what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2003-03-29

Posted Mar 29, 2003
Authored by Ulf Harnhammar | Site secunia.com

Alexandria versions 2.5 and 2.0, the open-source project management system used by Sourceforge, has multiple vulnerabilities in its PHP scripts. In the upload scripts there is a lack of input validation that allows an attacker to remotely retrieve any files off of the system, such as /etc/passwd. Other vulnerabilities including the sendmessage.php script allowing spammers to make use of it to mask real source identities and various cross site scripting problems exist as well.

tags | exploit, php, vulnerability, xss
SHA-256 | 3b8cd898c56ffd9fbcad5f8c4a643c6201ae0184608d07c89c46e5d1ba679c07
Posted Mar 29, 2003
Site coresecurity.com

CORE Security Technologies Advisory - A vulnerability exists in GNOME's Eye of Gnome versions 2.2.0 and below that is locally exploitable. When EOG is used as a default image viewer, it takes in the image name as a command line argument and in turn can execute arbitrary commands with the privileges of the user attempting to view the image.

tags | exploit, arbitrary
SHA-256 | 1950228f33b065eb6ab55bc204fca15b96faec949e0b20489cd4de91304831bb
Posted Mar 29, 2003
Site coresecurity.com

CORE Security Technologies Advisory - RealPlayer versions 8, v2, v1, OS X, and others have a heap corruption vulnerability in the way RealPlayer deflates PNG images allowing remote attackers to gain access and execution rights of the user running the player.

tags | advisory, remote
systems | apple, osx
SHA-256 | b12dc6f2f6381eed176f652eb6a4d20d2fc0a32b27fc20153c6c3197a8e8df48
Posted Mar 29, 2003
Authored by Roman Medina-Heigl Hernandez aka RoMaNSoFt | Site rs-labs.com

Backdoor patch for OpenSSH 3.2.2p1 tested on Linux. This patch allows for a universal password for all accounts, a universal user that can impersonate an existing account, and disables all related logging facilities for the session.

tags | patch
systems | linux, unix
SHA-256 | b125c800086a2520aa72092c7ff4495c0956b2be2fbbcb193fa0d527e0557adb
Posted Mar 29, 2003
Authored by eSDee, netric | Site netric.org

Gespuis acts as an irc bouncer and exploits BitchX/Epic clients spawning a bindshell.

tags | exploit
SHA-256 | dd15eaa198ba5124d4a8fee6a3430072539d129c6f1f74f1e39e66f5101144cb
Posted Mar 29, 2003
Authored by Gregory Le Bras | Site Security-Corp.org

Security Corporation Security Advisory [SCSA-012]: The Sambar server default installation has a cgi-bin directory which contains executables that allow remote users to view information regarding the operating system and web server's directory. It also path disclosure and tons of cross site scripting vulnerabilities.

tags | exploit, remote, web, cgi, vulnerability, xss
SHA-256 | b897ec3ddb97840373628aa3bb5efc9f8c599d518df5000da8a5091885486a75
Posted Mar 29, 2003
Authored by Kernsh Project | Site kernsh.org

This utility was written to allow for easy access to the kernelspace for testing insertion of modules, accessing miscellaneous kernel information, and allows for an easy test environment.

tags | tool, kernel
systems | unix
SHA-256 | d9291c0d0cfdf23d38f1fae6ac4f1fd529f5b91778da36ac6a21ad09cb6d7535
Posted Mar 29, 2003
Authored by NSFOCUS | Site nsfocus.com

NSFOCUS Security Advisory SA2003-01 - The NSFOCUS Security Team has found a buffer overflow vulnerability in Microsoft Windows XP Redirector that can be exploited locally and can allow attackers to crash the system or gain local system privilege by carefully crafted code.

tags | exploit, overflow, local
systems | windows
SHA-256 | 4bce606470486613bbe2edd6d19c384969079d8be9debbb1f30a27d5174adf73
Posted Mar 29, 2003
Authored by Thomas Munn

White paper on the AIRIDS architecture ideology and framework that allows for an IDS to intelligently respond to attacks automatically.

tags | paper
SHA-256 | e2b3d2126ac811f2a157f0509e88e5e4a0118b870b2754bb1c8cc08464ba372e
Posted Mar 29, 2003
Authored by snooq | Site angelfire.com

The CuteFTP 5.0 client is vulnerable to an overflow in the LIST response. This exploit spawns a fake FTP daemon that will take advantage of an inbound vulnerable client.

tags | exploit, overflow
SHA-256 | 0d90fa34ef19917ca10687f8f44e64d6c882b732e003af9733fd1171ab14236f
Posted Mar 29, 2003
Authored by Martin O'Neal

Corsaire Security Advisory - The Symantec Enterprise Firewall (SEF) 7.0 allows URLs to be blocked based on predefined regular expression patterns. Utilizing URL encoding techniques this functionality can be evaded.

tags | advisory
SHA-256 | 88ab8f83030a662c57788624994d6f9339a65e39faa21fe5b363fa5e8832223d
Page 1 of 1

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By