Section: .. / Last 50 Files /
| /// File Name: | phpemlak-sql.txt | Description:
| Full PHP Emlak Script suffers from a remote SQL injection vulnerability in landsee.php. | | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1728 | | Last Modified: | Aug 29 12:08:02 2008 | | MD5 Checksum: | 0d78a18e819716d1f441a5ad3024be3e |
|
| /// File Name: | scip-dreambox.txt | Description:
| An input validation error within the web interface of Dreambox model DM500C allows for a denial of service condition. | | Author: | Marc Ruef | | Homepage: | http://www.scip.ch/ | | File Size: | 4512 | | Last Modified: | Aug 29 12:06:16 2008 | | MD5 Checksum: | 249afecfcb2122f8d5df9de75eb67421 |
|
| /// File Name: | logmein-activex.txt | Description:
| LogMeIn remote access utility Active-X memory consumption denial of service exploit. | | Author: | Yag Kohha | | File Size: | 940 | | Last Modified: | Aug 29 11:54:48 2008 | | MD5 Checksum: | e12c30e8f96bf5c07afba2181139dc26 |
|
| /// File Name: | ipb235-multi.txt | Description:
| Invision Power Board versions 2.3.5 and below remote exploit that brute forces, attempts IDS evasion, and more. | | Author: | DarkFig | | File Size: | 41160 | | Last Modified: | Aug 29 11:51:33 2008 | | MD5 Checksum: | a4f25aaae79e8aa14fd8d1ea7af1c1d9 |
|
| /// File Name: | hoagie_snoop.c | Description:
| Sun Solaris 8/9/10 and OpenSolaris versions below snv_96 snoop utility remote exploit. | | Author: | Andi | | Homepage: | http://www.void.at/ | | File Size: | 7935 | | Last Modified: | Aug 29 11:47:06 2008 | | MD5 Checksum: | 808193e9a074d86648b31609b4886635 |
|
| /// File Name: | ZDI-08-054.txt | Description:
| A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of messaging applications that make use of the libpurple library. User interaction is not required to exploit this vulnerability. The specific flaw exists in the implementation of the MSN protocol, specifically the handling of SLP messages. The function msn_slplink_process_msg() fails to properly validate an offset value specified in the SLP packet. By providing a specific value, an attacker can overflow a heap buffer resulting in arbitrary code execution. | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3008 | | Related CVE(s): | CVE-2008-2927 | | Last Modified: | Aug 29 01:49:37 2008 | | MD5 Checksum: | d76ab9bcd5ffc3e70e7f81027f487560 |
|
| /// File Name: | MDVSA-2008-181.txt | Description:
| Mandriva Linux Security Advisory - Two denial of service vulnerabilities were discovered in the ipsec-tools racoon daemon, which could allow a remote attacker to cause it to consume all available memory. The updated packages have been patched to prevent these issues. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5730 | | Related CVE(s): | CVE-2008-3651, CVE-2008-3652 | | Last Modified: | Aug 29 01:48:08 2008 | | MD5 Checksum: | 2d7f6108eed9a9dc420bf8b8ca56cdb7 |
|
| /// File Name: | kisgearth-0.01f.tar.bz2 | Description:
| Kisgearth is a small perl script that gives you the ability to convert your Kismet xml logfiles to GoogleEarth kml files. You can apply a lot of filters and use sorting/ordering functions in order to get the best results. | | Author: | Richard Sammet | | Homepage: | http://e-axe.mytty.org/kisgearth/ | | File Size: | 20758 | | Last Modified: | Aug 29 01:47:50 2008 | | MD5 Checksum: | b90a6b1724452a768c81af392dcff196 |
|
| /// File Name: | firefox301-exec.txt | Description:
| Firefox version 3.0.1 (final release) suffers from an unspecified remote code execution vulnerability. | | Author: | Beenu Arora | | Homepage: | http://www.beenuarora.com/ | | File Size: | 3979 | | Last Modified: | Aug 29 01:46:34 2008 | | MD5 Checksum: | e5305be99ab1f77ca6497f785fd1274e |
|
| /// File Name: | OpenSSH-4.4p1-backdoored.tar.gz | Description:
| OpenSSH version 4.4p1 backdoor that logs all incoming and outgoing logins and password via the client and the daemon, adds a magic password for sshd, store passwords to an encrypted logfile, and disables logging if the magic password is used. Based on the Aion 3.8p1 patch. | | Author: | Balla | | File Size: | 1016102 | | Last Modified: | Aug 29 01:44:21 2008 | | MD5 Checksum: | 192f15fe0fcea062231c3f66884c8f81 |
|
| /// File Name: | dotproject-sqlxss.txt | Description:
| dotProject version 2.1.2 suffers from cross site scripting and SQL injection vulnerabilities. | | Author: | C1c4Tr1Z | | Homepage: | http://www.lowsec.org/ | | File Size: | 2152 | | Last Modified: | Aug 29 01:40:44 2008 | | MD5 Checksum: | 1b9c35808b2257054fb9d7ccb5a78d0c |
|
| /// File Name: | lynis-1.2.0.tar.gz | Description:
| Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems. | | Author: | Michael Boelen | | Homepage: | http://www.rootkit.nl/projects/lynis.html | | Changes: | Multiple new tests added, various support added, and various changes. | | File Size: | 71510 | | Last Modified: | Aug 29 01:16:03 2008 | | MD5 Checksum: | 7b66c5c9f4febd9441c0cc63ded8c345 |
|
| /// File Name: | SSRT080118.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Apache. These vulnerabilities could be exploited remotely resulting in Cross Site Scripting (XSS) or Denial of Service (DoS). | | Homepage: | http://www.hp.com/ | | File Size: | 8622 | | Related CVE(s): | CVE-2007-4465, CVE-2008-2168, CVE-2008-2364 | | Last Modified: | Aug 29 01:14:23 2008 | | MD5 Checksum: | 50243815f59ecafcedf99163c1ad9ff7 |
|
| /// File Name: | strongswan-4.2.6.tar.gz | Description:
| strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships. | | Author: | Andreas Steffen | | Homepage: | http://www.strongswan.org/ | | Changes: | A NetworkManager plugin allows GUI-based configuration of road-warrior clients in a simple way. A new EAP-GTC plugin implements draft-sheffer-ikev2-gtc-00.txt and allows username/password authentication against any PAM service on the gateway. Various other fixes and additions. | | File Size: | 3862049 | | Last Modified: | Aug 29 01:09:59 2008 | | MD5 Checksum: | 918fa35839013b14bd4b972853aeedb4 |
|
| /// File Name: | friendly-exec.txt | Description:
| Friendly Technologies Active-X related remote command execution exploit that leverages fwRemoteCfg.dll. | | Author: | spdr | | File Size: | 533 | | Last Modified: | Aug 29 01:07:36 2008 | | MD5 Checksum: | 4ca334d8cb11512389b2598b255c2e16 |
|
| /// File Name: | friendly-fwremotecfg.txt | Description:
| Friendly Technologies Active-X remote buffer overflow exploit that leverages fwRemoteCfg.dll. | | Author: | spdr | | File Size: | 3503 | | Last Modified: | Aug 29 01:02:00 2008 | | MD5 Checksum: | 89e10b34b9b9cc0ea532944e20fc1f6f |
|
| /// File Name: | acoustica-overflow.txt | Description:
| Acoustica Mixcraft versions 4.2 Build 98 and below mx4 file local buffer overflow exploit. | | Author: | Koshi | | File Size: | 19185 | | Last Modified: | Aug 29 00:51:25 2008 | | MD5 Checksum: | 88d4635a1cb1ff5e03e8fe080c837dd4 |
|
| /// File Name: | USN-638-1.txt | Description:
| Ubuntu Security Notice 638-1 - Aaron Grattafiori discovered that the Gnome Help Viewer did not handle format strings correctly when displaying certain error messages. If a user were tricked into opening a specially crafted URI, a remote attacker could execute arbitrary code with user privileges. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 3742 | | Related CVE(s): | CVE-2008-3533 | | Last Modified: | Aug 27 18:03:15 2008 | | MD5 Checksum: | c3002bba563957c93b2edfad569c7c01 |
|
| /// File Name: | kyocera-traversal.txt | Description:
| Kyocera Command Center suffers from a directory traversal vulnerability. | | Author: | Francesco Tornieri | | File Size: | 1751 | | Last Modified: | Aug 27 18:02:09 2008 | | MD5 Checksum: | b1469751eb65919a9b8435ad1055dc09 |
|
| /// File Name: | searchengine-sql.txt | Description:
| Search Engine suffers from a remote SQL injection vulnerability in viewcat.php. | | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1415 | | Last Modified: | Aug 27 18:00:32 2008 | | MD5 Checksum: | 63fc260d89bd02c73d5d2647cb1356d3 |
|
| /// File Name: | igshopdisp-sql.txt | Description:
| iG Shop suffers from a remote SQL injection vulnerability in display_review.php. | | Author: | Hussin X | | Homepage: | http://www.tryag.cc/ | | File Size: | 1332 | | Last Modified: | Aug 27 17:59:19 2008 | | MD5 Checksum: | e73b22fbec473ddd5750c3cbf0d66b60 |
