exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 49 RSS Feed

Files Date: 2007-09-20 to 2007-09-21

Secunia Security Advisory 26890
Posted Sep 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in various VMware products, which can be exploited by malicious, local users to gain escalated privileges or cause a DoS (Denial of Service) or by malicious people to compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
SHA-256 | 08f09e82199488119ccb28852685050d7fedc7bb928e4f58a42631edb144d384
Secunia Security Advisory 26889
Posted Sep 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Doz has reported a vulnerability and a security issue in WebBatch, which can be exploited by malicious people to disclose system information or conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 3fed0e6a201c068783a42e567213e093fffdcfa2ff0e05defb763534057a7c48
Secunia Security Advisory 26908
Posted Sep 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - nights_shadow has discovered a vulnerability in PhpWebGallery, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 4433b0ce41d9db1b129963bccd2f1df085f927dc65c7b174f54509674be9d9cb
VMware Security Advisory 2007-0006
Posted Sep 20, 2007
Authored by VMware | Site vmware.com

VMware Security Advisory - Updates have been released for arbitrary code execution, denial of service, and other various vulnerabilities in VMware.

tags | advisory, denial of service, arbitrary, vulnerability, code execution
advisories | CVE-2007-2446, CVE-2007-2447, CVE-2007-0494, CVE-2007-2442, CVE-2007-2443, CVE-2007-2798, CVE-2007-0061, CVE-2007-0062, CVE-2007-0063, CVE-2007-4059, CVE-2007-4155, CVE-2007-4496, CVE-2007-4497, CVE-2007-1856, CVE-2006-1174, CVE-2006-4600, CVE-2004-0813, CVE-2007-1716
SHA-256 | f186f94a09bad9dba4b82b1daa59265b1954d193e8533587d0fe2348c1f58bec
Debian Linux Security Advisory 1364-2
Posted Sep 20, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1364-2 - Several vulnerabilities have been discovered in the vim editor. Ulf Harnhammar discovered that a format string flaw in helptags_one() from src/ex_cmds.c (triggered through the "helptags" command) can lead to the execution of arbitrary code. Editors often provide a way to embed editor configuration commands (aka modelines) which are executed once a file is opened. Harmful commands are filtered by a sandbox mechanism. It was discovered that function calls to writefile(), feedkeys() and system() were not filtered, allowing shell command execution with a carefully crafted file opened in vim. This updated advisory repairs issues with missing files in the packages for the oldstable distribution (sarge) for the alpha, mips, and mipsel architectures.

tags | advisory, arbitrary, shell, vulnerability
systems | linux, debian
advisories | CVE-2007-2953, CVE-2007-2438
SHA-256 | c3785b66e8f5c4940f2f5cff8cbacf0010c2280153e65ca2f3c5312f02e34028
Gentoo Linux Security Advisory 200709-12
Posted Sep 20, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200709-12 - Poppler and Xpdf are vulnerable to an integer overflow in the StreamPredictor::StreamPredictor function, and a stack overflow in the StreamPredictor::getNextLine function. The original vulnerability was discovered by Maurycy Prodeus. Note: Gentoo's version of Xpdf is patched to use the Poppler library, so the update to Poppler will also fix Xpdf. Versions less than 0.5.4-r2 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-3387
SHA-256 | 80f2606293732b921ba29576656b474b32143b7b5042cb15416ed2d5c74a76f8
Ubuntu Security Notice 515-1
Posted Sep 20, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 515-1 - It was discovered that t1lib does not properly perform bounds checking which can result in a buffer overflow vulnerability. An attacker could send specially crafted input to applications linked against t1lib which could result in a DoS or arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2007-4033
SHA-256 | d244d3b0f668fdadb3b381efe448f72d60df6e9b29980fd755279eea68404437
gmotor2.zip
Posted Sep 20, 2007
Authored by Luigi Auriemma | Site aluigi.org

Proof of concept exploit for rFactor versions 1.250 and below that suffer from buffer overflow and code execution vulnerabilities.

tags | exploit, overflow, vulnerability, code execution, proof of concept
SHA-256 | f640dea92530135cfcc9ae38ce63f181d5d4d0ef906dbce5bdbaf133a7a4cae5
auracms-upload.txt
Posted Sep 20, 2007
Authored by TaMBaRuS

AuraCMS version 2.1 suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
SHA-256 | 3abda0be837af24dfe99452a3011eecc3c151f1f9ebf51ba5a64a89e8d13c058
wbr-xss.txt
Posted Sep 20, 2007
Authored by Azizov Emin

The WBR3404TX broadband router suffers from a cross site scripting vulnerability in the web based management interface.

tags | exploit, web, xss
SHA-256 | a3bdc43059b6289242ec22e3ed84d6d3017c230a024c7643b299663d377ae62c
HP Security Bulletin 2007-14.39
Posted Sep 20, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified in HP-UX running the logins(1M) command. This command incorrectly reports password status. As a result password issues may not be detected, allowing remote unauthorized access.

