exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 76 RSS Feed

Files Date: 2008-06-11 to 2008-06-12

Secunia Security Advisory 30602
Posted Jun 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - CWH Underground has discovered some vulnerabilities in SyndeoCMS, which can be exploited by malicious people to conduct cross-site scripting attacks, and by malicious users to disclose sensitive information.

tags | advisory, vulnerability, xss
SHA-256 | 0ea05263b64f0131209ec6b5949b7199c04cbb40be171545c6ba0314f101d637
Core Security Technologies Advisory 2008.0125
Posted Jun 11, 2008
Authored by Core Security Technologies, Sebastian Muniz | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability was found in CitectSCADA that could allow a remote un-authenticated attacker to force an abnormal termination of the vulnerable software (Denial of Service) or to execute arbitrary code on vulnerable systems to gain complete control of the software. To accomplish such goal the would-be attacker must be able to connect to the vulnerable service on a TCP high-port.

tags | advisory, remote, denial of service, arbitrary, tcp
advisories | CVE-2008-2639
SHA-256 | 19bd45b897c6982edbb11d71c9c88e4b43443d02180be90c94917a52bf3de427
typo3-xssexec.txt
Posted Jun 11, 2008
Authored by Lars Houmark | Site typo3.org

TYPO3 versions 3.x, 4.0 through 4.0.7, 4.1 through 4.1.6, and 4.2 suffer from arbitrary code execution and code execution vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution, xss
SHA-256 | 3f08cf2d0f07df1e0f68d53d3396712614ffc248496d81a50541f0e4c85b5ff8
phpeasydata-sqlxss.txt
Posted Jun 11, 2008
Authored by Sylvain THUAL | Site click-internet.fr

PHPEasyData version 1.5.4 suffers from cross site scripting and SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | 038bd7360986bb346c3f7b2dd8c05b2150b3de7bc4a0cd1c2780a84fa278f64f
flatcal-bypass.txt
Posted Jun 11, 2008
Authored by Crackers_Child

Flat Calendar version 1.1 allows for administrator bypass when scripts are accessed directly.

tags | exploit, bypass
SHA-256 | 5e7708384102bfc84936c466d0e26d24d6d1d332d55c960f0b50de582e550878
secunia-ubitorrent.txt
Posted Jun 11, 2008
Site secunia.com

Secunia Research has discovered a vulnerability in uTorrent and BitTorrent, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the handling of HTTP requests and can be exploited to crash the application by sending an HTTP request containing a malformed "Range" header string. Successful exploitation requires that the Web UI interface is enabled (not default). uTorrent version 1.7.7 and BitTorrent version 6.0.1 are both affected.

tags | advisory, web, denial of service
advisories | CVE-2008-0071
SHA-256 | d2a8e55f8cf66424df0d99429639964b9e96d1badbf13b3bdfef9410bb5a8d01
HP Security Bulletin 2008-00.63
Posted Jun 11, 2008
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Apache with PHP. This vulnerability could be exploited remotely to execute arbitrary code.

tags | advisory, arbitrary, php
systems | hpux
advisories | CVE-2008-0599
SHA-256 | 0b8a596fa9731d9045feee363c97d041ef17ec11d3673fdb9838a72908303695
Secunia Security Advisory 28703
Posted Jun 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in uTorrent, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 3f322062f9e2cf8ef117b3a6087faaffcbd68adacfde78c12be31fb984beb43b
Secunia Security Advisory 30605
Posted Jun 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in BitTorrent, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 5a89ea0c35e78c4223931809ee466e35c122a365b6cff6acb7e35f32e0858df8
iptbb-admin.txt
Posted Jun 11, 2008
Authored by CWH Underground | Site citecclub.org

IPTBB version 0.5.6 arbitrary add administrator exploit.

tags | exploit, arbitrary, add administrator
SHA-256 | 1605caeffa7574dfd66c1b80f96a27bfb09f4579ddca2b0d31dc2a419c573b99
efiction-sql.txt
Posted Jun 11, 2008
Authored by Mr.SQL | Site pal-hacker.com

eFiction version 3.0 suffers from a remote SQL injection vulnerability in toplists.php.

tags | exploit, remote, php, sql injection
SHA-256 | 2a6ab15370a2e59ec1b0522a016d1da52c7505c4b4b739b726802f536af9be92
fogforum-lfi.txt
Posted Jun 11, 2008
Authored by CWH Underground | Site citecclub.org

FOG Forum version 0.8.1 suffers from multiple local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
SHA-256 | 55c02e350cb188d82a67c286bcaa494d633cee9126cc4b8d16898761ed83a52a
Tor-ramdisk i686 UClibc-based Linux Distribution
Posted Jun 11, 2008
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution (3.1 MB) whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP.

tags | tool, kernel, peer2peer
systems | linux
SHA-256 | 21cc7f9fb71407bf6976be4443cf9f4d9e94a20dc4d3f112412fdc787ef2c820
Technical Cyber Security Alert 2008-162B
Posted Jun 11, 2008
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA08-162B - Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Windows Server, and Internet Explorer as part of the Microsoft Security Bulletin Summary for June 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code.

