.:[ packet storm ]:.
                             
beyond paranoid
beyond paranoid

 Section:  .. / 0605-advisories  /

Page 2 of 30
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 >> Files 25 - 50 of 732
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: ChatPatv1.0.txt
Description:
 ChatPat v1.0 is vulnerable to SQL injection and XSS.
Author:luny
File Size:711
Last Modified:May 26 19:09:51 2006
MD5 Checksum:f7dfee2e4757134341edbe95cb637135

 ///  File Name: chipmunkBlogger.txt
Description:
 ChipmunkBlogger suffers from a lack of input sanitizing.
Author:Nomenumbra
File Size:540
Last Modified:May 6 18:03:22 2006
MD5 Checksum:e4ba1ba131b06536efa0a4ee1c4cd68f

 ///  File Name: chipmunkBoard.txt
Description:
 ChipmunkBoard suffers from SQL injection flaws.
Author:Nomenumbra
File Size:670
Last Modified:May 6 18:14:05 2006
MD5 Checksum:ae6c3d383fb2e41489fee263c51fb6a0

 ///  File Name: cirt-43-advisory.pdf
Description:
 A vulnerability has been found in an ActiveX object distributed as part of TDC' Microsoft CSP suite. The vulnerability allows code execution on any client machine that has the component installed if the user navigates to an attacker-created website.
Author:Dennis Rand
Homepage:http://www.cirt.dk
File Size:270168
Related CVE(s):CVE-2006-1172
Last Modified:May 6 17:53:54 2006
MD5 Checksum:95e200f8b61a5782e57d22b2dc53c55b

 ///  File Name: cisco-sa-20060501-cue.txt
Description:
 Cisco Security Advisory - Cisco Unity Express (CUE) contains a vulnerability that might allow an authenticated user to change the password for another user by using the HTTP management interface, if the password for the user being modified is marked as expired. This can result in a privilege escalation attack and complete administrative control of a CUE module, if the password being changed belongs to an administrator.
Homepage:http://www.cisco.com
File Size:11705
Last Modified:May 5 05:59:59 2006
MD5 Checksum:e73d896546b64f7423f2806426a10956

 ///  File Name: cisco-sa-20060510-avs.txt
Description:
 Cisco Security Advisory - Cisco Application Velocity System's (AVS) default configuration allows transparent relay of TCP connections to any reachable destination TCP port if the receiving TCP service can process requests embedded in a HTTP POST method message. This issue does not require a software upgrade and can be mitigated by a configuration command for all affected customers. Vulnerable versions include AVS 3110 4.0, 5.0, and prior versions. Also affected is AVS 3120 5.0.0 and prior versions.
Homepage:http://www.cisco.com/
File Size:11816
Last Modified:May 21 14:36:32 2006
MD5 Checksum:19868f62a354d3fa8c4d4f1f2be6e94b

 ///  File Name: cisco-sa-20060524-vpnclient.txt
Description:
 Cisco Security Advisory: Windows VPN Client Local Privilege Escalation Vulnerability - The Cisco VPN Client for Windows is affected by a local privilege escalation vulnerability that allows non-privileged users to gain administrative privileges. A user needs to authenticate and start an interactive Windows session to be able to exploit this vulnerability.
Homepage:http://www.cisco.com
File Size:11794
Last Modified:May 29 01:05:19 2006
MD5 Checksum:52f7c86d63fe442d9495ed7773c5aa03

 ///  File Name: cisco-websense-bypass.txt
Description:
 For each HTTP request the Cisco PIX or other Cisco device forwards individual packets to Websense to determine whether or not the request should be permitted. However, when splitting the HTTP request into two or more packets on the HTTP method it is possible to circumvent the filtering mechanism. Affected versions are Websense 5.5.2, Cisco PIX OS / ASA versions below 7.0.4.12, Cisco PIX OS versions below 6.3.6(112), FWSM 2.3.x, and FWSM 3.x.
Author:George D. Gal
File Size:9731
Related CVE(s):CVE-2006-0515
Last Modified:May 17 02:54:00 2006
MD5 Checksum:e4117b7343ffc213b150f115207bd0a9

 ///  File Name: CodeScanLabs_AvatarMod.txt
Description:
 The Avatar MOD gives portal administrators the ability to upload avatar images to be used within the forum. CodeScan located a file upload vulnerability in the avatar_upload.asp which can be exploited by a remote user to upload any arbitrary file. Affected is Avatar MOD versions 1.3 for Snitz Forums version 3.4.
Author:Paul Craig
File Size:3309
Last Modified:May 22 01:56:53 2006
MD5 Checksum:5daf0932a8ea7d902524b62c1129c010

