exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 89 RSS Feed

Files Date: 2007-09-05 to 2007-09-06

Debian Linux Security Advisory 1364-1
Posted Sep 5, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1364-1 - Several vulnerabilities have been discovered in the vim editor. Ulf Harnhammar discovered that a format string flaw in helptags_one() from src/ex_cmds.c (triggered through the "helptags" command) can lead to the execution of arbitrary code. Editors often provide a way to embed editor configuration commands (aka modelines) which are executed once a file is opened. Harmful commands are filtered by a sandbox mechanism. It was discovered that function calls to writefile(), feedkeys() and system() were not filtered, allowing shell command execution with a carefully crafted file opened in vim.

tags | advisory, arbitrary, shell, vulnerability
systems | linux, debian
advisories | CVE-2007-2953, CVE-2007-2438
SHA-256 | 568c5f44ec4fc3ee2bced8b7d5302fe9094997142525e4dbfc74de8974db733e
Debian Linux Security Advisory 1363-1
Posted Sep 5, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1363-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2007-2172, CVE-2007-2875, CVE-2007-3105, CVE-2007-3843, CVE-2007-4308
SHA-256 | d5972fd85fbf1afaad38fdca77c8deaa6dfbbe2c955a9fdc5c8d980656e91d62
openssh-4.7p1.tar.gz
Posted Sep 5, 2007
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Multiple bug fixes including a security fix.
tags | encryption
systems | linux, openbsd
SHA-256 | d47133f0c6737d2889bf8da7bdf389fc2268d1c7fa3cd11a52451501eab548bc
pshtoolkit-1.1.tgz
Posted Sep 5, 2007
Authored by Hernan Ochoa | Site oss.coresecurity.com

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.

Changes: Improvements for the German and French versions of Microsoft Windows XPSP2, Windows 2003 SP1/SP2, and more.
tags | remote, local
systems | windows
SHA-256 | 6be2b9d8c80c3ce8623695fe34d59e1da13a69e745c495039e6e3840b294cafd
nuface-1.2.5.tar.gz
Posted Sep 5, 2007
Authored by Vincent Deffontaines | Site inl.fr

Nuface is a web-based administration tool that generates Edenwall, NuFW, or simple Netfilter firewall rules. It features a high level abstraction on the security policy set by the administrator, and works internally on an XML data scheme. Its philosophy is to let you agglomerate subjects, resources, or protocols into meta-objects, and use those meta objects to generate ACLs, which are then interpreted as netfilter rules by Nupyf, the internal XML parser. This tool may easily be extended to support firewall implementations other than Netfilter.

Changes: Additional VPN compatibility added. Fixed a bug in index and added a new option.
tags | tool, web, firewall, protocol
systems | unix
SHA-256 | a7edf4f437067ed02eb4c5f69754186d91a97ae825ef13b44191f5f8ef3b5cde
strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Sep 5, 2007
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: Various enhancements.
tags | kernel, encryption
systems | linux
SHA-256 | 137ae23716b42f0cb041571f380cdcd7f6ec9c7a44adf0bd8cc18f92ec335d40
TOR Virtual Network Tunneling Tool 0.1.2.17
Posted Sep 5, 2007
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Removed support for the old v0 control protocol. Various other major and minor fixes.
tags | tool, remote, local, peer2peer
SHA-256 | fc0fb0c2891ae09854a69512c6b4988964f2eaf62ce80ed6644cb21f87f6056a
dma-hydra-5.4-src_plus.txt
Posted Sep 5, 2007
Authored by thc, David Maciejak

Patch for THC's Hydra that adds a dependency checks for openssl needed for the SIP module, modifies checks for libpq.so for Postgresql module, adds a new module for Netware NCP and for Firebird database.

SHA-256 | a644e2e1a9eb85606bd9b9f29ac096834058d72e8ab3dca236b8146d7a98e302
advisory-mambo-akobook-en.txt
Posted Sep 5, 2007
Authored by Ruben Ventura Pina | Site trew.icenetx.net

The Mambo component AkoBook versions 3.42 and below suffer from a script insertion vulnerability.

tags | exploit
SHA-256 | f823e27062db2005da028cac1266f9af6b787c932b0f0f56d285469a54d781fa
WAFUTFF.pdf
Posted Sep 5, 2007
Authored by Tim Brown | Site nth-dimension.org.uk

Whitepaper entitled "Writing a fuzzer using the Fuzzled framework". The paper includes some of the techniques used to dismantle protocols including documentation, observation and static analysis.

tags | paper, protocol, fuzzer
SHA-256 | 85eff0372eb6b927c7f66e8380f04f54c2152fb1202fd191238c82796096ff34
challenge200709362386.txt
Posted Sep 5, 2007
Site digitalarmaments.com

Digital Armaments officially announce the launch of September-October hacking challenge. The challenge starts on September 1. For the September-October Challenge, Digital Armaments will give 5000 credits EXTRA for each submission that results in a Symbian Vulnerability.

