what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 59 RSS Feed

Files Date: 2007-07-31

webevent-xss.txt
Posted Jul 31, 2007
Authored by d3hydr8

WebEvent versions 2.61 through 4.03 suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 79cf5563d520b9d6fcaec1c7eb584bbb4eceb600821d9559b2ed928da0520d04
CAL-20070730-1.txt
Posted Jul 31, 2007
Authored by Code Audit Labs | Site vulnhunt.com

The BlueSkyCat ActiveX control suffers from a remote heap overflow vulnerability. Versions 8.1.2.0 and below of v2.ocx are affected.

tags | exploit, remote, overflow, activex
SHA-256 | c2cff68e757ac77cdbcf509659f36a4117f7c3ebe93b060cd54b2951c40818ff
internic-xss.txt
Posted Jul 31, 2007
Authored by Tosser

InterNIC's whois look-up suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 633a6cd0d19f7f71c9206620c86ff1a916f6484969e2bbf201ca8bfef706b488
Debian Linux Security Advisory 1342-1
Posted Jul 31, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1342-1 - It was discovered that a race condition in the init.d script of the X Font Server allows the modification of file permissions of arbitrary files if the local administrator can be tricked into restarting the X font server.

tags | advisory, arbitrary, local
systems | linux, debian
advisories | CVE-2007-3103
SHA-256 | 74f07a9a1e40524a44f01816569d7cd3125eb33ab433f9b3200ad7ccf0f74ee3
woliocms-sql.txt
Posted Jul 31, 2007
Authored by k1tk4t | Site newhack.org

wolioCMS suffers from a SQL injection and administrative bypass vulnerability.

tags | exploit, sql injection, bypass
SHA-256 | 76994001bb53177f84c17136934aa018600ec94b190431a7390cc844aa11d1c6
TISA2007-07-Public.pdf
Posted Jul 31, 2007
Authored by Edi Strosar | Site teamintell.com

iBON 2006 suffers from a memory corruption vulnerability.

tags | advisory
SHA-256 | cb34fdda96b4a929a750e0a61e96b50c9aeca9c874a46a50db35c0f7c1e03dec
ASA-2007-018.txt
Posted Jul 31, 2007
Authored by Russell Bryant | Site asterisk.org

Asterisk Project Security Advisory - The IAX2 channel driver in Asterisk is vulnerable to a denial of service attack when configured to allow unauthenticated calls.

tags | advisory, denial of service
SHA-256 | a0b5106b8836479565cb2062ecc245c6c9ec7e134d97b1a2dc470e13cb1d6bc4
DRUPAL-SA-2007-018.txt
Posted Jul 31, 2007
Authored by Heine Deelstra | Site drupal.org

Drupal security advisory - Drupal versions 4.7.x before version 4.7.7 and 5.x versions before version 5.2 suffer from cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 41a5f374d5205819d26273f6854b9a4c964586d0a41ed65fd13b71eb76688a3d
DRUPAL-SA-2007-017.txt
Posted Jul 31, 2007
Authored by Heine Deelstra | Site drupal.org

Drupal security advisory - Several parts in Drupal core are not protected against cross site request forgeries due to improper use of the Forms API, or by taking action solely on GET requests. Malicious users are able to delete comments and content revisions and disable menu items by enticing a privileged users to visit certain URLs while the victim is logged-in to the targeted site. Drupal versions 5.x below 5.2 are affected.

tags | advisory
SHA-256 | 46f0c7caa6742d83818685617d68d77ee84321da3ab65a8147df22b8fc719a1d
TS-2007-001-0.txt
Posted Jul 31, 2007
Authored by forloop, defaultroute

Template Security has discovered a serious denial of service vulnerability in the BlueCat Networks Adonis DNS/DHCP Appliance. When XHA is configured to place two Adonis servers in an active-passive pair to provide high availability, a remote attacker can transmit a single UDP datagram to crash the heartbeat control process. This can be used for example to create an active/active condition in the cluster pair.

tags | advisory, remote, denial of service, udp
SHA-256 | cc3a0e1f01e8c577869fec6643baaacbf4c0c356f0b25da7cd5cad08f003d024
Ser_Insec_Bison.pdf
Posted Jul 31, 2007
Authored by Aditya K Sood | Site secniche.org

Whitepaper titled Binary JSON: Insecurity In Implementing Serialization.

