what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 162 RSS Feed

Files Date: 2006-12-06 to 2006-12-07

3comtftp.txt
Posted Dec 6, 2006
Authored by Kurt Grutzmacher

Exploit that demonstrates a long type buffer overflow in the 3Com TFTP Service version 2.0.1.

tags | exploit, overflow
SHA-256 | ef6b4ddf91606b96f7c199467d64dc63075f4a5406cb57031cbac73cbe6de895
3comftp_xpsp2.rb.txt
Posted Dec 6, 2006
Authored by cthulhu

Proof of concept exploit for the 3Com TFTP Service version 2.0.1 that takes advantage of a buffer overflow. Binds a shell to tcp/4444.

tags | exploit, overflow, shell, tcp, proof of concept
SHA-256 | d50b8256e7954d2cda5717a417105d032f6401428c29c62cdb880655a09c4419
cmucylab06018.pdf
Posted Dec 6, 2006
Authored by Lorrie Cranor, Serge Egelman, Jason Hong, Yue Zhang

Phinding Phish - An Evaluation Of Anti-Phishing Toolbars.

tags | paper
SHA-256 | 39a4081ef151734c39ea676878e7857228973e9ae86a267caf8150b6e2836069
Debian Linux Security Advisory 1221-1
Posted Dec 6, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1221-1 - "infamous41md" discovered a heap buffer overflow vulnerability in libgsf, a GNOME library for reading and writing structured file formats, which could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
SHA-256 | fabdc2b1b2df25ddd5db887e1040356f1d5283218b468b976f2241857a030ccb
Ubuntu Security Notice 389-1
Posted Dec 6, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 389-1 - A buffer overflow was discovered in GnuPG. By tricking a user into running gpg interactively on a specially crafted message, an attacker could execute arbitrary code with the user's privileges. This vulnerability is not exposed when running gpg in batch mode.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
SHA-256 | 30fc00af5e375febcb2f80edd565e3be0edfb8f96dbfe1e32b514d5990c2154e
Ubuntu Security Notice 388-1
Posted Dec 6, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 388-1 - An integer overflow was discovered in KOffice's filtering code. By tricking a user into opening a specially crafted PPT file, attackers could crash KOffice or possibly execute arbitrary code with the user's privileges.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2006-6120
SHA-256 | ec0946897cb1d70b32fbc14b5d8fb9d68ae8e4911bd2e807a55cb844d68c8aaa
Technical Cyber Security Alert 2006-333A
Posted Dec 6, 2006
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert - Apple has released Security Update 2006-007 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser. Vulnerabilities in OpenSSL, gzip, and other products are also addressed. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Attackers may take advantage of the less serious vulnerabilities to bypass security restrictions or cause a denial of service. Systems affected include Apple Mac OS X version 10.3.x and 10.4.x, Apple Mac OS X Server version 10.3.x and 10.4.x, and the Apple Safari web browser.

tags | advisory, remote, web, denial of service, arbitrary, vulnerability
systems | apple, osx
SHA-256 | 4b2923a0d49d974503383527fe05d291cf8216423515a4baf3ed78d953ef7cdd
SYM06-023.txt
Posted Dec 6, 2006
Site symantec.com

Symantec has released an update to address a security concern in PHP,? commonly used HTML-embedded scripting language, for Symantec's Veritas NetBackup 6.0 PureDisk Remote Office Edition.

tags | advisory, remote, php
advisories | CVE-2006-5465
SHA-256 | c2d414def84b0ee081c6514068525d48687250f3ba05e602d2ce59b11ce337e7
Zero Day Initiative Advisory 06-043
Posted Dec 6, 2006
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the Novell Netware Client. Versions 4.91 (SP1 and SP2) are affected. Authentication is not required to exploit this vulnerability.

tags | advisory, remote, arbitrary
advisories | CVE-2006-5854
SHA-256 | df6c3a4d9af9dd72f8db53dcd33ee234f6b41b221995b4b70ace607a782704ed
iDEFENSE Security Advisory 2006-11-27.1
Posted Dec 6, 2006
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 11.27.06 - Remote exploitation of a design error in Horde's Kronolith could allow an authenticated web mail user to execute arbitrary PHP code under the security context of the running Web server. iDefense has confirmed that versions 2.0.1 through 2.1.3 of Horde Kronolith are vulnerable to this issue. Other versions are also likely to be vulnerable.

tags | advisory, remote, web, arbitrary, php
SHA-256 | ee600ab41ad0c052969121df20abe044472c6605065be5e89ba4a85502a147ad
secunia-borland.txt
Posted Dec 6, 2006
Authored by JJ Reyes | Site secunia.com

