Exploit the possiblities
Showing 1 - 10 of 10 RSS Feed

Files

tomcat-null-byte.txt
Posted Jan 31, 2003
Authored by Jouko Pynnonen | Site klikki.fi

Apache Tomcat can be tricked to disclose files, directory listings and unprocessed JSP files. This issue affects Apache Tomcat version 3.3.1 and earlier. Tomcat users should upgrade to version 3.3.1a.

tags | advisory
MD5 | 0711dd25c34bb121e569a2a04f39eb7e
NISR29012003.txt
Posted Jan 30, 2003

NGSSoftware Security Advisory NISR29012003 - There is a remotely exploitable buffer overflow vulnerability in the Microsoft RPC (Remote Procedure Call) Locator Service. This vulnerability, which especially affects Windows Domain Controllers, has been fixed by Microsoft and patch information can be found in Microsoft security advisory MS03-001.

tags | advisory, remote, overflow
systems | windows
MD5 | 65eb9ac93802f55ed2de5a92a6cfd606
CLIVITT-2003-2.txt
Posted Jan 30, 2003
Authored by Carl Livitt

Carl Livitt security advisory CLIVITT-2003-2 - A format string vulnerability has been found in the plpnfsd daemon that comes with versions of the plptools package prior to 0.7. This issue can allow code execution with elevated privileges and has been fixed in newer versions of plptools. This advisory contains exploit code that may be used against affected SuSE Linux systems.

tags | advisory, code execution
systems | linux, suse
MD5 | ac9f4e45a524276516f7ca240c0ae0a0
2003.001.txt
Posted Jan 27, 2003
Authored by inkubus | Site usg.org.uk

The utility slocate has a local buffer overflow vulnerability when the -r and -c switches are used. Due to this utility being setgid slocate on many default installs, slight privilege escalation is possible.

tags | advisory, overflow, local
MD5 | 183a5220d52fe7a1bf9e1f346889bb9c
cvs-1.11.4.txt
Posted Jan 23, 2003
Authored by Stefan Esser | Site security.e-matters.de

CVS v1.11.4 and below contains a double free bug which allows attackers with read access to execute code on the server by sending a malformed directory name. By default, CVS runs with root privileges. Patch available here.

tags | advisory, root
advisories | CVE-2003-0015
MD5 | 04389f84addb51044ce4e82de3bf21cf
iDEFENSE Security Advisory 2003-01-21.t
Posted Jan 23, 2003
Authored by Karol Wiesek, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package. Three vulnerabilities exist, the worst of which allows local root compromise. Overflows in the mtink and escputil binaries, which are set group id sys, allow an attacker to gain sys group privileges. A race condition in the ml85p binary, which is set user id root, allows an attacker to create a file with super user privileges.

tags | advisory, overflow, local, root, vulnerability
systems | linux, mandrake
MD5 | fb32a4acc9576b038a89bcfa8ef7a947
WebIntelligence.2.7.1.txt
Posted Jan 10, 2003
Authored by Stijn Durant | Site ubizen.com

The WebIntelligence application v2.x is a web interface which uses HTTPS and cookies to keep track of user sessions. Guessing session cookies, remote attackers can hijack the sessions of other users and take any action the account owner can take.

tags | advisory, remote, web
MD5 | 028411aba8f0d205341c12f2f49b3db0
tanne.0.6.17.txt
Posted Jan 9, 2003

Tanne v0.6.17 contains a remote format string vulnerability in logger() which can lead to arbitrary code execution as root. for Linux/x86 which has been tested against Redhat 6.1, 7.0, and 8.0. Tanne is a secure http session management tool sometimes used in online banking.

tags | advisory, remote, web, arbitrary, x86, root, code execution
systems | linux, redhat
MD5 | e82f28d58237d7cebb5cd5afc51b7b60
pine-cert-20030101.txt.asc
Posted Jan 6, 2003
Authored by Joost Pol | Site pine.nl

Pine Digital Security Advisory PINE-CERT-20030101 - A local vulnerability has been found in the FreeBSD kernel which allows privilege escalation or denial of service by taking advantage of the socket file counter. FreeBSD 4.X after 20021111 has been fixed.

tags | advisory, denial of service, kernel, local
systems | freebsd
MD5 | f3524837f48eaa73a53fcc6ee5a1ba6e
platinumserver.ftp.txt
Posted Jan 6, 2003
Authored by Matrix

The Platinum FTP Server v1.06 contains remote directory traversal vulnerabilities that allow denial of service, list any directory on the server, and possibly arbitrary file deletion. Denial of service exploit in perl included. Fix available here.

tags | advisory, remote, denial of service, arbitrary, perl, vulnerability
MD5 | 864c40d419eb5997082b084cb768595c
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
PlexCoin Scam Founder Sentenced To Jail And Fined $10k
Posted Dec 10, 2017

tags | headline, cybercrime, fraud, scam, cryptography
Google Lifts Lid On FBI Data Requests: Now You Can Read Actual Letters Online
Posted Dec 9, 2017

tags | headline, government, privacy, usa, google, fbi
Android Flaw Lets Attack Code Slip Into Signed Apps
Posted Dec 9, 2017

tags | headline, malware, phone, flaw, google
Millions Stolen In NiceHash Bitcoin Heist
Posted Dec 9, 2017

tags | headline, hacker, cybercrime, fraud, cryptography
Apple HomeKit Flaw Left Smart Gadgets Vulnerable
Posted Dec 9, 2017

tags | headline, flaw, apple
Intel Management Engine Pwned By Buffer Overflow
Posted Dec 7, 2017

tags | headline, hacker, flaw, conference, intel
Google Steps Up Browser Rivalry With Site Isolation Security
Posted Dec 7, 2017

tags | headline, google, chrome
Ajit Pai Falsely Claims Killing Net Neutrality Helps The Sick
Posted Dec 7, 2017

tags | headline, government, usa, fraud
Bitcoin Breaks Through The $15,000 Mark
Posted Dec 7, 2017

tags | headline, cryptography
CryptoKitties Craze Slows Down Transactions On Ethereum
Posted Dec 6, 2017

tags | headline, denial of service, cryptography
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close