exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2006-02-06 to 2006-02-07

CommuniGateProServer5.0.7.txt
Posted Feb 6, 2006
Authored by Evgeny Legerov | Site gleg.net

ProtoVer LDAP testsuite v1.5 uncovered a critical Denial of Service vulnerability in the LDAP component of CommuniGate Pro Server 5.0.7

tags | advisory, denial of service
SHA-256 | 72f0dc93924f0caf6e6caff4898b2315178b8cc674f4b9b2f52392827b82bd6d
ip-array_0.05.63.tar.gz
Posted Feb 6, 2006
Authored by AllKind | Site sourceforge.net

IP-Array is a Linux iptables Firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, Traffic Shaping (creation of custom HTB and SFQ qdiscs, Classes, and Filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP.

Changes: Code cleanup was performed. Runtime speed was improved. Some bugs were fixed. Iptables iprange match was added.
tags | bash
systems | linux, unix
SHA-256 | 713db688d253bbda6a417237fc45c7c6f5bbe5b81580d434b62acf7a3a7bb7f6
kapda-26.txt
Posted Feb 6, 2006
Authored by cvh | Site KAPDA.ir

MyTopix 1.2.3 suffers from Sql Injection and Path Disclosure vulnerabilities.

tags | exploit, vulnerability, sql injection
SHA-256 | a772ea59a55e150094b7dbca68e1c734f350f51502373aafa128eb66bd55218f
kpatch.sh
Posted Feb 6, 2006
Authored by kilian klimek

kpatch.sh is a shell script illustrating runtime kernel memory patching. For demonstration purposes it shows how to break the kguard module. kpatch does not create any files on the system it runs on. So it is even possible to patch the kernel memory without creating any file on the target machine. It only requires basic shell utilities to work.

tags | shell, kernel
systems | linux
SHA-256 | 77e4718157cc4f9e826de98706d17c057cab2c807f183a07e878800815c4d68e
Gentoo Linux Security Advisory 200602-1
Posted Feb 6, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200602-01 - The GStreamer FFmpeg plugin contains derived code from the FFmpeg library, which is vulnerable to a heap overflow in the avcodec_default_get_buffer() function discovered by Simon Kilvington (see GLSA 200601-06). Versions less than 0.8.7-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
SHA-256 | ae25d31c3a5d56b0fa80c5b9c3e559cddf1df0ec8c50f170ef7360c61244c298
Clever_Copy_V3_sql.txt
Posted Feb 6, 2006
Authored by rgod | Site retrogod.altervista.org

Clever Copy versions less than or equal to 3.0 SQL injection / Admin authentication details disclosure exploit.

tags | exploit, sql injection
SHA-256 | d413d4a8a54470e841b15a36cc2538ed1dd29001cabb8677a674a9369dd69f3d
PluggedOut-1.9.9c.txt
Posted Feb 6, 2006
Authored by Hamid Network Security Team | Site hamid.ir

PluggedOut Blog Version: 1.9.9c suffers from SQL injection and XSS.

tags | exploit, sql injection
SHA-256 | 25937ae86e7d7e80c538b620b736df77860827f1e3cbf06832246e21b9c62edf
loudblog_04_incl_xpl.txt
Posted Feb 6, 2006
Authored by rgod | Site retrogod.altervista.org

LoudBlog 0.4 remote command execution exploit.

tags | exploit, remote
SHA-256 | 8b9696ab7c6cf18c7bd2e258fb70e51b747391c401acb57855f39af36c20e1c6
tam-file-retrieval.txt
Posted Feb 6, 2006
Authored by Virtual Security Research | Site vsecurity.com

On December 1st, while conducting a penetration test of a TAM enabled web application, VSR identified a vulnerability in Tivoli Web Server Plug-in which is a component of Tivoli Access Manager (TAM). This flaw allows an authenticated attacker to retrieve files (which reside outside of the web root) from the web server on which the plug-in resides. It is possible to retrieve any file or list any directory which is readable by the web server software.

tags | advisory, web, root
SHA-256 | 5bf9173ab65ad5f6967a1793231be47d55d6c5c7741502aba8dea192175331c5
evuln.MyQuiz.txt
Posted Feb 6, 2006
Authored by Aliaksandr Hartsuyeu | Site evuln.com

MyQuiz 1.01 suffers from a command execution vulnerability.

tags | exploit
SHA-256 | b8b3bbbaddb35c7de88c7574cf2ea963168eb1b0a333dd49e1994366cc783e42
qbrute-v1.2.zip
Posted Feb 6, 2006
Authored by Qex | Site q3x.org

QBrute 1.2 - QBrute is a MD5 Calculator and Brute Force engine written in Perl.

tags | cracker, perl
SHA-256 | 172f51dd6f1ded0430f66e74d26e395b6601ca827dd1f6db8e3eb00efaafb99f
outblazeXSS.txt
Posted Feb 6, 2006
Site morx.org

The Outblaze Email system suffers from XSS.

tags | advisory
SHA-256 | 66ecb829477fcb7e729ee1311825593466307afe12e8425b74c11da9e5ef239f
phpBB2.0.19.txt
Posted Feb 6, 2006
Authored by Maksymilian Arciemowicz | Site securityreason.com

phpBB 2.0.19 suffers from several Cross Site Request Forgeries and XSS vulnerabilities. Detailed exploitation provided.

tags | exploit, vulnerability
SHA-256 | 36244d0f29ea85a82eb2aee292986ca0e89de4e9442204575d28b918fa6e808a
IronMail-5.0.1.txt
Posted Feb 6, 2006
Authored by Mark Ludwik

If IronMail-5.0.1 is configured with "Denial of Service Protection" enabled, then a remote user can generate a TCP SYN flood, sending malformed packets via multiple connections to cause the server to become busy resulting in DOS.

tags | advisory, remote, denial of service, tcp
SHA-256 | 120c146955918d7fdcd88bc8f6b3764dbffad44a4160ac82040a3a38c7940369
mwcollect-3.0.3.tar.bz2
Posted Feb 6, 2006
Authored by Honeynet Project | Site mwcollect.org

mwcollect is an easy solution to collect worms and other autonomous spreading malware in a non-native environment like Linux. The mwcollect daemon mwcollectd opens ports that are known to be commonly exploited by Malware and simulates certain known vulnerabilities on them.

Changes: The Threestone mwcollect version fixes some timeout bugs and should increase overall performance. The submit-gotek module for Alliance support has been added and this version now finally builds and runs very good on FreeBSD.
tags | tool, worm, vulnerability, intrusion detection
systems | linux, unix
SHA-256 | 49e91fe8561176558e0859842c936b17143ccab750e3e30c8e2b3d391cb394b3
orbicule.com.txt
Posted Feb 6, 2006
Authored by Maximillian Dornseif | Site blogs.23.nu

There were multiple vulnerabilities with orbicule.com revealing sensitive data and being vulnerable to SQL injection. These issues have probably been fixed.

tags | advisory, vulnerability, sql injection
SHA-256 | 65e7aae241109bdacc0c50729501cfa3bd2b86dc20510e33b8a0ae7e9c93194e
evuln-vanilla.txt
Posted Feb 6, 2006
Authored by Aliaksandr Hartsuyeu | Site evuln.com

Most of user defined data in Vanilla Guestbook 1.0 beta is not properly sanitized leading to SQL injection and XSS problems.

tags | advisory, sql injection
SHA-256 | ebf5dc4cb7f66a07b2521bb9346842c98d6c31ae3008ab83e9c667c6af871f6a
Debian Linux Security Advisory 964-1
Posted Feb 6, 2006
Authored by Debian | Site debian.org

Debian Security Advisory DSA 964-1 - A problem has been discovered in gnocatan, the computer version of the settlers of Catan boardgame, that can lead the server an other clients to exit via an assert, and hence does not permit the execution of arbitrary code. The game has been renamed into Pioneers after the release of Debian sarge.

tags | advisory, arbitrary
systems | linux, debian
SHA-256 | 3b0ddf8026634dc26a2a4007645002cfeac2ada95ee27aae0bb23aa18c9c003b
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close