what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 66 RSS Feed

Files Date: 2008-04-10

Secunia Security Advisory 29717
Posted Apr 10, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Patrick Webster has reported a vulnerability in Tumbleweed SecureTransport, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | fb17fc905e830ae313433bd74277c186fee45a5ef9ec304dcde91466c2a35c24
Secunia Security Advisory 29746
Posted Apr 10, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - jiko has discovered a vulnerability in Gallery Script Lite, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 5803922cd58965bb535b7bf18821e280b99baf4a83f4d4db4a7dac04fab22732
Secunia Security Advisory 29764
Posted Apr 10, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for pdns-recursor. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.

tags | advisory
systems | linux, debian
SHA-256 | e177f55620d2b5ffb2c2fe946715179a1bd40eb44412f803a1fea211925460e2
Secunia Security Advisory 29767
Posted Apr 10, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for libcairo. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, debian
SHA-256 | f2dff637537148ddf969d1a9bf70f8f33c6caf24e0ff1d5cb5a986f2b3b02a7b
Secunia Security Advisory 29774
Posted Apr 10, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in multiple TIBCO products, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or to compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | e084dcd72504e67a3550a926e9a28e6f1d426411124f929a90805fcb0e462da6
Debian Linux Security Advisory 1545-1
Posted Apr 10, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1545-1 - Sebastian Krahmer discovered that an integer overflow in rsync's code for handling extended attributes may lead to arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2008-1720
SHA-256 | 1827e372b92c56183e284fa9fe36a2f2c5531bb3ca1a0f0ecd54470b1fbbdcd3
Gentoo Linux Security Advisory 200804-10
Posted Apr 10, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200804-10 - Multiple vulnerabilities in Tomcat may lead to local file overwriting, session hijacking or information disclosure. Versions less than 6.0.16 are affected.

tags | advisory, local, vulnerability, info disclosure
systems | linux, gentoo
advisories | CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002
SHA-256 | 8450c98731084fc3778d5989e4cdf6f3480430925f6a49b95dbac75077cc749c
Gentoo Linux Security Advisory 200804-9
Posted Apr 10, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200804-09 - Tavis Ormandy discovered that, when creating temporary files, the 'expn' utility does not check whether the file already exists. Versions less than 6.1.5 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2008-1078
SHA-256 | b41ea37f2afaa8f0d0245a01c64bad135a1f594ef54551d4ab76dc299d159c12
Gentoo Linux Security Advisory 200804-8
Posted Apr 10, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200804-08 - Julien Cayzax discovered that an insecure default setting exists in mod_userdir in lighttpd. When userdir.path is not set the default value used is $HOME. It should be noted that the nobody user's $HOME is / (CVE-2008-1270). An error also exists in the SSL connection code which can be triggered when a user prematurely terminates his connection (CVE-2008-1531). Versions less than 1.4.19-r2 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2008-1270, CVE-2008-1531
SHA-256 | 04d53fca65adca4c84d85a814f6f371863f45711fbaaacda55d307182040adff
ksemail-lfi.txt
Posted Apr 10, 2008
Authored by dun

Ksemail suffers from a local file inclusion vulnerability in index.php.

tags | exploit, local, php, file inclusion
SHA-256 | a3f43003fdde908dde9bc5d92f92c2c49647c238465bfaa32214530f77fc12d4
Mandriva Linux Security Advisory 2008-083
Posted Apr 10, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Joe Nall reported a stack-based buffer overflow in Audit's log handling that could allow remote attackers to execute arbitrary code via a long command argument.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2008-1628
SHA-256 | ccaca9e923f62b0bfefd3ff00cb5072c1a9fd126b05e7dfed40a71997e85d53c
ioactive-zlib.txt
Posted Apr 10, 2008
Site ioactive.com

The zlib extension module in Python version 2.5.2 contains a method for flushing decompression streams that takes an input parameter of how much data to flush. This parameter is a signed integer that is not verified for sanity and is thus potentially negative. When passed a negative value memory is misallocated and then the signed integer is converted to an unsigned integer resulting in buffer overflow.

tags | advisory, overflow, python
SHA-256 | c3a0dd34a8717e04bba206262904ef9f4e4455f57c9ce9a73f69101d7914ff88
livecart-blindsql.txt
Posted Apr 10, 2008
Authored by irvian | Site irvian.cn

LiveCart versions 1.1.1 and below remote blind SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 107be2548129287a96a29b1b127458a72ca19ac5d96f88ad377fc54f1dcdaf51
nipper-0.11.6.tgz
Posted Apr 10, 2008
Authored by Ian Ventura-Whiting | Site nipper.titania.co.uk

nipper is a Network Infrastructure Configuration Parser. nipper takes a network infrastructure device configuration, processes the file and details security-related issues with the configuration together with detailed recommendations. nipper was previous known as CiscoParse. nipper currently supports Cisco switches (IOS), Cisco Routers (IOS), Cisco Firewalls (PIX/ASA/FWSM) and Juniper NetScreen (ScreenOS). Output is in HTML, Latex, XML and Text. Encrypted passwords can be output to a John-the-Ripper file for strength testing.