tags | advisory, remote, arbitrary, vulnerability
systems | windows
SHA-256 | 810d1228fe5faf883e06ea41904a059ac3560025652472f0d1ef3b2d46e29a34
Technical Cyber Security Alert 2008-162C
Posted Jun 11, 2008
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA08-162C - Apple QuickTime contains multiple vulnerabilities as described in the Apple Knowledgebase article HT1991. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.

tags | advisory, remote, arbitrary, vulnerability
systems | apple
SHA-256 | ebd772d340e41c60ebb2a0f469a73896978e3671c80a7b972ddc74236fc877d8
Mandriva Linux Security Advisory 2008-111
Posted Jun 11, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Evolution did not properly validate timezone data when processing iCalendar attachments. If a user disabled the Itip Formatter plugin and viewed a crafted iCalendar attachment, an attacker could cause a denial of service or potentially execute arbitrary code with the user's privileges. Evolution also did not properly validate the DESCRIPTION field when processing iCalendar attachments. If a user were tricked into accepting a crafted iCalendar attachment and replied to it from the calendar window, an attacker could cause a denial of service or potentially execute arbitrary code with the user's privileges. In addition, Matej Cepl found that Evolution did not properly validate date fields when processing iCalendar attachments, which could lead to a denial of service if the user viewed a crafted iCalendar attachment with the Itip Formatter plugin disabled.

tags | advisory, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2008-1108, CVE-2008-1109
SHA-256 | c8887f2382bbf2f38ca613a39ff385f4667c6d738032adf9747301ae840ae724
piugame-multi.txt
Posted Jun 11, 2008
Authored by Psymera

The Piugame CMS suffers from cross site scripting and SQL injection vulnerabilities.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | a662539dfe5a72e1c6eafd1fe99c22f21e49af167efdbe97e762982dcc786021
Zero Day Initiative Advisory 08-040
Posted Jun 11, 2008
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of SAMI files. When handling the properties of a "Class Name" variable a lack of bounds checking can result in a stack overflow. Successful exploitation can lead to remote code execution under the credentials of the logged in user.

tags | advisory, remote, overflow, arbitrary, code execution
systems | windows
advisories | CVE-2008-1444
SHA-256 | fcb95873ba9ffebfd3333b19f05f50d450840159b4c30a94f390646ec0e72774
Zero Day Initiative Advisory 08-039
Posted Jun 11, 2008
Authored by Peter Vreugdenhil, Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the substringData() method when called on a DOM object that has been manipulated in a special way. The attack results in an exploitable heap buffer allowing for code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2008-1442
SHA-256 | 199a27adda6f9b915cf6856311e07418574bbd6af52f57dd0a8956c4404ef6a1
Zero Day Initiative Advisory 08-038
Posted Jun 11, 2008
Authored by Petko Petkov, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious file.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2008-1585
SHA-256 | bcd127620a65d689b5a899b714c2eb878a2ad2d75e5b861343ac2474827a014a
Zero Day Initiative Advisory 08-037
Posted Jun 11, 2008
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple Quicktime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

tags | advisory, arbitrary
systems | apple
advisories | CVE-2008-1584
SHA-256 | 06cd3185b8d89ac305b2a42f16927bd2994ff584a3d2b9076e6a70fdad15886d
experts-sql.txt
Posted Jun 11, 2008
Authored by CWH Underground | Site citecclub.org

Experts version 1.0.0 suffers from a remote SQL injection vulnerability in answer.php.

tags | exploit, remote, php, sql injection
SHA-256 | adda4cf42abcf26f61c9712e3fe67cec9faa7c3183e5347db1ea4f3315cbf7fa
tntforum-lfi.txt
Posted Jun 11, 2008
Authored by CWH Underground | Site citecclub.org

TNT Forum version 0.9.4 suffers from local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
SHA-256 | 447c619fa83747d04a35ffa97e4c442db8577489571a4711ddda6b1d2628df30
syndeocms-lfixss.txt
Posted Jun 11, 2008
Authored by CWH Underground | Site citecclub.org

Syndeo CMS version 2.6.0 suffers from local file inclusion and cross site scripting vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
SHA-256 | a51d76a828429f390aaacd9b4cb7e81c77a4d15b4f4293acc46fbb0b9447ae0c
iDEFENSE Security Advisory 2008-06-10.4
Posted Jun 11, 2008
Authored by iDefense Labs, regenrecht | Site idefense.com

iDefense Security Advisory 06.10.08 - Remote exploitation of multiple heap overflow vulnerabilities in the FreeType2 library, as included in various vendors' operating systems, could allow an attacker to execute arbitrary code with the privileges of the affected application. iDefense has confirmed the existence of these vulnerabilities in FreeType2 version 2.3.5. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2008-1808
SHA-256 | 9a4ef45fbc6785b0af6fa5c6bf4ca83872c3fb8be357ebe78481f18cc310c0fd
Page 2 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close