the original cloud security
Showing 1 - 18 of 18 RSS Feed

Files Date: 2007-03-21 to 2007-03-22

MOPB-hash.txt
Posted Mar 21, 2007
Authored by Stefan Esser | Site hardened-php.net

Month of PHP Bugs - PHP versions 5.2.1 and below hash_update_file() freed resource usage exploit.

tags | exploit, php
MD5 | d99f6441ca1d1ec17ba6a4e6419f7266
MOPB-already.txt
Posted Mar 21, 2007
Authored by Stefan Esser | Site hardened-php.net

Month of PHP Bugs - PHP versions 4.4.6 and below and versions 5.2.1 and below ext/gd already fixed resources usage exploit.

tags | exploit, php
MD5 | bae3cbbd5ac3157734ec91fd835d09c1
phpraid-rfi.txt
Posted Mar 21, 2007
Authored by Cold Zero

phpRaid versions 3.0.7 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 2656dc0a423e40b1f65ac1dbf8b746c1
htmltonuke-rfi.txt
Posted Mar 21, 2007
Authored by Cold Zero

PHP-Nuke module htmltonuke version 2.0alpha suffers from a remote file inclusion vulnerability.

tags | exploit, remote, php, code execution, file inclusion
MD5 | 038e0e6a616c96a24499889a91d7a5a1
geblog01-lfi.txt
Posted Mar 21, 2007
Authored by GolD_M | Site tryag.cc

GeBlog version 0.1 local file inclusion exploit.

tags | exploit, local, file inclusion
MD5 | 3a88c21fd98452eb92aed8db09f9b763
Ubuntu Security Notice 438-1
Posted Mar 21, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 438-1 - A flaw was discovered in Inkscape's use of format strings. If a user were tricked into opening a specially crafted URI in Inkscape, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-1463
MD5 | 79a11892b12c63d3461ac7a995594950
Mandriva Linux Security Advisory 2007.066
Posted Mar 21, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - By default, OpenAFS prior to 1.44 and 1.5.17 supports setuid programs within the local cell, which could allow attackers to obtain privileges.

tags | advisory, local
systems | linux, mandriva
advisories | CVE-2007-1507
MD5 | 8c1f188cb343cd182e3b9e6c07e0d627
Mandriva Linux Security Advisory 2007.065
Posted Mar 21, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Luigi Auriemma discovered a number of problems with the nas (Network Audio System) daemon that could be used to crash nasd.

tags | advisory
systems | linux, mandriva
MD5 | 3a8ecaeef3793beacd806a95494e67c6
Gentoo Linux Security Advisory 200703-23
Posted Mar 21, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-23 - Wordpress contains several cross-site scripting, cross-site request forgery and information leak vulnerabilities. Versions less than or equal to 2.1.2 are affected.

tags | advisory, vulnerability, xss, csrf
systems | linux, gentoo
advisories | CVE-2007-1049, CVE-2007-1230, CVE-2007-1244, CVE-2007-1409
MD5 | a350d4166b5b463ec87a04175de3ea75
Gentoo Linux Security Advisory 200703-22
Posted Mar 21, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-22 - iDefense has reported two potential buffer overflow vulnerabilities found by researcher regenrecht in the code implementing the SSLv2 protocol. Versions less than 3.11.5 are affected.

tags | advisory, overflow, vulnerability, protocol
systems | linux, gentoo
advisories | CVE-2007-0008, CVE-2007-0009
MD5 | 942dca52b7305221aa8d354bc1ea527d
Gentoo Linux Security Advisory 200703-21
Posted Mar 21, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-21 - Several vulnerabilities were found in PHP by the Hardened-PHP Project and other researchers. These vulnerabilities include a heap-based buffer overflow in htmlentities() and htmlspecialchars() if called with UTF-8 parameters, and an off-by-one error in str_ireplace(). Other vulnerabilities were also found in the PHP4 branch, including possible overflows, stack corruptions and a format string vulnerability in the *print() functions on 64 bit systems. Versions less than 5.2.1-r3 are affected.

tags | advisory, overflow, php, vulnerability
systems | linux, gentoo
advisories | CVE-2006-5465, CVE-2007-0906, CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0911, CVE-2007-0988, CVE-2007-1286, CVE-2007-1375, CVE-2007-1376, CVE-2007-1380, CVE-2007-1383
MD5 | 15e2795e889773a85cb4c7c4f289c219
Debian Linux Security Advisory 1271-1
Posted Mar 21, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1271-1 - A design error has been identified in the OpenAFS, a cross-platform distributed filesystem included with Debian.

tags | advisory
systems | linux, debian
advisories | CVE-2007-1507
MD5 | 53037cf5aa2791065e1690f176ea493e
Debian Linux Security Advisory 1270-1
Posted Mar 21, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1270-1 - iDefense reported several integer overflow bugs in libwpd, a library for handling WordPerfect documents that is included in OpenOffice.org. Attackers are able to exploit these with carefully crafted WordPerfect files that could cause an application linked with libwpd to crash or possibly execute arbitrary code. Next Generation Security discovered that the StarCalc parser in OpenOffice.org contains an easily exploitable stack overflow that could be used exploited by a specially crafted document to execute arbitrary code. It has been reported that OpenOffice.org does not escape shell meta characters and is hence vulnerable to execute arbitrary shell commands via a specially crafted document after the user clicked to a prepared link.

tags | advisory, overflow, arbitrary, shell
systems | linux, debian
advisories | CVE-2007-0002, CVE-2007-0238, CVE-2007-0239
MD5 | 7eb058c1ee3247b7636d73e262340b08
helix-heap.txt
Posted Mar 21, 2007
Authored by Evgeny Legerov | Site gleg.net

Helix Server version 11.1.2 suffers from a remote heap overflow vulnerability that allows a remote attacker to gain root privileges. Proof of concept exploit included.

tags | exploit, remote, overflow, root, proof of concept
MD5 | f718962de1e831186f17e57c489b63c7
mercur-v1.txt
Posted Mar 21, 2007
Authored by mu-b | Site digit-labs.org

Mercur IMAPD exploit that makes use of several bugs in the NTLM implementation. It gives the attacker complete control over a memcpy to a stack variable and the outcome is a denial of service (crash).

tags | exploit, denial of service
MD5 | 87ed6a45532c6dd6285bbe5460e56edc
wagora-multi.txt
Posted Mar 21, 2007
Authored by laurent gaffie

w-agora suffers from file upload, full patch disclosure, cross site scripting and SQL injection flaws.

tags | exploit, xss, sql injection, file upload
MD5 | 11a9ea5a5891173499c0c433079802fe
webwiz805-sql.txt
Posted Mar 21, 2007
Authored by Ivan Fratric | Site ifsec.blogspot.com

The MySQL version of Web Wiz version 8.05 suffers from a SQL injection vulnerability.

tags | exploit, web, sql injection
MD5 | 4ec1cbb50de81b81a4f3f1add8cb3469
mshtmldll.txt
Posted Mar 21, 2007
Authored by SaiedHacker

It appears that Microsoft Internet Explorer 6 suffers from some denial of services vulnerabilities that result in a browser crash.

tags | advisory, denial of service, vulnerability
MD5 | 99422e45796e2bcc4c787f37eba9f016
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close