what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 109 RSS Feed

Files Date: 2005-04-18

sctune.zip
Posted Apr 18, 2005

Sctune is a small utility to generate copy/pasteable shellcode for various versions of Windows NT, 2000, 2003 and XP. Function addresses are automatically generated based on the system on which you run sctune.

tags | shellcode
systems | windows
SHA-256 | 96ea4749a6a8020dc858be3ec33579271dc0accd628460f40de07d2d3f9dfce6
javamail_dir_travers.txt
Posted Apr 18, 2005
Authored by Rafael San Miguel Carrasco | Site dvc.es

JavaMail is vulnerable to a directory-traversal attack where files can be written to an arbitrary location within the filesystem, by specifying a Content-Disposition header which contains a relative path.

tags | advisory, arbitrary
SHA-256 | 0d8d9c543b406aa12fb6d97ffbe7d720e1c2adf4a994ee527ee49219e237ba7f
ie_dhtml_poc.txt
Posted Apr 18, 2005
Authored by SkyLined | Site edup.tudelft.nl

Proof-of-Concept exploit code for the MSIE DHTML object handling vulnerabilities (described in MS05-20).

tags | exploit, vulnerability
advisories | CVE-2005-0553
SHA-256 | c26eff210455c49cb3320cc55bf604d64f8ad0b37b6bea90265783cad726472f
Gentoo Linux Security Advisory 200504-9
Posted Apr 18, 2005
Authored by Gentoo | Site security.gentoo.org

Gentooo Linux Security Advisory GLSA 200504-09 - Axel FTP/HTTP download "accelerator" is vulnerable to a buffer-overflow in code contained in conn.c. Versions up to 1.0b are affected.

tags | advisory, web, overflow
systems | linux
SHA-256 | e3f733b6144971fec615a292f60e1dfd759fe0fe3ff210ea5a376814305abb30
centra_xss.txt
Posted Apr 18, 2005
Authored by clorox

Centra is a system designed to "webcast" MS Office documents. It is vulnerable to Cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 1ce38d6f6a3efaf44e1b13f23c7c28fecf51a925bea2d24b782b2bea8da69a13
04.12.05d.txt
Posted Apr 18, 2005
Site idefense.com

iDEFENSE Security Advisory 04.12.05 (d) - MSHTA vulnerabilities allow attacker-specified programs to be run by specifying a CLSID associated with the desired program.

tags | advisory, vulnerability
advisories | CVE-2005-0063
SHA-256 | 0183c6a07bad05a514025166c46b084f13076710dd0012c9d26bfb0369209dea
04.12.05c.txt
Posted Apr 18, 2005
Site idefense.com

iDEFENSE Security Advisory 04.12.05 (c) - DHTML support in Internet Explorer is vulnerable to a number of attacks which may lead to arbitrary code execution.

tags | advisory, arbitrary, code execution
advisories | CVE-2005-0553
SHA-256 | 349cb56fee747f2b20eee74590bc3f9f3010cd7f10c3092a7ade2a109b6d81dc
04.12.05b.txt
Posted Apr 18, 2005
Site idefense.com

iDEFENSE Security Advisory 04.12.05 (b) - CSRSS.EXE (the core executable for the Windows Client/Server Runtime Server Subsystem, the process which manages most graphical commands in Windows) is vulnerable to a local stack-based buffer overflow.

tags | advisory, overflow, local
systems | windows
advisories | CVE-2005-0551
SHA-256 | 1ed152806cb81fcfa39c72026fa271e195f5ccb4b3cf94eaa8a73449efe485a7
04.12.05a.txt
Posted Apr 18, 2005
Site idefense.com

MS Internet Explorer may allow execution of arbitrary code when it attempts to load a URL where the hostname is greater than 256 characters.

tags | advisory, arbitrary
advisories | CVE-2005-0554
SHA-256 | 61ae937b6493920670582cd64f7974b18854fa5494ba3e3e5b676a4229ad939a
gg_crack.c
Posted Apr 18, 2005
Authored by Aleksander Ambrozkiewicz

Utility to decrypt stored passwords for the "Gadu-Gadu" Polish-language chat program.

tags | encryption
SHA-256 | 9f2dfed7520e70d6af10fd7c6400092d3c95d885d27e8c23c210487c8196ea89
eGroupWare_infoleak.txt
Posted Apr 18, 2005
Authored by Gerald Quakenbush | Site mastermindsecuritygroup.com

eGroupWare contains a bug where mail attachments could be sent to the wrong recipient by mistake, due to eGroupWare caching attachments after a user decides to cancel a message.

tags | exploit
SHA-256 | 749dead5a3d9e61cb8aeed7fe8e36c08cea5e025ab202d7a3da558e4ee54b64c
101_WINS.cpp
Posted Apr 18, 2005
Authored by class101 | Site hat-squad.com

