Section: .. / Last 50 Files /
| /// File Name: | sacphp.txt | Description:
| Yerba SACphp versions 6.3 and below local file inclusion exploit. | | Author: | Pepelux | | Homepage: | http://www.enye-sec.org/ | | File Size: | 1247 | | Last Modified: | Oct 6 22:31:24 2008 | | MD5 Checksum: | 8db5ac674c4dd4e2e29dce7d9fe40bbc |
|
| /// File Name: | apple-store.txt | Description:
| Apple's Mail.app does not store S/MIME encrypted emails securely in the Drafts directory on server. Version 3.5 is affected. | | Homepage: | http://www.enablesecurity.com/ | | File Size: | 3346 | | Last Modified: | Oct 6 22:29:52 2008 | | MD5 Checksum: | d4bd986357144dbbc77a2f924357767a |
|
| /// File Name: | dsa-1644-1.txt | Description:
| Debian Security Advisory 1644-1 - Felipe Andres Manzano discovered that mplayer, a multimedia player, is vulnerable to several integer overflows in the Real video stream demuxing code. These flaws could allow an attacker to cause a denial of service (a crash) or potentially the execution of arbitrary code by supplying a maliciously crafted video file. | | Homepage: | http://www.debian.org/security | | File Size: | 5232 | | Related CVE(s): | CVE-2008-3827 | | Last Modified: | Oct 6 22:14:49 2008 | | MD5 Checksum: | 63d8bdd15952341d8b15445ba1e16b00 |
|
| /// File Name: | dsa-1643-1.txt | Description:
| Debian Security Advisory 1643-1 - Dmitry E. Oboukhov discovered that the "to-upgrade" plugin of Feta, a simpler interface to APT, dpkg, and other Debian package tools creates temporary files insecurely, which may lead to local denial of service through symlink attacks. | | Homepage: | http://www.debian.org/security | | File Size: | 2832 | | Related CVE(s): | CVE-2008-4440 | | Last Modified: | Oct 6 22:14:33 2008 | | MD5 Checksum: | 5117ac099afbaf76d8ba3f92087f33f1 |
|
| /// File Name: | phpfusiontris-sql.txt | Description:
| The triscoop_race_system module form PHP-Fusion is susceptible to a remote SQL injection vulnerability. | | Author: | boom3rang | | Homepage: | http://www.khq-crew.ws/ | | File Size: | 1218 | | Last Modified: | Oct 6 22:13:55 2008 | | MD5 Checksum: | 7179eea011d2ebd20c445bbe54280ce2 |
|
| /// File Name: | phpfusionrecept-sql.txt | Description:
| The recept module form PHP-Fusion is susceptible to a remote SQL injection vulnerability. | | Author: | boom3rang | | Homepage: | http://www.khq-crew.ws/ | | File Size: | 1377 | | Last Modified: | Oct 6 22:13:17 2008 | | MD5 Checksum: | 1ca6370bfdea447bdf7ce773c9b41698 |
|
| /// File Name: | phpfusionraid-sql.txt | Description:
| The raidtracker_panel module form PHP-Fusion is susceptible to a remote SQL injection vulnerability. | | Author: | boom3rang | | Homepage: | http://www.khq-crew.ws/ | | File Size: | 1191 | | Last Modified: | Oct 6 22:12:20 2008 | | MD5 Checksum: | e2530db8784d7c1a148a9c422f872e26 |
|
| /// File Name: | phpfusionmanuals-sql.txt | Description:
| The manuals module form PHP-Fusion is susceptible to a remote SQL injection vulnerability. | | Author: | boom3rang | | Homepage: | http://www.khq-crew.ws/ | | File Size: | 1512 | | Last Modified: | Oct 6 22:11:40 2008 | | MD5 Checksum: | 9a38b0c25d95dfdcf7fd9ccd1f8b6967 |
|
| /// File Name: | antenna-sql.txt | Description:
| It seems like some PHP code provided by Leicester Internet Services Antenna Web Services suffers from remote SQL injection vulnerabilities. | | Author: | P47r1ck | | Homepage: | http://www.darkc0de.com/ | | File Size: | 2794 | | Last Modified: | Oct 6 21:10:38 2008 | | MD5 Checksum: | df3913ee28981d01e69556c4195315f8 |