tags | paper
SHA-256 | 792f11d34234d4001313b75a5f3a48df168da66310add61910d40a5b0d9c996f
Security_Testing_Enterprise_Messaging_Systems.pdf
Posted Jul 31, 2007
Authored by Andy Davis - IRMPLC, Phil Huggins | Site irmplc.com

This paper discusses potential security weaknesses that may be present in messaging systems either as a result of software flaws, application design or the misconfigurations of services. It focuses on TIBCO Rendezvous, as an example of a commonly used enterprise messaging system. Recommendations are then presented which mitigate these security issues.

tags | paper
SHA-256 | 30f5a8238e6edc015d11426f17a737139cb286ac98539e6c0c99d7c160fc1c83
joomla-sql.txt
Posted Jul 31, 2007
Authored by HACKERS PAL | Site soqor.net

Joomla version 1.0.12 suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 75e5c84948819987bba630ec89b772f0cfdb342636f57b61ed9ede027582c45d
Gentoo Linux Security Advisory 200707-14
Posted Jul 31, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200707-14 - mu-b from Digital Labs discovered that the return value of a snprintf() call is not properly checked before being used. This could lead to an integer overflow. Versions less than 3.9.5-r3 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-3798
SHA-256 | 1c8620801048b4006c81388bc623603e25ca3a79e200f500d41fd2852a2418de
Gentoo Linux Security Advisory 200707-13
Posted Jul 31, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200707-13 - A vulnerability has been discovered in Fail2ban when parsing log files. Versions less than 0.8.0-r1 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 1f005ed65f0c2acddd05ee750ef62cc0b7f613c74247a72c6e1994736140a290
Gentoo Linux Security Advisory 200707-12
Posted Jul 31, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200707-12 - David Thiel from iSEC Partners Inc. discovered format string errors in various plugins when parsing data. The affected plugins include Vorbis, Theora, CDDA and SAP. Versions less than 0.8.6c are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-3316
SHA-256 | ab25fee6aff2555965b79212b3bc5ededec6f819eb34df14ee98c3224473f5fa
dora-bypass.txt
Posted Jul 31, 2007
Authored by Ilker Kandemir

Dora Emlak Script version 1.0 suffers from an administrative bypass vulnerability.

tags | exploit, bypass
SHA-256 | 4047997966d1b0e5e341c6d3a3eb210f599cbf3e3061b4719eb277c1aaff2925
phpvoter-rfi.txt
Posted Jul 31, 2007
Authored by Ilker Kandemir

phpVoter version 0.6 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 891a216a198bea7234e4c6503b996afacf3261cc3a42fb9d85d9d048f7adf21c
phorm-upload.txt
Posted Jul 31, 2007
Authored by Ilker Kandemir

Phorm version 3.0 suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
SHA-256 | 7f19c0ce66f7430f5cf648b101e53bc7c38e271a4df03ceca5644211925b1523
madoa-rfi.txt
Posted Jul 31, 2007
Authored by Ilker Kandemir

Madoa Poll version 1.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 6f21e22499ab922e6efab18b48f0374f27e6910f8ad19ba1f291ff50d1ab6e9a
pwfm-rfi.txt
Posted Jul 31, 2007
Authored by Ilker Kandemir

phpWebFileManager version 0.5 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | bb0122786b4a6b5d59265313cd7d8caf05332d3860e0fa38b78b33f16b0647f3
rig-rfi.txt
Posted Jul 31, 2007
Authored by Ilker Kandemir

RIG Image Gallery suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 271b3c07806dd523a9f75b24270e9ed373670b763a14daebe776ad04f86d8a25
phpcoupon-upgrade.txt
Posted Jul 31, 2007
Authored by hack2prison

phpCoupon appears to have a vulnerability that may allow for account privilege escalation.

tags | exploit
SHA-256 | ae116e9ac0913c469c1875b35fe96b9d982930f2dfca7137949a49acfeb70b58
itcms-xss.txt
Posted Jul 31, 2007
Authored by h4ck3riran | Site Aria-security.net

itcms version 0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8ba202e557b3186769c533b464f077957bda2c5366c666484fd3cbb7563cd710
commute-xss.txt
Posted Jul 31, 2007
Authored by h4ck3riran | Site Aria-security.net

Commute Community is susceptible to a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ee91a129239c9ef7c5facf550e8d5dabc5984282e744e1db3d7129ea79a82514
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close