exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 150 RSS Feed

Files Date: 2007-08-08 to 2007-08-09

alcaricatier-rfi.txt
Posted Aug 8, 2007
Authored by Hasadya Raed

AL-Caricatier version 2.5 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 2a61bd4ad8dd1aecb978087fe46957bf5ed621218abdbe5899979dce78002aa2
multi-vulns.txt
Posted Aug 8, 2007
Authored by Michal Bucko | Site eleytt.com

Windows Calendar (Vista) ICS file handling suffers from a denial of service vulnerability. Toolbar suffers from multiple vulnerabilities. OpenOffice version 2.2 suffers from a denial of service vulnerability when handling multiple file extensions.

tags | advisory, denial of service, vulnerability
systems | windows
SHA-256 | 318b69fb4e51116ee75ae6cec03826b6139dfd2e43c7e64b83c30d6cd56082cd
Debian Linux Security Advisory 1348-1
Posted Aug 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1348-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-3387
SHA-256 | 49e3a70039e6fad984c2f24899acf376b072798479b58d6d44d8f1c198922ac7
Debian Linux Security Advisory 1347-1
Posted Aug 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1347-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-3387
SHA-256 | 5e07dd252fbab464131cc77702e9533be9f3101c692721eda821a42aee34eaa7
Debian Linux Security Advisory 1346-1
Posted Aug 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1346-1 - Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite. "moz_bug_r_a4" discovered that a regression in the handling of "about:blank" windows used by addons may lead to an attacker being able to modify the content of web sites. Jesper Johansson discovered that missing sanitizing of double-quotes and spaces in URIs passed to external programs may allow an attacker to pass arbitrary arguments to the helper program if the user is tricked into opening a malformed web page.

tags | advisory, remote, web, arbitrary, vulnerability
systems | linux, windows, debian
advisories | CVE-2007-3844, CVE-2007-3845
SHA-256 | 7d8c2ef6cb498a01f05fe869a389a93bbe3f6cf220732c50f166e318bd3fb9e8
Debian Linux Security Advisory 1345-1
Posted Aug 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1345-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. "moz_bug_r_a4" discovered that a regression in the handling of "about:blank" windows used by addons may lead to an attacker being able to modify the content of web sites. Jesper Johansson discovered that missing sanitizing of double-quotes and spaces in URIs passed to external programs may allow an attacker to pass arbitrary arguments to the helper program if the user is tricked into opening a malformed web page.

tags | advisory, remote, web, arbitrary, vulnerability
systems | linux, windows, debian
advisories | CVE-2007-3844, CVE-2007-3845
SHA-256 | af4abfa3d80e22b8e5beb51323cb93d79d2c92e0fc5a3cf28c6d13338a78cc5c
contentdm-xss.txt
Posted Aug 8, 2007
Authored by Rhys Phillips

ContentDM appears to suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 6348fcb68dd7a8d407a183b32a932309c39a74f9a7a3b9726291da5625d885ba
Mandriva Linux Security Advisory 2007.153
Posted Aug 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - GD versions prior to 2.0.35 have a number of bugs which potentially lead to denial of service and possibly other issues.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2007-3472, CVE-2007-3473, CVE-2007-3474, CVE-2007-3475, CVE-2007-3476, CVE-2007-3477, CVE-2007-3478
SHA-256 | 9b71e11c51ed034a2840a9c503b261abdb6dae6e78d6a53dac32de5e6e56e4d5
dnscp.py.txt
Posted Aug 8, 2007
Authored by posedge

BIND 9 DNS cache poisoning exploit version 0.3beta. Affects versions 9.0.0 through 9.4.1.

tags | exploit
SHA-256 | f023654616fe84f718998c8f4bc85698475a60504f52977740ba5eaffbbce4f5
liberoit-xss.txt
Posted Aug 8, 2007
Authored by Gianni Amato | Site gianniamato.it

The Italian ISP Libero.it suffers from cross site scripting vulnerabilities when the p_Query variable is manipulated.

tags | exploit, vulnerability, xss
SHA-256 | e6cbde62a9176f8bf9a54e0755adf56264e6a2e4167a5ac611814307c7ca7089
joomlaj-rfi.txt
Posted Aug 8, 2007
Authored by Yollubunlar | Site yollubunlar.org

The Joomla J! Reactions component suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 39588476fe651cff66a478ac46397c509c596822da564f95d4076fdc040759fb
Debian Linux Security Advisory 1344-1
Posted Aug 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1344-1 - "moz_bug_r_a4" discovered that a regression in the handling of "about:blank" windows used by addons may lead to an attacker being able to modify the content of web sites. Jesper Johansson discovered that missing sanitizing of double-quotes and spaces in URIs passed to external programs may allow an attacker to pass arbitrary arguments to the helper program if the user is tricked into opening a malformed web page.

