exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 108 RSS Feed

Files Date: 2008-09-03 to 2008-09-04

Secunia Security Advisory 31725
Posted Sep 3, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 51df86400ac6e4ba4cf2f0486348bb50db20f2f3bdc9cc74bdbf00349fd04e28
SQLMAP - Automatic SQL Injection Tool
Posted Sep 3, 2008
Authored by Bernardo Damele, Daniele Bellucci | Site sqlmap.org

sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specific DBMS tables/columns, run his own SQL SELECT statement, read specific files on the file system and much more.

tags | web, vulnerability, sql injection, python
systems | unix
SHA-256 | 3c24955ec014ce95d653b0dc141b0bb3bd940d7d9792bb6de87c749c6713f04c
HP Security Bulletin 2008-00.44
Posted Sep 3, 2008
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to create a Denial of Service (DoS).

tags | advisory, denial of service, vulnerability
advisories | CVE-2008-3536, CVE-2008-3537
SHA-256 | 24e9ab21d155825746e419691638212fef904412f9ddab853bbcd9792bb4fefc
elitecms-sql.txt
Posted Sep 3, 2008
Authored by e.wiZz!

elite CMS version 1.0 suffers from a remote SQL injection vulnerability in index.php.

tags | exploit, remote, php, sql injection
SHA-256 | 7ca0353948d5eef1d3a0b53c23ca281ed7d3c7d9f24f29d0794b408dbb811f04
Mandriva Linux Security Advisory 2008-183
Posted Sep 3, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Chaskiel M Grundman found that OpenSC would initialize smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN without first having the PIN or PUK, or the superuser's PIN or PUK. Please note that this issue can not be used to discover the PIN on a card. If the PIN on a card is the same that was always there, it is unlikely that this vulnerability has been exploited. As well, this issue only affects smart cards and USB crypto tokens based on Siemens CardOS M4, and then only those devices that were initialized by OpenSC. Users of other smart cards or USB crypto tokens, or cards that were not initialized by OpenSC, are not affected. After applying the update, executing 'pkcs15-tool -T' will indicate whether the card is fine or vulnerable. If the card is vulnerable, the security settings need to be updated by executing 'pkcs15-tool -T -U'. The updated packages have been patched to prevent this issue.

tags | advisory, crypto
systems | linux, mandriva
advisories | CVE-2008-2235
SHA-256 | ba09b1a1c5d45943d35cfa80f8251de261f5dd57c0789098f49d62d5b8012873
Mandriva Linux Security Advisory 2008-182
Posted Sep 3, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Rob Holland found several programming errors in WordNet which could lead to the execution or arbitrary code when used with untrusted input. The updated packages have been patched to prevent these issues.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2008-2149
SHA-256 | 11ab96f9d53f08818b66ce21c11dbd8db246d6cbc6451a0422a398a005157de2
cscart-sql.txt
Posted Sep 3, 2008
Authored by James Bercegay | Site gulftech.org

CS-Cart versions 1.3.5 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c34743899f62cb832bb5555cff30c0fb0ef5563bbccf281f5f5a8afb277cecfa
HP Security Bulletin 2008-01.13
Posted Sep 3, 2008
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified in HP-UX running Netscape / Red Hat Directory Server. These vulnerabilities could be exploited remotely to allow Cross Site Scripting (XSS) or to create a Denial of Service (DoS).

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat, hpux
advisories | CVE-2008-2928, CVE-2008-2929, CVE-2008-2930, CVE-2008-3283
SHA-256 | bd7394d35cf0e89fe4a7e7344695f9d44a8db4a602707c66b764f0d68e64afa4
softalk-dos.txt
Posted Sep 3, 2008
Authored by Joao Antunes

The Softalk IMAP server version 8.5.1 is susceptible to a denial of service vulnerability.

tags | advisory, denial of service, imap
SHA-256 | 5611130875b5d83f2966976bf8bc3e007c779dad975edd95df7f87e34774cabc
psbot.py.txt
Posted Sep 3, 2008
Authored by Qnix | Site 0x80.org

Psbot is an IRC bot written in Python that allows for remote command execution, connectback functionality, and backdoors to be spawned.

tags | tool, remote, rootkit, python
systems | unix
SHA-256 | 19b5101f1c3bdf98f9f2f07a8b9f2bec6d802f32d23c11cca99b5a7b568b20c9
mysql-injection-newbies.txt
Posted Sep 3, 2008
Authored by SAM207

A tutorial written for newbies who wants to explore the m4d l33t world of SQL injection and have yet to even learn basic SQL commands.

tags | paper, sql injection
SHA-256 | c0a7f60cb48c9552397f1e532902b4520e369df3e949149b7d57db9e5e391b32
ajhyipacmereadarticle-sql.txt
Posted Sep 3, 2008
Authored by Cyb3r-1sT

AJ HYIP ACME suffers from a SQL injection vulnerability in readarticle.php.

