Section: .. / Last 100 Files /
| /// File Name: | antenna-sql.txt | Description:
| It seems like some PHP code provided by Leicester Internet Services Antenna Web Services suffers from remote SQL injection vulnerabilities. | | Author: | P47r1ck | | Homepage: | http://www.darkc0de.com/ | | File Size: | 2794 | | Last Modified: | Oct 6 21:10:38 2008 | | MD5 Checksum: | df3913ee28981d01e69556c4195315f8 |
|
| /// File Name: | timbuktu-pwn.txt | Description:
| The Motorola/Netopia Timbuktu Remote Control Software suffers from a flaw in the Internet Locator service that allows anyone to find someone by just knowing their email address. | | Author: | Wintercore | | Homepage: | http://www.wintercore.com/ | | File Size: | 1401 | | Last Modified: | Oct 6 21:08:16 2008 | | MD5 Checksum: | cc21e159c048321b9694b8bec0e1dde3 |
|
| /// File Name: | geccbblite-sql.txt | Description:
| geccBBlite version 2.0 remote SQL injection exploit that uses leggi.php. | | Author: | Piker | | File Size: | 3806 | | Last Modified: | Oct 6 21:05:56 2008 | | MD5 Checksum: | 15e104653b65a55669de18efc86cf04f |
|
| /// File Name: | fastpublish-lfisql.txt | Description:
| Fastpublish CMS version 1.9999 suffers from local file inclusion and SQL injection vulnerabilities. | | Author: | ~!Dok_tOR!~ | | Homepage: | http://www.antichat.ru/ | | File Size: | 1426 | | Last Modified: | Oct 6 21:05:04 2008 | | MD5 Checksum: | 4c085d1ed3b6598c0560c11e8f53fa0e |
|
| /// File Name: | phpabook-lfi.txt | Description:
| phpAbook versions 0.8.8b suffers from a local file inclusion vulnerability by leveraging the cookie. | | Author: | JosS | | Homepage: | http://www.spanish-hackers.com/ | | File Size: | 984 | | Last Modified: | Oct 6 21:03:59 2008 | | MD5 Checksum: | be30d14264af177d9ba31fcfcc2068b6 |
|
| /// File Name: | asicms-rfi.txt | Description:
| asiCMS alpha version 0.208 suffers from multiple remote file inclusion vulnerabilities. | | Author: | NoGe | | File Size: | 3092 | | Last Modified: | Oct 6 21:02:21 2008 | | MD5 Checksum: | 04ab4e817896f65cb139ba610886aad9 |
|
| /// File Name: | fossgp-upload.txt | Description:
| FOSS Gallery Public versions 1.0 and below suffer from an arbitrary file upload vulnerability. | | Author: | Pepelux | | Homepage: | http://www.enye-sec.org/ | | File Size: | 563 | | Last Modified: | Oct 6 21:01:39 2008 | | MD5 Checksum: | 2ec20d3c6b1d886410240d10ae079dad |
|
| /// File Name: | bluecoat-bypass.txt | Description:
| Blue Coat K9 Web Protection version 4.0.230 Beta suffers from multiple administrative bypass vulnerabilities due to controlling access via javascript. | | Author: | Fabio Pinheiro | | Homepage: | http://dicas3000.blogspot.com/ | | File Size: | 977 | | Last Modified: | Oct 6 20:57:43 2008 | | MD5 Checksum: | ec3ac699e04fa37600344d8d751904f7 |
|
| /// File Name: | opennms-xss.txt | Description:
| OpenNMS version 1.5.93-1 suffers from HTTP response splitting and cross site scripting vulnerabilities. | | Author: | Moshe BA | | Homepage: | http://www.bugsec.com/ | | File Size: | 5975 | | Last Modified: | Oct 6 20:55:50 2008 | | MD5 Checksum: | 85d4f502a9d57fbea2d2560efa484e0c |
|
| /// File Name: | targeting-voip.pdf | Description:
| Whitepaper discussing methodologies and logistics to targeting Voice Over IP (VoIP) networks. | | Author: | Kendric Tang | | Homepage: | http://www.irmplc.com/ | | File Size: | 730065 | | Last Modified: | Oct 6 20:52:11 2008 | | MD5 Checksum: | 6cf443937c55a3febd2aff3bf63c18ac |
|
| /// File Name: | ifoto-disclose.txt | Description:
| iFoto Photo Gallery versions 1.0 and below suffer from a remote file disclosure vulnerability. | | Author: | Pepelux | | Homepage: | http://www.enye-sec.org/ | | File Size: | 789 | | Last Modified: | Oct 6 20:29:52 2008 | | MD5 Checksum: | ebc6d785d4aa55f8ce0b8eeaa157b5c5 |
|
| /// File Name: | phpwebexplorer-lfi.txt | Description:
| PHPWebExplorer versions 0.09b and below suffer from a local file inclusion vulnerability. | | Author: | Pepelux | | Homepage: | http://www.enye-sec.org/ | | File Size: | 815 | | Last Modified: | Oct 6 20:28:36 2008 | | MD5 Checksum: | 94d1426e25f049cc9ded68dfcde253e3 |
|
| /// File Name: | interdynamic-sql.txt | Description:
