Section: .. / Last 20 Files /
| /// File Name: | joomla-traversal.txt | Description:
| Joomla versions 1.5.8 and below local directory traversal exploit. | | Author: | irk4z | | File Size: | 1977 | | Last Modified: | Jan 7 03:54:53 2009 | | MD5 Checksum: | e16d90f9e4705bee3f949a6d68642dd5 |
|
| /// File Name: | cainabel4925-overflow.txt | Description:
| Cain and Abel version 4.9.25 that outputs a file that must be imported as a configuration file under Cracker -> Cisco IOS-MD5 Hashes. Spawns calc.exe. | | Author: | send9 | | File Size: | 2286 | | Last Modified: | Jan 7 03:49:37 2009 | | MD5 Checksum: | 383b9f74c5e7aa6b75be200bbc5f5232 |
|
| /// File Name: | pollhelper-disclose.txt | Description:
| PollHelper suffers from a remote configuration file disclosure vulnerability. | | Author: | ahmadbady | | File Size: | 722 | | Last Modified: | Jan 7 03:48:04 2009 | | MD5 Checksum: | f798eda099d92c6ac35b3265525b87a6 |
|
| /// File Name: | bloghelper-disclose.txt | Description:
| BlogHelper suffers from a remote configuration file disclosure vulnerability. | | Author: | ahmadbady | | File Size: | 736 | | Last Modified: | Jan 7 03:45:46 2009 | | MD5 Checksum: | 763c6088d5e5177d9ff9318009738828 |
|
| /// File Name: | dsa-1694-2.txt | Description:
| Debian Security Advisory 1694-2 - The xterm update in DSA-1694-1 disabled font changing as a precaution. However, users reported that they need this feature. The update in this DSA makes font shifting through escape sequences configurable, using a new allowFontOps X resource, and unconditionally enables font changing through keyboard sequences. | | Homepage: | http://www.debian.org/security | | File Size: | 4950 | | Related CVE(s): | CVE-2008-2383 | | Last Modified: | Jan 6 20:59:43 2009 | | MD5 Checksum: | 63fc5c0e5f6a119a647f787b6a6b68e9 |
|
| /// File Name: | debianxterm-weakness.txt | Description:
| Debian GNU/Linux suffers from a XTERM DECRQSS weakness that allows for remote code execution as the user id viewing the content. | | Author: | Rembrandt | | File Size: | 710 | | Last Modified: | Jan 6 20:45:29 2009 | | MD5 Checksum: | 18b82dbdc3db815481360e1c0dc9cc30 |
|
| /// File Name: | USN-701-2.txt | Description:
| Ubuntu Security Notice USN-701-2 - Several flaws were discovered in the Thunderbird browser engine. Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. Chris Evans discovered that Thunderbird did not properly protect a user's data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. Several flaws were discovered in the Javascript engine. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 6686 | | Related CVE(s): | CVE-2008-5500, CVE-2008-5503, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5511, CVE-2008-5512 | | Last Modified: | Jan 6 20:54:59 2009 | | MD5 Checksum: | 8ee27bf646d62f2d7d36ea846501908d |
|
| /// File Name: | USN-701-1.txt | Description:
| Ubuntu Security Notice USN-701-1 - Several flaws were discovered in the Thunderbird browser engine. Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. Chris Evans discovered that Thunderbird did not properly protect a user's data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. Kojima Hajime discovered that Thunderbird did not properly handle an escaped null character. An attacker may be able to exploit this flaw to bypass script sanitization. Several flaws were discovered in the Javascript engine. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 14473 | | Related CVE(s): | CVE-2008-5500, CVE-2008-5503, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512 | | Last Modified: | Jan 6 20:51:28 2009 | | MD5 Checksum: | b633c149416e4d009e56252ffe61c45f |
|
| /// File Name: | ip-array_0.05.74c.tar.gz | Description:
| IP-Array is a Linux iptables Firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, Traffic Shaping (creation of custom HTB and SFQ qdiscs, Classes, and Filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP. | | Author: | AllKind | | Homepage: | http://sourceforge.net/projects/ip-array/ | | Changes: | Three important bug fixes and one minor bug fix. | | File Size: | 92933 | | Last Modified: | Jan 6 20:47:26 2009 | | MD5 Checksum: | ee4fc91d7d50983fa0a1a6c5a3d6e1bb |
|
| /// File Name: | mandos_1.0.3.orig.tar.gz | Description:
| The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system. | | Author: | Teddy | | Homepage: | http://www.fukt.bsnet.se/mandos | | Changes: | Now tries to change to user and group "_mandos" before falling back to trying the old values "mandos", "nobody:nogroup", and "65534". Does not abort on startup even if no clients are defined in clients.conf. Other improvements and changes. | | File Size: | 93549 | | Last Modified: | Jan 6 20:42:36 2009 | | MD5 Checksum: | 4f0d7b541e6908ca87944a612866cdec |
|
| /// File Name: | playsms093-rfilfi.txt | Description:
| playSMS version 0.9.3 suffers from multiple remote and local file inclusion vulnerabilities. | | Author: | ahmadbady | | File Size: | 1691 | | Last Modified: | Jan 6 20:39:46 2009 | | MD5 Checksum: | d4f70a8f8b1f3d127d45ee803c4a2f08 |
|
| /// File Name: | oracleworkspace-sql.txt | Description:
| Oracle 10g SYS.LT.REMOVEWORKSPACE SQL injection exploit that grants DBA access and creates a new user using the advanced extproc method. | | Author: | Sh2kerr | | Homepage: | http://www.dsec.ru/ | | Related File: | shatter-workspace.txt | | File Size: | 2741 | | Last Modified: | Jan 6 20:10:25 2009 | | MD5 Checksum: | c44444b2a06cfdea1e6d397b435521df |
|
| /// File Name: | seamonkey1114-dos.txt | Description:
| SeaMonkey versions 1.1.14 and below denial of service exploit that leverages a vulnerability found in September of 2008 for version 1.1.11. | | Author: | StAkeR | | Related Exploit: | seamonkey-dos.txt | | File Size: | 986 | | Last Modified: | Jan 6 20:03:50 2009 | | MD5 Checksum: | f10574d061f23f00fb0f136468fd549c |
|
| /// File Name: | itcms-sql.txt | Description:
| IT!CMS suffers from a remote SQL injection vulnerability that allows for authentication bypass. | | Author: | certaindeath | | File Size: | 824 | | Last Modified: | Jan 6 20:01:57 2009 | | MD5 Checksum: | b17e9705f8f9d405a7ad46aafc311456 |
|
| /// File Name: | ezpack-sqlxss.txt | Description:
| ezPack version 4.2b2 suffers from cross site scripting and SQL injection vulnerabilities. | | Author: | !-BUGJACK-! | | Homepage: | http://www.it-dark.com/ | | File Size: | 1265 | | Last Modified: | Jan 6 20:00:34 2009 | | MD5 Checksum: | c48b8add89a1d951beb8d6f8e31074d4 |
|
| /// File Name: | vuplayer-dos.txt | Description:
| VUPlayer version 2.49 local denial of service proof of concept exploit that creates a malicious file. | | Author: | AlpHaNiX | | File Size: | 734 | | Last Modified: | Jan 6 19:56:52 2009 | | MD5 Checksum: | e5b35ddc35541c682132bd87cadf7055 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