 ///  File Name: coolphpmagazine.txt
Description:
 Multiple XSS vulnerabilities have been discovered in coolphp magazine.
Author:Black-cod3
File Size:1234
Last Modified:May 29 19:46:25 2006
MD5 Checksum:92f78dac5fe58b7b8e2779a6ecef3a65

 ///  File Name: curlphp-4.4.2-5.1.4.txt
Description:
 It is possible to bypass safe mode in PHP 4.4.2 and 5.1.4 by using the cURL library.
Author:cxib
Homepage:http://securityreason.com
File Size:3638
Last Modified:May 29 03:54:04 2006
MD5 Checksum:76489a9d1067503afe0e9437851568f9

 ///  File Name: CYBSEC-SAPBC.txt
Description:
 CYBSEC Security Advisory - SAP BC was found to provide a vector to allow Phishing scams against the SAP BC administrator. Affected versions are SAP BC Core Fix 7 and below.
Author:Leandro Meiners
Homepage:http://www.cybsec.com/
File Size:2896
Last Modified:May 21 23:55:25 2006
MD5 Checksum:3ad38ee6d7fe484683aa27a05eb7a06c

 ///  File Name: CYBSEC-SAPlocal.txt
Description:
 CYBSEC Security Advisory - The SAP sapdba command for Informix versions prior to 700 and version 700 up to patch number 100 is susceptible to a local privilege escalation flaw.
Author:Leandro Meiners
Homepage:http://www.cybsec.com/
File Size:3545
Last Modified:May 22 02:05:02 2006
MD5 Checksum:d82e4532e460380708788cfc4db73ab1

 ///  File Name: destiney.txt
Description:
 Destiney Rated Images Script version 0.5.0 suffers from a cross site scripting vulnerability.
Author:luny
File Size:1591
Last Modified:May 23 04:18:00 2006
MD5 Checksum:96b005a03bc99b982f45aa948d60edbd

 ///  File Name: destiney212.txt
Description:
 Destiney Links Script versions 2.1.2 is susceptible to cross site scripting and full path disclosure vulnerabilities.
Author:luny
File Size:1188
Last Modified:May 23 04:20:38 2006
MD5 Checksum:a039d66f382d4fae34e735b825c65096

 ///  File Name: DGbook-1.0.txt
Description:
 DGbook v1.0 suffers from XSS.
Author:luny
File Size:799
Last Modified:May 26 18:12:24 2006
MD5 Checksum:61bebf0ae5a86fa614e789f5aaff6177

 ///  File Name: dieselPHP.txt
Description:
 When an unsuspecting user installs Diesel PHP Job Site on their webserver, all information is emailed back to the original programmers of this software. This information is sent from install.php, which includes the database host, database name, username, and password used to connect.
Author:Matt Gibson
File Size:1916
Last Modified:May 22 02:01:53 2006
MD5 Checksum:e3087052587504a1dc573c95093ea21f

 ///  File Name: DMA-2006-0514a.txt
Description:
 ClamAV freshclam suffers from an incorrect privilege dropping vulnerability.
Author:Kevin Finisterre
Homepage:http://www.digitalmunition.com/
File Size:6641
Last Modified:May 21 23:41:59 2006
MD5 Checksum:04cfa190d4ba3ec49511d88cd9e3f793

 ///  File Name: DoceboLMS2.05.txt
Description:
 Docebo LMS 2.05 suffers from a remote file inclusion vulnerability.
Author:beford
File Size:471
Last Modified:May 29 03:27:38 2006
MD5 Checksum:3e9fb7293168e2c691805d5de44eab40

 ///  File Name: dovecotIssue.txt
Description:
 Dovecot 1.0 beta is susceptible to an information disclosure flaw.
Author:Timo Sirainen
File Size:1291
Last Modified:May 21 18:16:58 2006
MD5 Checksum:9fd3fcfccd3eca5d2326c2d8bd2b341f

 ///  File Name: dreamweaverSQL.txt
Description:
 There are multiple SQL Injection vulnerabilities in the code generated by Adobe's Macromedia Dreamweaver prior to version 8.0.2. This vulnerability affects the ColdFusion, PHP mySQL, ASP, ASP.NET and JSP server models. If the database server is configured to allow local system commands to be executed via database calls, this vulnerability may also allow local code execution.
Author:Brian Gallagher
File Size:3659
Related CVE(s):CVE-2006-2042
Last Modified:May 21 14:32:33 2006
MD5 Checksum:da20127ffd2927fbe693829cb4d87f00