tags | advisory, web, arbitrary
systems | linux, windows, debian
advisories | CVE-2007-3844, CVE-2007-3845
SHA-256 | d1fb2f29c2f8e3279dcdeddc998ce07195c774016ac60d19d4fece5890d9bd83
Ubuntu Security Notice 495-1
Posted Aug 8, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 495-1 - Several format string vulnerabilities have been discovered in Qt warning messages. By causing an application to process specially crafted input data which triggered Qt warnings, this could be exploited to execute arbitrary code with the privilege of the user running the application.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-3388
SHA-256 | 3af02e0cb10c6ad4a19ff42552fd333e868c606423b7a9da6c9a09f0fa7b804d
Ubuntu Security Notice 496-1
Posted Aug 8, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 496-1 - Derek Noonburg discovered an integer overflow in the Xpdf function StreamPredictor::StreamPredictor(). By importing a specially crafted PDF file into KWord, this could be exploited to run arbitrary code with the user's privileges.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-3387
SHA-256 | 54058bc668d98e99c59650536e2aa3ed485ea4369952bd5e9daf67aa42c494f9
nextgen-sql.txt
Posted Aug 8, 2007
Site aria-security.net

Next Gen Portfolio Manager suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | d2b9888af382da1c903af1ce7ca2910f434a13036ed9538fc306bf7e226dcfe9
interbase_create.rb.txt
Posted Aug 8, 2007
Authored by Ramon de C Valle, Adriano Lima

This Metasploit module exploits a stack overflow in Borland Interbase 2007 by sending a specially crafted create request.

tags | exploit, overflow
advisories | CVE-2007-3566
SHA-256 | 3e86d3a39bb4d94d658211aedac9393c5ed438275012efe2be5e6a027d43a17a
giab-sql.txt
Posted Aug 8, 2007
Site aria-security.net

Gallery In A Box suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | d8394da3cca87f3bffef2f4febd3363cea62fcf5380fd7f09a74add45da1936a
hunkaray-sql.txt
Posted Aug 8, 2007
Authored by Yollubunlar | Site yollubunlar.org

Hunkaray Okul Portali version 1.1 suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 49d7b4544da9c0c7540e6fc8675588ac027be8b458f74ede870574c5cc03cccf
tourde-rfi.txt
Posted Aug 8, 2007
Authored by Yollubunlar | Site yollubunlar.org

Tour de France Pool version 1.0.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | e8dccc047c2e5d2cd8c4f04ac4c01c37c78fbd5667c6c5e81bc2165065508002
minimofirefox.txt
Posted Aug 8, 2007
Authored by Seth Fogie | Site airscanner.com

Minimo version 0.2 and below and Firefox 2.0.0.6 suffer from an abuse vulnerability in their password manager feature.

tags | advisory
SHA-256 | 66824a1405b5fa19539f80b5fec6c74246edd602ba6fcd16e48b24559704deea
pluck-rfi.txt
Posted Aug 8, 2007
Site aria-security.net

Pluck version 4.3 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | c716919a9ae433b4bc5a1a4b239a7b86fe283d82a2303b5a2396f3993a1f1f37
prelude-manager-0.9.9.tar.gz
Posted Aug 8, 2007
Site prelude.sourceforge.net

Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.

Changes: Updated configuration template, added documentation for Prelude generic TCP options. Various other tweaks and changes.
tags | tool, remote, local, intrusion detection
systems | unix
SHA-256 | 734bd844df4e337cb989ea9700d60ca2d0eae03a5b0e97a5559b3addb2498ec6
arpalert-2.0.7.tar.gz
Posted Aug 8, 2007
Authored by Thierry Fournier | Site perso.numericable.fr

arpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.

Changes: Minor OpenBSD bug fix. Very minor code optimization.
tags | local
systems | unix
SHA-256 | 0bed9a7234da04b83ad98b374d4215375f476b6db4431ca7896d6129f5cfd80e
TOR Virtual Network Tunneling Tool 0.1.2.16
Posted Aug 8, 2007
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Various changes.
tags | tool, remote, local, peer2peer
SHA-256 | 1083bd4fef643880eb5eaa7deb0bb45a42c9700a1905c6cd2057de97849f067b
nufw-2.2.3.tar.gz
Posted Aug 8, 2007
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: This is a bugfix release. The main fixed issues are restoration of ICMP reject functionality, and a fix for a problem bound to a regression in MySQL 5.0.
tags | tool, remote, firewall
systems | unix
SHA-256 | b58b4ea733a3833ed045bd4e578cec3f134d1cba691c3cd8b1afd7d732179222
Page 2 of 6
Back12345Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close