what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2007-02-20 to 2007-02-21

spybye-0.1.tar.gz
Posted Feb 20, 2007
Authored by Neils Provos | Site spybye.org

SpyBye is a tool to help web masters determine if their web pages are hosting browser exploits that can infect visiting users with malware. It functions as an HTTP proxy server and intercepts all browser requests. A few simple rules are used to determine if embedded links on your web page are harmless, unknown, or maybe even dangerous.

tags | web
SHA-256 | fca518a24f738fe463e15af939cee866fb6b7ea3b75e7b18df8f13c365681cc0
Mandriva Linux Security Advisory 2007.043
Posted Feb 20, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Security Advisory - Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor. Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the id MIME header parameter in a multi-part message.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2007-0898, CVE-2007-0897
SHA-256 | 7269e67e1a6ed8ca07776bcaf1cd0cecf907d085d4b1fb098633457f219b2fc8
snort-2.6.1.3.tar.gz
Posted Feb 20, 2007
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Fixes a remotely exploitable vulnerability in the DCE/RPC preprocessor.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 8cc112d6e0a55b0a7e0802428abbd1b7815e0d01a1240c84a726ecc563629a79
snort-preprocessor.txt
Posted Feb 20, 2007
Site snort.org

Sourcefire has learned of a remotely exploitable vulnerability in the Snort DCE/RPC preprocessor. This preprocessor is vulnerable to a stack-based buffer overflow that could potentially allow attackers to execute code with the same privileges as the Snort binary. Sourcefire has prepared updates for Snort open-source software to address this issue. Snort Versions affected include Snort 2.6.1, 2.6.1.1, and 2.6.1.2 and Snort 2.7.0 beta 1.

tags | advisory, overflow
advisories | CVE-2006-5276
SHA-256 | fef4c3ca73f6930bc8ba37134b82478ff1597215d11e0f89b9720b92fc811722
advchk-1.20.tar.gz
Posted Feb 20, 2007
Authored by Stephan Schmieder | Site advchk.unixgu.ru

Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery.

systems | unix
SHA-256 | 7ac2dde4ed41c68122591d201d914fd15e68aaede4ce7bd6b4469e4b7a8a88e6
phpnuke-sql.txt
Posted Feb 20, 2007
Authored by ajann

PHP-Nuke Module Emporium versions 2.3.0 and below remote SQL injection exploit.

tags | exploit, remote, php, sql injection
SHA-256 | 00f09aff0f439324690fefd55611957bf69bccc9fdea1046715f9242abd18b50
zmbscap-0.1.tar.gz
Posted Feb 20, 2007
Site metaeye.org

The zombie scapper is an automated perl tool for detecting and stopping distributed denial of service programs. The tool automatically searches and scans the desired target for programs by looking for the ports that are used by the zombie masters. It stops the zombie masters by sending a kill/stop trigger.

tags | denial of service, perl
SHA-256 | 3aac75a0f3674fc2c159d06c02b9fcbf0b3f267f5461c229e51495b8838c264c
libevent-dos.txt
Posted Feb 20, 2007
Authored by Jon Oberheide

A denial of service flaw exists in the parsing of DNS responses in libevent, specifically in the handling of label pointers. Versions 1.2 and 1.2a are affected.

tags | advisory, denial of service
SHA-256 | 40a8b76e6d7840ac57ab547f3c89cb6fd0c7f4d3aff4b6329e75d7ecbdad80a0
revenge_proftpd_ctrls_26.pl.txt
Posted Feb 20, 2007
Authored by Alfredo Pesoli | Site 0xcafebabe.it

ProFTPD versions 1.3.0 and 1.3.0a controls local root exploit that binds a shell to tcp/31337. This one works for the 2.6 kernel series.

tags | exploit, shell, kernel, local, root, tcp
SHA-256 | e0a4c6200d855daaf07102fcb5e84b2ce34bf9775307a3c4ea16a0e2bec9460d
revenge_proftpd_ctrls_24.pl.txt
Posted Feb 20, 2007
Authored by Alfredo Pesoli | Site 0xcafebabe.it

ProFTPD versions 1.3.0 and 1.3.0a controls local root exploit that binds a shell to tcp/31337.

tags | exploit, shell, local, root, tcp
SHA-256 | 62ebb6b9d642bc1e0e8688dea06dbc7bbe61c1d6177fa589d23cb7b06aaaac39
Gentoo Linux Security Advisory 200702-8
Posted Feb 20, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200702-08 - Chris Evans has discovered multiple buffer overflows in Sun JDK and Sun JRE possibly related to various AWT or font layout functions. Tom Hawtin has discovered an unspecified vulnerability in Sun JDK and Sun JRE relating to unintended applet data access. He has also discovered multiple other unspecified vulnerabilities in Sun JDK and Sun JRE allowing unintended Java applet or application resource acquisition. Additionally, a memory corruption error has been found in the handling of GIF images with zero width field blocks. Versions less than 1.5.0.10 are affected.

tags | advisory, java, overflow, vulnerability
systems | linux, gentoo
advisories | CVE-2006-6731, CVE-2006-6736, CVE-2006-6737, CVE-2006-6745, CVE-2007-0243
SHA-256 | c8b35881455ebb15bf2706f632d0a2e1707695a62d10bde10e9ee7c131402758
Gentoo Linux Security Advisory 200702-7
Posted Feb 20, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200702-07 - A anonymous researcher discovered that an error in the handling of a GIF image with a zero width field block leads to a memory corruption flaw. Versions less than 1.5.0.10 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-0243
SHA-256 | 255934e66b796944c701666453d0f3b810b9f1a83ac256d90bb890a1cc7bdc81
Gentoo Linux Security Advisory 200702-6
Posted Feb 20, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200702-06 - An unspecified improper usage of an already freed context has been reported. Additionally, an assertion error could be triggered in the DNSSEC validation of some responses to type ANY queries with multiple RRsets. Versions less than 9.3.4 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-0493, CVE-2007-0494
SHA-256 | 791bff594c1ce471290ec2178d47f2f7298fc4c9f324c2479b19b5f076bd824e
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close