what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 53 RSS Feed

Files Date: 2008-09-24 to 2008-09-25

Nmap Scanning Utility 4.76
Posted Sep 24, 2008
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Various updates to Zenmap. New external script category. Improved rpcinfo.nse. Fixed an assertion failure where raw TCP timing ping probes were wrongly used during a TCP connect scan.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | 0e960e0553eb76470c8517a0038092a3969db65cbe23c03fd6daef1acdcc9658
phpcounter-lfi.txt
Posted Sep 24, 2008
Authored by dun

PHPcounter versions 1.3.2 and below suffer from a local file inclusion vulnerability in defs.php.

tags | exploit, local, php, file inclusion
SHA-256 | 78e826d44b9cb24a6d7638885e3b9ba1fdeae6968596a5537fe91333d5a5bb60
mailwatch-lfi.txt
Posted Sep 24, 2008
Authored by dun

mailwatch versions 1.0.4 and below suffer from a local file inclusion vulnerability in docs.php.

tags | exploit, local, php, file inclusion
SHA-256 | ad5d681434723a839be9e52c01812a83f0186928a7a42553a7c9f613a55c20b5
emergecolab-lfi.txt
Posted Sep 24, 2008
Authored by dun

emergecolab version 1.0 suffers from a local file inclusion vulnerability in index.php.

tags | exploit, local, php, file inclusion
SHA-256 | b7e0ef5a268795ebce26fc08f43fd830af864b8d7a3d2af38b7d47c2da444a24
Secunia Security Advisory 31947
Posted Sep 24, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - dun has discovered a vulnerability in Basebuilder, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.

tags | advisory
SHA-256 | d1a4fd08f2caaeaecccb77ef84f795be232344e595cd9024b98c6441fe84a651
adnforums-sql.txt
Posted Sep 24, 2008
Authored by Pepelux | Site enye-sec.org

adnforum versions 1.0b and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0fb1f64bc37df2d7a5a1b2d2d304f09b211ea1a1ba711e21fe9d7533f5f7e71e
Cisco Security Advisory 20080924-ipc
Posted Sep 24, 2008
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco 10000, uBR10012 and uBR7200 series devices use a User Datagram Protocol (UDP) based Inter-Process Communication (IPC) channel that is externally reachable. An attacker could exploit this vulnerability to cause a denial of service (DoS) condition on affected devices. No other platforms are affected. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

tags | advisory, denial of service, udp, protocol
systems | cisco
advisories | CVE-2008-3805
SHA-256 | ea463164a5d2c0b0aaae0fd30a1013803446e2acd3ae1356a22e758958ba84a0
Cisco Security Advisory 20080924-l2tp
Posted Sep 24, 2008
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability exists in the Cisco IOS software implementation of Layer 2 Tunneling Protocol (L2TP), which affects limited Cisco IOS software releases. Several features enable the L2TP mgmt daemon process within Cisco IOS software, including but not limited to Layer 2 virtual private networks (L2VPN), Layer 2 Tunnel Protocol Version 3 (L2TPv3), Stack Group Bidding Protocol (SGBP) and Cisco Virtual Private Dial-Up Networks (VPDN). Once this process is enabled the device is vulnerable. This vulnerability will result in a reload of the device when processing a specially crafted L2TP packet. Cisco has released free software updates that address this vulnerability.

tags | advisory, protocol
systems | cisco
advisories | CVE-2008-3813
SHA-256 | 6ef0982b69c67aba8321a10f5b9dd4a8c31c33b2b61978e363e0d17d5b918ac7
Cisco Security Advisory 20080924-ubr
Posted Sep 24, 2008
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco uBR10012 series devices automatically enable Simple Network Management Protocol (SNMP) read/write access to the device if configured for linecard redundancy. This can be exploited by an attacker to gain complete control of the device. Only Cisco uBR10012 series devices that are configured for linecard redundancy are affected. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

tags | advisory, protocol
systems | cisco
SHA-256 | 05470ccd7689b1aa9f3c5d727f87013adb251f0825e2b00406a8624a62854db4
Cisco Security Advisory 20080924-sccp
Posted Sep 24, 2008
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A series of segmented Skinny Call Control Protocol (SCCP) messages may cause a Cisco IOS device that is configured with the Network Address Translation (NAT) SCCP Fragmentation Support feature to reload. Cisco has released free software updates that address this vulnerability. A workaround that mitigates this vulnerability is available.

tags | advisory, protocol
systems | cisco
advisories | CVE-2008-3811, CVE-2008-3810
SHA-256 | 2460cf8f6bc89158c3f1a106eaf69f49bc4ff8848979dc3988a5b5f1ef1d8a9e
Cisco Security Advisory 20080924-mfi
Posted Sep 24, 2008
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS Software Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) is vulnerable to a Denial of Service (DoS) attack from specially crafted packets. Only the MFI is affected by this vulnerability. Older Label Forwarding Information Base (LFIB) implementation, which is replaced by MFI, is not affected. Cisco has released free software updates that address this vulnerability.

tags | advisory, denial of service, protocol
systems | cisco
advisories | CVE-2008-3804
SHA-256 | 69429868f12e823d09221113c53d9b59c1b96272bd7944368fdc2c6cccc2a77e
Cisco Security Advisory 20080924-iosips
Posted Sep 24, 2008
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco IOS Intrusion Prevention System (IPS) feature contains a vulnerability in the processing of certain IPS signatures that use the SERVICE.DNS engine. This vulnerability may cause a router to crash or hang, resulting in a denial of service condition. Cisco has released free software updates that address this vulnerability. There is a workaround for this vulnerability.