|
| /// File Name: | timbuktu-pwn.txt | Description:
| The Motorola/Netopia Timbuktu Remote Control Software suffers from a flaw in the Internet Locator service that allows anyone to find someone by just knowing their email address. | | Author: | Wintercore | | Homepage: | http://www.wintercore.com/ | | File Size: | 1401 | | Last Modified: | Oct 6 21:08:16 2008 | | MD5 Checksum: | cc21e159c048321b9694b8bec0e1dde3 |
|
| /// File Name: | geccbblite-sql.txt | Description:
| geccBBlite version 2.0 remote SQL injection exploit that uses leggi.php. | | Author: | Piker | | File Size: | 3806 | | Last Modified: | Oct 6 21:05:56 2008 | | MD5 Checksum: | 15e104653b65a55669de18efc86cf04f |
|
| /// File Name: | fastpublish-lfisql.txt | Description:
| Fastpublish CMS version 1.9999 suffers from local file inclusion and SQL injection vulnerabilities. | | Author: | ~!Dok_tOR!~ | | Homepage: | http://www.antichat.ru/ | | File Size: | 1426 | | Last Modified: | Oct 6 21:05:04 2008 | | MD5 Checksum: | 4c085d1ed3b6598c0560c11e8f53fa0e |
|
| /// File Name: | phpabook-lfi.txt | Description:
| phpAbook versions 0.8.8b suffers from a local file inclusion vulnerability by leveraging the cookie. | | Author: | JosS | | Homepage: | http://www.spanish-hackers.com/ | | File Size: | 984 | | Last Modified: | Oct 6 21:03:59 2008 | | MD5 Checksum: | be30d14264af177d9ba31fcfcc2068b6 |
|
| /// File Name: | asicms-rfi.txt | Description:
| asiCMS alpha version 0.208 suffers from multiple remote file inclusion vulnerabilities. | | Author: | NoGe | | File Size: | 3092 | | Last Modified: | Oct 6 21:02:21 2008 | | MD5 Checksum: | 04ab4e817896f65cb139ba610886aad9 |
|
| /// File Name: | fossgp-upload.txt | Description:
| FOSS Gallery Public versions 1.0 and below suffer from an arbitrary file upload vulnerability. | | Author: | Pepelux | | Homepage: | http://www.enye-sec.org/ | | File Size: | 563 | | Last Modified: | Oct 6 21:01:39 2008 | | MD5 Checksum: | 2ec20d3c6b1d886410240d10ae079dad |
|
| /// File Name: | bluecoat-bypass.txt | Description:
| Blue Coat K9 Web Protection version 4.0.230 Beta suffers from multiple administrative bypass vulnerabilities due to controlling access via javascript. | | Author: | Fabio Pinheiro | | Homepage: | http://dicas3000.blogspot.com/ | | File Size: | 977 | | Last Modified: | Oct 6 20:57:43 2008 | | MD5 Checksum: | ec3ac699e04fa37600344d8d751904f7 |
|
| /// File Name: | opennms-xss.txt | Description:
| OpenNMS version 1.5.93-1 suffers from HTTP response splitting and cross site scripting vulnerabilities. | | Author: | Moshe BA | | Homepage: | http://www.bugsec.com/ | | File Size: | 5975 | | Last Modified: | Oct 6 20:55:50 2008 | | MD5 Checksum: | 85d4f502a9d57fbea2d2560efa484e0c |
|
| /// File Name: | targeting-voip.pdf | Description:
| Whitepaper discussing methodologies and logistics to targeting Voice Over IP (VoIP) networks. | | Author: | Kendric Tang | | Homepage: | http://www.irmplc.com/ | | File Size: | 730065 | | Last Modified: | Oct 6 20:52:11 2008 | | MD5 Checksum: | 6cf443937c55a3febd2aff3bf63c18ac |
|
| /// File Name: | ifoto-disclose.txt | Description:
| iFoto Photo Gallery versions 1.0 and below suffer from a remote file disclosure vulnerability. | | Author: | Pepelux | | Homepage: | http://www.enye-sec.org/ | | File Size: | 789 | | Last Modified: | Oct 6 20:29:52 2008 | | MD5 Checksum: | ebc6d785d4aa55f8ce0b8eeaa157b5c5 |
