LPPlus is Plus Technologies print management system for unix. Versions prior to 3.3.x contain several serious security holes, some of which undermine the integrity of the printing subsystem, others threaten the security of the system on which the product is installed. Upgrade available here.
248b9234d97b69b1724934b3160bc67bfa94aad7c0d63ca95ae01ac0d7e7a78eThe CNN Unsubscribe Bot can Un-Subscribe other users from CNN's distribution list by placing a random number at the end of unsubscribe cgi URL's member_id.
53bf6534606c7051e8350cb44d7f0223e19984b7353c2376361378fa040f169fRUS-CERT Advisory - Several Apache authentication modules which use SQL databases have remote vulnerabilities. Any Apache server using database-based authentication with the following modules is vulnerable - AuthPG 1.2b2, mod_auth_mysql 1.9, mod_auth_oracle 0.5.1, mod_auth_pgsql 0.9.5, and mod_auth_pgsql_sys 0.9.4. An attacker can execute arbitrary PostgreSQL or Oracle statements.
37b626339cbc966d6b6560820f49a4175ed1db3dd72933dfe32ab6fca5ac8b1cBSD Auto-rooter - Runs a trojan on many machines using the telnetd exploit.
b8af488b660ee22c7889830b3c631acb3825c2c328be4bcfda40570fe29df4abSolaris 2.8 patchadd local exploit. Takes advantage of a symlink vulnerability to clobber files with output from patchadd. Tested on Solaris 2.8 Sparc with the current patch cluster applied.
a8745334e41a751bc67512da3ab3617e9e543b283f76da7d9a5b2496eef89fecAOLserver v3.0 and 3.2 remote denial of service bug. Sends a long HTTP request.
090d176d5352846828025a910558d26b49d012fe1aae38fd3838f573072a9a36Ntop v1.1 for Solaris/x86 contains a remotely exploitable buffer overflow in the http server which defaults to tcp port 8080.
2a782b423c71b7af0e40453edb9508bf1af85c5776966f021fe5b239fb24adbcSendmail 8.11.5 and below local root exploit for linux.
efacdaadfe6b380efa743b43242f74d7805c6cd43a210409b5c705d96f7fda97Sendmail-8.11.x linux x86 local exploit. Takes advantage of a memory access violation when specifying out-of-bounds debug parameters.
285b8eb1dcf722e10d67521b7dbe8143729e3f1b8b721f06519627b02ac9ec4eBSDI v3.0 / 3.1 local dos exploit which reboots the system by running some shellcode.
5cf654f5299277e035f85f7824cf9e1e7df43880bd232fad9a51dc3364887d23AIX PowerPC v4.3.x ftpd remote exploit (yyerror() bug).
21e681b624a45369149e2a74941ac08c6c5ee1a231c7ffe7bf5eaaea3a465482AIX PowerPC v4.1 and 4.2 remote exploit for pdnsd.
3c4f77c712351730d74b742074a6fbd8a7e7efab4cb7e8facca9de615051ef71AIX PowerPC 4.1, 4.2, and 4.3.x local exploit for /usr/bin/setsenv.
2d35dc0bf91598839390c0d854435c0c71adcde2f75a7ec0896bd07f0810932bAIX PowerPC 4.2 and 4.3.x local exploit for /usr/sbin/portmir.
ce1f916ba5f1590fe65502089788b1beabd5b899dfb5a0a684a29f96634f66ddAIX PowerPC 4.1, 4.2, and 4.3.x local /usr/lib/lpd/piobe exploit.
9ffa3ccffe3a0265a0e0734ae8000d79ca04cc1f1d3a80d29e4cb72a69162103AIX PowerPC 4.1, 4.2, and 4.3 local exploit for /usr/lib/lpd/digest.
16ac023fde37aa1040868b800b4fef840ef632c820918ddabcbc662141523fffxlock.c - Proof of Concept Code for xlock heap overflow bug. Tested in Solaris 8 x86.
1c930575e877d31d683dec53347c6292c4dd407d310ecdc95493fb79f97dbc03Mailex.c is a Solaris x86 mail HOME environment variable buffer overflow exploit. Tested on Solaris 8 (x86).
c5728173ffc69c07e6d9ed6807b6774728e20fe89e5d2a5bb97c2b14b9349f7bSolaris 7/8 kcms_configure command line buffer overflow on both sparc/Intel platforms.
060830798eeb4bfc82866e4a2ef7eba72abfa93248e51af9d583026e70c7d476FreeBSD 3.3 x86 top format string exploit. Tested against top-3.5beta9.
5d9e92f9fea9c852b99fa4e6c57dcea1c3a6c13ad5613141c3f534d1b65ff298Windows 2000 + IIS .ida exploit in perl. Binds a shell to port 8008.
1f578d8a0d8d1cb1c20ebe5e5dd8ab212555fe164889760990e9c04a1bfad7bew3m remote buffer overflow exploit for FreeBSD. Runs as a daemon and waits for w3m to connect. FreeBSD advisory about w3m here.
e30d5cf756ffae77685d87c6188e5ef50c5a9115816fc507d00772618b363043NSFOCUS Security Advisory SA2001-06 - A buffer overflow vulnerability has been found in ssinc.dll which is triggered when Microsoft IIS 4.0/5.0 when processes server side include files. An attacker could obtain SYSTEM privilege if he can save html on the server. Discussed in ms01-046.
7b2deeebed5062a304ab98f09b24bf0ddac48ccb7244b9f0b55d3767555c67b4NetWare Enterprise Web Server 5.1 has a couple security problems - When NDS browsing via the web server is enabled, if an attacker can reach that server's port 80 they can enumerate information such as user names, group names, and other system information. In addition, poor handling of GET commands will allow for GroupWise WebAccess servers to display indexes of the directories instead of HTML files.
adf0654a73f370790f57c8f495e47ab5ce8db6242f05e002639e1d51d2ce342fPHP-Nuke Written by Sequioa Software contains sendmail.php, which allows remote users to execute commands and see files on the web server.
15b60f966f6d41df63275f87611839fefc622ea85815d79655554d3868a7aa03
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed