all things security
Showing 1 - 10 of 10 RSS Feed

Files

tomcat-null-byte.txt
Posted Jan 31, 2003
Authored by Jouko Pynnonen | Site klikki.fi

Apache Tomcat can be tricked to disclose files, directory listings and unprocessed JSP files. This issue affects Apache Tomcat version 3.3.1 and earlier. Tomcat users should upgrade to version 3.3.1a.

tags | advisory
MD5 | 0711dd25c34bb121e569a2a04f39eb7e
NISR29012003.txt
Posted Jan 30, 2003

NGSSoftware Security Advisory NISR29012003 - There is a remotely exploitable buffer overflow vulnerability in the Microsoft RPC (Remote Procedure Call) Locator Service. This vulnerability, which especially affects Windows Domain Controllers, has been fixed by Microsoft and patch information can be found in Microsoft security advisory MS03-001.

tags | advisory, remote, overflow
systems | windows
MD5 | 65eb9ac93802f55ed2de5a92a6cfd606
CLIVITT-2003-2.txt
Posted Jan 30, 2003
Authored by Carl Livitt

Carl Livitt security advisory CLIVITT-2003-2 - A format string vulnerability has been found in the plpnfsd daemon that comes with versions of the plptools package prior to 0.7. This issue can allow code execution with elevated privileges and has been fixed in newer versions of plptools. This advisory contains exploit code that may be used against affected SuSE Linux systems.

tags | advisory, code execution
systems | linux, suse
MD5 | ac9f4e45a524276516f7ca240c0ae0a0
2003.001.txt
Posted Jan 27, 2003
Authored by inkubus | Site usg.org.uk

The utility slocate has a local buffer overflow vulnerability when the -r and -c switches are used. Due to this utility being setgid slocate on many default installs, slight privilege escalation is possible.

tags | advisory, overflow, local
MD5 | 183a5220d52fe7a1bf9e1f346889bb9c
cvs-1.11.4.txt
Posted Jan 23, 2003
Authored by Stefan Esser | Site security.e-matters.de

CVS v1.11.4 and below contains a double free bug which allows attackers with read access to execute code on the server by sending a malformed directory name. By default, CVS runs with root privileges. Patch available here.

tags | advisory, root
advisories | CVE-2003-0015
MD5 | 04389f84addb51044ce4e82de3bf21cf
iDEFENSE Security Advisory 2003-01-21.t
Posted Jan 23, 2003
Authored by Karol Wiesek, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package. Three vulnerabilities exist, the worst of which allows local root compromise. Overflows in the mtink and escputil binaries, which are set group id sys, allow an attacker to gain sys group privileges. A race condition in the ml85p binary, which is set user id root, allows an attacker to create a file with super user privileges.

tags | advisory, overflow, local, root, vulnerability
systems | linux, mandrake
MD5 | fb32a4acc9576b038a89bcfa8ef7a947
WebIntelligence.2.7.1.txt
Posted Jan 10, 2003
Authored by Stijn Durant | Site ubizen.com

The WebIntelligence application v2.x is a web interface which uses HTTPS and cookies to keep track of user sessions. Guessing session cookies, remote attackers can hijack the sessions of other users and take any action the account owner can take.

tags | advisory, remote, web
MD5 | 028411aba8f0d205341c12f2f49b3db0
tanne.0.6.17.txt
Posted Jan 9, 2003

Tanne v0.6.17 contains a remote format string vulnerability in logger() which can lead to arbitrary code execution as root. for Linux/x86 which has been tested against Redhat 6.1, 7.0, and 8.0. Tanne is a secure http session management tool sometimes used in online banking.

tags | advisory, remote, web, arbitrary, x86, root, code execution
systems | linux, redhat
MD5 | e82f28d58237d7cebb5cd5afc51b7b60
pine-cert-20030101.txt.asc
Posted Jan 6, 2003
Authored by Joost Pol | Site pine.nl

Pine Digital Security Advisory PINE-CERT-20030101 - A local vulnerability has been found in the FreeBSD kernel which allows privilege escalation or denial of service by taking advantage of the socket file counter. FreeBSD 4.X after 20021111 has been fixed.

tags | advisory, denial of service, kernel, local
systems | freebsd
MD5 | f3524837f48eaa73a53fcc6ee5a1ba6e
platinumserver.ftp.txt
Posted Jan 6, 2003
Authored by Matrix

The Platinum FTP Server v1.06 contains remote directory traversal vulnerabilities that allow denial of service, list any directory on the server, and possibly arbitrary file deletion. Denial of service exploit in perl included. Fix available here.

tags | advisory, remote, denial of service, arbitrary, perl, vulnerability
MD5 | 864c40d419eb5997082b084cb768595c
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
Child Safety Smartwatches Easy To Hack, Watchdog Says
Posted Oct 18, 2017

tags | headline, privacy, flaw
Domino's Pizza Delivers User Details To Spammers
Posted Oct 18, 2017

tags | headline, privacy, email, spam, fraud
Microsoft Never Disclosed 2013 Hack Of Secret Vulnerability Database
Posted Oct 18, 2017

tags | headline, hacker, microsoft, data loss, flaw
Adobe Patches Zero-Day Used To Plant Gov't Spying Software
Posted Oct 17, 2017

tags | headline, hacker, government, usa, flaw, cyberwar, adobe, zero day, nsa
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close