what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

usr9105.bz2
Posted Feb 25, 2005
Authored by Mark Wadham

usr9105.c is a very simple interface to the US Robotics 9105 ADSL router's command shell (linux-based). The program lets you send commands directly to the router's telnet interface and capture the output (if any). Very useful for taking advantage of the very powerful iptables firewall that this router implements. Also allows you to run several commands at once specified in a config file. Tested on the 9105, may also work on the 9106 and others.

tags | shell
systems | linux, unix
SHA-256 | a1eb29ee16e1b18abbf65e3a8d3d70246130c43212d089c788e813428df59357

Related Files

Debian Security Advisory 2452-1
Posted Apr 16, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2452-1 - Niels Heinen noticed a security issue with the default Apache configuration on Debian if certain scripting modules like mod_php or mod_rivet are installed. The problem arises because the directory /usr/share/doc, which is mapped to the URL /doc, may contain example scripts that can be executed by requests to this URL. Although access to the URL /doc is restricted to connections from localhost, this still creates security issues in two specific configurations.

tags | advisory
systems | linux, debian
advisories | CVE-2012-0216
SHA-256 | d52b84f07d62410b49a8dd5b85aec7aeebf6d89cf4e9d3b364e93c771843b179
Red Hat Security Advisory 2012-0376-01
Posted Mar 9, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0376-01 - SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or, potentially, read arbitrary kernel memory. Additionally, a privileged user could trigger this flaw when tricked into instrumenting a specially-crafted ELF binary, even when unprivileged mode was not enabled.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2012-0875
SHA-256 | e422ced8c0db13d83d39754c32ac7ba21d17c4d96665817fad593c0d7a570d7d
FreeBSD Security Advisory - pam_start() Improper Validation
Posted Dec 28, 2011
Site security.freebsd.org

FreeBSD Security Advisory - Some third-party applications, including KDE's kcheckpass command, allow the user to specify the name of the policy on the command line. Since OpenPAM treats the policy name as a path relative to /etc/pam.d or /usr/local/etc/pam.d, users who are permitted to run such an application can craft their own policies and cause the application to load and execute their own modules. If an application that runs with root privileges allows the user to specify the name of the PAM policy to load, users who are permitted to run that application will be able to execute arbitrary code with root privileges.

tags | advisory, arbitrary, local, root
systems | freebsd
advisories | CVE-2011-4122
SHA-256 | 685c68cd0d879191a8f6e9dd16fb3ba8d2d61b100f23301bbe8d7f9cde467b5e
Red Hat Security Advisory 2011-1089-01
Posted Jul 26, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1089-01 - SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. A race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing them to escalate their privileges. SystemTap users should upgrade to these updated packages, which contain a backported patch to correct this issue.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2011-2503
SHA-256 | a497c7f2178a289d7629e75265fe19f811a1c19e782b0afc72abf662b775d3d8
Red Hat Security Advisory 2011-1088-01
Posted Jul 26, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1088-01 - SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. It was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobes module, used when performing user-space probing . A local user who is a member of the stapusr group could use this flaw to bypass intended module-loading restrictions, allowing them to escalate their privileges by loading an arbitrary, unsigned module.

tags | advisory, arbitrary, kernel, local
systems | linux, redhat
advisories | CVE-2011-2502, CVE-2011-2503
SHA-256 | 52adcc4a9aefd37945fc629fa15624c8c51c02f09250bb3313127c02d6605f9c
Red Hat Security Advisory 2011-0842-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0842-01 - SystemTap is an instrumentation system for systems running the Linux kernel, version 2.6. Developers can write scripts to collect data on the operation of the system. Two divide-by-zero flaws were found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use these flaws to crash the system. Additionally, a privileged user could trigger these flaws when tricked into instrumenting a specially-crafted ELF binary, even when unprivileged mode was not enabled. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2011-1769, CVE-2011-1781
SHA-256 | 3c7427b5b95d584ff0f15f1cf948ace22383d21c18c9c82f90c5dc9830434834
Red Hat Security Advisory 2011-0841-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0841-01 - SystemTap is an instrumentation system for systems running the Linux kernel, version 2.6. Developers can write scripts to collect data on the operation of the system. A divide-by-zero flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system. Additionally, a privileged user could trigger this flaw when tricked into instrumenting a specially-crafted ELF binary, even when unprivileged mode was not enabled. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2011-1769
SHA-256 | 83a3245143352b55f2a14786aedf6c975c0e124352b29ce5e82166a801a48ca5
Linux/x86 netcat Bindshell Shellcode
Posted Apr 21, 2011
Authored by Jonathan Salwan

