what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 88 RSS Feed

Files Date: 2007-02-13 to 2007-02-14

advchk-1.10.tar.gz
Posted Feb 13, 2007
Authored by Stephan Schmieder | Site advchk.unixgu.ru

Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery.

systems | unix
SHA-256 | 3058b8c4fc6863c67f948ae80ed6455dc8434e80c4ad0658a29bbb00d6de45de
mimedefang-2.61.tar.gz
Posted Feb 13, 2007
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: There is a problem with MIMEDefang 2.59 and 2.60 which could lead to a denial-of-service attack, or possibly even arbitrary code execution as the "defang" user. If you are running 2.59 or 2.60, you're strongly encouraged to upgrade to 2.61
systems | windows, unix
SHA-256 | 9a3ca09b2d8bf40401aabf03ca0cb2b78bbf0583664238e0568e67f4526c1fb3
nufw-2.0.15.tar.gz
Posted Feb 13, 2007
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: This release fixes a problem with a possible incomplete fetching of user group lists when using the system module. The newly added code is subject to a glibc 2.3.2 bug and an option has been introduced to permit a workaround.
tags | tool, remote, firewall
systems | unix
SHA-256 | 1a742cb90c329dc2b58dd4c51f43bc5d1e5d2a395166ff44f924839cbab9e1da
Ubuntu Security Notice 416-1
Posted Feb 13, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 416-1 - A large quantity of Linux 2.6 kernel vulnerabilities have been discovered and fixed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2006-4572, CVE-2006-4814, CVE-2006-5749, CVE-2006-5753, CVE-2006-5755, CVE-2006-5757, CVE-2006-5823, CVE-2006-6053, CVE-2006-6054, CVE-2006-6056, CVE-2006-6057, CVE-2006-6106
SHA-256 | bf3dac6f04d2aa4fd998dec3fe072f46e61c8556887221ec6b6f58acca4899e8
rbportal-xss.txt
Posted Feb 13, 2007
Authored by BLacK ZeRo

Rainbow Portal suffers from a typical cross site scripting flaw.

tags | exploit, xss
SHA-256 | 1e58b85b259c74b864dc31e109c1f925938ea5659f23a130e3571113e99b0659
crfdb-disclose.txt
Posted Feb 13, 2007
Authored by Gokhan

Capital Request Forms DB suffers from a remote username and password disclosure flaw.

tags | exploit, remote, info disclosure
SHA-256 | aa697cf1de0c119bd11dca205ef19994ae8089f0bfee2a329d004a7cd1383264
ovidentia5x-rfi.txt
Posted Feb 13, 2007
Authored by Hotturk

Ovidentia version 5.x remote file inclusion exploit.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 15df16381563679b5730c00cf273b492d225b27766c5bc2289206313d37c9c92
iemobile-dos.txt
Posted Feb 13, 2007
Authored by Michael Kemp | Site clappymonkey.com

A denial of service condition exists in Internet Explorer for Microsoft Windows Mobile 5.0.

tags | advisory, denial of service
systems | windows
SHA-256 | 2cfc083f7d8de41edb2dd675661d1f5c7c3ee264a6ab8cd5b3491c88dd57647f
pakcon-iii-0507-CFP.txt
Posted Feb 13, 2007
Authored by PAKCON CfP

Papers and presentations are now being accepted for PAKCON III, Pakistan's Underground Hacking Convention.

tags | paper, conference
SHA-256 | f34fb009ecb740dce083bcc808a7cdc3e35457887d34ba6d8840c52403e40a6f
trendmicro-escalate.txt
Posted Feb 13, 2007
Authored by Ruben Santamarta

TmComm.sys is exposed through various Trend Micro products allowing for arbitrary code execution.

tags | advisory, arbitrary, code execution
SHA-256 | 5603190000d5df1f93eef7520f7a177e84d9495b9d251ee328b31970e97b72bd
Mandriva Linux Security Advisory 2007.037
Posted Feb 13, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Security Advisory - Jeff Trout discovered that the PostgreSQL server did not sufficiently check data types of SQL function arguments in some cases. A user could then exploit this to crash the database server or read out arbitrary locations of the server's memory, which could be used to retrieve database contents that the user should not be able to see. Note that a user must be authenticated in order to exploit this. As well, Jeff Trout also discovered that the query planner did not verify that a table was still compatible with a previously-generated query plan, which could be exploited to read out arbitrary locations of the server's memory by using ALTER COLUMN TYPE during query execution. Again, a user must be authenticated in order to exploit this.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2007-0555, CVE-2007-0556
SHA-256 | b9d49ee3a0db5fd14be3b0494fb05ea115fa2b63baca89b8c5f81a95bd12adf0
Zero Day Initiative Advisory 07-07
Posted Feb 13, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Mercury LoadRunner Agent, Mercury Performance Center Agent and Mercury Monitor over Firewall. Authentication is not required to exploit this vulnerability.

