exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 115 RSS Feed

Files Date: 2006-10-20 to 2006-10-21

SecSE2007-cfp.txt
Posted Oct 20, 2006
Site ares-conference.eu

First International Workshop on Secure Software Engineering (SecSE 2007) Call for Papers.

tags | paper, conference
SHA-256 | 2bfa57ce7bd343c88882495b9896f757eef178639c647f79b910c58b9cb2782e
Mandriva Linux Security Advisory 2006.185
Posted Oct 20, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-185: PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.

tags | advisory, web, local, php
systems | linux, mandriva
SHA-256 | 27310dbb424a82328878a8a04d0938cfacb946c37aaf529227e2013a5b42fa9a
Mandriva Linux Security Advisory 2006.184
Posted Oct 20, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-184: An integer overflow in previous versions of ClamAV could allow a remote attacker to cause a Denial of Service (scanning service crash) and execute arbitrary code via a Portable Executable (PE) file

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
SHA-256 | d1647c09217ee19ffd00ef4cd78679c49763cacc27ad8fcb63b1f0f2ef15e4ec
Mandriva Linux Security Advisory 2006.183
Posted Oct 20, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-183: The libksba library, as used by gpgsm in the gnupg2 package, allows attackers to cause a denial of service (application crash) via a malformed X.509 certificate in a signature.

tags | advisory, denial of service
systems | linux, mandriva
SHA-256 | 89388737d478054255c768917f7d3f889c8453673c1d4d5154fb5faaa60df9bd
Gentoo Linux Security Advisory 200610-7
Posted Oct 20, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-07 - Benjamin C. Wiley Sittler discovered a buffer overflow in Python's repr() function when handling UTF-32/UCS-4 encoded strings. Versions less than 2.4.3-r4 are affected.

tags | advisory, overflow, python
systems | linux, gentoo
SHA-256 | ac596868dad58edea552bff5a99dbd8cc23e71d559c966d538f47f81f90c04d1
Gentoo Linux Security Advisory 200610-7
Posted Oct 20, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-07 - Benjamin C. Wiley Sittler discovered a buffer overflow in Python's repr() function when handling UTF-32/UCS-4 encoded strings. Versions less than 2.4.3-r4 are affected.

tags | advisory, overflow, python
systems | linux, gentoo
SHA-256 | ac596868dad58edea552bff5a99dbd8cc23e71d559c966d538f47f81f90c04d1
Gentoo Linux Security Advisory 200610-6
Posted Oct 20, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-06 - Daniel Bleichenbacher discovered that it might be possible to forge signatures signed by RSA keys with the exponent of 3. This affects a number of RSA signature implementations, including Mozilla's NSS. Versions less than 3.11.3 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 8467e2d69de2dead809edaba47cd62e88698449b55d5a1bdbbadc2bf00278957
Gentoo Linux Security Advisory 200610-6
Posted Oct 20, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-06 - Daniel Bleichenbacher discovered that it might be possible to forge signatures signed by RSA keys with the exponent of 3. This affects a number of RSA signature implementations, including Mozilla's NSS. Versions less than 3.11.3 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 8467e2d69de2dead809edaba47cd62e88698449b55d5a1bdbbadc2bf00278957
Gentoo Linux Security Advisory 200610-5
Posted Oct 20, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-05 - Lionel Elie Mamane discovered an error in c2faxrecv, which doesn't properly sanitize TSI strings when handling incoming calls. Versions less than 01.03.00.99.300.3-r1 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | addce86269198abd40c0ab1d4f2e7687b612f3572ade85a8cd8d25fd7c0d2933
Gentoo Linux Security Advisory 200610-5
Posted Oct 20, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-05 - Lionel Elie Mamane discovered an error in c2faxrecv, which doesn't properly sanitize TSI strings when handling incoming calls. Versions less than 01.03.00.99.300.3-r1 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | addce86269198abd40c0ab1d4f2e7687b612f3572ade85a8cd8d25fd7c0d2933
iDEFENSE Security Advisory 2006-10-15.1
Posted Oct 20, 2006
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 10.15.06 - Remote exploitation of a buffer overflow in Clam AntiVirus allows attackers to potentially execute arbitrary code or cause a denial of service condition.

tags | advisory, remote, denial of service, overflow, arbitrary
SHA-256 | 0cf3ff834570bb0870efc83461018345771b50eac3ec31f7cb90635bc6c9de5e
iDEFENSE Security Advisory 2006-10-15.2
Posted Oct 20, 2006
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 10.15.06: Remote exploitation of a input validation vulnerability in Clam AntiVirus's ClamAV could allow attackers to crash the virus scanning service.

tags | advisory, remote, virus
SHA-256 | 4f5f9d658ff57dd1bf2eb543d1338bcc1d436e8341c777195ac3b359bdd7297a
GOOP-image.txt
Posted Oct 20, 2006
Authored by Lostmon | Site lostmon.blogspot.com