Secunia Research has discovered a vulnerability in Borland products, which can be exploited by malicious people to compromise a vulnerable system. Borland idsql32.dll versions 5.1.0.4 (as used by RevilloC MailServer) and 5.2.0.2 as included with Borland Developer Studio 2006 are affected. Other versions may also be affected. The vulnerability is caused due to a boundary error in idsql32.dll when processing SQL statements using the "DbiQExec()" function. This can be exploited to cause a heap-based buffer overflow via an overly long SQL statement (more than 4000 bytes).

tags | advisory, overflow
SHA-256 | 09e6cf310cbb76af6a9fbf44ffae2569a37d8536a0df6dab6db3e695bd0abee8
Worminator-src.tgz
Posted Dec 6, 2006
Authored by Yuri Gushin

A Win32 tool for easing/automating the process of creating IDS/IPS signatures for SMTP based worms, providing a comfortable GUI, including raw base64 variants and Snort signatures support. This tarball is the source version.

tags | tool, worm, sniffer
systems | windows
SHA-256 | 7eabebd66ac090b251bc5cd139587913bb7d2b46d6e9bebdfdd191cb64093464
Worminator-bin.tgz
Posted Dec 6, 2006
Authored by Yuri Gushin

A Win32 tool for easing/automating the process of creating IDS/IPS signatures for SMTP based worms, providing a comfortable GUI, including raw base64 variants and Snort signatures support. This tarball is the binary executable version.

tags | tool, worm, sniffer
systems | windows
SHA-256 | 382e2b308fc000e37ee162e3694b2218e3551d86497c286dd22d788b2c533e14
aol-screen.txt
Posted Dec 6, 2006
Authored by Zeroknock

The AOL ScreenName website suffered from phishing and redirection attacks.

tags | advisory
SHA-256 | a6ce8d676b65bdacfa2d2ed1dec5391dc6abd6a314b2cda40abc2479905280cd
jbrofuzz-0.3.src.zip
Posted Dec 6, 2006
Site owasp.org

JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. This version is the source code release.

tags | web, protocol, fuzzer
SHA-256 | 82b398224597f19bfc1bdb576171672a1018d5f2e57276f378c9124bc3e34c02
jbrofuzz-0.3.exe.zip
Posted Dec 6, 2006
Site owasp.org

JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. This version is the executable release.

tags | web, protocol, fuzzer
SHA-256 | 51560f99cd3022d05ab482dc535f3756ec4373a6334da75c49e99c4eefcfc6d5
06-alternC-095.txt
Posted Dec 6, 2006
Authored by Vincent Audet Menard | Site ground418.org

AlternC versions 0.9.5 and below suffer from remote code execution, filesystem access, and various other vulnerabilities.

tags | exploit, remote, vulnerability, code execution
SHA-256 | 63702c7e087e0df77cfc44324edbc62473218ca9157eff5a20abd269bbd302e9
phpevent-rfi.txt
Posted Dec 6, 2006
Authored by ThE-LoRd-Of-CrAcKiNg

PHP Event Calendar version 1.5.1 suffers from a remote file inclusion vulnerability in index.php.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | 960f9c7b732e6f38ddf9d938a35f68e05ed9065a26fc7af5d7c4d4907a014f0c
phpged.txt
Posted Dec 6, 2006
Authored by YaHoOoOo

PhpGedView version 4.02 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | b59774163d5aeaa70d0d31ad7bc78a875bc35270e60814fbdc9b3f5d6b33b49b
Secunia Security Advisory 23072
Posted Dec 6, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Palm Desktop Software, which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
SHA-256 | f55c80a3541f2f57eaf08d2ea7fb7e6563dc352ad0e3778b7d5efd94c41497ba
Secunia Security Advisory 23116
Posted Dec 6, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Aria-Security has reported some vulnerabilities in cPanel, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 1a60011b49c0f7f780d1bba83ace6f80a452a9d46807f1eb10ff82191a17da8e
Secunia Security Advisory 23144
Posted Dec 6, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Vincent Audet M

tags | advisory, vulnerability
SHA-256 | 5a4eba07d6e940d38c103a33b74a416e6e023bf714f9463a1f569196844c865d
Secunia Security Advisory 23146
Posted Dec 6, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Trustix has issued an update for gnupg and tar. This fixes some vulnerabilities, which can be exploited by malicious people to overwrite arbitrary files or potentially compromise a vulnerable system.

tags | advisory, arbitrary, vulnerability
SHA-256 | 39ca03ab1f66e26ddd00b3157cb5e4f1cba16801a21129cc0a2b9ebd125c2672
Secunia Security Advisory 23151
Posted Dec 6, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Greg Linares has discovered a vulnerability in AtomixMP3, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 7708429931ee7119b31fd948ebb9273b9e42075c3fbfad722643ff385592bea9
Secunia Security Advisory 23157
Posted Dec 6, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Eric Detoisien has reported a vulnerability in Novell ZENWorks Asset Management, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | f05f0eed043b05d226431798ea3371f01986af5c17e5e9a380db8b6e9f7c5758
Page 4 of 7
Back23456Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close