tags | paper
SHA-256 | 99058117285f0858bb032729ae6a61bfc0ebec2e06d4c46647afcc0d6494f723
marshal-tar.txt
Posted Sep 5, 2007
Authored by Sebastian Vandersee | Site rt-solutions.de

Marshal MailMarshal suffers from a tar unpacking vulnerability. Versions 6.2.1.3253 and below are affected.

tags | advisory
SHA-256 | c1af85897e8b92ddf021aaad0de00dfe12eccd804ac25fa5d013251d99085c36
tomcat4131-xss.txt
Posted Sep 5, 2007
Authored by Tushar Vartak

Apache Tomcat version 4.1.31 ships with cal2.jsp that suffers from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 1a5a1b5d1433ef9bdd312654ab6e90a7d50c41a4ade8e8bb2ca09c5eed70c8ed
212cafeboard-sql.txt
Posted Sep 5, 2007
Authored by Lopez Bran

212cafeBoard version 6.30 Beta suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 73543ab3f0681dad10d99843f73ff1ca597544dfa59b755b5c490890cb38cd29
thc-surrender.txt
Posted Sep 5, 2007
Authored by thc | Site freeworld.thc.org

The German fraction of THC stops all activities that have been labeled illegal under the German anti hacker law. The law forbids German citizens to research, discuss or disclose security problems. THC is an independent non-commercial security research organization with over 10 years of experience.

SHA-256 | 4ac519f2436e67eece867b309cf6040907b049cf37943a3bbf2e65ea4bc6881c
applequick-overflow.txt
Posted Sep 5, 2007
Authored by David Vaartjes

Apple QuickTime versions below 7.2 suffer from an integer overflow vulnerability when parsing SMIL files.

tags | advisory, overflow
systems | apple
advisories | CVE-2007-2394
SHA-256 | e36c02a2c04082aa2c63f8d1c8a1df4fb25b780e0fa834ce70d526c5f5c15948
ipgrab-0.9.10.tar.gz
Posted Sep 5, 2007
Authored by Mike Borella

ipgrab is a packet sniffing tool, based on the Berkeley packet capture library, that prints complete data-link, network and transport layer header information for all packets it sees. Specifically, this program reads and parses packets from the link layer through the transport layer, dumping explicit header information along the way.

tags | tool, sniffer
SHA-256 | 97461e912921c4976ba10eff58e0c0b7cc05978d9fd48e1dd3f2b0992798fb30
chase-2007-lahore-CFP.txt
Posted Sep 5, 2007
Site chase.org.pk

Call For Papers for CHASE-2007 Lahore - Conference On Hacking And Security. This conference will be held December 7th through December 8th, 2007.

tags | paper, conference
SHA-256 | 8f59738bb8a8443dc1cf7986a7e95a7ec1bb41eddeeba4e71b578653fa48a4ae
tomsgb10-xss.txt
Posted Sep 5, 2007
Authored by cod3in

Toms G

tags | exploit, xss
SHA-256 | 68e5f5c7b6c320884cf7de99e0e04d5ea280d280301c1339f81c9b71d31c7714
weboddity-traverse.txt
Posted Sep 5, 2007
Authored by Katatafish

Web Oddity web server version 0.09b suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion
SHA-256 | 2faa2c5af5fcbc9fbb97e8381df51cef9082f48190169fa0ab55c92546671ff1
ccproxy-meta.txt
Posted Sep 5, 2007
Authored by Patrick Webster

This Metasploit module exploits the YoungZSoft CCProxy suite versions 6.2 and below Telnet service. The stack is overwritten when sending an overly long address to the 'ping' command.

tags | exploit
advisories | CVE-2004-2416
SHA-256 | 52024f7370a1424ff76db38bd57f234310a16730342fb87c67eea957054c84f9
telecomitaly-reg.txt
Posted Sep 5, 2007
Authored by rgod | Site retrogod.altervista.org

Telecom Italy Alice Messenger remote registry key manipulation exploit.

tags | exploit, remote, registry
SHA-256 | 5ced2ef887bd909dc01196510eb1d3d09b87d3be937a851965869d6005ab6df7
msvb-codeexec.txt
Posted Sep 5, 2007
Authored by koshi

Microsoft Visual Basic version 6.0 VBP_Open OLE local code execution exploit.

tags | exploit, local, code execution
SHA-256 | 2dde94986eb1a6eec380df5aae50265343027d4cff29eb3748ff4619878d5d70
otsturntables-overflow.txt
Posted Sep 5, 2007
Authored by 0x58

OTSTurntables version 1.00 local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | f95f08503c2a38bdc76c949d87cbd8a3f0fe3bb784328f264fa26ae2cf97e2d9
virtualdj-overflow.txt
Posted Sep 5, 2007
Authored by 0x58

Virtual DJ version 5.0 local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 330042c5c39c0c4b2b7c5d84de007f24205abbe218b0931722aca87da4ce5737
Page 2 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close