Remote heap buffer overflow exploit for the Microsoft Windows Internet Name Service. Tested against Win2k SP4 Advanced Server English. This exploit can bind a shell to port 101 or will reverse a cmd shell back to a listener.

tags | exploit, remote, overflow, shell
systems | windows
SHA-256 | 066ed83cc6f30f1fbe63953338c4c89426c0eae9a7ecfd5d398fd0ba8b78fe6e
Exploit Labs Security Advisory 2005.6
Posted Apr 18, 2005
Authored by Exploit Labs, Morning Wood | Site exploitlabs.com

XAMPP contains multiple vulnerabilities, including default usernames / passwords and Cross-site scripting issues. Example exploit URLs provided as part of advisory.

tags | exploit, vulnerability, xss
SHA-256 | 1c1cffe32942fde51d981767af0ae64e1987d397b5288232d1cce12aa159380c
IRM Security Advisory 11
Posted Apr 18, 2005
Authored by IRM Research, IRM Advisories | Site irmplc.com

IRM Security Advisory 011 - Sygate Security Agent (Sygate Secure Enterprise) Denial of Service - A flaw in the policy management component allows malicious users to configure the firewall to use a nonexistent policy, thereby causing a Denial of Service condition.

tags | advisory, denial of service
SHA-256 | 72d952c4b7b042946ac30effd501092f3529e35e766c45c48cb4373b4981cc38
PreDebug.pdf
Posted Apr 18, 2005
Authored by Brett Moore SA | Site security-assessment.com

Bugger the Debugger is a whitepaper written by Brett Moore / Security Assessment describing how malicious code can be forced to run when a binary is loaded into a debugger / disassembler for analysis.

tags | paper
SHA-256 | 7851a9b8ea114b418d8c7b7f3062dfb64509d5da16aa5223a072c4f2c5333223
XP_fake_loginscreen.zip
Posted Apr 18, 2005
Authored by ProgramOS32

Fake login screen emulating the normal Windows login screen. Logs username / password to a file. Requires the capability to install binaries on the affected system in the first place, and messages are apparently based on those in the Australian edition of Windows XP (so it would need to be modified if you plan on running this elsewhere without immediate detection).

systems | windows
SHA-256 | d0e6171f9bc96f7e44e1752c58db80c238324b71b62fb1c4a65d507f4df203af
Secunia Security Advisory 14971
Posted Apr 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Solaris, which potentially can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | solaris
SHA-256 | 88b730693431f4ca47a3ee4d543b9cbcd764499fcbb3fb93c39638e5075882ed
Secunia Security Advisory 14967
Posted Apr 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in Yager, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 1287bb39b948fc78b891ad33ec10921c259107645934c5d5a407c712e67d8dcd
Secunia Security Advisory 14959
Posted Apr 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ilja van Sprundel has reported a vulnerability in FreeBSD, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information.

tags | advisory, local
systems | freebsd
SHA-256 | 39e8f5051aff86bcf55f392022688aa213ee2d66f484dcd6d4fc00dc32d2a86d
Secunia Security Advisory 14969
Posted Apr 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Diabolic Crab has reported some vulnerabilities in OneWorldStore, which can be exploited by malicious people to conduct cross-site scripting, script insertion and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 5b371ad9a20303af0d17fcf981a69b68a9b8cbcb9af3c1c4f4dc1cb84124da81
Secunia Security Advisory 14972
Posted Apr 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Francisco Alisson has reported a vulnerability in All4WWW-

tags | advisory
SHA-256 | 5e1dd3761c395bd70f918560425010145df96594eb6034751ede4b9156dbb118
Secunia Security Advisory 14954
Posted Apr 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oliver Karow has reported a vulnerability in RSA Authentication Agent for Web for IIS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, xss
SHA-256 | cf79b70c8e48d19db8bf1140d7176e0e40dbbb57ed9052f443efaf21ba3ee33f
Secunia Security Advisory 14953
Posted Apr 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Monkey HTTP Daemon, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

tags | advisory, web, denial of service, vulnerability
SHA-256 | 992df6b4198f41aad659f70457f4892028decb42784e1d524f0234cd450c21f4
Secunia Security Advisory 14964
Posted Apr 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Shalom Carmel has reported a weakness in OS/400, which can be exploited by malicious people to identify valid user accounts.

tags | advisory
SHA-256 | bc5f955f1a9a2e0f5fd0769b4ac49f43cc111d7262dfe73873ac2546c860c9c2
Secunia Security Advisory 14958
Posted Apr 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefan Schmidt has reported a vulnerability in Postgrey, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 135903cfee00b90523eb59ede98ddae014f52c13825b6d164aa5d1dc66ee162f
Page 1 of 5
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close