GOOP Gallery versions prior to 2.0.3 suffer from a flaw that can allow cross site scripting attacks

tags | exploit, xss
SHA-256 | a6dd6f0e60b3902048981724a29d35cd4d55349f9d854d574f891ce8e8d1386c
WoltLab-bb-1.1.2.txt
Posted Oct 20, 2006
Authored by ShAnKaR sec | Site antichat.ru

woltlab.de burning book 1.1.2 and prior SQL and PHP injection proof of concept exploit.

tags | exploit, php, proof of concept
SHA-256 | 94745355d052b840f8260f53b1ec1a317a497ad5c00a2ad1d90a4cbdea28267d
AsbruHardCore.txt
Posted Oct 20, 2006
Authored by n.runs GmbH | Site nruns.com

Asbru HardCore Web Content Editor is vulnerable to a command injection attack vulnerability.

tags | advisory, web
SHA-256 | 8faebc3ebb744f5e464d9397f86a2bc2f60595c5d0d533faeb33ab4b5e4f44e7
XSRF_Paper.pdf
Posted Oct 20, 2006
Authored by Jesse Burns | Site isecpartners.com

Paper describing the various methods and techniques of cross site reference forgery.

tags | paper, web
SHA-256 | 0d74b20fe311533c844750df4a40b17be780bbfc0f1cf786aac71f4e1b316276
netflix-10-16-2006.txt
Posted Oct 20, 2006
Authored by Dave Ferguson

The Netflix.com site was vulnerable to cross site request forgery, also known as hostile linking.

tags | advisory, csrf
SHA-256 | 267eaaecfd060a68144a850cfc13065d946f90ad806b99d6c23163ab04dc84f4
AttackAPI.zip
Posted Oct 20, 2006
Authored by petko d. petkov | Site gnucitizen.org

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies.

tags | web, javascript
SHA-256 | 9eff982804aed2813db91db112a8fb122c40b8ebedb5503b2fe3ab2647c5cf14
vb-sploitbox.txt
Posted Oct 20, 2006
Authored by PLDsoft | Site pldsoft.com

vbulletin 3.5.4 Exploit-Toolbox v.0.1.1 - Three POC vbulletin exploits in one. Includes Install_path exploit, Xss vbulletin 3.5.x, and vBulletin 3.5.4 Flood Exploit.

tags | exploit
SHA-256 | 4d3db6a4ee8b1f426686972d21c993c7756fb8a02d419960e16ab481aaef35b5
ISSBlackICE-files.txt
Posted Oct 20, 2006
Authored by Matousec - Transparent Security Research | Site matousec.com

BlackICE PC Protection protects its files against manipulation by malicious software. Its critical files like its database of trusted applications or firewall configuration are protected. The list of protected files is stored in filelock.txt in the BlackICE installation directory. If this file is deleted files mentioned in filelock.txt are not protected any more and can be changed by malicious applications. The implemented protection allows malicious applications to delete this file using native API function ZwDeleteFile. This can result in a bypass of all BlackICE protection mechanisms because its internal components can be replaced with fake copies. The situation is even easier for the attacker because the component control fails to recognize fake components in BlackICE processes.

tags | advisory
SHA-256 | cccf062711f391ac57c883f94f44d73929b8862d2542aff36335459be2a9a18d
ViewVC-1.0.2.txt
Posted Oct 20, 2006
Site hardened-php.net

It was discovered that ViewVC is neither sending a charset HTTP header nor specifying a charset in the HTML body. Therefore it is possible to trick several browsers into decoding ViewVC pages UTF-7. This allows attackers to inject arbitrary UTF-7 encoded Java-Script code into the output.

tags | advisory, java, web, arbitrary
SHA-256 | 430599acdacbbce3f42f21d0ef7c7cd3b6d41994b0d52b2919781634934a8348
bbsNew-xpl.txt
Posted Oct 20, 2006
Authored by Root3r_H3ll

bbsNew versions 2.0.1 and prior remote file inclusion exploit.

tags | exploit, remote, file inclusion
SHA-256 | 6b36d41e14d3831be2bb8a623317f3e5a14d503f17be0d5792c1e91a9360d605
Back-end-0.4.5-xpl.txt
Posted Oct 20, 2006
Authored by Root3r_H3ll

Back-end 0.4.5 and prior remote file inclusion exploit.

tags | exploit, remote, file inclusion
SHA-256 | 0b5963fd8d998ec1e6dead8121cee9e85c2a8454f0461196030f24ad35a2c15e
MOStlyCEV454.txt
Posted Oct 20, 2006
Authored by ErNe

MOStlyCE version 4.54 suffers from a remote file inclusion vulnerability in htmltemplate.php.

tags | exploit, remote, php, file inclusion
SHA-256 | 640b8337175bfa2718c5fa1bc13939dab5a7b58eaf3143908f16b248d834006c
WebYep-1.1.9.txt
Posted Oct 20, 2006

WebYep 1.1.9 suffers from remote file inclusion in WYURL.php.

tags | exploit, remote, php, file inclusion
SHA-256 | 8a7dfcf2e18a441f9e8028449f9f4bd3bf87137c6b693af459e6387b05193078
Page 2 of 5
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close