| InterDynamic SA web sites suffer from a remote SQL injection vulnerability. | | Author: | underc, Dapirates | | Homepage: | http://www.darkc0de.com/ | | File Size: | 2030 | | Last Modified: | Oct 6 20:27:34 2008 | | MD5 Checksum: | 4bb6a6ca0c622dfbeb7c51e237960609 |
|
| /// File Name: | verisign-xss.txt | Description:
| The VeriSign Kontiki Delivery Management System (DMS) versions 5.0 and below suffer from a cross site scripting vulnerability. | | Author: | Mazin Faour | | Homepage: | http://www.irmplc.com/ | | File Size: | 1916 | | Last Modified: | Oct 6 20:25:23 2008 | | MD5 Checksum: | fdf83b16ce4c0daac617a79a916defb8 |
|
| /// File Name: | jmweb-lfi.txt | Description:
| JMweb MP3 suffers from multiple local file inclusion vulnerabilities. | | Author: | SirGod | | Homepage: | http://www.mortal-team.com/ | | File Size: | 986 | | Last Modified: | Oct 6 20:22:44 2008 | | MD5 Checksum: | 557b7075fe29e066530bf30867bd487f |
|
| /// File Name: | galerie-blindsql.txt | Description:
| Galerie version 3.2 WBB Lite add-on blind SQL injection exploit. | | Author: | J0hn.X3r | | File Size: | 4619 | | Last Modified: | Oct 6 20:21:47 2008 | | MD5 Checksum: | 6bb25649afeae3053f5f01dacb5e6a2b |
|
| /// File Name: | foss10-upload.txt | Description:
| FOSS Gallery Admin versions 1.0 and below remote arbitrary upload exploit. | | Author: | Pepelux | | Homepage: | http://www.enye-sec.org/ | | File Size: | 1928 | | Last Modified: | Oct 6 20:20:27 2008 | | MD5 Checksum: | 6ebe2e70a4c2c1ed6cec4d3b138f46df |
|
| /// File Name: | foss-upload.txt | Description:
| FOSS Gallery Public versions 1.0 and below arbitrary upload / information c99 exploit. | | Author: | JosS | | Homepage: | http://www.spanish-hackers.com/ | | File Size: | 2450 | | Last Modified: | Oct 6 20:18:50 2008 | | MD5 Checksum: | f7519898cd134f8e682f0472387fd85f |
|
| /// File Name: | ppim-lfi.txt | Description:
| pPIM version 1.01 suffers from a local file inclusion vulnerability in notes.php. | | Author: | JosS | | Homepage: | http://www.spanish-hackers.com/ | | File Size: | 1175 | | Last Modified: | Oct 6 20:17:44 2008 | | MD5 Checksum: | 2fa88e21871a87656df0cfca9ebc4ee9 |
|
| /// File Name: | kwalbum-upload.txt | Description:
| Kwalbum versions 2.0.2 and below suffer from an arbitrary file upload vulnerability. | | Author: | CWH Underground | | Homepage: | http://www.citecclub.org/ | | File Size: | 1632 | | Last Modified: | Oct 6 20:16:55 2008 | | MD5 Checksum: | f1ee2eff2f7c14874f79fb53b7ec552a |
|
| /// File Name: | ccms-lfi.txt | Description:
| CCMS version 3.1 suffers from multiple local file inclusion vulnerabilities. | | Author: | SirGod | | Homepage: | http://www.mortal-team.com/ | | File Size: | 2264 | | Last Modified: | Oct 6 20:15:59 2008 | | MD5 Checksum: | a4ee55f68d1cc3e1edfd1c6f1fe5ab20 |
|
| /// File Name: | vmware-emulation.txt | Description:
| By exploiting the VMware flaw described in this document, user-mode code executing in a virtual machine may gain kernel privileges within the virtual machine, dependent upon the guest operating system. The flaw has been proven exploitable on x64 versions of Windows, and it has produced potentially exploitable crashes on x64 versions of *BSD. The Linux kernel does not allow exploitation of the flaws on x64 versions of Linux. | | Author: | Derek Soeder | | File Size: | 20674 | | Related CVE(s): | CVE-2008-4279, CVE-2008-3890 | | Last Modified: | Oct 6 18:43:37 2008 | | MD5 Checksum: | 9d308b99f74f10aaccfde19943b9cbc4 |
|
| /// File Name: | VMSA-2008-0016.txt | Description:
| VMware Security Advisory - VMware addresses an in-guest privilege escalation on 64-bit guest operating systems in ESX, ESXi, and previously released versions of our hosted product line. Updated VMware VirtualCenter Update 3 addresses potential information disclosure and updates Java JRE packages. | | Homepage: | http://www.vmware.com/ | | File Size: | 16144 | | Related CVE(s): | CVE-2008-4279, CVE-2008-4278, CVE-2008-3103, CVE-2008-3104, CVE-2008-3105, CVE-2008-3106, CVE-2008-3107, CVE-2008-3108, CVE-2008-3109, CVE-2008-3110, CVE-2008-3111, CVE-2008-3112, CVE-2008-3113, CVE-2008-3114, CVE-2008-3115 | | Last Modified: | Oct 6 18:39:57 2008 | | MD5 Checksum: | 6d2cadbdc3aa8d8b14781c8f7a10e20e |
