exploit the possibilities
Showing 1 - 25 of 46 RSS Feed

Files Date: 2007-07-25 to 2007-07-26

CA Security Advisory 35527
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

Multiple CA products that utilize CA Message Queuing (CAM / CAFT) software contain a buffer overflow vulnerability. The vulnerability is a buffer overflow that can allow a remote attacker to execute arbitrary code by sending a specially crafted message to TCP port 3104.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2007-0060
MD5 | ab501b46991f1fab5eb58cd640e9f5c4
CA Security Advisory 35525
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA products that utilize the Arclib library contain two denial of service vulnerabilities. The first vulnerability is due to an application hang when processing a specially malformed CHM file. The second vulnerability is due to an application hang when processing a specially malformed RAR file.

tags | advisory, denial of service, vulnerability
advisories | CVE-2007-3875, CVE-2007-5645
MD5 | 10a5665874d17a5c342ba0a0e56e4924
CA Security Advisory 35524
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

eTrust Intrusion Detection contains a vulnerability associated with the caller.dll ActiveX control. The vulnerability is due to the caller.dll ActiveX control being marked safe for scripting. An attacker, who can lure a user into visiting a malicious website, can potentially gain complete control of an affected installation.

tags | advisory, activex
advisories | CVE-2007-3302
MD5 | 0f81f87e5fb0e8acadbc9da84286310e
Gentoo Linux Security Advisory 200707-8
Posted Jul 25, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200707-08 - Tavis Ormandy of the Gentoo Linux Security Team discovered that NVClock makes usage of an insecure temporary file in the /tmp directory. Versions less than 0.7-r2 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-3531
MD5 | 72eb1e09e9af884741c4657afe5eaf6f
Gentoo Linux Security Advisory 200707-7
Posted Jul 25, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200707-07 - Secunia Research discovered several boundary errors in the functions cddb_query_parse(), cddb_parse_matches_list() and cddb_read_parse(), each allowing for a stack-based buffer overflow. Versions less than 1.0.20070622 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-2948
MD5 | 58f4ae93faca1230cdc806422c250b56
philboard-xss.txt
Posted Jul 25, 2007
Authored by GeFORC3

W1L3D4 Philboard version 0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f3aeae8a24339856eae0cbf827c4e925
iDEFENSE Security Advisory 2007-07-24.2
Posted Jul 25, 2007
Authored by iDefense Labs, Sebastian Apelt | Site idefense.com

iDefense Security Advisory 07.24.07 - Remote exploitation of a design error vulnerability in Computer Associates International Inc.'s (CA) eTrust Intrusion Detection allows attackers to execute arbitrary code. iDefense has confirmed that CA eTrust Intrusion Detection version 3.0.5 on Windows is vulnerable. The file version of caller.dll tested was 3.0.5.55.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2007-3302
MD5 | 9d2f71feb74c13277bfb86cb0ac81e17
iDEFENSE Security Advisory 2007-07-24.1
Posted Jul 25, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 07.24.07 - Remote exploitation of a denial of Service (DoS) vulnerability in Computer Associates Inc.'s eTrust Antivirus products could allow attackers to create a DoS condition on the affected computer. When eTrust Antivirus engine scans a malformed CHM file that has an invalid 'previous listing chunk number' field, the scanner will enter an infinite loop and be unable to process any other files. iDefense has confirmed this vulnerability in eTrust AntiVirus version r8. Previous versions of eTrust Antivirus are suspected vulnerable. Other Computer Associates products, as well as derived products, may also be vulnerable.

tags | advisory, remote, denial of service
advisories | CVE-2007-3875
MD5 | c9e430e97c86ccb8e479f4edf4a11819
linkedin-overflow.txt
Posted Jul 25, 2007
Authored by Jared DeMott

LinkedIn Toolbar version 3.0.2.1098 remote buffer overflow exploit.

tags | exploit, remote, overflow
MD5 | 13861dc8b511010ec836f8f370c836d5
php523-win32std.txt
Posted Jul 25, 2007
Authored by shinnai | Site shinnai.altervista.org

PHP version 5.2.3 win32std extension safe_mode and disable_functions protections bypass exploit.

tags | exploit, php
MD5 | 85f091c38d408435c8fe153edf5ee44d
articledir-rfi.txt
Posted Jul 25, 2007
Authored by mozi, magenkyo.sharingan

Article Directory suffers from a remote file inclusion vulnerability in index.php.

tags | exploit, remote, php, code execution, file inclusion
MD5 | 6892510745cf4c3e661f56eccbaf6489
TPTI-07-13.txt
Posted Jul 25, 2007
Authored by Cody Pierce | Site dvlabs.tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Borland Interbase. Authentication is not required to exploit this vulnerability. The specific flaw exists within the database service, ibserver.exe, which binds to TCP port 3050.

tags | advisory, remote, arbitrary, tcp
advisories | CVE-2007-3566
MD5 | 8cf4fbcf329b25381c70d8c3caf254d6
Zero Day Initiative Advisory 07-043
Posted Jul 25, 2007
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is required to exploit this vulnerability. The specific flaw exists due to a lack of bounds checking during the parsing of arguments to the SUBSCRIBE IMAP command sent to the IMAP daemon listening by default on TCP port 143. By providing an overly long string as the argument, an exploitable stack-based buffer overflow occurs.

tags | advisory, overflow, arbitrary, tcp, imap
advisories | CVE-2007-2795
MD5 | 4d9363e8bfef764f9a43302e007ecf63
Zero Day Initiative Advisory 07-042
Posted Jul 25, 2007
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is not required to exploit this vulnerability. The specific flaw resides in IMailsec.dll while attempting to authenticate users. The affected component is used by multiple services that listen on a default installation. The authentication mechanism copies user-supplied data into fixed length heap buffers using the lstrcpyA() function. The unbounded copy operation can cause a memory corruption resulting in an exploitable condition.

tags | advisory, arbitrary
advisories | CVE-2007-2795
MD5 | e595d01aebe1824018e5170a0c039dc9
Zero Day Initiative Advisory 07-041
Posted Jul 25, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on affected installations of Panda AdminSecure. Authentication is not required to exploit this vulnerability.

tags | advisory, remote, arbitrary
advisories | CVE-2007-3026
MD5 | 684a05286a2436521a88c1ca8d97400c
fscan-both.tgz
Posted Jul 25, 2007
Authored by Andres Tarasco | Site 514.es

Fast HTTP Auth Scanner is a new web security scanner for Windows that allows brute-force attacks against web based devices that require HTTP authentication. Source and binary included.

tags | web
systems | windows
MD5 | adf7b4531948a7db469cf130dfd3ecf9
ecms-exec.txt
Posted Jul 25, 2007
Authored by Kw3rLN | Site rstzone.net

Entertainment CMS remote command execution exploit that makes use of a local file inclusion vulnerability.

tags | exploit, remote, local, file inclusion
MD5 | 5c3246421fa04afc82d952cdd8c384e9
confixx-rfi.txt
Posted Jul 25, 2007
Authored by H4 / Team XPK

Confixx pro versions 3.3.1 and below suffer from a remote file inclusion vulnerablity in saveserver.php.

tags | exploit, remote, php, code execution, file inclusion
MD5 | de809148361e30fa1131466dc0144d68
Cisco Security Advisory 20070724-arp
Posted Jul 25, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Wireless LAN Controllers (WLC) contain multiple vulnerabilities in the handling of Address Resolution Protocol (ARP) packets that could result in a denial of service (DoS) in certain environments.

tags | advisory, denial of service, vulnerability, protocol
systems | cisco
MD5 | 410864d31569a8f43549ea0e6021d88e
exploit.c
Posted Jul 25, 2007
Authored by Joey Mengele

Remote buffer overflow exploit for Windows RSHD version 1.7.

tags | exploit, remote, overflow
systems | windows
MD5 | 3a98f11d51a929b4b32871c0db6efb77
jgaa-sql.txt
Posted Jul 25, 2007
Authored by fl0 fl0w

jgaa remote SQL injection exploit that allows administrator password hash retrieval.

tags | exploit, remote, sql injection
MD5 | 95488946d13db8bdf40d635e71aeaba0
dbdisplay-exec.txt
Posted Jul 25, 2007
Authored by hadihadi

dbdisplay.pl is susceptible to an arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
MD5 | 06d99dbe4f3b4457c44898e5cffe12c7
printenv-xss.txt
Posted Jul 25, 2007
Authored by hadihadi

printenv.pl is vulnerable to cross site scripting attacks.

tags | exploit, xss
MD5 | 8b39fcbdc612aa23276426d51a6a957d
ProCheckUp Security Advisory 2007.21
Posted Jul 25, 2007
Authored by Adrian Pastor, ProCheckUp

Webbler CMS version 3.1.3 forms are susceptible to spamming and phishing abuse.

tags | advisory
MD5 | e735eba3e38ba4e18a22092b2233261b
ProCheckUp Security Advisory 2007.20
Posted Jul 25, 2007
Authored by Adrian Pastor, ProCheckUp

A path disclosure issue exists in Webbler CMS version 3.1.3.

tags | advisory
MD5 | 26b734c5ceb88073b75a5c716a2295ba
Page 1 of 2
Back12Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close