tags | exploit, php, sql injection
SHA-256 | 48ddda254e74de9fc970da1f11cd53cb12ab12d3245924810d6ae076285cc8ce
ajhyipacmecomment-sql.txt
Posted Sep 3, 2008
Authored by security fears team | Site alsonaa.com

AJ HYIP ACME suffers from a SQL injection vulnerability in comment.php.

tags | exploit, php, sql injection
SHA-256 | 3f315d9cecc325edacfbaf3581ff991d0aa1938318cd405c6b612e92aa1baaba
Kyocera FTP Bounce
Posted Sep 3, 2008
Authored by Francesco Tornieri

Using Nmap, it is quite simple to perform a FTP bounce attack to port scan using the ftpd in Kyocera's printer model FS-118MFP.

tags | exploit
SHA-256 | c299acd863cc8ce32930a99e8c048a8d421ffc84f47a97c58db3b8894343e64c
Ubuntu Security Notice 639-1
Posted Sep 3, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 639-1 - Drew Yao discovered that the TIFF library did not correctly validate LZW compressed TIFF images. If a user or automated system were tricked into processing a malicious image, a remote attacker could execute arbitrary code or cause an application linked against libtiff to crash, leading to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-2327
SHA-256 | 7425ed6ce5a705daa62cf3c489f5af480a0daa6f5c020b5c007d7196b3cb683c
reciprocal-sql.txt
Posted Sep 3, 2008
Authored by Hussin X | Site tryag.cc

Reciprocal Link Manager version 1.1 suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 2bb3a40350501459ffde6c0d06558c6849dea1708e56eec4064434a7d4ffc54c
coupon-sql.txt
Posted Sep 3, 2008
Authored by Hussin X | Site tryag.cc

Coupon Script version 4.0 suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | a6b324dd31358b9e948100994b00658c1ab2af2f504573d0d6ec1e54dceb3370
postfix24-dos.txt
Posted Sep 3, 2008
Authored by Wietse Venema

Postfix versions 2.4 and above when used on the Linux 2.6 kernel suffer from a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux
SHA-256 | f320271050cde8f2437f06d2143b83f4409ae88a25a2a4ad510f5208a72c5243
draft-gont-opsec-ip-security-01.txt
Posted Sep 3, 2008
Authored by Fernando Gont | Site ietf.org

This is the IETF Internet-Draft entitled "Security Assessment of the Internet Protocol version 4", which is heavily based on the "Security Assessment of the Internet Protocol".

tags | paper, protocol
SHA-256 | 0f89100a070e0ace98c2f792a2e4cd5cbb04302b6669f80341ba345815d8dcdb
draft-ietf-tsvwg-port-randomization-02.txt
Posted Sep 3, 2008
Authored by Fernando Gont, Michael Vittrup Larsen | Site ietf.org

This document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.

Changes: This new revision of the document addresses the feedback we got from Amit Klein, Matthias Bethke, and Alfred Hoenes.
tags | paper, local, udp, tcp, protocol
SHA-256 | 61b14f84224795032551d1a5e2ebfe45a4f86868563581fff491e9408e636381
bizdir-xss.txt
Posted Sep 3, 2008
Authored by Am!r | Site irist.ir

BizDirectory versions 2.04 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4aaab9425f330a9a505492e0efe74debe0361f837d4e414275b6ab76190c5af7
evilshell.c
Posted Sep 3, 2008
Authored by Simpp

3vilsh3ll is a remote backdoor that shuffles a shell back to a remote host when hit with an ICMP packet that has special settings.

tags | tool, remote, shell, rootkit
systems | unix
SHA-256 | a4a668163c7e61330d54c7d954f4e67c8d4b0cf20bf7c6186e755e7be503d257
Debian Linux Security Advisory 1634-1
Posted Sep 3, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1634-1 - Rob Holland discovered several programming errors in WordNet, an electronic lexical database of the English language. These flaws could allow arbitrary code execution when used with untrusted input, for example when WordNet is in use as a back end for a web application.

tags | advisory, web, arbitrary, code execution
systems | linux, debian
SHA-256 | 52ff5570bb0a9bdffaa2f6f311596edcf3dba0c7efbe96a3017e88abc0899e73
Debian Linux Security Advisory 1633-1
Posted Sep 3, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1633-1 - It has been discovered that Slash, the Slashdot Like Automated Storytelling

tags | advisory
systems | linux, debian
advisories | CVE-2008-2231, CVE-2008-2553
SHA-256 | aa596c277a1df042166288297fd5d8bd5af2fd57e32c758d656a123f62556a02
mimedefang-2.65.tar.gz
Posted Sep 3, 2008
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: Fixed a few minor compiler warnings.
systems | windows, unix
SHA-256 | 52b05d506f5c9470f24b899f42e7a4c98602cbe6e3a38e443fb9e1cd142e6eea
Page 2 of 5
Back12345Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close