|
| /// File Name: | MDVSA-2008-210.txt | Description:
| Mandriva Linux Security Advisory - CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string. The updated packages have been patched to fix the issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 13068 | | Related CVE(s): | CVE-2008-3906 | | Last Modified: | Oct 6 18:36:47 2008 | | MD5 Checksum: | 68b4e4fdd62c729cba03aa357003d366 |
|
| /// File Name: | MDVSA-2008-209.txt | Description:
| Mandriva Linux Security Advisory - Stéphane Bertin discovered a flaw in the pam_krb5 existing_ticket configuration option where, if enabled and using an existing credential cache, it was possible for a local user to gain elevated privileges by using a different, local user's credential cache. The updated packages have been patched to prevent this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3263 | | Related CVE(s): | CVE-2008-3825 | | Last Modified: | Oct 6 18:36:25 2008 | | MD5 Checksum: | 6c8c02e04058c8e9e9b7b397c121754e |
|
| /// File Name: | faststone-dos.txt | Description:
| FastStone Image Viewer version 3.6 malformed BMP image denial of service exploit. | | Author: | suN8Hclf | | Homepage: | http://www.dark-coders.pl/ | | File Size: | 1264 | | Last Modified: | Oct 6 18:31:32 2008 | | MD5 Checksum: | adac5794f150c02f3b3dd8896007bd91 |
|
| /// File Name: | ayeview-dos.txt | Description:
| AyeView version 2.20 invalid bitmap header parsing denial of service exploit. | | Author: | suN8Hclf | | Homepage: | http://www.dark-coders.pl/ | | File Size: | 2690 | | Last Modified: | Oct 6 18:30:58 2008 | | MD5 Checksum: | 8e14eff221ce5dc0da7b21679822fea7 |
|
| /// File Name: | vista-access.txt | Description:
| Microsoft Windows Vista access violation from limited account denial of service blue screen of death exploit. | | Author: | Defsanguje | | File Size: | 2452 | | Last Modified: | Oct 6 18:30:00 2008 | | MD5 Checksum: | 68e64c685219c6145071f4a9faebb354 |
|
| /// File Name: | hammer-traversal.txt | Description:
| Hammer Software MetaGauge version 1.0.0.17 suffers from a directory traversal vulnerability. | | Author: | Brad Antoniewicz | | File Size: | 760 | | Related CVE(s): | CVE-2008-4421 | | Last Modified: | Oct 6 18:28:23 2008 | | MD5 Checksum: | e7eacd600ee59a1dce5ab3cccd014630 |
|
| /// File Name: | mirc634-overflow.txt | Description:
| MIRC version 6.34 remote buffer overflow exploit that spawns calc.exe. | | Author: | SkD | | File Size: | 2697 | | Last Modified: | Oct 6 18:27:02 2008 | | MD5 Checksum: | 4e0f112638c474ea9793b70bea109bed |
|
| /// File Name: | ShellCodeForBeginners.pdf | Description:
| ShellCode For Beginners - A short whitepaper discussing what defines shellcode and simple fundamentals surrounding its use. | | Author: | Beenu Arora | | Homepage: | http://www.beenuarora.com/ | | File Size: | 107268 | | Last Modified: | Oct 3 14:11:59 2008 | | MD5 Checksum: | 07361f6aebc463b21728882f5c3c50d4 |
|
| /// File Name: | secunia-trendtraverse.txt | Description:
| Secunia Research has discovered a vulnerability in Trend Micro OfficeScan, which can be exploited by malicious people to gain knowledge of sensitive information. The vulnerability is caused by an input validation error in TmListen.exe when a client is configured to be an update agent. This can be exploited to retrieve arbitrary files from the system via directory traversal attacks. Affected is Trend Micro OfficeScan 7.3 patch 4 build 1367. | | Homepage: | http://secunia.com/ | | File Size: | 4246 | | Related CVE(s): | CVE-2008-2439 | | Last Modified: | Oct 3 14:08:29 2008 | | MD5 Checksum: | cd3bd7717ea3e9d76584427b2039083a |
|
| /// File Name: | vba32-poc.tgz | Description:
| VBA32 Personal Antivirus version 3.12.8.x suffers from a malformed archive denial of service vulnerability. Proof of concept exploit enclosed. | | Author: | LiquidWorm | | Homepage: | http://www.zeroscience.org/ | | File Size: | 10684 | | Last Modified: | Oct 3 14:00:33 2008 | | MD5 Checksum: | d59ccdb754ec13657e227efe39bb89a1 |
|
| /// File Name: | Gdi.tgz | Description:
| This archive contains two EMR_COLORMATCHTOTARGETW related stack buffer overflow exploits. calc.zip executes calc.exe and IE.zip and localhost.zip connect back to port 230. | | Author: | Ac!dDrop | | File Size: | 1353 | | Last Modified: | Oct 3 13:58:11 2008 | | MD5 Checksum: | 05232665cf0225ea433977e7c5d0744e |
|
| /// File Name: | opennhrp-0.8.tar.bz2 | Description:
| OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible. | | Author: | Timo Teras | | Homepage: | http://sourceforge.net/projects/opennhrp/ | | Changes: | Fixed a memory leak, turned down verbosity on logging, some new admin commands, and more. | | File Size: | 86574 | | Last Modified: | Oct 3 12:35:14 2008 | | MD5 Checksum: | 5e671a243981b41f47838e7be02690de |
|
| /// File Name: | servu72-upload.txt | Description:
| Serv-U version 7.2.0.1 suffers from a remote FTP file replacement vulnerability. | | Author: | dmnt | | Related Exploit: | servu72-dos.txt | | File Size: | 369 | | Last Modified: | Oct 3 12:29:48 2008 | | MD5 Checksum: | 9d56ebbb5d60ff809c562ed83d970868 |
|
| /// File Name: | servu72-dos.txt | Description:
| Serv-U version 7.2.0.1 suffers from a remote denial of service vulnerability. | | Author: | dmnt | | File Size: | 278 | | Last Modified: | Oct 3 12:28:25 2008 | | MD5 Checksum: | 3a4a7dc94a88ddaf8bc332a3c8dbc1f2 |
|
| /// File Name: | mirc-overflow.txt | Description:
| MIRC version 6.34 remote buffer overflow proof of concept exploit. | | Author: | securfrog | | File Size: | 988 | | Last Modified: | Oct 3 12:26:44 2008 | | MD5 Checksum: | 7bce579af5ef91ecbb3234f66574f375 |
|
| /// File Name: | openx-blindsql.txt | Description:
| OpenX version 2.6 remote blind SQL injection exploit that leverages ac.php. | | Author: | d00m3r4ng | | File Size: | 1771 | | Last Modified: | Oct 3 12:25:04 2008 | | MD5 Checksum: | 03da8ed07bee2d8a69a9e6d1fecae2c1 |
|
| /// File Name: | adaptcms-blindsql.txt | Description:
| AdaptCMS Lite versions 1.3 and below blind SQL injection exploit. | | Author: | StAkeR | | File Size: | 1334 | | Last Modified: | Oct 3 12:24:00 2008 | | MD5 Checksum: | 29debfcf27d221418143e459ef655aaf |
|
| /// File Name: | ipreg-blindsql.txt | Description:
| IP Reg versions 0.4 and below blind SQL injection exploit that leverages login.php. | | Author: | StAkeR | | File Size: | 1778 | | Last Modified: | Oct 3 12:22:45 2008 | | MD5 Checksum: | 2026624acb5aa424c443d7042dc802e6 |
|
| /// File Name: | fpe-sql.txt | Description:
| Full PHP Emlak Script suffers from a remote SQL injection vulnerability in arsaprint.php. | | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1718 | | Last Modified: | Oct 3 12:20:37 2008 | | MD5 Checksum: | f04c8b723f6016f22ea9ddc00124afd1 |
|
| /// File Name: | USN-650-1.txt | Description:
| Ubuntu Security Notice 650-1 - A buffer overflow was discovered in cpio. If a user were tricked into opening a crafted cpio archive, an attacker could cause a denial of service via application crash, or possibly execute code with the privileges of the user invoking the program. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 5038 | | Related CVE(s): | CVE-2007-4476 | | Last Modified: | Oct 2 20:47:08 2008 | | MD5 Checksum: | 327a931e102a05f6cb3e829727a90e1a |
|
| /// File Name: | hostadmin-xss.txt | Description:
| HostAdmin versions 3.1.1 and below suffer form a cross site scripting vulnerability. | | Author: | Am!r | | Homepage: | http://www.irist.ir/ | | File Size: | 2000 | | Last Modified: | Oct 2 17:49:28 2008 | | MD5 Checksum: | 6bc89dbde56cc8af30f327f466285c1d |
|
| /// File Name: | juniper-xss.txt | Description:
| Layered Defense Research Advisory - The Juniper Netscreen firewall NetOS version 5.4.0r9.0 suffers from a cross site scripting vulnerability. | | Author: | Deral Heiland | | Homepage: | http://www.layereddefense.com/ | | File Size: | 2156 | | Last Modified: | Oct 2 17:39:33 2008 | | MD5 Checksum: | 980859c903b74880d278edecfa19fc6c |
|
| /// File Name: | flash9-dereference.txt | Description:
| Flash 9 appears to suffer from a null pointer dereferencing in versions 9.0.45.0, 9.0.112.0, 9.0.124.0, and 10.0.12.10. | | Author: | Matthew Dempsky | | Homepage: | http://www.mochimedia.com/ | | File Size: | 1259 | | Last Modified: | Oct 2 17:37:07 2008 | | MD5 Checksum: | 0c0bc484451003d874ae888ba3a01584 |