Linux/x86 /usr/bin/netcat -ltp6666 -e/bin/sh shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 84aa0c4d97e3ba738247628d5bb9d317fcac19a4b680f5764acf2335664d47e8
Mandriva Linux Security Advisory 2010-241
Posted Nov 24, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-241 - gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. The affected /usr/bin/gnc-test-env file has been removed to mitigate the vulnerability as gnc-test-env is only used for tests and while building gnucash. Additionally for Mandriva 2010.1 gnucash-2.2.9 was not compatible with guile. This update adapts gnucash to the new API of guile.

tags | advisory, local, trojan
systems | linux, mandriva
advisories | CVE-2010-3999
SHA-256 | f6ba7fc2153de0d6d4e2127713a15491bdc57288a34cad682323920481676a39
sys_execve("/usr/bin/lwpdownload","evil") Shellcode
Posted Jun 2, 2010
Authored by gunslinger | Site gunslingerc0de.wordpress.com

52 bytes small sys_execve("/usr/bin/lwp-download", "evil") Linux/x86 shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 43ae4c67690d384397feec3fed86e721c371a85a0fea451e2ec737e793fa94e3
Secunia Security Advisory 39889
Posted May 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David K. has reported a vulnerability in the USR5463 802.11g Wireless Router, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 8ff4e731433fad273ea8e5816e3ff70250e0c00f4da282ecd9647b651cd96389
USR5463 802.11g Wireless Router Cross Site Scripting
Posted May 21, 2010
Authored by SH4V

The USR5463 802.11g wireless router suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a96243ac6d9222260d18b62398b6c9130b47c7173b66bd072f4ed1152abf34f7
Linux/x86 execve("/usr/bin/wget","aaaa"); Shellcode
Posted May 19, 2010
Authored by Jonathan Salwan | Site shell-storm.org

42 bytes small Linux/x86 execve("/usr/bin/wget","aaaa"); shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 4f28ade719844d3175c926a102509862dcf892f296efb022e1caddea183500d6
Mandriva Linux Security Advisory 2009-171
Posted Jul 28, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-171 - Tavis Ormandy and Julien Tinnes of the Google Security Team discovered that pulseaudio, when installed setuid root, does not drop privileges before re-executing itself to achieve immediate bindings. This can be exploited by a user who has write access to any directory on the file system containing /usr/bin to gain local root access. The user needs to exploit a race condition related to creating a hard link. This update provides fixes for this vulnerability.

tags | advisory, local, root
systems | linux, mandriva
advisories | CVE-2009-1894
SHA-256 | 849044bfba62baf25c7bf418a0814ff3799bad71d9160681d6e575fa4b939f3e
Mandriva Linux Security Advisory 2009-152
Posted Jul 17, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-152 - Tavis Ormandy and Julien Tinnes of the Google Security Team discovered that pulseaudio, when installed setuid root, does not drop privileges before re-executing itself to achieve immediate bindings. This can be exploited by a user who has write access to any directory on the file system containing /usr/bin to gain local root access. The user needs to exploit a race condition related to creating a hard link. This update provides fixes for this vulnerability.

tags | advisory, local, root
systems | linux, mandriva
advisories | CVE-2009-1894
SHA-256 | efef538e5448dc71abb6142f0dac1a1ee4d7d0e7534491b4dea526851e048f60
Debian Linux Security Advisory 1777-1
Posted Apr 21, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1777-1 - Peter Palfrader discovered that in the Git revision control system, on some architectures files under /usr/share/git-core/templates/ were owned by a non-root user. This allows a user with that uid on the local system to write to these files and possibly escalate their privileges.

tags | advisory, local, root
systems | linux, debian
SHA-256 | 500d8f3151384f814ba1d78f67eb1c977fbe6867618aac9141e9b60ffa3ad885
Debian Linux Security Advisory 1755-1
Posted Mar 26, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1755-1 - Erik Sjoelund discovered that a race condition in the stap tool shipped by Systemtap, an instrumentation system for Linux 2.6, allows local privilege escalation for members of the stapusr group.

tags | advisory, local
systems | linux, debian
advisories | CVE-2009-0784
SHA-256 | 85821ca0db4ababee6c5087c25d750720baebc424b47a27ad601f790dfdd2ace
Mandriva Linux Security Advisory 2008-163
Posted Aug 8, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Multiple integer overflows in the imageop module in Python prior to 2.5.3 allowed context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. to an incomplete fix for CVE-2007-4965. David Remahl of Apple Product Security reported several integer overflows in a number of core modules. reported an integer overflow in the hashlib module on Python 2.5 that lead to unreliable cryptographic digest results. Justin Ferguson reported multiple buffer overflows in unicode string processing that affected 32bit systems. Multiple integer overflows were reported by the Google Security Team that had been fixed in Python 2.5.2. Justin Ferguson reported a number of integer overflows and underflows in the PyOS_vsnprintf() function, as well as an off-by-one error when passing zero-length strings, that led to memory corruption. The updated packages have been patched to correct these issues. As well, Python packages on Mandriva Linux 2007.1 and 2008.0 have been updated to version 2.5.2. Due to slight packaging changes on Mandriva Linux 2007.1, a new package is available (tkinter-apps) that contains binary files (such as /usr/bin/idle) that were previously in the tkinter package.

tags | advisory, denial of service, overflow, arbitrary, python
systems | linux, apple, mandriva
advisories | CVE-2008-1679, CVE-2008-2315, CVE-2008-2316, CVE-2008-3142, CVE-2008-3143, CVE-2008-3144
SHA-256 | 9a50d43050213b8aac716a2a7270d520a3c43c10e5bec3a1910ee71cf69067ab
quickticket-sql.txt
Posted Mar 13, 2008
Authored by croconile

QuickTicket versions 1.5 and below suffer from a SQL injection vulnerability in qti_usr.php.

tags | exploit, php, sql injection
SHA-256 | 146582f656220a019ccf6a05dbefea93a42a084555bd18f75bf642c51428b8ae
Secunia Security Advisory 28842
Posted Feb 12, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Cr@zy_King has discovered a vulnerability in Husrev BlackBoard, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 15094bd05bed5810b46d626d21715bebeb71ee2a11750fc4ddc589a61bad641b
Gentoo Linux Security Advisory 200801-14
Posted Jan 28, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200801-14 - The /usr/bin/blam script sets the LD_LIBRARY_PATH environment variable incorrectly, which might result in the current working directory (.) being included when searching for dynamically linked libraries of the Mono Runtime application. Versions less than 1.8.4 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2005-4790
SHA-256 | 3f5369e615881d85093c15e888233ac85ef3a385dfde99e2e089ccce89737027
Gentoo Linux Security Advisory 200711-12
Posted Nov 8, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-12 - Jan Oravec reported that the /usr/bin/tomboy script sets the LD_LIBRARY_PATH environment variable incorrectly, which might result in the current working directory (.) to be included when searching for dynamically linked libraries of the Mono Runtime application. Versions less than 0.8.1-r1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2005-4790
SHA-256 | f8bda11dcc30f436bbd2cba1aad856429dbb9a8ee0aa970c796cc837a1add317
Gentoo Linux Security Advisory 200709-18
Posted Oct 2, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200709-18 - Masahiro Yamada found that from the 2.17.1 version, Bugzilla does not properly sanitize the content of the buildid parameter when filing bugs. The next two vulnerabilities only affect Bugzilla 2.23.3 or later, hence the stable Gentoo Portage tree does not contain these two vulnerabilities: Loic Minier reported that the Email::Send::Sendmail() function does not properly sanitize from email information before sending it to the -f parameter of /usr/sbin/sendmail, and Frederic Buclin discovered that the XML-RPC interface does not correctly check permissions in the time-tracking fields. Versions less than 3.0.1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2007-4538, CVE-2007-4539, CVE-2007-4543
SHA-256 | 189c5de88657acf5a69a2efd59783f92ed201f4766dc696eb088ef0664987fc2
Secunia Security Advisory 26736
Posted Sep 12, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Husrev Forums, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 531448fb9693cc57d919feb5adcef23137e39d3a73e70ab364215e9905d210e9
husrev-sql.txt
Posted Sep 10, 2007
Authored by Yollubunlar | Site yollubunlar.org

Husrev Forums version 2.0.1:PoWerBoard suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | c11410b8284dd3770e86a637f3b774c80a9da104fe6097a02dc030c470d23cf4
Page 1 of 4
Back1234Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close