tags | advisory, remote
systems | hpux
SHA-256 | 950446ae88ba4959b2aca04a7acd588a1e533248c41aa0b4bc14dd5e8c3f6fd2
HP Security Bulletin 2007-14.71
Posted Sep 20, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.

tags | advisory, vulnerability
SHA-256 | a137ba38e770c6459675cd0b1d76e2e8e40f26ef9d25ab6465d6a5bd54fe88d5
mercury-overflow.txt
Posted Sep 20, 2007
Authored by void | Site ph4nt0m.org

Mercury/32 version 4.52 IMAPD search command post-auth overflow exploit.

tags | exploit, overflow
SHA-256 | 76899a76ae38bffed872b8dd336e0d8fb8d277ffa8d2516cadf39dac5ea35d0b
yim-download.txt
Posted Sep 20, 2007
Authored by shinnai | Site shinnai.altervista.org

Yahoo! Messenger version 8.1.0.421 CYFT Object arbitrary file download exploit.

tags | exploit, arbitrary
SHA-256 | 6e64af05fb091cf2cfce9ff05574ea96017e38f93d78f223d7427fab7cb8114a
jetaudio-exec.txt
Posted Sep 20, 2007
Authored by Krystian Kloskowski

jetAudio version 7.x ActiveX code execution exploit that makes use of DownloadFromMusicStore().

tags | exploit, code execution, activex
SHA-256 | 5625d7033969e6c0c3e5ba1813662b2381af214cef565714cce7e8a9033a88cd
p0f-2.0.8-db-20070919.tar.gz
Posted Sep 20, 2007
Authored by Michal Zalewski, David Coomber | Site lcamtuf.coredump.cx

p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to the remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Note that this version is the win32 compiled version. Original code by Michal Zalewski, compiling by David Coomber.

Changes: Insufficient OS description escapes fixed. Other fixes.
tags | tool, remote, local, scanner
systems | windows, unix
SHA-256 | dd38a277cf5f75bd141c92c52d4a943be4377fb60f3ec5a8fd8b6e6d380f4122
flip30-pass.txt
Posted Sep 20, 2007
Authored by undefined1_ | Site undefl.com

Flip versions 3.0 and below remote password hash disclosure exploit.

tags | exploit, remote
SHA-256 | cff6a107f1c4d2d5467974c6b1524004521a920907c03807630e5696886a2e8a
flip30-create.txt
Posted Sep 20, 2007
Authored by undefined1_ | Site undefl.com

Flip versions 3.0 and below remote admin creation exploit.

tags | exploit, remote
SHA-256 | ab23cf363e9e4f88cda78909a85f0bc3d0a105367b23254fac3a0909722854ae
phpbbplus-rfi.txt
Posted Sep 20, 2007
Authored by Mehrad Ansari Targhi

phpBB Plus versions 1.53 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | d7840a40e5cce9f07595fc3ef06a122c61ea33afef7221aeec3b44c12e107b0a
onecms24-sql.txt
Posted Sep 20, 2007
Authored by str0ke | Site milw0rm.com

OneCMS version 2.4 remote SQL injection exploit that makes use of userreviews.php.

tags | exploit, remote, php, sql injection
SHA-256 | 12705178b0a56cfd875a2f603dbeb7f7a8da02c4ce5f5ab5a22130d37b64fbf3
streamline-rfi.txt
Posted Sep 20, 2007
Authored by BiNgZa

Streamline PHP Media Server version 1.0-beta4 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | 9cd7c978e6a572a3fdec146c2e208a17cf2817369c03cbc95d94e33c3aee3f43
waraxe-2007-SA052.txt
Posted Sep 20, 2007
Authored by Janek Vind aka waraxe | Site waraxe.us

dBlog CMS is susceptible to a direct database download vulnerability.

tags | exploit
SHA-256 | c962d0a358906fec392c42277a9199629b0b580195ce6b8911cfa79bc42a8ac8
TPTI-07-15.txt
Posted Sep 20, 2007
Authored by Ganesh Devarajan | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the Automated Solutions Modbus TCP Slave ActiveX Control. Authentication is not required to exploit this vulnerability. The specific flaw exists within MiniHMI.exe which binds to TCP port 502. When processing malformed Modbus requests on this port a controllable heap corruption can occur which may result in execution of arbitrary code.

tags | advisory, remote, arbitrary, tcp, activex
advisories | CVE-2007-4827
SHA-256 | f0520f8bf90c6787cc532807988649bb63df556515fb667dade3c955d0dd7f3a
Secunia Security Advisory 26786
Posted Sep 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Shell has discovered a vulnerability in AOL Instant Messenger, which can be exploited by malicious people to execute arbitrary script code.

tags | advisory, arbitrary, shell
SHA-256 | c6d51e315925f26cfc8c8e78c6e3393ca1936c88a2fa78e3864e434f9ee94a70
Secunia Security Advisory 26787
Posted Sep 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Krystian Kloskowski has discovered a vulnerability in jetAudio, which can be exploited by malicious people to overwrite arbitrary files or to compromise a user's system.

tags | advisory, arbitrary
SHA-256 | 4eacf917a648b66c9276b68fa7186c52ea05daad5147aa275056d449f6defff7
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close