 ///  File Name: dsa-1047-1.txt
Description:
 Debian Security Advisory 1047-1 - A problem has been discovered in resmgr, a resource manager library daemon and PAM module, that allows local users to bypass access control rules and open any USB device when access to one device was granted.
Author:Martin Schulze
Homepage:http://www.debian.org/security
File Size:8887
Last Modified:May 1 04:27:08 2006
MD5 Checksum:c8fff16a132d0ee27e72beb72d211a64

 ///  File Name: dsa-1048-1.txt
Description:
 Debian Security Advisory 1048-1 - Several problems have been discovered in Asterisk, an Open Source Private Branch Exchange (telephone control center). Adam Pointon discovered that due to missing input sanitizing it is possible to retrieve recorded phone messages for a different extension. Emmanouel Kellinis discovered an integer signedness error that could trigger a buffer overflow and hence allow the execution of arbitrary code.
Author:Martin Schulze
Homepage:http://www.debian.org/security
File Size:13287
Related CVE(s):CVE-2005-3559, CVE-2006-1827
Last Modified:May 1 04:35:16 2006
MD5 Checksum:76727097288d6e1012caa084e65f4920

 ///  File Name: dsa-1049-1.txt
Description:
 Debian Security Advisory 1049-1 - Gerald Combs reported several vulnerabilities in ethereal, a popular network traffic analyser.
Author:Martin Schulze
Homepage:http://www.debian.org/security
File Size:20098
Related CVE(s):CVE-2006-1932, CVE-2006-1933, CVE-2006-1934, CVE-2006-1935, CVE-2006-1936, CVE-2006-1937, CVE-2006-1938, CVE-2006-1939, CVE-2006-1940
Last Modified:May 5 06:22:18 2006
MD5 Checksum:9a7b8e98d55b8e30f851f36bff20b49e

 ///  File Name: dsa-1050-1.txt
Description:
 Debian Security Advisory 1050-1 - Ulf Harnhammar and an anonymous researcher from Germany discovered a vulnerability in the protocol code of freshclam, a command line utility responsible for downloading and installing virus signature updates for ClamAV, the antivirus scanner for Unix. This could lead to a denial of service or potentially the execution of arbitrary code.
Author:Martin Schulze
Homepage:http://www.debian.org/security
File Size:15443
Related CVE(s):CVE-2006-1989
Last Modified:May 6 16:41:44 2006
MD5 Checksum:1cb33ea7e8677948aa99d8148ab45a95
 

 ///  Last 10 Files
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citectodbc-fivews.txt
  5. :· citect_scada_odbc.rb.txt
  6. :· flockweb-dos.txt
  7. :· google-chrome-dos4.txt
  8. :· google-download2.txt
  9. :· PLSA-2008-41.txt
  10. :· PLSA-2008-40.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· PLSA-2008-41.txt
  2. :· PLSA-2008-40.txt
  3. :· PLSA-2008-39.txt
  4. :· PLSA-2008-38.txt
  5. :· PLSA-2008-37.txt
  6. :· MDVSA-2008-188.txt
  7. :· glsa-200809-05.txt
  8. :· PLSA-2008-36.txt
  9. :· microworld-insecure.txt
  10. :· SSRT080119.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citect_scada_odbc.rb.txt
  5. :· flockweb-dos.txt
  6. :· google-chrome-dos4.txt
  7. :· google-download2.txt
  8. :· webcmsportal-blindsql.txt
  9. :· esfaq-sql.txt
  10. :· vastal-itechcosmetics.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· clamav-0.94.tar.gz
  2. :· distack-1.1.0-dev.tar.gz
  3. :· samhain-2.4.6.tar.gz
  4. :· sqlmap-0.6.tar.gz
  5. :· psbot.py.txt
  6. :· mimedefang-2.65.tar.gz
  7. :· advchk-2.11.tar.bz2
  8. :· kisgearth-0.01f.tar.bz2
  9. :· lynis-1.2.0.tar.gz
  10. :· fwknop-1.9.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· citectodbc-fivews.txt
  2. :· freebsd-revcon.txt
  3. :· insecurityoverview-samsung.pdf
  4. :· xcon2008-cfp.txt
  5. :· aslr-bypass.txt
  6. :· alphanumeric-shellcode.txt
  7. :· imagebase-shellcode.txt
  8. :· mysql-injection-newbies.txt
  9. :· draft-gont-opsec-ip-security-01.txt
  10. :· draft-ietf-tsvwg-port-randomization-02.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice