what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 47 RSS Feed

Files Date: 2006-12-08

tucows-rfi.txt
Posted Dec 8, 2006
Authored by Dr Max Virus

Tucows Client Code Suite versions 1.2.1015 and below remote file inclusion exploit.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 8c7d5b4d9a9dfc82ac79fb8f2fedab577e49661b957d2b6322b0aec2f4fdb955
cm68news-rfi.txt
Posted Dec 8, 2006
Authored by Paul Bakoyiannis

CM68 News versions 12.02.06 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 4fbe17c6a6010d536536b580b3767f08cf848d5233eda6dea1a08f4697af66c9
thinkedit-rfi.txt
Posted Dec 8, 2006
Authored by r0ut3r

ThinkEdit version 1.9.2 remote file inclusion exploit that makes use of render.php.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | 4971932d75405a4150baed935db4da30ab40d64a76faf9e41e79272cd369b797
Nmap Scanning Utility 4.20
Posted Dec 8, 2006
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.

Changes: New OS fingerprint submissions have been added. Fixed a segmentation fault in the new OS detection system. Fixed a TCP sequence prediction difficulty indicator bug.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | eecb276af0d7e63530f92ed924b25f34ce0731b9cbaa8b16cbe7179077b93159
sauerkraut.c
Posted Dec 8, 2006
Authored by softxor | Site bunnies.phpnet.us

sauerkraut is a lightweight, multi-threaded and very fast IP scanner with a built-in banner grabber.

tags | tool, scanner
systems | unix
SHA-256 | b2e699b7b162c30c8291ec7ada22b3d75012360bad189e68625b9ab34bff7109
refspoof.c
Posted Dec 8, 2006
Authored by softxor | Site bunnies.phpnet.us

Refspoof acts like a proxy server and is able to spoof your HTTP referrer and user-agent. This comes in handy to bypass certain authentication mechanisms or user-agent limitations for some download managers.

tags | web, spoof
SHA-256 | 462eb0a9eca7d32154fd32846ca63fb75e1f3e01df8a7c208d4a14265c2e4f38
madwifi.txt
Posted Dec 8, 2006
Authored by Laurent Butti, Jerome RAZNIEWSKI, Julien Tinnes

There is a buffer overflow in the Madwifi Atheros driver in some functions called by SIOCSIWSCAN ioctl.

tags | advisory, overflow
advisories | CVE-2006-6332
SHA-256 | ae78388667ab3deb4319d8f83bc674032a7c7b8df47d26ab5490c18a34bceb0c
CA Security Advisory 34846
Posted Dec 8, 2006
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CAID 34846 - CA BrightStor ARCserve Backup contains a buffer overflow that allows remote attackers to execute arbitrary code with local SYSTEM privileges on Windows. This issue affects the BrightStor Backup Discovery Service in multiple BrightStor ARCserve Backup application agents and the Base product.

tags | advisory, remote, overflow, arbitrary, local
systems | windows
advisories | CVE-2006-6379
SHA-256 | 14f77fd442c8352fa5dc275da7b933076426d1d4e5c398ae09e7d8bf4a539e90
OpenPKG Security Advisory 2006.38
Posted Dec 8, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.038 - The archive format utility GNU tar, versions up to and including 1.16, allows user-assisted attackers to overwrite arbitrary files via a TAR format file that contains a "GNUTYPE_NAMES" record with a symbolic link.

tags | advisory, arbitrary
advisories | CVE-2006-6097, CVE-2002-1216
SHA-256 | b3316815129634db7a89691f0f6a4712f63cc700167db955981aaf3a818c1b27
Debian Linux Security Advisory 1230-1
Posted Dec 8, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1230-1 - Rhys Kidd discovered a vulnerability in l2tpns, a layer 2 tunneling protocol network server, which could be triggered by a remote user to execute arbitrary code.

tags | advisory, remote, arbitrary, protocol
systems | linux, debian
advisories | CVE-2006-5873
SHA-256 | 8230df9dcfe36fb3ec444fa7639580a9d7fd3a177c9f6938ce9d332eab814442
midiripoff.txt
Posted Dec 8, 2006
Authored by IFX

Midicart is susceptible to multiple vulnerabilities, including price manipulation.

tags | exploit, vulnerability
SHA-256 | e1bbdc3caebc99f8e5fb2f5a419d77b6d0b69c355c593fdc915e5e49d866d3d7
orkut-xss.txt
Posted Dec 8, 2006
Authored by Rajesh Sethumadhavan

Google's Orkut suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 90eb5daf15b7374085c9784f28b132d60291fa2de2c6168c2135461a2cfed66c
Ubuntu Security Notice 394-1
Posted Dec 8, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 394-1 - An error was found in Ruby's CGI library that did not correctly quote the boundary of multipart MIME requests. Using a crafted HTTP request, a remote user could cause a denial of service, where Ruby CGI applications would end up in a loop, monopolizing a CPU.

tags | advisory, remote, web, denial of service, cgi, ruby
systems | linux, ubuntu
advisories | CVE-2006-6303
SHA-256 | dbc6bd8f505cc59f27da20f6fba9d6e77f00c646983286b7fa8237386f38ec50
aria-whm.txt
Posted Dec 8, 2006
Site Aria-security.net

WebHost Manager version 3.1.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | e1bf3747ca646f6c87fdb80cdfeb12059f7f1ad3814014cd9e634a930a025d37
aria-cpanel.txt
Posted Dec 8, 2006
Site Aria-security.net

CPanel 11 suffers from a cross site scripting vulnerability in pops.html.

tags | exploit, xss
SHA-256 | 235937c3f1b5dc6cd241f31d76c19950d90fdefb664eb5251bfd1c4b9e75ead4
EEYE-Intel.txt
Posted Dec 8, 2006
Authored by Derek Soeder | Site eeye.com

eEye Digital Security has discovered a vulnerability in all Intel network adapter drivers ("NDIS miniport drivers") that could allow unprivileged code executing on an affected system to gain unfettered, kernel-level access. For instance, a malicious user, malware, or exploit payload taking advantage of an unrelated vulnerability could additionally exploit this vulnerability in order to completely compromise a system at the kernel level.

tags | advisory, kernel
SHA-256 | 6954f6306f926edd1c4a4b0dcac3b5fd90102d5b9255732d3a228f9efd4ef61a
OpenPKG Security Advisory 2006.37
Posted Dec 8, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.037 - Two security issues were discovered in the OpenPGP cryptography tool GnuPG, versions up to and including 1.4.5 and 2.0.1. The first issue is a heap-based buffer overflow which has been identified by the vendor during fixing a bug reported by Hugh Warrington. The second issue is a memory management problem.

tags | advisory, overflow
advisories | CVE-2006-6169, CVE-2006-6235
SHA-256 | e2ad975972bd8b4d3c70e676abce3b1376c3b1ef57af266813f375814ebfe63c
dudirBypass.txt
Posted Dec 8, 2006
Authored by C-W-M

DUdirectory suffers from an administrative login bypass vulnerability due to a SQL injection flaw.

tags | exploit, sql injection, bypass
SHA-256 | dcc29fc6d2780e6dbf5dddc7eab23a467951d2eff583c82381849f92dc6b349c
phpadsnew-rfi.txt
Posted Dec 8, 2006
Authored by Crackers_Child

phpAdsNew version 2.0.4-p2 remote file inclusion exploit.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 11838880a400f129bdc93818f912d6d0e58f6760673cc96633435fd9f4c752da
googlegath.txt
Posted Dec 8, 2006
Authored by Matteo Cantoni | Site nothink.org

googlegath is a free open source utility to obtain informations through Google searches. It could be useful for penetration testing, security scanning, etc. googlegath has been tested on GNU/Linux, *BSD systems.

tags | web
systems | linux, bsd
SHA-256 | e754e380fcd9e0ba64eeb22cf691c7a8ed0da8b395cb718921623b3649666ab1
Gentoo Linux Security Advisory 200612-1
Posted Dec 8, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200612-01 - The wv library fails to do proper arithmetic checks in multiple places, possibly leading to integer overflows. Versions less than 1.2.3-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
SHA-256 | 63088a4b5cd8ebe65242e5a4c05ea6c20e60c29a6f4bd14625159923def1068d
Secunia Security Advisory 22971
Posted Dec 8, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - sehato has reported a vulnerability in Windows Media Player, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.

tags | advisory, denial of service
systems | windows
SHA-256 | 361a3f9f71ab147c2fa2cb1a6d8bc9b1b2ecbaee9a26a19bee287cddd7926703
Secunia Security Advisory 23160
Posted Dec 8, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gummiente has discovered some vulnerabilities in the JCE Admin component for Joomla, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.

tags | advisory, vulnerability, xss
SHA-256 | 11658e3c86cb3949f275818887c2654086148a490715b98fa5dc0462208f4d03
Secunia Security Advisory 23165
Posted Dec 8, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for ruby1.8. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | 25990ce4f454c84640a0fc111b33080c35e75300e4cfed99333c0c25dad39ee8
Secunia Security Advisory 23201
Posted Dec 8, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in MailEnable, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 32c494cbaacd3e3a6d069738cb5dc94d3c8191c1e46af49d91f38f1f7c62283c
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close