|
| /// File Name: | SSRT080106.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified in the HP Enterprise Discovery. The vulnerability could be exploited remotely by an authorized user to gain extended privileges. | | Homepage: | http://www.hp.com/ | | File Size: | 6719 | | Related CVE(s): | CVE-2008-3538 | | Last Modified: | Aug 27 17:57:18 2008 | | MD5 Checksum: | a84ae83f38e250d72f3b90696e44be96 |
|
| /// File Name: | advchk-2.10.tar.gz | Description:
| Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery. | | Author: | Stephan Schmieder | | Homepage: | http://advchk.unixgu.ru/ | | File Size: | 11771 | | Last Modified: | Aug 27 17:56:18 2008 | | MD5 Checksum: | 03bd5578fd6b1795710a9c67225040c3 |
|
| /// File Name: | yourownbux-sql.txt | Description:
| YourOwnBux versions 3.1 and 3.2 Beta suffer from a remote SQL injection vulnerability. | | Author: | ~!Dok_tOR!~ | | Homepage: | http://www.antichat.ru/ | | File Size: | 627 | | Last Modified: | Aug 27 17:55:08 2008 | | MD5 Checksum: | 7e146c229cd2cc0ccbe6f6b868c695f2 |
|
| /// File Name: | PLSA-2008-31.txt | Description:
| Pardus Linux Security Advisory - A vulnerability has been reported in LibTIFF, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a user's system. | | Author: | Pardus Linux | | File Size: | 1689 | | Related CVE(s): | CVE-2008-2327 | | Last Modified: | Aug 27 11:26:44 2008 | | MD5 Checksum: | 89fde6963eee81805e587266f74bbffa |
|
| /// File Name: | phpmyrealty109-sql.txt | Description:
| phpMyRealty versions 1.0.9 and below suffer from a remote SQL injection vulnerability in pages.php. | | Author: | ~!Dok_tOR!~ | | Homepage: | http://www.antichat.ru/ | | File Size: | 810 | | Last Modified: | Aug 27 11:25:26 2008 | | MD5 Checksum: | c5c0581e59881b0c55bafb406bc61e32 |
|
| /// File Name: | MDVSA-2008-180-1.txt | Description:
| Mandriva Linux Security Advisory - Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding. The original fix used to correct this issue caused some applications that used the libxml2 library to crash. These new updated packages use a different fix that does not cause certain linked applications to crash as the old packages did. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7129 | | Related CVE(s): | CVE-2008-3281 | | Last Modified: | Aug 26 22:43:46 2008 | | MD5 Checksum: | cee89e63538737ae53aedf3ab3fd7410 |
|
| /// File Name: | EMORY-2008-01.txt | Description:
| Telartis's AWStats Totals versions 1.0 through 1.14 suffer from a remote code execution vulnerability. | | Author: | Elliot Kendall | | Homepage: | http://www.emory.edu/ | | File Size: | 3423 | | Last Modified: | Aug 26 22:35:14 2008 | | MD5 Checksum: | 46742f7d6234df7fa0b6c185fb2e534a |
|
| /// File Name: | mybb1211-sql.txt | Description:
| MyBulletinBoard (MyBB) versions 1.2.11 and below SQL injection exploit that leverages private.php. | | Author: | c411k | | Homepage: | https://forum.antichat.ru/ | | File Size: | 5794 | | Last Modified: | Aug 26 22:32:58 2008 | | MD5 Checksum: | 2b8c0145ecb2c5255a32519df1daeffe |
|
| /// File Name: | ifdate-sql.txt | Description:
| iFdate versions 2.0.3 and below suffer from a SQL injection vulnerability. | | Author: | ~!Dok_tOR!~ | | Homepage: | http://www.antichat.ru/ | | File Size: | 922 | | Last Modified: | Aug 26 22:31:09 2008 | | MD5 Checksum: | ea21be161b9c61655d9d93c6bb733611 |
|
| /// File Name: | dsa-1631-2.txt | Description:
| Debian Security Advisory 1631-2 - The previous security update of the libxml2 package introduced some problems with other packages, most notably with librsvg. This update corrects these problems whilst still fixing the reported security problem. | | Homepage: | http://www.debian.org/security | | File Size: | 13127 | | Related CVE(s): | CVE-2008-3281 | | Last Modified: | Aug 26 22:15:04 2008 | | MD5 Checksum: | f024501160502cc01f3a8a6951c7c361 |
|
| /// File Name: | dsa-1632-1.txt | Description:
| Debian Security Advisory 1632-1 - Drew Yao discovered that libTIFF, a library for handling the Tagged Image File Format, is vulnerable to a programming error allowing malformed tiff files to lead to a crash or execution of arbitrary code. | | Homepage: | http://www.debian.org/security | | File Size: | 11108 | | Related CVE(s): | CVE-2008-2327 | | Last Modified: | Aug 26 22:14:44 2008 | | MD5 Checksum: | 0e6569a1ce6eb08995b0101c1d463469 |
|
| /// File Name: | cmme-lfixsscsrf.txt | Description:
| CMME version 1.12 suffers from local file inclusion, cross site scripting, cross site request forgery, and other vulnerabilities. | | Author: | SirGod | | Homepage: | http://www.mortal-team.com/ | | File Size: | 2813 | | Last Modified: | Aug 26 22:13:13 2008 | | MD5 Checksum: | a46f6ae035b9cb1477736efe43b4ed9a |
|
| /// File Name: | simpgal-sql.txt | Description:
| Simple Gallery ASP Script suffers from a remote SQL injection vulnerability. | | Author: | e.wiZz! | | File Size: | 1711 | | Last Modified: | Aug 26 22:11:21 2008 | | MD5 Checksum: | c402f3afaca614ffeb393f9b84477b59 |
|
| /// File Name: | zoneminder-multi.txt | Description:
| ZoneMinder versions 1.23.3 and below suffer from command injection, SQL injection, and cross site scripting vulnerabilities. | | Author: | Filip Palian | | File Size: | 1273 | | Last Modified: | Aug 26 22:10:06 2008 | | MD5 Checksum: | d8bb2d877419e579e9d76b0f207b8425 |
|
| /// File Name: | mvs-activex.txt | Description:
| Microsoft Visual Studio Active-X remote buffer overflow exploit that leverages Msmask32.ocx. | | Author: | Koshi | | File Size: | 2939 | | Last Modified: | Aug 26 22:07:32 2008 | | MD5 Checksum: | 181f169f345f46154d1d9000c16aed1e |
|
| /// File Name: | zbreaknews-sql.txt | Description:
| z-breaknews version 2.0 suffers from a remote SQL injection vulnerability in single.php. | | Author: | cOndemned | | Homepage: | http://condemned.r00t.la/ | | File Size: | 1171 | | Last Modified: | Aug 26 21:57:32 2008 | | MD5 Checksum: | a7eb6a2643b88223f58f0185eb07384d |
|
| /// File Name: | mininuke23-sql.txt | Description:
| MiniNuke version 2.3 Freehost suffers from multiple remote SQL injection vulnerabilities. | | Author: | byccc | | File Size: | 937 | | Last Modified: | Aug 26 21:55:15 2008 | | MD5 Checksum: | 8e01430892a688f963f403b76a239c9a |
|
| /// File Name: | USN-637-1.txt | Description:
| Ubuntu Security Notice 637-1 - It was discovered that there were multiple NULL-pointer function dereferences in the Linux kernel terminal handling code. A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. The do_change_type routine did not correctly validation administrative users. A local attacker could exploit this to block mount points or cause private mounts to be shared, leading to denial of service or a possible loss of privacy. Tobias Klein discovered that the OSS interface through ALSA did not correctly validate the device number. A local attacker could exploit this to access sensitive kernel memory, leading to a denial of service or a loss of privacy. Zoltan Sogor discovered that new directory entries could be added to already deleted directories. A local attacker could exploit this, filling up available memory and disk space, leading to a denial of service. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 191184 | | Related CVE(s): | CVE-2008-2812, CVE-2008-2931, CVE-2008-3272, CVE-2008-3275 | | Last Modified: | Aug 26 21:53:24 2008 | | MD5 Checksum: | 4ff77f698b3af8e2303260d5110f0d63 |
|
| /// File Name: | krate-sqlxss.txt | Description:
| K-Rate suffers from SQL injection and cross site scripting vulnerabilities. | | Author: | Corwin | | File Size: | 3030 | | Last Modified: | Aug 26 21:50:48 2008 | | MD5 Checksum: | d26ac1ccd455e8908f757fa505552e5d |
|
| /// File Name: | sphpblog-exec.txt | Description:
| Simple PHP Blog (SPHPBlog) versions 0.5.1 and below code execution exploit. | | Author: | mAXzA | | File Size: | 3102 | | Last Modified: | Aug 26 21:49:07 2008 | | MD5 Checksum: | f98e850f53affbab3ddff8216779f279 |
|
| /// File Name: | kolifadownload-sql.txt | Description:
| Kolifa.Net Download Script version 1.2 suffers from a remote SQL injection vulnerability. | | Author: | Kacak | | File Size: | 1758 | | Last Modified: | Aug 26 21:47:53 2008 | | MD5 Checksum: | ef095920edf3cf084b22795e4d5e48f6 |
|
|
|
|
|