Section: .. / 0607-advisories /
| /// File Name: |
juniperXSS.txt |
Description:
|
The Juniper Networks DX System log is vulnerable to a persistent, unauthenticated XSS attack. This vulnerability can be exploited by an attacker to obtain full administrative access to the Juniper DX appliance. Versions 5.1.x are affected.
| | Author: | Darren Bounds | | File Size: | 996 | | Last Modified: | Jul 12 05:00:08 2006 |
| MD5 Checksum: | 8719102000f12cb92578aedd5343ca10 |
|
| /// File Name: |
atutor153rc2.txt |
Description:
|
ATutor version 1.5.3RC2 is susceptible to cross site scripting flaws.
| | Homepage: | http://securitynews.ir/ | | File Size: | 984 | | Last Modified: | Jul 9 08:33:47 2006 |
| MD5 Checksum: | 361bf70f20ee01165137486aba58517e |
|
| /// File Name: |
demostore.txt |
Description:
|
The Demo Store version of AFCommerce Shopping Cart is susceptible to SQL injection and cross site scripting flaws.
| | Author: | sledge | | File Size: | 965 | | Last Modified: | Jul 23 23:22:24 2006 |
| MD5 Checksum: | 1fe6e813ec026dc5136b1b2f6349c89c |
|
| /// File Name: |
phpmyadmin281.txt |
Description:
|
phpMyAdmin version 2.8.1 is susceptible to a cross site scripting vulnerability.
| | Homepage: | http://securitynews.ir/ | | File Size: | 942 | | Last Modified: | Jul 2 05:45:25 2006 |
| MD5 Checksum: | becaca21088a07413f3d000ca2913313 |
|
| /// File Name: |
google-xss.txt |
Description:
|
Google is vulnerable to a cross site scripting attack.
| | Author: | RSnake | | Homepage: | http://ha.ckers.org/ | | File Size: | 875 | | Last Modified: | Jul 9 07:13:14 2006 |
| MD5 Checksum: | 4ab9358f627fde8aa48df16ef1ea11d3 |
|
| /// File Name: |
phpfusionXSS-IE.txt |
Description:
|
Using a known flaw with execution in Internet Explorer, you can upload a malicious GIF file to PHP-Fusion to conduct cross site scripting attacks.
| | Author: | ZeberuS, Redworm | | File Size: | 822 | | Last Modified: | Jul 9 05:12:05 2006 |
| MD5 Checksum: | d6e1f3e0904bd86d87c141371900fda5 |
|
| /// File Name: |
Kil13r-SA-20060701-1.txt |
Description:
|
The Ahnlab search engine appears susceptible to cross site scripting attacks.
| | Author: | Kil13r | | Homepage: | http://www.kil13r.info/ | | File Size: | 797 | | Last Modified: | Jul 2 04:52:30 2006 |
| MD5 Checksum: | 0d7c2b49e4a8cecfe67edaa6be44b38d |
|
| /// File Name: |
weURL.txt |
Description:
|
When Windows Explorer (explorer.exe) parses a malformed .url file it is susceptible to a denial of service.
| | Author: | nanika | | Homepage: | http://hitcon.org/ | | File Size: | 774 | | Last Modified: | Jul 9 07:14:41 2006 |
| MD5 Checksum: | f8c03051711fd9d568d0430b9b24b3ca |
|
| /// File Name: |
TOPo22178.txt |
Description:
|
TOPo version 2.2.178 suffers from a password reset vulnerability.
| | Author: | Attila Gerendi | | File Size: | 723 | | Last Modified: | Jul 13 18:29:47 2006 |
| MD5 Checksum: | 8e81662d10b2fd981e02adee78449d5a |
|
| /// File Name: |
rPSA-2006-0133-1.txt |
Description:
|
rPath Security Advisory - Previous versions of the libpng package contain a weakness in processing images that is known to create a denial of service vulnerability and is expected also to allow unauthorized access. This weakness is triggered by malformed png images that may be provided to applications such as web browsers by an attacker.
| | Homepage: | http://www.rpath.com | | File Size: | 721 | | Related CVE(s): | CVE-2006-3334 | | Last Modified: | Jul 23 23:30:47 2006 |
| MD5 Checksum: | 1d0c68d75558c7cb23fa60aff9a2c2ba |
|
| /// File Name: |
Orbitmatrix-v1.0.txt |
Description:
|
Orbitmatrix PHP Script v1.0 suffers from XSS and SQL injection vulnerabilities.
| | Author: | luny | | File Size: | 657 | | Last Modified: | Jul 13 20:13:58 2006 |
| MD5 Checksum: | 603c46a83ec88edc8143d7d566b1a70a |
|
| /// File Name: |
powarc962-en.txt |
Description:
|
A vulnerability has been found in PowerArchiver version 9.62.03 that allows for arbitrary code execution.
