exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 61 RSS Feed

Files Date: 2005-06-21

phpMyVisites.txt
Posted Jun 21, 2005
Authored by Max Cerny

phpMyVisites 1.3 is susceptible to a local file retrieval vulnerability.

tags | exploit, local
SHA-256 | 7241f2f8a76c391ae05432c0793f5990820b2fed8cb51db642a54432b01a251b
phox.txt
Posted Jun 21, 2005
Authored by Phox

myPHP version 3 suffers from some authentication flaws.

tags | advisory
SHA-256 | 7acb86e0cb84d96d1c0a4a8bad9fef5794155e64405dfc6914ef1930d430fdbc
p33r-b33r.c
Posted Jun 21, 2005
Authored by Darkeagle | Site unl0ck.org

PeerCast versions 0.1211 and below HTTP Requests remote format string exploit.

tags | exploit, remote, web
SHA-256 | 38eb59d932b484344a4a487ce8592d5523ddddcc2d98338ae0b333ab12b961ee
Clam AntiVirus Toolkit 0.86
Posted Jun 21, 2005
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Various fixes and updates.
tags | virus
systems | unix
SHA-256 | b4e58bb23a3eb176987309aae3eb6a7dd7b0dd376cbd6b9298ef4007b16ec8cc
enterasys.txt
Posted Jun 21, 2005
Authored by Jacek Lipkowski

Enterasys Vertical Horizon switches have a default account embedded in them. Additionally, a denial of service vulnerability exists.

tags | exploit, denial of service
SHA-256 | 97df385b1c7c2ba8b61d82c9701fcb688658ebfd12c37c7834c410d094db2645
groupwarePassword.txt
Posted Jun 21, 2005
Authored by Securityteam

A Vulnerability exists in the Novell GroupWise Client that will allow an attacker to identify the id and password of the users GroupWise email account. Tested vulnerable versions: 6.5.2, 6.0, and 5.5.

tags | advisory
SHA-256 | 921c82b00c438750325e3b3be83c287e5afe618d7a5952803687192893b0636d
pafaq.pl.txt
Posted Jun 21, 2005
Authored by James Bercegay | Site gulftech.org

paFaq version 1.0 Beta 4 add administrator proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 14d1fab8be7b49e5b3ddba7f95173d88d0bae71b6edfda345710df0777ec61e5
paFaq10beta4.txt
Posted Jun 21, 2005
Authored by James Bercegay | Site gulftech.org

paFaq version 1.0 Beta 4 suffers from SQL injection and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 857e5523c32704ae5bef2804a3ddd90ad4b5070e6bc0a0ccbcfafb8a75be050f
sudo168-9.txt
Posted Jun 21, 2005
Site sudo.ws

A race condition exists in Sudo's command pathname handling prior to Sudo version 1.6.8p9 that could allow a user with Sudo privileges to run arbitrary commands.

tags | advisory, arbitrary
SHA-256 | a70767bc3df652f28565e7a7ef5f5857dd8f651bee8d0dcfe89f265f2852c080
ciscoEnum.txt
Posted Jun 21, 2005
Authored by Roy Hills | Site nta-monitor.com

A vulnerability in Cisco VPN concentrators allows an attacker to enumerate valid groupnames on a through either a dictionary attack, or a brute-force attack. The issue exists because the concentrator responds to valid groupnames differently to the way in which it responds to invalid groupnames. The issue is believed to affect all models of Cisco VPN 3000 Concentrator: 3005, 3015, 3020, 3030, 3060 and 3080. It is believed that all software versions prior to 4.1.7.F are vulnerable.

tags | advisory
systems | cisco
SHA-256 | 2e460ecbb84d0cf7cfa5a0a6fbd7103c9f804914e042195662abb8fd2f0a6d00
Echo Security Advisory 2005.18
Posted Jun 21, 2005
Authored by Echo Security, Dedi Dwianto | Site echo.or.id

Multiple SQL injection vulnerabilities exist in Ublog Reload version 1.0.5.

tags | exploit, vulnerability, sql injection
SHA-256 | 8b1fbfc37efa583b7a759ad77da415d492a4b2b221e716e0c1939c405fa6da1e
Gentoo Linux Security Advisory 200506-16
Posted Jun 21, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200506-16 - A vulnerability has been found in cpio that can potentially allow a cpio archive to extract its files to an arbitrary directory of the creator's choice. Versions less than 2.6-r3 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2005-1111
SHA-256 | 56da6d591149beb5f762ec3683a0d848342609cabfac8f21e3af5fc1af076fea
advisory-012005.txt
Posted Jun 21, 2005
Authored by Stefan Esser | Site hardened-php.net

During an evaluation of Trac, an input validation vulnerability was discovered which can lead to arbitrary uploading and downloading of files with the permission of the web server.

tags | advisory, web, arbitrary
SHA-256 | f3d29acb6264e7e52acb1152dda2f9156a367be10f0e8013ba0df3ffb4203fd1
Gentoo Linux Security Advisory 200506-15
Posted Jun 21, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200506-15 - James Bercegay of the GulfTech Security Research Team discovered that PeerCast insecurely implements formatted printing when receiving a request with a malformed URL. Versions less than 0.1212 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | d0754a98f63ac7de8c761599f8a05fda5f493cdfba87aa8e2d7eb3613dc7665f
Gentoo Linux Security Advisory 200506-14
Posted Jun 21, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200506-14 - Both Sun's and Blackdown's JDK and JRE may allow untrusted applets to elevate privileges. Versions less than 1.4.2.08 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 105d3c65ced75ca1eaa4a5db0f76d17a025ce64a3dc61f0c01da843a5494eb5d
KCcol-xpl.pl
Posted Jun 21, 2005
Authored by K-C0d3r

Perl version of the Claroline e-Learning version 1.6 and below remote password hash extraction SQL injection exploit.

tags | exploit, remote, perl, sql injection
SHA-256 | d611e1b2a90b10c2fd6329c2964130b5cfc4dca52477b13ec7e64443e116a313
claroline16.txt
Posted Jun 21, 2005
Authored by Sieg Fried, mh_p0rtal

Claroline e-Learning versions 1.6 and below remote password hash extraction SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | d4d28dad2ed1e2611a7cbb64a0a9e56b1021a8cf906461880bc67ae1541ae9df
Gentoo Linux Security Advisory 200506-13
Posted Jun 21, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200506-13 - Eric Romang discovered webapp-config uses a predictable temporary filename while processing certain options, resulting in a race condition. Versions less than 1.11 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 3cfe974915d396fdf153bb802d0bbb5e9680c1d3796239f09e6fb4b3abeef919
yawsSource.txt
Posted Jun 21, 2005
Authored by M. Eiszner | Site sec-consult.com

Yaws webserver versions 1.55 and below suffer from a source code disclosure flaw when a null byte is appended to the filename being accessed.

tags | advisory
SHA-256 | ad42f94a077bca941b456f8f2abf8d40742de163faf4303e44afa003e94d874b
adobeXML.txt
Posted Jun 21, 2005
Authored by Jeremiah Grossman

Recent versions of Adobe Reader (previously known as Acrobat Reader) are vulnerable to XML External Entity (XXE) Attacks. By including a JavaScript in a PDF file, and have this JavaScript parse an embedded XML document with a reference to an external entity, it is possible to read certain types of textual files on the local computer, and have them sent to a remote attacker.

tags | advisory, remote, local, javascript, xxe
SHA-256 | e4eb9bd6d086fc72abf05dc8225eb8384fbc26f2134d79f9587ff4deefa90078
Exploit Labs Security Advisory 2005.9
Posted Jun 21, 2005
Authored by Donnie Werner, Exploit Labs | Site exploitlabs.com

Cool Cafe Chat 1.2.1 suffers from a SQL injection vulnerability via an unsanitized password variable.

tags | exploit, sql injection
SHA-256 | 6b78863a9257dee742b652723b329cb3ae31c28d7db77fd5ad0dc78f007e9109
EEYEB-20050316.txt
Posted Jun 21, 2005
Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a vulnerability in the way various versions of Windows handle Windows Help (.CHM) files. If exploited, this vulnerability allows arbitrary code to be executed by the remote attacker. A malicious .CHM file can be opened by Internet Explorer without user interaction by using the ms-its protocol specification.

tags | advisory, remote, arbitrary, protocol
systems | windows
SHA-256 | 8436f65d98a23317ef683d3d5247c324f8f9d5b1ccfee3217464b065fe672198
phpforum11.txt
Posted Jun 21, 2005
Authored by d_bug

Phpforum McGallery version 1.1 suffers from a directory traversal vulnerability.

tags | exploit
SHA-256 | c485d85c457ce5c2454a02c005e0d58a5d63527fc7c19b797142a176a708aef2
bitrix40xInclusion.txt
Posted Jun 21, 2005
Authored by d_bug

Bitrix Site Manager 4.0.x suffers from a remote file inclusion and execution vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | 7b62a61c54e53d330843b685ee3ff2a1179a09eaa2d32f06d6abc047f1a8410a
DMA-2005-0614a.txt
Posted Jun 21, 2005
Authored by Kevin Finisterre

The Global Hauri ViRobot 2.0 server suffers from a cookie related overflow.

tags | advisory, overflow
SHA-256 | aae4fbf083312fd8cc842727b9168f931208ac628c9d8dfcd7103910ac1d0ddd
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close