb2074fd4f7b46c90aac2dd801f
iDEFENSE Security Advisory 2006-10-17.t
Posted Oct 20, 2006
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 10.17.06: Opera Software Opera Web Browser URL Parsing Heap Overflow Vulnerability

tags | advisory, web, overflow
SHA-256 | b9d3f94af41cb9252ed268de4f9dd17a6ea514ee646dbbae2faada144e47bce3
Rapid7 Security Advisory 26
Posted Oct 20, 2006
Authored by Rapid7 | Site rapid7.com

Rapid7 Advisory R7-0026 - HTTP Header Injection Vulnerabilities in the Flash Player Plugin. Two HTTP Header Injection vulnerabilities have been discovered by Rapid7 in the Flash Player plugin. They allow attackers to perform arbitrary HTTP requests while controlling most of the HTTP headers. This can make it easier to perform CSRF attacks [2] in some cases. When the HTTP server implements Keep-Alive connections and when Firefox is used, these Flash vulnerabilities can even be used to perform totally arbitrary HTTP requests where every part is controlled by the attacker: HTTP method, URI, HTTP version, headers, and data. Such attacks make use of the HTTP Request Splitting method.

tags | advisory, web, arbitrary, vulnerability
SHA-256 | 690dff2f6bcdb4dff4133298702b4e384a67233ec74acc51f7657d2bad3974e6
DEVWeb-1.5.txt
Posted Oct 20, 2006
Authored by CorryL | Site x0n3-h4ck.org

DEV Web Manager System versions less than or equal to 1.5 cross site scripting exploit.

tags | exploit, web, xss
SHA-256 | 230787c742f05b737de56c0b48b334ec4de1a9b89c708eb321c94cbcb104308d
phpAdsNew-2.0.8.txt
Posted Oct 20, 2006
Authored by wacky | Site iHACK.pl

phpAdsNew 2.0.8 suffers from a file inclusion vulnerability in upgrade.php.

tags | exploit, php, file inclusion
SHA-256 | cc3e7ba2196d6ecb79761797b3f61122aa0ede0ffb8c9bd9cddc11e1df105d7f
ProCheckUp Security Advisory 2006.3b
Posted Oct 20, 2006
Authored by ProCheckUp

PR06-03b: The F5 FirePass 1000 SSL VPN application version 5.5, and possibly earlier versions, is vulnerable to Cross-Site Scripting within the sid" field of the "my.acctab.php3" program.

tags | advisory, xss
SHA-256 | 8af3176beaef6620df514621a247eb102c5acfdfb702d93c717dc7e4f2622b12
Netragard Security Advisory 2006-08-10
Posted Oct 20, 2006
Authored by Netragard | Site netragard.com

Netragard, L.L.C Advisory: dtmail suffers from a buffer overflow vulnerability which could result in the execution of arbitrary code. More specifically this vulnerability is triggered when using -a flag:

tags | advisory, overflow, arbitrary
SHA-256 | f6f661eece2e97c0022011ba50f31579053126df8dbf50a9b0712d7a70ad6fcc
php5-unserialize.txt
Posted Oct 20, 2006
Authored by slythers

PHP 5 ecalloc memory manager unserialize() array integer overflow proof of concept exploit.

tags | exploit, overflow, php, proof of concept
SHA-256 | d4d2a7ebf01f65bf0871fe99b935491efb8bb3a3e3e029d5317331679ec0f317
HP Security Bulletin 2006-12.35
Posted Oct 20, 2006
Authored by Hewlett Packard | Site hp.com

HPSBUX02155 SSRT061235 rev.2 HP-UX CIFS Server (Samba) Local Unauthorized Access, Elevated Privileges: A potential security vulnerability has been identified with HP-UX running CIFS Server (Samba). This vulnerability may allow permit unauthorized access or local authenticated user to gain elevated privileges.