|
| /// File Name: | phpwebexplorer-lfi.txt | Description:
| PHPWebExplorer versions 0.09b and below suffer from a local file inclusion vulnerability. | | Author: | Pepelux | | Homepage: | http://www.enye-sec.org/ | | File Size: | 815 | | Last Modified: | Oct 6 20:28:36 2008 | | MD5 Checksum: | 94d1426e25f049cc9ded68dfcde253e3 |
|
| /// File Name: | interdynamic-sql.txt | Description:
| InterDynamic SA web sites suffer from a remote SQL injection vulnerability. | | Author: | underc, Dapirates | | Homepage: | http://www.darkc0de.com/ | | File Size: | 2030 | | Last Modified: | Oct 6 20:27:34 2008 | | MD5 Checksum: | 4bb6a6ca0c622dfbeb7c51e237960609 |
|
| /// File Name: | verisign-xss.txt | Description:
| The VeriSign Kontiki Delivery Management System (DMS) versions 5.0 and below suffer from a cross site scripting vulnerability. | | Author: | Mazin Faour | | Homepage: | http://www.irmplc.com/ | | File Size: | 1916 | | Last Modified: | Oct 6 20:25:23 2008 | | MD5 Checksum: | fdf83b16ce4c0daac617a79a916defb8 |
|
| /// File Name: | jmweb-lfi.txt | Description:
| JMweb MP3 suffers from multiple local file inclusion vulnerabilities. | | Author: | SirGod | | Homepage: | http://www.mortal-team.com/ | | File Size: | 986 | | Last Modified: | Oct 6 20:22:44 2008 | | MD5 Checksum: | 557b7075fe29e066530bf30867bd487f |
|
| /// File Name: | galerie-blindsql.txt | Description:
| Galerie version 3.2 WBB Lite add-on blind SQL injection exploit. | | Author: | J0hn.X3r | | File Size: | 4619 | | Last Modified: | Oct 6 20:21:47 2008 | | MD5 Checksum: | 6bb25649afeae3053f5f01dacb5e6a2b |
|
| /// File Name: | foss10-upload.txt | Description:
| FOSS Gallery Admin versions 1.0 and below remote arbitrary upload exploit. | | Author: | Pepelux | | Homepage: | http://www.enye-sec.org/ | | File Size: | 1928 | | Last Modified: | Oct 6 20:20:27 2008 | | MD5 Checksum: | 6ebe2e70a4c2c1ed6cec4d3b138f46df |
|
| /// File Name: | foss-upload.txt | Description:
| FOSS Gallery Public versions 1.0 and below arbitrary upload / information c99 exploit. | | Author: | JosS | | Homepage: | http://www.spanish-hackers.com/ | | File Size: | 2450 | | Last Modified: | Oct 6 20:18:50 2008 | | MD5 Checksum: | f7519898cd134f8e682f0472387fd85f |
|
| /// File Name: | ppim-lfi.txt | Description:
| pPIM version 1.01 suffers from a local file inclusion vulnerability in notes.php. | | Author: | JosS | | Homepage: | http://www.spanish-hackers.com/ | | File Size: | 1175 | | Last Modified: | Oct 6 20:17:44 2008 | | MD5 Checksum: | 2fa88e21871a87656df0cfca9ebc4ee9 |
|
| /// File Name: | kwalbum-upload.txt | Description:
| Kwalbum versions 2.0.2 and below suffer from an arbitrary file upload vulnerability. | | Author: | CWH Underground | | Homepage: | http://www.citecclub.org/ | | File Size: | 1632 | | Last Modified: | Oct 6 20:16:55 2008 | | MD5 Checksum: | f1ee2eff2f7c14874f79fb53b7ec552a |
|
| /// File Name: | ccms-lfi.txt | Description:
| CCMS version 3.1 suffers from multiple local file inclusion vulnerabilities. | | Author: | SirGod | | Homepage: | http://www.mortal-team.com/ | | File Size: | 2264 | | Last Modified: | Oct 6 20:15:59 2008 | | MD5 Checksum: | a4ee55f68d1cc3e1edfd1c6f1fe5ab20 |
|
| /// File Name: | vmware-emulation.txt | Description:
| By exploiting the VMware flaw described in this document, user-mode code executing in a virtual machine may gain kernel privileges within the virtual machine, dependent upon the guest operating system. The flaw has been proven exploitable on x64 versions of Windows, and it has produced potentially exploitable crashes on x64 versions of *BSD. The Linux kernel does not allow exploitation of the flaws on x64 versions of Linux. | | Author: | Derek Soeder | | File Size: | 20674 | | Related CVE(s): | CVE-2008-4279, CVE-2008-3890 | | Last Modified: | Oct 6 18:43:37 2008 | | MD5 Checksum: | 9d308b99f74f10aaccfde19943b9cbc4 |
|
| /// File Name: | VMSA-2008-0016.txt | Description:
| VMware Security Advisory - VMware addresses an in-guest privilege escalation on 64-bit guest operating systems in ESX, ESXi, and previously released versions of our hosted product line. Updated VMware VirtualCenter Update 3 addresses potential information disclosure and updates Java JRE packages. | | Homepage: | http://www.vmware.com/ | | File Size: | 16144 | | Related CVE(s): | CVE-2008-4279, CVE-2008-4278, CVE-2008-3103, CVE-2008-3104, CVE-2008-3105, CVE-2008-3106, CVE-2008-3107, CVE-2008-3108, CVE-2008-3109, CVE-2008-3110, CVE-2008-3111, CVE-2008-3112, CVE-2008-3113, CVE-2008-3114, CVE-2008-3115 | | Last Modified: | Oct 6 18:39:57 2008 | | MD5 Checksum: | 6d2cadbdc3aa8d8b14781c8f7a10e20e |
|
| /// File Name: | MDVSA-2008-210.txt | Description:
| Mandriva Linux Security Advisory - CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string. The updated packages have been patched to fix the issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 13068 | | Related CVE(s): | CVE-2008-3906 | | Last Modified: | Oct 6 18:36:47 2008 | | MD5 Checksum: | 68b4e4fdd62c729cba03aa357003d366 |
|
| /// File Name: | MDVSA-2008-209.txt | Description:
| Mandriva Linux Security Advisory - Stéphane Bertin discovered a flaw in the pam_krb5 existing_ticket configuration option where, if enabled and using an existing credential cache, it was possible for a local user to gain elevated privileges by using a different, local user's credential cache. The updated packages have been patched to prevent this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3263 | | Related CVE(s): | CVE-2008-3825 | | Last Modified: | Oct 6 18:36:25 2008 | | MD5 Checksum: | 6c8c02e04058c8e9e9b7b397c121754e |
|
| /// File Name: | faststone-dos.txt | Description:
| FastStone Image Viewer version 3.6 malformed BMP image denial of service exploit. | | Author: | suN8Hclf | | Homepage: | http://www.dark-coders.pl/ | | File Size: | 1264 | | Last Modified: | Oct 6 18:31:32 2008 | | MD5 Checksum: | adac5794f150c02f3b3dd8896007bd91 |
|
| /// File Name: | ayeview-dos.txt | Description:
| AyeView version 2.20 invalid bitmap header parsing denial of service exploit. | | Author: | suN8Hclf | | Homepage: | http://www.dark-coders.pl/ | | File Size: | 2690 | | Last Modified: | Oct 6 18:30:58 2008 | | MD5 Checksum: | 8e14eff221ce5dc0da7b21679822fea7 |
|
| /// File Name: | vista-access.txt | Description:
| Microsoft Windows Vista access violation from limited account denial of service blue screen of death exploit. | | Author: | Defsanguje | | File Size: | 2452 | | Last Modified: | Oct 6 18:30:00 2008 | | MD5 Checksum: | 68e64c685219c6145071f4a9faebb354 |
|
| /// File Name: | hammer-traversal.txt | Description:
