There exists a vulnerability in the password checking routines in the latest versions of the MySQL server, that allows any user on a host that is allowed to connect to the server, to skip password authentication, and access databases. All versions of MySQL up to 3.22.26a are vulnerable.
5f5a4fb2100d5e175dc80ad904c3a600382a5f0b6c8153e8084244e2328cedacThe Zeus Web Server does not parse null terminated strings properly, and can reveal the source to CGI scripts under certain circumstances.
9a0a0886f0a40183adf724fad747857cdc071b7a7737b9697b05f8695f3ef40dNovell Bordermanager 3.0 through 3.5 is vulnerable to a slow DoS. After 2 days, the firewall will deny all requests, and eventually crash completely.
48c370974fffe524eb3fda985fefe77b6e5fd0977fa64b23fb3530d31a5b49acrpc.amd remote exploit with spoofed source address.
329325fa62c5fbb59239de4158cdfa9412f4a122b2491697f843abe351bd7e4cIt is possible to cause the BeOS PoorMan webserver to crash (remotly) by sending a given URL to the server.
c7a561452597163b2603b347de43d34eabbf8faadb4f6ddceba795ffbb450b77CERN 3.0A Heap overflow advisory - There is a heap overflow that wastes memory space in the CERN/3.0A webserver. Close to 50000 bytes of the heap will be ruined! DoS example included.
489fc3d42f1e7f2c642902f70308d9caefba877586655086add9c34454afe5b3Windows Api SHGetPathFromIDList Buffer Overflow - All Structure lengths, or Length of string, can be a modified or altered and cause whatever handles the shortcuts to crash.
76e69a39aa4a55144387c30002193441b975a29627e84d7c38fecdb3a6baa1caServ-u FTP-Server v2.5b for Win9x/WinNTFTP-Server v2.5b will crash if you upload a malformed link file and type the ftp command LIST, due to overflow in Windows API SHGetPathFromIDList.
1553e21d813e70115f971fbf6e139bf7d8dedb4efc386150d7a1b03a64116625surfCONTROL SuperScout 2.6.1.6 allows web users to view websites blocked by the classification database.
36ddf8049da9b107bd7993a63104caf8dd5ad23594920462c47574bf6f6b6f39"How I hacked PacketStorm Forums" - A look at hacking wwwthreads via SQL. This is more of a technical paper than an advisory, but it does explain how I used a vulnerability in the wwwthreads package to gain administrative access and some 800 passwords to PacketStorm's discussion forum.
29b3228561304410fb2ef71030ea7e75376cc046c8543397a51327868ce6872eslzbserv.c - local/remote exploit for ZBServer PRO 1.50-r1x (WinNT). ZBServer PRO 1.50-r1x exploit gets remote servers's full control, allows you to run arbitrary code. Tested on debian.
988c54751cc12389b0db8a0ee9c0a46023525cb6452cd770c1262b6e088788faWar-ftpd for Windows95/98/NT is vulnerable to a buffer overflow in the MKD/CWD commands until version 1.71-0. DoS exploit included.
8fb4b7b98977d50ebe39d7cc972408c231774f65b8bab7a4536a9f16a827c8a5instructor.c is an OpenBSD 2.5 DoS attack which attempts to execute every 32 bit instruction. It is useful for people who are trying to find hidden features, or hidden bugs in their hardware or operating system. Many "features" have been found with this program.
a70cc461f83c0c214d4cbf175bc5b405671807e2937804c52d63b58d9d1f9822Georgi Guninski security advisory #6 - Outlook Express 5.01 and Internet Explorer 5.01 under Windows 95 (others too) allow reading subsequently opened email messages after a hostile message is opened. Exploit code included. Workaround: Disable Active Scripting.
40e5fa882e4448e2504aa6f59add27ddb20730b6add122d795a838cfa1ea5033Another security hole in Microsoft Virtual Machine for Java has been discovered that allows a java applet to read any file on the system. This vulnerability is quite dangerous and immediate de-activation of the IE Java function provided by Microsoft is highly recommended.
b676c447d63a02f62a89b9ff3f9af087212f58f35bc9ad6a0a9796b988ac19d5Tiny FTPd 0.52 beta3 (Windows FTP Server) has remotely exploitable buffer overflow vulnerabilities. Even anonymous users can execute code. Exploit tested on Windows98(+IE5.01).
784d73176bc53e3f6a8141164175f061c982b7f2a9ab4e69dbf1be32a39bf336
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed