exploit the possibilities
Showing 26 - 50 of 115 RSS Feed

Files Date: 2006-10-20 to 2006-10-21

SecSE2007-cfp.txt
Posted Oct 20, 2006
Site ares-conference.eu

First International Workshop on Secure Software Engineering (SecSE 2007) Call for Papers.

tags | paper, conference
MD5 | a7fc24fd47d1c6f3ded89280bb8af381
Mandriva Linux Security Advisory 2006.185
Posted Oct 20, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-185: PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.

tags | advisory, web, local, php
systems | linux, mandriva
MD5 | 61376419c6d91a017d81905b5e45b8f1
Mandriva Linux Security Advisory 2006.184
Posted Oct 20, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-184: An integer overflow in previous versions of ClamAV could allow a remote attacker to cause a Denial of Service (scanning service crash) and execute arbitrary code via a Portable Executable (PE) file

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
MD5 | 3371d54558b0918449b23cebb8a79d13
Mandriva Linux Security Advisory 2006.183
Posted Oct 20, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-183: The libksba library, as used by gpgsm in the gnupg2 package, allows attackers to cause a denial of service (application crash) via a malformed X.509 certificate in a signature.

tags | advisory, denial of service
systems | linux, mandriva
MD5 | 225acc243c19807a24777976ca246124
Gentoo Linux Security Advisory 200610-7
Posted Oct 20, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-07 - Benjamin C. Wiley Sittler discovered a buffer overflow in Python's repr() function when handling UTF-32/UCS-4 encoded strings. Versions less than 2.4.3-r4 are affected.

tags | advisory, overflow, python
systems | linux, gentoo
MD5 | 7de0fedda38d9aa53746e045095999c9
Gentoo Linux Security Advisory 200610-7
Posted Oct 20, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-07 - Benjamin C. Wiley Sittler discovered a buffer overflow in Python's repr() function when handling UTF-32/UCS-4 encoded strings. Versions less than 2.4.3-r4 are affected.

tags | advisory, overflow, python
systems | linux, gentoo
MD5 | ef2a498557c585d25f00a732c396444c
Gentoo Linux Security Advisory 200610-6
Posted Oct 20, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-06 - Daniel Bleichenbacher discovered that it might be possible to forge signatures signed by RSA keys with the exponent of 3. This affects a number of RSA signature implementations, including Mozilla's NSS. Versions less than 3.11.3 are affected.

tags | advisory
systems | linux, gentoo
MD5 | dc8358f4b0f6d77c43ae466682d49310
Gentoo Linux Security Advisory 200610-6
Posted Oct 20, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-06 - Daniel Bleichenbacher discovered that it might be possible to forge signatures signed by RSA keys with the exponent of 3. This affects a number of RSA signature implementations, including Mozilla's NSS. Versions less than 3.11.3 are affected.

tags | advisory
systems | linux, gentoo
MD5 | bba6103459c093881e3c7e32e4612d05
Gentoo Linux Security Advisory 200610-5
Posted Oct 20, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-05 - Lionel Elie Mamane discovered an error in c2faxrecv, which doesn't properly sanitize TSI strings when handling incoming calls. Versions less than 01.03.00.99.300.3-r1 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 4ba9e6cef38cf737216db99ef57c7f72
Gentoo Linux Security Advisory 200610-5
Posted Oct 20, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-05 - Lionel Elie Mamane discovered an error in c2faxrecv, which doesn't properly sanitize TSI strings when handling incoming calls. Versions less than 01.03.00.99.300.3-r1 are affected.

tags | advisory
systems | linux, gentoo
MD5 | ec58ca0ba82833e584bf2c89d8286c98
iDEFENSE Security Advisory 2006-10-15.1
Posted Oct 20, 2006
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 10.15.06 - Remote exploitation of a buffer overflow in Clam AntiVirus allows attackers to potentially execute arbitrary code or cause a denial of service condition.

tags | advisory, remote, denial of service, overflow, arbitrary
MD5 | c4645704ba882a5ae5d849242a21912a
iDEFENSE Security Advisory 2006-10-15.2
Posted Oct 20, 2006
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 10.15.06: Remote exploitation of a input validation vulnerability in Clam AntiVirus's ClamAV could allow attackers to crash the virus scanning service.

tags | advisory, remote, virus
MD5 | 597314452400461b167c43811fdf762b
GOOP-image.txt
Posted Oct 20, 2006
Authored by Lostmon | Site lostmon.blogspot.com