tags | advisory, remote, arbitrary
advisories | CVE-2007-0446
SHA-256 | b0ac14f2c1d5a8d579b5fa6340f05f074d07744543ffbe0757c3d452cbc07a3d
cattools-traverse.txt
Posted Feb 13, 2007
Authored by Nicob

Kiwi CatTools versions below 3.2.0 Beta suffer from a tftp directory traversal flaw.

tags | exploit, file inclusion
SHA-256 | f24b397c3a60f7cac26cc72cf4d151f5a77f52aa1cf369d990ece2310ac3b320
r3-stealer-1.0.pl.txt
Posted Feb 13, 2007
Authored by Nicob

SAP Web AS version 6.40 enserver.exe file downloader exploit.

tags | exploit, web
SHA-256 | 6fc6be7f8634a3f1767a2c1d7f800816395514d2a9e81ed5454ab706e121fcd3
sapwebas-dos.txt
Posted Feb 13, 2007
Authored by Nicob

Multiple vulnerabilities exist in SAP Web AS version 6.40 below patch 136 and 7.00 below patch 66. These flaws allow for remote file disclosure, remote denial of service attacks, and local privilege escalation.

tags | advisory, remote, web, denial of service, local, vulnerability
SHA-256 | 6d8c1611200e2a882c87da2d5ee436861cc00c8981f1be917241380181404cdd
HP Security Bulletin 2007-13.0
Posted Feb 13, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Storage Data Protector running on HP-UX with PHSS_35149 or PHSS_35150 installed and Solaris with DPSOL_00229 installed. The vulnerability could be exploited by a local user to execute arbitrary code.

tags | advisory, arbitrary, local
systems | solaris, hpux
SHA-256 | 689877eb769946e50411342786b09a39080d117ca12c89e90efa09cf53968ec9
HP Security Bulletin 2006-12.80
Posted Feb 13, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with the Mercury LoadRunner Agent, Performance Center Agent, and Monitor over Firewall. The vulnerability could be exploited by a remote unauthenticated user to execute arbitrary code.

tags | advisory, remote, arbitrary
SHA-256 | ab149ef7381c5345261b22587d178d559c2d1b3aec3fed7a29e3eb78118c2b24
doaxigen-v2.c
Posted Feb 13, 2007
Authored by mu-b

Denial of service exploit for Axigen versions 1.2.6 through 2.0.0b1 that makes use of a null pointer dereference.

tags | exploit, denial of service
SHA-256 | 1d8be3302c6c9a9cc327d00d2e6d2ec7097b1733bf7f7f3503ff13a353bc816c
doaxigen.c
Posted Feb 13, 2007
Authored by mu-b

Denial of service exploit for Axigen versions 1.2.6 through 2.0.0b1 that makes use of a single byte underflow.

tags | exploit, denial of service
SHA-256 | 42ff42379c36a0bbddfe70130572a6733ddb019470627586b6cd3e50f47378e2
hpnnm750.txt
Posted Feb 13, 2007
Authored by 3APA3A

Hewlett-Packard Network Node Manager version 7.50 suffers from a weak file permission vulnerability.

tags | advisory
advisories | CVE-2007-0819
SHA-256 | 18e604d9ebe27727202f140e225b76db05ea8dd755422272552f40dd75b95143
Secunia Security Advisory 23217
Posted Feb 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Joren McReynolds has reported some vulnerabilities in DevTrack, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 9924dd7190367bd56ff409f5ff88e4ccd10faa14c3ff5cbde71cbc2a724fc0e9
Secunia Security Advisory 24059
Posted Feb 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for dbus. This fixes a weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, redhat
SHA-256 | 94d30fd74f65d6f5c125c766c2192534eb4bb1a59c46003e656e447814d18b93
Secunia Security Advisory 24063
Posted Feb 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - cocoruder has discovered a vulnerability in Alipay PTA Module ActiveX Control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, activex
SHA-256 | 482aed882078143f6c78a93228423f88df81ec12b60e014847382ff7426985c2
Secunia Security Advisory 24066
Posted Feb 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - 3APA3A has reported a vulnerability in HP OpenView Network Node Manager (NNM), which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | 9fe9c757c649038303d6b0cc430ad582ba873c3eb1845319d2fb30a71518c3cd
Secunia Security Advisory 24069
Posted Feb 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in various Trend Micro products, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | 26acb73c0c49efe14244d206c0dcb49afdb72ee19bcd0d30e44a3e7922e0cf0d
Page 2 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close