Section: .. / Last 50 Files /
| /// File Name: | USN-638-1.txt | Description:
| Ubuntu Security Notice 638-1 - Aaron Grattafiori discovered that the Gnome Help Viewer did not handle format strings correctly when displaying certain error messages. If a user were tricked into opening a specially crafted URI, a remote attacker could execute arbitrary code with user privileges. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 3742 | | Related CVE(s): | CVE-2008-3533 | | Last Modified: | Aug 27 18:03:15 2008 | | MD5 Checksum: | c3002bba563957c93b2edfad569c7c01 |
|
| /// File Name: | kyocera-traversal.txt | Description:
| Kyocera Command Center suffers from a directory traversal vulnerability. | | Author: | Francesco Tornieri | | File Size: | 1751 | | Last Modified: | Aug 27 18:02:09 2008 | | MD5 Checksum: | b1469751eb65919a9b8435ad1055dc09 |
|
| /// File Name: | searchengine-sql.txt | Description:
| Search Engine suffers from a remote SQL injection vulnerability in viewcat.php. | | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1415 | | Last Modified: | Aug 27 18:00:32 2008 | | MD5 Checksum: | 63fc260d89bd02c73d5d2647cb1356d3 |
|
| /// File Name: | igshopdisp-sql.txt | Description:
| iG Shop suffers from a remote SQL injection vulnerability in display_review.php. | | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1332 | | Last Modified: | Aug 27 17:59:19 2008 | | MD5 Checksum: | e73b22fbec473ddd5750c3cbf0d66b60 |
|
| /// File Name: | SSRT080106.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified in the HP Enterprise Discovery. The vulnerability could be exploited remotely by an authorized user to gain extended privileges. | | Homepage: | http://www.hp.com/ | | File Size: | 6719 | | Related CVE(s): | CVE-2008-3538 | | Last Modified: | Aug 27 17:57:18 2008 | | MD5 Checksum: | a84ae83f38e250d72f3b90696e44be96 |
|
| /// File Name: | advchk-2.10.tar.gz | Description:
| Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery. | | Author: | Stephan Schmieder | | Homepage: | http://advchk.unixgu.ru/ | | File Size: | 11771 | | Last Modified: | Aug 27 17:56:18 2008 | | MD5 Checksum: | 03bd5578fd6b1795710a9c67225040c3 |
|
| /// File Name: | yourownbux-sql.txt | Description:
| YourOwnBux versions 3.1 and 3.2 Beta suffer from a remote SQL injection vulnerability. | | Author: | ~!Dok_tOR!~ | | Homepage: | http://www.antichat.ru/ | | File Size: | 627 | | Last Modified: | Aug 27 17:55:08 2008 | | MD5 Checksum: | 7e146c229cd2cc0ccbe6f6b868c695f2 |
|
| /// File Name: | PLSA-2008-31.txt | Description:
| Pardus Linux Security Advisory - A vulnerability has been reported in LibTIFF, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a user's system. | | Author: | Pardus Linux | | File Size: | 1689 | | Related CVE(s): | CVE-2008-2327 | | Last Modified: | Aug 27 11:26:44 2008 | | MD5 Checksum: | 89fde6963eee81805e587266f74bbffa |
|
| /// File Name: | phpmyrealty109-sql.txt | Description:
| phpMyRealty versions 1.0.9 and below suffer from a remote SQL injection vulnerability in pages.php. | | Author: | ~!Dok_tOR!~ | | Homepage: | http://www.antichat.ru/ | | File Size: | 810 | | Last Modified: | Aug 27 11:25:26 2008 | | MD5 Checksum: | c5c0581e59881b0c55bafb406bc61e32 |
|
| /// File Name: | MDVSA-2008-180-1.txt | Description:
| Mandriva Linux Security Advisory - Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding. The original fix used to correct this issue caused some applications that used the libxml2 library to crash. These new updated packages use a different fix that does not cause certain linked applications to crash as the old packages did. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7129 | | Related CVE(s): | CVE-2008-3281 | | Last Modified: | Aug 26 22:43:46 2008 | | MD5 Checksum: | cee89e63538737ae53aedf3ab3fd7410 |
|
| /// File Name: | EMORY-2008-01.txt | Description:
| Telartis's AWStats Totals versions 1.0 through 1.14 suffer from a remote code execution vulnerability. | | Author: | Elliot Kendall | | Homepage: | http://www.emory.edu/ | | File Size: | 3423 | | Last Modified: | Aug 26 22:35:14 2008 | | MD5 Checksum: | 46742f7d6234df7fa0b6c185fb2e534a |
|
| /// File Name: | mybb1211-sql.txt | Description:
| MyBulletinBoard (MyBB) versions 1.2.11 and below SQL injection exploit that leverages private.php. | | Author: | c411k | | Homepage: | https://forum.antichat.ru/ | | File Size: | 5794 | | Last Modified: | Aug 26 22:32:58 2008 | | MD5 Checksum: | 2b8c0145ecb2c5255a32519df1daeffe |
|
| /// File Name: | ifdate-sql.txt | Description:
| iFdate versions 2.0.3 and below suffer from a SQL injection vulnerability. | | Author: | ~!Dok_tOR!~ | | Homepage: | http://www.antichat.ru/ | | File Size: | 922 | | Last Modified: | Aug 26 22:31:09 2008 | | MD5 Checksum: | ea21be161b9c61655d9d93c6bb733611 |
|
| /// File Name: | dsa-1631-2.txt | Description:
| Debian Security Advisory 1631-2 - The previous security update of the libxml2 package introduced some problems with other packages, most notably with librsvg. This update corrects these problems whilst still fixing the reported security problem. | | Homepage: | http://www.debian.org/security | | File Size: | 13127 | | Related CVE(s): | CVE-2008-3281 | | Last Modified: | Aug 26 22:15:04 2008 | | MD5 Checksum: | f024501160502cc01f3a8a6951c7c361 |
|
| /// File Name: | dsa-1632-1.txt | Description:
| Debian Security Advisory 1632-1 - Drew Yao discovered that libTIFF, a library for handling the Tagged Image File Format, is vulnerable to a programming error allowing malformed tiff files to lead to a crash or execution of arbitrary code. | | Homepage: | http://www.debian.org/security | | File Size: | 11108 | | Related CVE(s): | CVE-2008-2327 | | Last Modified: | Aug 26 22:14:44 2008 | | MD5 Checksum: | 0e6569a1ce6eb08995b0101c1d463469 |
|
| /// File Name: | cmme-lfixsscsrf.txt | Description:
| CMME version 1.12 suffers from local file inclusion, cross site scripting, cross site request forgery, and other vulnerabilities. | | Author: | SirGod | | Homepage: | http://www.mortal-team.com/ | | File Size: | 2813 | | Last Modified: | Aug 26 22:13:13 2008 | | MD5 Checksum: | a46f6ae035b9cb1477736efe43b4ed9a |
|
| /// File Name: | simpgal-sql.txt | Description:
| Simple Gallery ASP Script suffers from a remote SQL injection vulnerability. | | Author: | e.wiZz! | | File Size: | 1711 | | Last Modified: | Aug 26 22:11:21 2008 | | MD5 Checksum: | c402f3afaca614ffeb393f9b84477b59 |
|
| /// File Name: | zoneminder-multi.txt | Description:
| ZoneMinder versions 1.23.3 and below suffer from command injection, SQL injection, and cross site scripting vulnerabilities. | | Author: | Filip Palian | | File Size: | 1273 | | Last Modified: | Aug 26 22:10:06 2008 | | MD5 Checksum: | d8bb2d877419e579e9d76b0f207b8425 |
|
| /// File Name: | mvs-activex.txt | Description:
| Microsoft Visual Studio Active-X remote buffer overflow exploit that leverages Msmask32.ocx. | | Author: | Koshi | | File Size: | 2939 | | Last Modified: | Aug 26 22:07:32 2008 | | MD5 Checksum: | 181f169f345f46154d1d9000c16aed1e |
|
| /// File Name: | zbreaknews-sql.txt | Description:
| z-breaknews version 2.0 suffers from a remote SQL injection vulnerability in single.php. | | Author: | cOndemned | | Homepage: | http://condemned.r00t.la/ | | File Size: | 1171 | | Last Modified: | Aug 26 21:57:32 2008 | | MD5 Checksum: | a7eb6a2643b88223f58f0185eb07384d |
|
| /// File Name: | mininuke23-sql.txt | Description:
| MiniNuke version 2.3 Freehost suffers from multiple remote SQL injection vulnerabilities. | | Author: | byccc | | File Size: | 937 | | Last Modified: | Aug 26 21:55:15 2008 | | MD5 Checksum: | 8e01430892a688f963f403b76a239c9a |
|
| /// File Name: | USN-637-1.txt | Description:
| Ubuntu Security Notice 637-1 - It was discovered that there were multiple NULL-pointer function dereferences in the Linux kernel terminal handling code. A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. The do_change_type routine did not correctly validation administrative users. A local attacker could exploit this to block mount points or cause private mounts to be shared, leading to denial of service or a possible loss of privacy. Tobias Klein discovered that the OSS interface through ALSA did not correctly validate the device number. A local attacker could exploit this to access sensitive kernel memory, leading to a denial of service or a loss of privacy. Zoltan Sogor discovered that new directory entries could be added to already deleted directories. A local attacker could exploit this, filling up available memory and disk space, leading to a denial of service. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 191184 | | Related CVE(s): | CVE-2008-2812, CVE-2008-2931, CVE-2008-3272, CVE-2008-3275 | | Last Modified: | Aug 26 21:53:24 2008 | | MD5 Checksum: | 4ff77f698b3af8e2303260d5110f0d63 |
|
| /// File Name: | krate-sqlxss.txt | Description:
| K-Rate suffers from SQL injection and cross site scripting vulnerabilities. | | Author: | Corwin | | File Size: | 3030 | | Last Modified: | Aug 26 21:50:48 2008 | | MD5 Checksum: | d26ac1ccd455e8908f757fa505552e5d |
|
| /// File Name: | sphpblog-exec.txt | Description:
| Simple PHP Blog (SPHPBlog) versions 0.5.1 and below code execution exploit. | | Author: | mAXzA | | File Size: | 3102 | | Last Modified: | Aug 26 21:49:07 2008 | | MD5 Checksum: | f98e850f53affbab3ddff8216779f279 |
|
| /// File Name: | kolifadownload-sql.txt | Description:
| Kolifa.Net Download Script version 1.2 suffers from a remote SQL injection vulnerability. | | Author: | Kacak | | File Size: | 1758 | | Last Modified: | Aug 26 21:47:53 2008 | | MD5 Checksum: | ef095920edf3cf084b22795e4d5e48f6 |
|
| /// File Name: | popnupblog-xss.txt | Description:
| PopnupBlog version 3.30 suffers from multiple cross site scripting vulnerabilities in index.php. | | Author: | Lostmon | | Homepage: | http://lostmon.blogspot.com/ | | File Size: | 3283 | | Last Modified: | Aug 25 20:55:00 2008 | | MD5 Checksum: | b82aae9cdaf7f648a0399aae7d72008e |
|
| /// File Name: | crafty-sql.txt | Description:
| Crafty Syntax Live Help versions 2.14.6 and below suffer from a remote SQL injection vulnerability. | | Author: | James Bercegay | | Homepage: | http://www.gulftech.org | | File Size: | 2502 | | Last Modified: | Aug 25 20:53:53 2008 | | MD5 Checksum: | e6945d67ffc3bf702f8bca9d13e35ddf |
|
| /// File Name: | DSECRG-08-038.txt | Description:
| ezContents CMS version 2.0.3 suffers from multiple local file inclusion vulnerabilities. | | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 12050 | | Last Modified: | Aug 25 20:53:05 2008 | | MD5 Checksum: | 8fe839a4a7d6a995587c81d9a5a0dffe |
|
| /// File Name: | DSECRG-08-037.txt | Description:
| Pluck CMS version 4.5.2 suffers from multiple local file inclusion vulnerabilities. | | Author: | Digital Security Research Group | | Homepage: | http://www.dsec.ru/ | | File Size: | 5373 | | Last Modified: | Aug 25 20:51:50 2008 | | MD5 Checksum: | 569ec165bf63e88aa064daa5c376d909 |
|
| /// File Name: | neotericuk-sql.txt | Description:
| Neoteric UK websites suffers from a remote SQL injection vulnerabilities. | | Author: | P47r1ck, Dapirates | | Homepage: | http://www.darkc0de.com/ | | File Size: | 1940 | | Last Modified: | Aug 25 20:49:34 2008 | | MD5 Checksum: | 31707c0c1c7da57f97e002dd3b4bae27 |
|
| /// File Name: | millionpixel-sql.txt | Description:
| Million Pixel Ad Script suffers from a remote SQL injection vulnerability. | | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1455 | | Last Modified: | Aug 25 20:48:33 2008 | | MD5 Checksum: | 8caf8d3ea10e6555e8319da4e3caa3df |
|
| /// File Name: | geeklog-upload.txt | Description:
| GeekLog versions 1.5.0 and below remote arbitrary file upload exploit. | | Author: | t0pp8uzz | | File Size: | 1384 | | Last Modified: | Aug 25 20:47:57 2008 | | MD5 Checksum: | 70f91a82ad8e316160b0c228f0f01631 |
|
| /// File Name: | webboard-sql.txt | Description:
| WebBoard versions 2.0 and below suffers from an arbitrary SQL question/answer deletion vulnerability. | | Author: | t0pp8uzz | | File Size: | 1575 | | Last Modified: | Aug 25 20:47:06 2008 | | MD5 Checksum: | dd0f573ccd7d4c7427aafafd4d4f0ad6 |
|
| /// File Name: | wds-sql.txt | Description:
| Web Directory Script versions 2.0 and below suffer form a remote SQL injection vulnerability. | | Author: | ~!Dok_tOR!~ | | Homepage: | http://www.antichat.ru/ | | File Size: | 720 | | Last Modified: | Aug 25 20:45:41 2008 | | MD5 Checksum: | 2d7d3c3ae39631f6786aad84cca8f978 |
|
| /// File Name: | freebsd-master.txt | Description:
| 65 byte NULL free /bin/cat /etc/master.passwd shellcode for freebsd/x86. | | Author: | sm4x | | File Size: | 1244 | | Last Modified: | Aug 25 20:44:56 2008 | | MD5 Checksum: | cf47939bcd912af3c724afa97bbd291f |
|
| /// File Name: | secunia-calendarix.txt | Description:
| Secunia Research has discovered two vulnerabilities in Calendarix Basic, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "catsearch" parameter in cal_search.php and "catview" in cal_cat.php is not properly sanitized before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Calendarix Basic 0.8.20071118 is affected. | | Homepage: | http://secunia.com/ | | File Size: | 4530 | | Related CVE(s): | CVE-2008-2429 | | Last Modified: | Aug 25 20:30:10 2008 | | MD5 Checksum: | 25805f56ddb5ea080e60cc240a6e595d |
|
| /// File Name: | secunia-iprintget.txt | Description:
| Secunia Research has discovered a security issue in Novell iPrint Client, which can be exploited by malicious people to gain knowledge of potentially sensitive information. Novell iPrint Client 4.36 and Novell iPrint Client for Windows Vista 5.04 are affected. The insecurity lies in GetFileList(). | | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 5102 | | Related CVE(s): | CVE-2008-2432 | | Last Modified: | Aug 25 20:28:38 2008 | | MD5 Checksum: | fdd4e1fe471d8f8909683736fc941234 |
|
| /// File Name: | secunia-iprint.txt | Description:
| Secunia Research has discovered multiple vulnerabilities in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system. These include boundary errors and buffer overflow issues. Novell iPrint Client 4.36 is affected. | | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 7131 | | Related CVE(s): | CVE-2008-2431 | | Last Modified: | Aug 25 20:27:09 2008 | | MD5 Checksum: | 40a0bbe6cee53536da934ab4a38a4cb8 |
|
| /// File Name: | danairc-overflow.txt | Description:
| Dana IRC version 1.4a remote buffer overflow exploit. | | Author: | k'sOSe | | Homepage: | http://www.pornosecurity.org/ | | File Size: | 5442 | | Last Modified: | Aug 25 20:24:23 2008 | | MD5 Checksum: | ce78e866e21035b1d75c8e6ed56a451f |
|
| /// File Name: | nufw-2.2.16.tar.gz | Description:
| NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server. | | Author: | regit | | Homepage: | http://www.nufw.org/ | | Changes: | This release contains a bunch of fixes and introduces a new user session module - authtype. | | File Size: | 792542 | | Last Modified: | Aug 25 20:23:30 2008 | | MD5 Checksum: | 7a4f72298783b877a050863888d643df |
|
| /// File Name: | fwknop-1.9.7.tar.gz | Description:
| fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. | | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Mirek Trmac from Red Hat contributed several patches so that fwknop can be bundled within the Fedora Linux distribution. Updated fwknop, fwknopd, and knoptm to import perl modules out of the /usr/lib/fwknop/ directory if it exists. Added module version output for each non-core perl module used by fwknop and fwknopd in --debug mode. Various other additions and fixes. | | File Size: | 572921 | | Last Modified: | Aug 25 20:21:55 2008 | | MD5 Checksum: | 955a2a920aeeab655d16da212f70b5e8 |
|
| /// File Name: | belkin-bypass.txt | Description:
| Belkin wireless G router and ADSL2 modem authentication bypass exploit. | | Author: | noensr | | File Size: | 5162 | | Last Modified: | Aug 25 20:18:36 2008 | | MD5 Checksum: | 9119bf2575e2d603c0dd43fdac82247a |
|
| /// File Name: | PLSA-2008-30.txt | Description:
| Pardus Linux Security Advisory - Insufficient sanitization can lead to Vim executing arbitrary commands when performing keyword or tag lookup. | | Author: | Pardus Linux | | File Size: | 1298 | | Last Modified: | Aug 25 20:17:20 2008 | | MD5 Checksum: | bba89f851911b3ef0f74460ddb4d69a5 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