|
| /// File Name: | FreeBSD-SA-08.10.nd6.txt | Description:
| FreeBSD Security Advisory - IPv6 routers may allow "on-link" IPv6 nodes to create and update the router's neighbor cache and forwarding information. A malicious IPv6 node sharing a common router but on a different physical segment from another node may be able to spoof Neighbor Discovery messages, allowing it to update router information for the victim node. | | Homepage: | http://security.freebsd.org/ | | File Size: | 5904 | | Related CVE(s): | CVE-2008-2476 | | Last Modified: | Oct 2 17:27:21 2008 | | MD5 Checksum: | 64e0b075d9702e72377ce9003d10ea78 |
|
| /// File Name: | prs-cookie.txt | Description:
| phpscripts Ranking Script suffers from an insecure cookie handling vulnerability. | | Author: | Crackers_Child | | File Size: | 900 | | Last Modified: | Oct 2 17:24:07 2008 | | MD5 Checksum: | cf84a19ab66324ce7873a92a22e2357f |
|
| /// File Name: | vxftpsrv-overflow.txt | Description:
| vxFtpSrv version 2.0.3 CWD command proof of concept buffer overflow exploit. | | Author: | Julien Bedard | | Homepage: | http://www.kosseclab.com/ | | File Size: | 1212 | | Last Modified: | Oct 2 17:23:27 2008 | | MD5 Checksum: | ba153cb88ae9d4407c8222d27e0ff206 |
|
| /// File Name: | olibwebview-lfi.txt | Description:
| OLIB 7 WebView version 2.5.1.1 suffers from a local file inclusion vulnerability. | | Author: | ZeN | | Homepage: | http://dusecurity.com/ | | File Size: | 799 | | Last Modified: | Oct 2 17:04:41 2008 | | MD5 Checksum: | a49e2424c5c69a2495cadb0607a68f32 |
|
| /// File Name: | buxto-cookie.txt | Description:
| Bux.to Clone Script suffers from an insecure cookie handling vulnerability. | | Author: | SirGod | | Homepage: | http://www.mortal-team.com/ | | File Size: | 813 | | Last Modified: | Oct 2 17:03:25 2008 | | MD5 Checksum: | c0fba67e29d87246e068c967d83a953f |
|
| /// File Name: | USN-649-1.txt | Description:
| Ubuntu Security Notice 649-1 - It was discovered that the ForceCommand directive could be bypassed. If a local user created a malicious ~/.ssh/rc file, they could execute arbitrary commands as their user id. This only affected Ubuntu 7.10. USN-355-1 fixed vulnerabilities in OpenSSH. It was discovered that the fixes for this issue were incomplete. A remote attacker could attempt multiple logins, filling all available connection slots, leading to a denial of service. This only affected Ubuntu 6.06 and 7.04. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 14795 | | Related CVE(s): | CVE-2008-1657, CVE-2008-4109 | | Last Modified: | Oct 1 22:51:55 2008 | | MD5 Checksum: | 58000d9dd0f2929fcc69919a75c30afe |
|
| /// File Name: | linktrader-sql.txt | Description:
| Link Trader suffers from a remote SQL injection vulnerability in ratelink.php. | | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1729 | | Last Modified: | Oct 1 18:09:17 2008 | | MD5 Checksum: | 90b5497915eacb7c458513e8b769cd78 |
|
| /// File Name: | rportal-rfilfi.txt | Description:
| RPortal versions 1.1 and below suffer from remote and local file inclusion vulnerabilities. | | Author: | Kad | | File Size: | 1140 | | Last Modified: | Oct 1 18:08:26 2008 | | MD5 Checksum: | 31c9161796f35732821ab23bfba60a4a |
|
| /// File Name: | zfz20BETA.tar.gz | Description:
| ZfZ stands for Zeroday fuZzer. ZfZ is a network fuzzer that supports many protocols and can do generic fuzzing as well. It is trivial to add protocols to fuzz, just copy and modify the protocols already implemented. | | Author: | Jeremy Brown | | Homepage: | http://jbrownsec.blogspot.com/ | | File Size: | 44855 | | Last Modified: | Oct 1 18:00:00 2008 | | MD5 Checksum: | b533d8929a93e66708fde27b7b26bc16 |
|
| /// File Name: | bmforum-sql.txt | Description:
| BMForum version 5.6 suffers from a remote SQL injection vulnerability. | | Author: | ~!Dok_tOR!~ | | Homepage: | http://www.antichat.ru/ | | File Size: | 328 | | Last Modified: | Oct 1 17:57:14 2008 | | MD5 Checksum: | 38210992f929e3cb2d8b1dbceac32846 |
|
| /// File Name: | discforums-sql.txt | Description:
| Discussion Forums 2k version 3.3 suffers from multiple remote SQL injection vulnerabilities. | | Author: | ~!Dok_tOR!~ | | Homepage: | http://www.antichat.ru/ | | File Size: | 660 | | Last Modified: | Oct 1 17:56:41 2008 | | MD5 Checksum: | 65da34d2a679a7317dad2a2687f7b183 |
|
| /// File Name: | nonamecms-sql.txt | Description:
| Noname CMS version 1.0 suffers from multiple remote SQL injection vulnerabilities. | | Author: | ~!Dok_tOR!~ | | Homepage: | http://www.antichat.ru/ | | File Size: | 567 | | Last Modified: | Oct 1 17:56:01 2008 | | MD5 Checksum: | 35fe59adf610e4331d98a0643f7795fe |
|
| /// File Name: | mysqlquick-lfi.txt | Description:
| MySQL Quick Admin versions 1.5.5 and below suffer from a local file inclusion vulnerability. | | Author: | JosS | | Homepage: | http://www.spanish-hackers.com/ | | File Size: | 970 | | Last Modified: | Oct 1 17:54:37 2008 | | MD5 Checksum: | 83d60922e0c258d0a9ce32b89766478c |
|
| /// File Name: | celoxis-xss.txt | Description:
| The web based project management tool Celoxis is susceptible to cross site scripting vulnerabilities. | | File Size: | 1803 | | Last Modified: | Oct 1 17:47:14 2008 | | MD5 Checksum: | 7c59f06267f9a6ced9652f57ec723e2a |
|
| /// File Name: | ecrater-xss.txt | Description:
| eCRATER suffers from a cross site scripting vulnerability in cart.php. | | Author: | d3v1l | | File Size: | 1302 | | Last Modified: | Oct 1 17:45:43 2008 | | MD5 Checksum: | 6c69b029393e59c8cbc88a99d411062b |
|
| /// File Name: | webshell431-xssxsrf.txt | Description:
| Web Shell version 4.3.10 suffers from cross site scripting and cross site request forgery vulnerabilities. | | Author: | C1c4Tr1Z | | Homepage: | http://www.lowsec.org/ | | File Size: | 7149 | | Last Modified: | Oct 1 17:44:30 2008 | | MD5 Checksum: | c89bd0bbed49467e0dd5def46832a511 |
|
| /// File Name: | printlog-disclose.txt | Description:
| Printlog versions 0.4 and below suffer from a remote file disclosure vulnerability. | | Author: | Pepelux | | Homepage: | http://www.enye-sec.org/ | | File Size: | 1398 | | Last Modified: | Oct 1 17:42:53 2008 | | MD5 Checksum: | 6c2383ba3d61bfd5893e67d62d64f067 |
|
| /// File Name: | fwknop-1.9.8.tar.gz | Description:
| fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. | | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Added GPG_NO_REQUIRE_PREFIX to access.conf. Bugfix to make sure that neither fwknop nor fwknopd reference any options file in GnuPG mode. Added the ability to control the path used for the gpg binary. Various other fixes and additions. | | File Size: | 580242 | | Last Modified: | Oct 1 17:41:14 2008 | | MD5 Checksum: | 8dac0e2fc52ab4508563efe3617721f0 |
|
| /// File Name: | phpscheduleit-exec.txt | Description:
| phpScheduleIt versions 1.2.10 and below remote code execution exploit that leverages reserve.php. | | Author: | EgiX | | File Size: | 3218 | | Last Modified: | Oct 1 17:38:13 2008 | | MD5 Checksum: | e78036b3e389c71d8e9ad9fcd07ba788 |
|
| /// File Name: | cruxgallery-lfi.txt | Description:
| Crux Gallery versions 1.32 and below suffer from a local file inclusion vulnerability in index.php. | | Author: | StAkeR | | File Size: | 757 | | Last Modified: | Oct 1 17:37:19 2008 | | MD5 Checksum: | 836d49696bda021e8abb2f1d8ec7db14 |
|
| /// File Name: | adnforum-sql.txt | Description:
| ADN Forum versions 1.0b and below blind SQL injection exploit. | | Author: | StAkeR | | File Size: | 1158 | | Last Modified: | Oct 1 17:36:19 2008 | | MD5 Checksum: | 5500a771af45bdd73c886285d803692b |
|
| /// File Name: | bookmarksfav-sql.txt | Description:
| BookMarks Favourites Script suffers from a remote SQL injection vulnerability in view_group.php. | | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1425 | | Last Modified: | Oct 1 17:08:47 2008 | | MD5 Checksum: | f84c9e7f0386b683d33c51cff9328044 |
|
| /// File Name: | rianxosencabos-sql.txt | Description:
| Rianxosencabos CMS version 0.9 suffers from a remote blind SQL injection vulnerability. | | Author: | ka0x | | File Size: | 835 | | Last Modified: | Oct 1 17:07:33 2008 | | MD5 Checksum: | f1464e4269a61d2f57c70ca5317a4938 |
|
| /// File Name: | gdpicture-exec.txt | Description:
| GdPicture Pro ActiveX file overwrite and execution exploit that makes use of gdpicture4s.ocx. | | Author: | EgiX | | File Size: | 2141 | | Last Modified: | Oct 1 17:03:25 2008 | | MD5 Checksum: | 516e9a6dd8e038329760078e593eab4a |