Changes: Multiple bug fixes and some changes.
systems | cisco, juniper
SHA-256 | cbf184c8ded6a683b0073ff128f4db90c15feef1e1f4882afd9718bdef696d2e
nipper-0.11.6.zip
Posted Apr 10, 2008
Authored by Ian Ventura-Whiting | Site nipper.titania.co.uk

nipper is a Network Infrastructure Configuration Parser. nipper takes a network infrastructure device configuration, processes the file and details security-related issues with the configuration together with detailed recommendations. nipper was previous known as CiscoParse. nipper currently supports Cisco switches (IOS), Cisco Routers (IOS), Cisco Firewalls (PIX/ASA/FWSM) and Juniper NetScreen (ScreenOS). Output is in HTML, Latex, XML and Text. Encrypted passwords can be output to a John-the-Ripper file for strength testing. This is the Windows version.

Changes: Multiple bug fixes and some changes.
systems | cisco, windows, juniper
SHA-256 | a3195d1d021851ed6c95a1d56f1188e11ad05683ee4dc23feda7ee527649f5f4
kq-sql.txt
Posted Apr 10, 2008
Authored by hadihadi | Site virangar.org

KnowledgeQuest version 2.6 suffers from multiple SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
SHA-256 | 94fdfeb65103fb6136731b84912cb455dfb3e27579a9b2c56ab7ab8f1c2d2784
Ubuntu Security Notice 599-1
Posted Apr 10, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 599-1 - Chris Evans discovered that Ghostscript contained a buffer overflow in its color space handling code. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-0411
SHA-256 | 723595e75c329e38966862f5974a59101e29f1e92aa132ad4e27b01e5ebe3827
phaos-disclose.txt
Posted Apr 10, 2008
Authored by HaCkeR_EgY | Site PaL-HaCker.com

Phaos version 4.0.1 suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | a15dd3958d2f5afeb31686556313b2273d7fcd60f9317f7e5c8728c7c1ba3a29
Mandriva Linux Security Advisory 2008-082
Posted Apr 10, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Daniel Papasian discovered a stack-based buffer overflow in the apc_search_paths() function in APC that can be triggered when processing long filenames. A remote attacker could exploit this vulnerability to execute arbitrary code in PHP applications that pass user-controlled input to the include() function.

tags | advisory, remote, overflow, arbitrary, php
systems | linux, mandriva
advisories | CVE-2008-1488
SHA-256 | 766c996264b4e2557d35f52f0bfe0df851ad2330c10786943ad6440732a4c6ee
Debian Linux Security Advisory 1544-1
Posted Apr 10, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1544-1 - Amit Klein discovered that pdns-recursor, a caching DNS resolver, uses a weak random number generator to create DNS transaction IDs and UDP source port numbers. As a result, cache poisoning attacks were simplified.

tags | advisory, udp
systems | linux, debian
advisories | CVE-2008-1637
SHA-256 | 34b28618f53686ec50a6ed32dab59f6c2876d3f1bfc3242c71bb8b32d6e82dfb
Debian Linux Security Advisory 1543-1
Posted Apr 10, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1543-1 - A fair amount of people have discovered multiple vulnerabilities in vlc, an application for playback and streaming of audio and video. In the worst case, these weaknesses permit a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user running vlc.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2007-6681, CVE-2007-6682, CVE-2007-6683, CVE-2008-0295, CVE-2008-0296, CVE-2008-0073, CVE-2008-0984, CVE-2008-1489
SHA-256 | 43c8e38327a0f4ab711aed482ec7c4baef51ac88dd524fe85382da636923474e
fpgss-disclose.txt
Posted Apr 10, 2008
Authored by jiko | Site no-back.org

Free Photo Gallery site script suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 74f7a36a8eed1272899f2083f8ab5a60d155a8b249954c1c22a464882b0a16ac
pykeylogger-1.0.2_win32.zip
Posted Apr 10, 2008
Authored by nanotube | Site pykeylogger.sourceforge.net

Simple Python Keylogger is a cross-platform keylogger. It is primarily designed for backup purposes, but can be used as a stealth keylogger too. Windows version. Archive password is set to p4ssw0rd. Use at your own risk.

Changes: Added some graphics and icons. Various bug fixes.
tags | trojan, python
systems | windows
SHA-256 | e5b61a518ec92e02a6691f25951f614fac05c67d702ac933ee3deb1b40b19898
pykeylogger-1.0.2_src.zip
Posted Apr 10, 2008
Authored by nanotube | Site pykeylogger.sourceforge.net

Simple Python Keylogger is a cross-platform keylogger. It is primarily designed for backup purposes, but can be used as a stealth keylogger too. Source archive that works on Linux. Archive password is set to p4ssw0rd. Use at your own risk.

Changes: Added some graphics and icons. Various bug fixes.
tags | trojan, python
systems | linux
SHA-256 | 420b57d01160dc5157219f64dfc366df1e5cf6dc64052fab792a4b3dff97896a
joomlapuarcade22-sql.txt
Posted Apr 10, 2008
Authored by MantiS

The Joomla component PU Arcade versions 2.2 and below suffer from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 58867d325dee02be37877858b3c185ff14f3d5af48eff4fae6e098f0e848b169
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close