GOOP Gallery versions prior to 2.0.3 suffer from a flaw that can allow cross site scripting attacks

tags | exploit, xss
MD5 | 3cb78f78729d46fcd02279be597b0b31
WoltLab-bb-1.1.2.txt
Posted Oct 20, 2006
Authored by ShAnKaR sec | Site antichat.ru

woltlab.de burning book 1.1.2 and prior SQL and PHP injection proof of concept exploit.

tags | exploit, php, proof of concept
MD5 | 79f8ddf230ce0b0934e76cf4707aae65
AsbruHardCore.txt
Posted Oct 20, 2006
Authored by n.runs GmbH | Site nruns.com

Asbru HardCore Web Content Editor is vulnerable to a command injection attack vulnerability.

tags | advisory, web
MD5 | b1b10c6dd09ed0642b39a6c420e53e4e
XSRF_Paper.pdf
Posted Oct 20, 2006
Authored by Jesse Burns | Site isecpartners.com

Paper describing the various methods and techniques of cross site reference forgery.

tags | paper, web
MD5 | 9e95ff1c763a9dcae6b590fa7b6fbed8
netflix-10-16-2006.txt
Posted Oct 20, 2006
Authored by Dave Ferguson

The Netflix.com site was vulnerable to cross site request forgery, also known as hostile linking.

tags | advisory, csrf
MD5 | 0e5c0976e603dfc0719895feab5145c4
AttackAPI.zip
Posted Oct 20, 2006
Authored by petko d. petkov | Site gnucitizen.org

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies.

tags | web, javascript
MD5 | a3b5bf02dada5efadfcde71310e5503f
vb-sploitbox.txt
Posted Oct 20, 2006
Authored by PLDsoft | Site pldsoft.com

vbulletin 3.5.4 Exploit-Toolbox v.0.1.1 - Three POC vbulletin exploits in one. Includes Install_path exploit, Xss vbulletin 3.5.x, and vBulletin 3.5.4 Flood Exploit.

tags | exploit
MD5 | d16fbdf6cc7bfa4e4033fb69337319a6
ISSBlackICE-files.txt
Posted Oct 20, 2006
Authored by Matousec - Transparent Security Research | Site matousec.com

BlackICE PC Protection protects its files against manipulation by malicious software. Its critical files like its database of trusted applications or firewall configuration are protected. The list of protected files is stored in filelock.txt in the BlackICE installation directory. If this file is deleted files mentioned in filelock.txt are not protected any more and can be changed by malicious applications. The implemented protection allows malicious applications to delete this file using native API function ZwDeleteFile. This can result in a bypass of all BlackICE protection mechanisms because its internal components can be replaced with fake copies. The situation is even easier for the attacker because the component control fails to recognize fake components in BlackICE processes.

tags | advisory
MD5 | f1b6a94fd588d266cf0b8bcf7573409f
ViewVC-1.0.2.txt
Posted Oct 20, 2006
Site hardened-php.net

It was discovered that ViewVC is neither sending a charset HTTP header nor specifying a charset in the HTML body. Therefore it is possible to trick several browsers into decoding ViewVC pages UTF-7. This allows attackers to inject arbitrary UTF-7 encoded Java-Script code into the output.

tags | advisory, java, web, arbitrary
MD5 | 782c691f37fbc2fb4e39c1d46e5ebccf
bbsNew-xpl.txt
Posted Oct 20, 2006
Authored by Root3r_H3ll

bbsNew versions 2.0.1 and prior remote file inclusion exploit.

tags | exploit, remote, file inclusion
MD5 | b61876f36a53299c1ce492657cbe7abe
Back-end-0.4.5-xpl.txt
Posted Oct 20, 2006
Authored by Root3r_H3ll

Back-end 0.4.5 and prior remote file inclusion exploit.

tags | exploit, remote, file inclusion
MD5 | e77cacf05b4fa0e4588758f3a9f675ac
MOStlyCEV454.txt
Posted Oct 20, 2006
Authored by ErNe

MOStlyCE version 4.54 suffers from a remote file inclusion vulnerability in htmltemplate.php.

tags | exploit, remote, php, file inclusion
MD5 | 11cd7c166b997689cd9f2d217d2a5e27
WebYep-1.1.9.txt
Posted Oct 20, 2006

WebYep 1.1.9 suffers from remote file inclusion in WYURL.php.

tags | exploit, remote, php, file inclusion
MD5 | fabae0dc87cd8091bff8773f46d19616
Page 2 of 5
Back12345Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    8 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    0 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close