| Hammer Software MetaGauge version 1.0.0.17 suffers from a directory traversal vulnerability. | | Author: | Brad Antoniewicz | | File Size: | 760 | | Related CVE(s): | CVE-2008-4421 | | Last Modified: | Oct 6 18:28:23 2008 | | MD5 Checksum: | e7eacd600ee59a1dce5ab3cccd014630 |
|
| /// File Name: | mirc634-overflow.txt | Description:
| MIRC version 6.34 remote buffer overflow exploit that spawns calc.exe. | | Author: | SkD | | File Size: | 2697 | | Last Modified: | Oct 6 18:27:02 2008 | | MD5 Checksum: | 4e0f112638c474ea9793b70bea109bed |
|
| /// File Name: | ShellCodeForBeginners.pdf | Description:
| ShellCode For Beginners - A short whitepaper discussing what defines shellcode and simple fundamentals surrounding its use. | | Author: | Beenu Arora | | Homepage: | http://www.beenuarora.com/ | | File Size: | 107268 | | Last Modified: | Oct 3 14:11:59 2008 | | MD5 Checksum: | 07361f6aebc463b21728882f5c3c50d4 |
|
| /// File Name: | secunia-trendtraverse.txt | Description:
| Secunia Research has discovered a vulnerability in Trend Micro OfficeScan, which can be exploited by malicious people to gain knowledge of sensitive information. The vulnerability is caused by an input validation error in TmListen.exe when a client is configured to be an update agent. This can be exploited to retrieve arbitrary files from the system via directory traversal attacks. Affected is Trend Micro OfficeScan 7.3 patch 4 build 1367. | | Homepage: | http://secunia.com/ | | File Size: | 4246 | | Related CVE(s): | CVE-2008-2439 | | Last Modified: | Oct 3 14:08:29 2008 | | MD5 Checksum: | cd3bd7717ea3e9d76584427b2039083a |
|
| /// File Name: | vba32-poc.tgz | Description:
| VBA32 Personal Antivirus version 3.12.8.x suffers from a malformed archive denial of service vulnerability. Proof of concept exploit enclosed. | | Author: | LiquidWorm | | Homepage: | http://www.zeroscience.org/ | | File Size: | 10684 | | Last Modified: | Oct 3 14:00:33 2008 | | MD5 Checksum: | d59ccdb754ec13657e227efe39bb89a1 |
|
| /// File Name: | Gdi.tgz | Description:
| This archive contains two EMR_COLORMATCHTOTARGETW related stack buffer overflow exploits. calc.zip executes calc.exe and IE.zip and localhost.zip connect back to port 230. | | Author: | Ac!dDrop | | File Size: | 1353 | | Last Modified: | Oct 3 13:58:11 2008 | | MD5 Checksum: | 05232665cf0225ea433977e7c5d0744e |
|
| /// File Name: | opennhrp-0.8.tar.bz2 | Description:
| OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible. | | Author: | Timo Teras | | Homepage: | http://sourceforge.net/projects/opennhrp/ | | Changes: | Fixed a memory leak, turned down verbosity on logging, some new admin commands, and more. | | File Size: | 86574 | | Last Modified: | Oct 3 12:35:14 2008 | | MD5 Checksum: | 5e671a243981b41f47838e7be02690de |
|
| /// File Name: | servu72-upload.txt | Description:
| Serv-U version 7.2.0.1 suffers from a remote FTP file replacement vulnerability. | | Author: | dmnt | | Related Exploit: | servu72-dos.txt | | File Size: | 369 | | Last Modified: | Oct 3 12:29:48 2008 | | MD5 Checksum: | 9d56ebbb5d60ff809c562ed83d970868 |
|
| /// File Name: | servu72-dos.txt | Description:
| Serv-U version 7.2.0.1 suffers from a remote denial of service vulnerability. | | Author: | dmnt | | File Size: | 278 | | Last Modified: | Oct 3 12:28:25 2008 | | MD5 Checksum: | 3a4a7dc94a88ddaf8bc332a3c8dbc1f2 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