tags | advisory, denial of service
systems | cisco
advisories | CVE-2008-2739
SHA-256 | 0ece8a6c60b19d21467b4d536f6557d319e855b2595780a950dd77ef3c97e75f
Cisco Security Advisory 20080924-iosfw
Posted Sep 24, 2008
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS software configured for IOS firewall Application Inspection Control (AIC) with a HTTP configured application-specific policy are vulnerable to a Denial of Service when processing a specific malformed HTTP transit packet. Successful exploitation of the vulnerability may result in a reload of the affected device. Cisco has released free software updates that address this vulnerability.

tags | advisory, web, denial of service
systems | cisco
advisories | CVE-2008-3812
SHA-256 | e823e6d3a3561cdcc3f709070fc483dfce714b29396e7cb43d64e2e89c0f1a88
Cisco Security Advisory 20080924-ssl
Posted Sep 24, 2008
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A Cisco IOS device may crash while processing an SSL packet. This can happen during the termination of an SSL-based session. The offending packet is not malformed and is normally received as part of the packet exchange. Cisco has released free software updates that address this vulnerability. Aside from disabling affected services, there are no available workarounds to mitigate an exploit of this vulnerability.

tags | advisory
systems | cisco
advisories | CVE-2008-3798
SHA-256 | fdac98c94f658d37e4b6287425c73b229e5b4c38ca0406f9af1909742dd6b9e0
Cisco Security Advisory 20080924-cucm
Posted Sep 24, 2008
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified Communications Manager, formerly Cisco Unified CallManager, contains two denial of service (DoS) vulnerabilities in the Session Initiation Protocol (SIP) service. An exploit of these vulnerabilities may cause an interruption in voice services. Cisco will release free software updates that address these vulnerabilities and this advisory will be updated as fixed software becomes available. There are no workarounds for these vulnerabilities.

tags | advisory, denial of service, vulnerability, protocol
systems | cisco
advisories | CVE-2008-3800, CVE-2008-3801
SHA-256 | 4f1d373f55abecb7f4a2774f823e3fa0eec21b9ce8d277d39c3622da7715f891
adnforums-insecure.txt
Posted Sep 24, 2008
Authored by Pepelux | Site enye-sec.org

adnforum versions 1.0b and below suffer from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
SHA-256 | be56a8be0f5dc3ddc43730017a67ce2a8dabd9de4bc0d226744cfdc00f3c53d8
google-exhaust.txt
Posted Sep 24, 2008
Authored by Aditya K Sood | Site secniche.org

Google Chrome versions 0.2.149.30 and 0.2.149.29 carriage return NULL object memory exhaustion denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 3e5ce87ae7c477aa26912e725ad588fc796a66929314dba366fc69aa2e9bdc68
Secunia Security Advisory 31553
Posted Sep 24, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sarid Harper has reported a vulnerability in Checkpoint Connectra NGX, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | d34fed73d949f5bd10dd330a972dff764aed6bd80c0a98bf232147038601261b
Secunia Security Advisory 31945
Posted Sep 24, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in 6rbScript, which can be exploited by malicious people to disclose sensitive information or to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 8306f9c94cd7586221a26d1ed8e4d1a558bebf6b439c3855061d75661afe11f5
Secunia Security Advisory 31946
Posted Sep 24, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the freeCap CAPTCHA (sr_freecap) extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | de315871eda19ad0aec1629aef7540b27cbd406003f954dbdaa14b73e54ac57e
jadu-sql.txt
Posted Sep 24, 2008
Authored by r45c4l | Site darkc0de.com

Jadu CMS for Government suffers from a remote SQL injection vulnerability in recruit_details.php.

tags | exploit, remote, php, sql injection
SHA-256 | 048e5a0049c2dc97468850e1c0e345cdaff34e4e425673ed86dad045528bbf94
Ubuntu Security Notice 645-2
Posted Sep 24, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 645-2 - USN-645-1 fixed vulnerabilities in Firefox and xulrunner for Ubuntu 7.04, 7.10 and 8.04 LTS. This provides the corresponding update for Ubuntu 6.06 LTS. A very large amount of vulnerabilities have been addressed in the latest Firefox release from Ubuntu.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2008-0016, CVE-2008-3835, CVE-2008-3836, CVE-2008-3837, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064, CVE-2008-4065, CVE-2008-4066, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069
SHA-256 | 0d7de40a35ce5a90bf42974185bd6659e4298154faaeba8588069d28de22ce0d
Ubuntu Security Notice 645-1
Posted Sep 24, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 645-1 - A very large amount of vulnerabilities have been addressed in the latest Firefox release from Ubuntu.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2008-0016, CVE-2008-3835, CVE-2008-3836, CVE-2008-3837, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064, CVE-2008-4065, CVE-2008-4066, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069
SHA-256 | 0144b39da9021456e5249e9390082743bab9f1475ea0c8b50d24b76e87610a2d
webcp-disclose.txt
Posted Sep 24, 2008
Authored by GolD_M | Site tryag.cc

webcp version 0.5.7 suffers from a remote file disclosure vulnerability in sendfile.php.

tags | exploit, remote, php, info disclosure
SHA-256 | bcd5df18d408f47d7f80631be5f4e7c66949b3800b695108da0cf68ffa544f34
ajauctionpro-sql.txt
Posted Sep 24, 2008
Authored by GolD_M | Site tryag.cc

AJ Auction Pro Platinum Skin #2 suffers from a remote SQL injection vulnerability in detail.php.

tags | exploit, remote, php, sql injection
SHA-256 | e4c68de6381d789cd0bc27452d3693c482e9999adec277e12eb8e2d567fabf06
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close