tags | advisory, local
systems | hpux
SHA-256 | c5eba0d9c94d6d25e3cfba8df77f43144f22d190aa24095c066a5bd4ff8fed10
ffoxdie.txt
Posted Oct 20, 2006
Authored by Mike | Site lcamtuf.coredump.cx

PoC exploit that crashes Firefox 2.0 RC3.

tags | exploit
SHA-256 | 878f9bc75b0b058d46eff79e443de4b33438666152aee9d3cc5eb2ccd887164d
ECHO_ADV_55-2006.txt
Posted Oct 20, 2006
Site advisories.echo.or.id

[ECHO_ADV_55$2006] - Phpmybibli 2.1 and prior Multiple Remote File Inclusion Vulnerabilities.

tags | advisory, remote, vulnerability, file inclusion
SHA-256 | ad49962b23256489c40e69c32443fd119f79262a61a087cc9243b43fac12eb04
OpenPKG Security Advisory 2006.23
Posted Oct 20, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory - OpenPKG-SA-2006.023 - According to a security advisory [1] from Maksymilian Arciemowicz, a vulnerability exists in the programming language PHP [0] which allows local users to bypass certain Apache HTTP server "httpd.conf" options, such as "safe_mode" and "open_basedir", via the "ini_restore" function, which resets the values to their "php.ini" (master value) defaults.

tags | advisory, web, local, php
SHA-256 | 63dacd301fa77188374b3787ca2c1ffc12b9ca1fb9f8164cf1f86168c6eba2c6
TorrentFlux-user_id.txt
Posted Oct 20, 2006
Authored by 3cab7cc7 | Site stevenroddis.com.au

Data passed to the users array is not properly sanitized before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in an administrators browser session in context of an affected site when the Activity Log is viewed.

tags | advisory, arbitrary
SHA-256 | cc67de8d3167145440b4ed145030b423dd22807da9517ae0f71cfb1c16061d66
TorrentFlux-file.txt
Posted Oct 20, 2006
Authored by 3cab7cc7 | Site stevenroddis.com.au

Input passed to the file variable is not properly sanitized before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in an administrators browser session in context of an affected site when the Activity Log is viewed. An example is attempting to login with an incorrect username or password. Where the username field of /login.php contains the arbitrary code.

tags | advisory, arbitrary, php
SHA-256 | 9aa26d8519a316bcf4e01169b7db8644df7dfeb5b855c28b4f3f0a3526069f81
TorrentFlux-action.txt
Posted Oct 20, 2006
Authored by 3cab7cc7 | Site stevenroddis.com.au

Input passed to the action variable is not properly sanitized before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in an administrators browser session in context of an affected site when the Activity Log is viewed.

tags | advisory, arbitrary
SHA-256 | a6102b2fa441bfbc1fcb269869a3b548e081841bdfd6312411c60a6b99c6e401
DMA-2006-1016a - WebObjects and OpenBase SQL Local Root
Posted Oct 20, 2006
Authored by Kevin Finisterre | Site digitalmunition.com

DMA-2006-1016a - Apple Xcode WebObjects / OpenBase SQL multiple vulnerabilities including local root and file creation.

tags | advisory, local, root, vulnerability
systems | apple
SHA-256 | 2e9a7704a15945cda4c84fce6506a7120005ece92cc5c8fe21b842517833457d
phplistv2.10.2xss.txt
Posted Oct 20, 2006
Authored by b0rizQ

phplist v 2.10.2 suffers from cross site scripting.

tags | exploit, xss
SHA-256 | 5c510f80d6e0dcc343a4974d97c18a7a3a6dc466b1aff04b67f63836e00c332e
osprey1.0.txt
Posted Oct 20, 2006
Authored by KaBaRa.HaCk.eGy

osprey 1.0 suffers from a remote file inclusion vulnerability in ListRecords.php.

tags | exploit, remote, php, file inclusion
SHA-256 | 124a4e21c6f7bb1049b3c29f5be5410ce28143fd856071a7e080776fe8b5a715
Page 1 of 5
Back12345Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close