| | Author: | Tan Chew Keong | | File Size: | 657 | | Last Modified: | Jul 26 04:58:19 2006 |
| MD5 Checksum: | e9bec764bc19dc25253454e1fdc762cc |
|
| /// File Name: |
dynazip5007-en.txt |
Description:
|
Some vulnerabilities have been found in DynaZip DZIP32.DLL/DZIPS32.DLL that allow for arbitrary code execution. DynaZip Max version 5.0.0.7 and DynaZip Max Secure version 6.0.0.4 are affected.
| | Author: | Tan Chew Keong | | File Size: | 648 | | Last Modified: | Jul 26 04:24:30 2006 |
| MD5 Checksum: | 2ccfa941a7d2618004881b66f4ec8454 |
|
| /// File Name: |
ScozNews-1.1.txt |
Description:
|
ScozNews Final-Php versions equal to and less than 1.1 suffer from a remote file inclusion vulnerability.
| | Homepage: | http://www.cyber-warrior.org | | File Size: | 628 | | Last Modified: | Jul 13 20:12:58 2006 |
| MD5 Checksum: | 823367a48e498341abf0cb49f1401c6e |
|
| /// File Name: |
mcafeedos.txt |
Description:
|
McAfee VirusScan Enterprise version 8.0.0 suffers from a denial of service condition.
| | Author: | johndoe1529 | | File Size: | 615 | | Last Modified: | Jul 9 08:27:46 2006 |
| MD5 Checksum: | 2f940c17c55298161e6dc10fa555e384 |
|
| /// File Name: |
outpostSYSTEM.txt |
Description:
|
Outpost Firewall Pro version 3.51.759.6511 and Lavasoft Personal Firewall version 1.0.543.5722 suffer from a privilege escalation vulnerability that leads to SYSTEM access.
| | File Size: | 544 | | Last Modified: | Jul 20 04:10:45 2006 |
| MD5 Checksum: | 8c556f845e2fdaf7f50f5944c567a75e |
|
| /// File Name: |
winlpd.txt |
Description:
|
A stack-based buffer overflow has been discovered in Winlpd version 1.26.
| | Author: | Pablo Isola | | File Size: | 512 | | Last Modified: | Jul 27 23:23:18 2006 |
| MD5 Checksum: | dd3e1670b3b744d9d3d2d284237d2c30 |
|
| /// File Name: |
opswary.txt |
Description:
|
The Opsware Network Automation System (NAS) version 6.0 installs a world readable init script with the mysql root password in it.
| | Author: | Michael Freeman | | File Size: | 472 | | Last Modified: | Jul 26 03:29:25 2006 |
| MD5 Checksum: | 1209f05f88305d762ccca424f0174e69 |
|
| /// File Name: |
phpPolls103.txt |
Description:
|
It appears that phpPolls version 1.0.3 allows for direct creation of a new poll without enforcing administrative privileges.
| | Author: | AlpEren, tugr | | Homepage: | http://www.ayyildiz.org/ | | File Size: | 454 | | Last Modified: | Jul 12 04:45:21 2006 |
| MD5 Checksum: | 9d4213aa0d0b65345bdbf53f65e48e27 |
|
| /// File Name: |
powerArchiver.txt |
Description:
|
An arbitrary code execution vulnerability exists in PowerArchiver version 9.62.03.
| | Author: | Tan Chew Keong | | Homepage: | http://vuln.sg/ | | File Size: | 453 | | Last Modified: | Jul 27 21:35:07 2006 |
| MD5 Checksum: | 267edc4b189851724a63a443b2b84195 |
|
| /// File Name: |
agephone1381-en.txt |
Description:
|
A vulnerability has been found in AGEphone versions 1.24 and 1.38.1 that allows for arbitrary code execution.
| | Author: | Tan Chew Keong | | File Size: | 445 | | Last Modified: | Jul 26 04:26:57 2006 |
| MD5 Checksum: | ca11e9865f277afe515c728a5dd621ff |
|
| /// File Name: |
turbozip6-en.txt |
Description:
|
A vulnerability has been found in TurboZIP 6.0 that allows for arbitrary code execution.
| | Author: | Tan Chew Keong | | File Size: | 443 | | Last Modified: | Jul 26 04:26:12 2006 |
| MD5 Checksum: | 82ccc3e162c09fe5b8957e8ce9c53f17 |
|
| /// File Name: |
excel-ohday.txt |
Description:
|
Excel 2000/XP/2003 suffers from a vulnerability in repair mode.
| | Author: | nanika | | Related Exploit: | Nanika.tgz | | File Size: | 361 | | Last Modified: | Jul 9 05:48:06 2006 |
| MD5 Checksum: | 95a0ab6001b835adecb1a360195bcc86 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