|
| /// File Name: | a4desk-sqldisclose.txt | Description:
| A4Desk Event Calendar suffers from remote SQL injection and file disclosure vulnerabilities. | | Author: | r45c4l | | Homepage: | http://www.darkc0de.com | | File Size: | 2477 | | Last Modified: | Oct 1 17:01:52 2008 | | MD5 Checksum: | b0878c3cf673a2da0c9eab9a6b720949 |
|
| /// File Name: | phpmyid-inject.txt | Description:
| phpMyID can act as a redirector and allows for header injection. Version 0.9 is affected. | | Author: | Raphael Geissert | | File Size: | 1274 | | Last Modified: | Oct 1 17:00:02 2008 | | MD5 Checksum: | 5abdc42df08402afe804c833a6b41859 |
|
| /// File Name: | USN-648-1.txt | Description:
| Ubuntu Security Notice 648-1 - Philipp Thomas discovered that the ppscan function of nasm contained an off-by-one error. If a user or automated system were tricked into assembling a specially crafted ASM file, a remote attacker could execute arbitrary commands with user privileges. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 2349 | | Related CVE(s): | CVE-2008-2719 | | Last Modified: | Sep 30 20:34:06 2008 | | MD5 Checksum: | 02ceb93e6d6e71fbeecd6efcbed25e43 |
|
| /// File Name: | msnshadow-0.3_beta.tar.bz2 | Description:
| MSN Shadow is a forensics tool to analyze the MSN protocol. It has features such as: text sniffing, video sniffing, spoofing messages, hijacking sessions, shutdown users, save text sniffed in HTML format, save video sniffed in AVI format. | | Author: | Gabriel Menezes Nunes | | Homepage: | http://msnshadow.sourceforge.net | | Changes: | Adds ability to capture contacts links, red pcap files, and detect video streams. | | File Size: | 863510 | | Last Modified: | Sep 30 20:31:40 2008 | | MD5 Checksum: | 65fcec2b79b267a38f935780118ec156 |
|
| /// File Name: | sgrealestate-cookie.txt | Description:
| SG Real Estate Portal version 2.0 suffers from an insecure cookie handling vulnerability. | | Author: | Stack | | Homepage: | http://v4-team.com/ | | File Size: | 395 | | Last Modified: | Sep 30 20:24:28 2008 | | MD5 Checksum: | 3dc68d2f801fb24b4ffcc207aeb73eee |
|
| /// File Name: | sgrealestate-sql.txt | Description:
| SG Real Estate Portal version 2.0 remote blind SQL injection exploit. | | Author: | Stack | | Homepage: | http://v4-team.com/ | | File Size: | 2862 | | Last Modified: | Sep 30 20:23:20 2008 | | MD5 Checksum: | 6bc583b1e665eeae176eee07cde4cb2d |
|
| /// File Name: | sgrealestate-sqllfi.txt | Description:
| SG Real Estate Portal version 2.0 suffers from blind SQL injection and local file inclusion vulnerabilities. | | Author: | SirGod | | Homepage: | http://www.mortal-team.com/ | | File Size: | 3012 | | Last Modified: | Sep 30 20:22:14 2008 | | MD5 Checksum: | 087e027c32732db3cd30868b944fc33a |
|
| /// File Name: | autodesk-exec.txt | Description:
| Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit. | | Author: | Nine:Situations:Group | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 2791 | | Last Modified: | Sep 30 20:20:45 2008 | | MD5 Checksum: | 99bab3b6a9842988632235ad6239a43a |
|
| /// File Name: | geoipgen0.2b.tgz | Description:
| geoipgen is an IP network tool written in Ruby for generating geotargeted lists of IP Addresses using MaxMind's Free Open Source GeoLite Country database (www.maxmind.com). Examples: Generate all IPs for New Zealand (./geoipgen -s nz), generate 10,000 random ips for far east asia (geoipgen -n 10000 cn hk mn tw mo jp kr kp), indefinitely generate random ips for japan (geoipgen jp). | | Author: | Andrew Horton | | Homepage: | http://code.google.com/p/geoipgen/ | | File Size: | 4655 | | Last Modified: | Sep 30 20:17:03 2008 | | MD5 Checksum: | 06d980f9429355c1e752310261882c59 |
|
| /// File Name: | faq-sql.txt | Description:
| FAQ Management script suffers from a remote SQL injection vulnerability. | | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1398 | | Last Modified: | Sep 30 20:01:08 2008 | | MD5 Checksum: | 63c77f29d458a44544f75e03d28f359a |
|
| /// File Name: | a4deskphp-rfi.txt | Description:
| A4Desk PHP Event Calendar suffers from a remote file inclusion vulnerability. | | Author: | Lo$er | | File Size: | 553 | | Last Modified: | Sep 30 19:58:06 2008 | | MD5 Checksum: | b96b41639284183cd9f224aba5ba0ea5 |
|
| /// File Name: | major_rls56.txt | Description:
| moziloWiki versions 1.0.1 and below suffer from directory traversal, cross site scripting, and session fixation vulnerabilities. | | Author: | David "Aesthetico" Vieira-Kurz | | Homepage: | http://www.majorsecurity.de | | File Size: | 2452 | | Last Modified: | Sep 30 19:56:48 2008 | | MD5 Checksum: | aa39ad4835751870219451376f118696 |
|
| /// File Name: | wordpressmu-xss.txt | Description:
| WordPress MU versions below 2.6 suffer from a cross site scripting vulnerability in wpmu-blogs.php. | | Author: | Juan Galiana | | File Size: | 1954 | | Last Modified: | Sep 30 19:54:27 2008 | | MD5 Checksum: | bcd9422dde4e5978e3ed325d56a1166f |
|
| /// File Name: | MDVSA-2008-208.txt | Description:
| Mandriva Linux Security Advisory - pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount. The updated packages have been patched to fix the issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4216 | | Related CVE(s): | CVE-2008-3970 | | Last Modified: | Sep 30 19:50:24 2008 | | MD5 Checksum: | a210fc8fdfa941c74dbe873f705be559 |
|
| /// File Name: | MDVSA-2008-207.txt | Description:
| Mandriva Linux Security Advisory - A race condition in OpenAFS 1.3.40 through 1.4.5 allowed remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks. The updated packages have been patched to prevent this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4947 | | Related CVE(s): | CVE-2007-6559 | | Last Modified: | Sep 30 19:49:50 2008 | | MD5 Checksum: | 3d067fbb36dc5e7ad9fdda237e66b1c8 |
|
| /// File Name: | msie7-dos.txt | Description:
| Microsoft Internet Explorer 7 denial of service exploit that is rumored to work on Konqueror as well. | | Author: | UniquE-Key | | Homepage: | http://www.UniquE-Key.Org/ | | File Size: | 1329 | | Last Modified: | Sep 30 19:49:05 2008 | | MD5 Checksum: | d0bfa30abedb808f52cbb7040c4040de |
|
| /// File Name: | linux-setresuid.txt | Description:
| 35 byte setresuid(0,0,0) /bin/sh shellcode for linux/x86. | | Author: | sorrow | | Homepage: | http://fhm.noblogs.org/ | | File Size: | 1077 | | Last Modified: | Sep 30 19:43:05 2008 | | MD5 Checksum: | e7aeb239fc6106cd3a2d3ceed98a3627 |
|
| /// File Name: | efront-upload.txt | Description:
| eFront versions 3.5.1 build 2710 and below suffer from a remote arbitrary upload vulnerability. | | Author: | Pepelux | | Homepage: | http://www.enye-sec.org/ | | File Size: | 1564 | | Last Modified: | Sep 30 19:40:44 2008 | | MD5 Checksum: | 1b8215f31e5b53a8bba20672ebcc1f5f |
|
| /// File Name: | minbank-rfi.txt | Description:
| Micronation Banking System version 1.5.0 suffers from multiple remote file inclusion vulnerabilities. | | Author: | DaRkLiFe | | File Size: | 1125 | | Last Modified: | Sep 30 19:39:11 2008 | | MD5 Checksum: | d6c560b8799e7774005fd9802f680788 |
|
| /// File Name: | arabcms-lfi.txt | Description:
| Arab CMS suffers from a local file inclusion vulnerability in rss.php. | | Author: | jiko | | File Size: | 1488 | | Last Modified: | Sep 30 19:35:09 2008 | | MD5 Checksum: | 8d61f4209b1cf8d90aaeea11df3e2d7d |
|
| /// File Name: | wireshark-dos.tgz | Description:
| Wireshark version 1.0.x .ncf file local denial of service exploit. | | Author: | Shinnok | | File Size: | 3710 | | Last Modified: | Sep 29 16:22:13 2008 | | MD5 Checksum: | 7b8b383ea34be162171d59302f71ab13 |
|
| /// File Name: | SSRT071467.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified with HP Insight Diagnostics. The vulnerability could be remotely exploited to gain unauthorized access to files. | | Homepage: | http://www.hp.com/ | | File Size: | 5641 | | Related CVE(s): | CVE-2008-3542 | | Last Modified: | Sep 29 16:19:56 2008 | | MD5 Checksum: | 95ff7010c1e7f8b057909c0d64853f50 |
|
| /// File Name: | easy4u-sqlxss.txt | Description:
| Easy4U CMS suffers from remote SQL injection and cross site scripting vulnerabilities in main.php. | | Author: | d3v1l | | File Size: | 1762 | | Last Modified: | Sep 29 16:18:53 2008 | | MD5 Checksum: | 00c8d8dd104cb9eb66d84bbee3a37df3 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
