Astalavista.net - ExploitsAstalavista.net - Advanced Security Memberportal - Exploitshttp://www.astalavista.netinfo@astalavista.netAstalavista.net Memberportal V2Sat, 16 Aug 2008 15:42:59 +0200enBugzilla 'importxml.pl' with '--attach_path' Option Lets Users Attach Local FilesImpact: Disclosure of system information, Disclosure of user information Fix Available: Yes Exploit Included: Yes ...Sat, 16 Aug 2008 15:42:59 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7932xine-lib Bugs in Processing Media Files Lets Remote Users Deny Service and Execute Arbitrary CodeImpact: Execution of arbitrary code via network, User access via network Fix Available: Yes Vendor Confirmed: Yes ...Sat, 16 Aug 2008 15:41:09 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7931VitalQIP Query Port Entropy Weakness Lets Remote Users Spoof the SystemImpact: Modification of system information Exploit Included: Yes Vendor Confirmed: Yes Description: A vulnerab...Sat, 16 Aug 2008 15:40:42 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7930Postfix Symlink Dereference Bug Lets Local Users Gain Elevated PrivilegesImpact: Root access via local system Fix Available: Yes Vendor Confirmed: Yes Description: A vulnerability was...Sat, 16 Aug 2008 15:40:14 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7929VERITAS Storage Foundation for Windows Accepts NULL NTLMSSP AuthenticationImpact: Execution of arbitrary code via network, Root access via network Fix Available: Yes Exploit Included: Yes ...Sat, 16 Aug 2008 15:39:36 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7928yum-rhn-plugin Certificate Validation Flaw Lets Remote Users Conduct Man-in-the-Middle Attacks to PrImpact: Denial of service via network Fix Available: Yes Vendor Confirmed: Yes Advisory: Red Hat Advisory Des...Sat, 16 Aug 2008 15:39:09 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7927Sun Java Web Proxy Server FTP Subsystem Bug Lets Remote Users Deny ServiceFix Available: Yes Vendor Confirmed: Yes Advisory: Sun Alert Version(s): 4.0 through 4.0.5 Description: A vul...Sat, 16 Aug 2008 15:38:37 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7926Red Hat Network Satellite Server 'manzier.pxt' Hard Coded Common Authentication Key Lets Remote UserImpact: Disclosure of user information Fix Available: Yes Vendor Confirmed: Yes Advisory: Red Hat Advisory Ve...Sat, 16 Aug 2008 15:38:06 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7925VMware VirtualCenter Discloses Usernames to Remote UsersImpact: Disclosure of user information Fix Available: Yes Vendor Confirmed: Yes Version(s): prior to 2.0.2 Upda...Sat, 16 Aug 2008 15:37:38 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7924IPsec-Tools Racoon Phase 1 Handle Cleanup Flaw May Let Remote Users Deny ServiceImpact: Denial of service via network Fix Available: Yes Vendor Confirmed: Yes Description: A vulnerability wa...Sat, 16 Aug 2008 15:37:05 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7923Ventrilo &lt;= 3.0.2 NULL pointer Remote DoS ExploitNULL pointer in Ventrilo 3.0.2 http://milw0rm.com/sploits/2008-ventrilobotomy.zip Sat, 16 Aug 2008 15:33:07 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7922Ruby &lt;= 1.9 (regex engine) Remote Socket Memory Leak Exploit------------------------------------------------------- Language : Ruby Web Site: www.ruby-lang.org Platform: Al...Sat, 16 Aug 2008 15:32:36 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7921FlashGet 1.9 (FTP PWD Response) Remote BOF Exploit PoC 0day#!/usr/bin/python # FlashGet 1.9 (FTP PWD Response) 0day Remote Buffer Overflow PoC Exploit # Bug discovered by Krysti...Sat, 16 Aug 2008 15:32:07 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7920Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF PoCvar body='<OBJECT CLASSID="CLSID:C932BA85-4374-101B-A56C-00AA003668DC" width="10"><PARAM NAME="Mask" VALUE="'; var ...Sat, 16 Aug 2008 15:31:34 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7919dotCMS 1.6 (id) Multiple Local File Inclusion Vulnerabilities++++++++++++++++++++++++++++++++++++++++++++++++++++++ + script:dotCMS + home: http://www.dotcms.org + demo: http://w...Sat, 16 Aug 2008 15:30:13 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7918ZEEJOBSITE v2.0 (bannerclick.php adid) Remote SQL Injection Vulnerability|___________________________________________________| | | ZEEJOBSITE v2.0 (bannerclick.php adid) Remote SQL Injection...Sat, 16 Aug 2008 15:28:50 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7917DeeEmm CMS (DMCMS) 0.7.4 Multiple Remote Vulnerabilities##################################################################################### #### DeeEm...Sat, 16 Aug 2008 15:28:11 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7916BIND 9.5.0-P2 (randomized ports) Remote DNS Cache Poisoning ExploitSuccessfully poisoned the latest BIND with fully randomized ports! Exploit required to send more than 130 thousand of...Sat, 16 Aug 2008 15:11:18 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7915IntelliTamper 2.07/2.08 Beta 4 A HREF Remote Buffer Overflow Exploit/********************************************************************/ /* [Crpt] IntelliTamper v2.07/2.08 Beta 4 sploi...Sat, 16 Aug 2008 15:09:15 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7914FlashGet 1.9.0.1012 (FTP PWD Response) SEH STACK Overflow Exploit#!/usr/bin/perl # FlashGet 1.9.0.1012 (FTP PWD Response) SEH STACK Overflow Exploit # Coded By SkOd, skod.uk at gmail ...Sat, 16 Aug 2008 15:08:41 +0200https://www.astalavista.net/member/?cmd=exploit&act=detail&id=7913