Exploit the possiblities
Showing 1 - 10 of 10 RSS Feed

Files

tomcat-null-byte.txt
Posted Jan 31, 2003
Authored by Jouko Pynnonen | Site klikki.fi

Apache Tomcat can be tricked to disclose files, directory listings and unprocessed JSP files. This issue affects Apache Tomcat version 3.3.1 and earlier. Tomcat users should upgrade to version 3.3.1a.

tags | advisory
MD5 | 0711dd25c34bb121e569a2a04f39eb7e
NISR29012003.txt
Posted Jan 30, 2003

NGSSoftware Security Advisory NISR29012003 - There is a remotely exploitable buffer overflow vulnerability in the Microsoft RPC (Remote Procedure Call) Locator Service. This vulnerability, which especially affects Windows Domain Controllers, has been fixed by Microsoft and patch information can be found in Microsoft security advisory MS03-001.

tags | advisory, remote, overflow
systems | windows
MD5 | 65eb9ac93802f55ed2de5a92a6cfd606
CLIVITT-2003-2.txt
Posted Jan 30, 2003
Authored by Carl Livitt

Carl Livitt security advisory CLIVITT-2003-2 - A format string vulnerability has been found in the plpnfsd daemon that comes with versions of the plptools package prior to 0.7. This issue can allow code execution with elevated privileges and has been fixed in newer versions of plptools. This advisory contains exploit code that may be used against affected SuSE Linux systems.

tags | advisory, code execution
systems | linux, suse
MD5 | ac9f4e45a524276516f7ca240c0ae0a0
2003.001.txt
Posted Jan 27, 2003
Authored by inkubus | Site usg.org.uk

The utility slocate has a local buffer overflow vulnerability when the -r and -c switches are used. Due to this utility being setgid slocate on many default installs, slight privilege escalation is possible.

tags | advisory, overflow, local
MD5 | 183a5220d52fe7a1bf9e1f346889bb9c
cvs-1.11.4.txt
Posted Jan 23, 2003
Authored by Stefan Esser | Site security.e-matters.de

CVS v1.11.4 and below contains a double free bug which allows attackers with read access to execute code on the server by sending a malformed directory name. By default, CVS runs with root privileges. Patch available here.

tags | advisory, root
advisories | CVE-2003-0015
MD5 | 04389f84addb51044ce4e82de3bf21cf
iDEFENSE Security Advisory 2003-01-21.t
Posted Jan 23, 2003
Authored by Karol Wiesek, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package. Three vulnerabilities exist, the worst of which allows local root compromise. Overflows in the mtink and escputil binaries, which are set group id sys, allow an attacker to gain sys group privileges. A race condition in the ml85p binary, which is set user id root, allows an attacker to create a file with super user privileges.

tags | advisory, overflow, local, root, vulnerability
systems | linux, mandrake
MD5 | fb32a4acc9576b038a89bcfa8ef7a947
WebIntelligence.2.7.1.txt
Posted Jan 10, 2003
Authored by Stijn Durant | Site ubizen.com

The WebIntelligence application v2.x is a web interface which uses HTTPS and cookies to keep track of user sessions. Guessing session cookies, remote attackers can hijack the sessions of other users and take any action the account owner can take.

tags | advisory, remote, web
MD5 | 028411aba8f0d205341c12f2f49b3db0
tanne.0.6.17.txt
Posted Jan 9, 2003

Tanne v0.6.17 contains a remote format string vulnerability in logger() which can lead to arbitrary code execution as root. for Linux/x86 which has been tested against Redhat 6.1, 7.0, and 8.0. Tanne is a secure http session management tool sometimes used in online banking.

tags | advisory, remote, web, arbitrary, x86, root, code execution
systems | linux, redhat
MD5 | e82f28d58237d7cebb5cd5afc51b7b60
pine-cert-20030101.txt.asc
Posted Jan 6, 2003
Authored by Joost Pol | Site pine.nl

Pine Digital Security Advisory PINE-CERT-20030101 - A local vulnerability has been found in the FreeBSD kernel which allows privilege escalation or denial of service by taking advantage of the socket file counter. FreeBSD 4.X after 20021111 has been fixed.

tags | advisory, denial of service, kernel, local
systems | freebsd
MD5 | f3524837f48eaa73a53fcc6ee5a1ba6e
platinumserver.ftp.txt
Posted Jan 6, 2003
Authored by Matrix

The Platinum FTP Server v1.06 contains remote directory traversal vulnerabilities that allow denial of service, list any directory on the server, and possibly arbitrary file deletion. Denial of service exploit in perl included. Fix available here.

tags | advisory, remote, denial of service, arbitrary, perl, vulnerability
MD5 | 864c40d419eb5997082b084cb768595c
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Variants Of Meltdown-Spectre Flaws May Have Been Discovered
Posted Feb 16, 2018

tags | headline, hacker, flaw, intel
Former ICE Top Lawyer Stole Alien Identities From Govt Database
Posted Feb 16, 2018

tags | headline, government, privacy, usa, fraud, identity theft
New Chaos Linux Backdoor Is Pretty Stealthy
Posted Feb 16, 2018

tags | headline, hacker, malware, linux, backdoor
A Potent Botnet Is Exploiting A Critical Router Bug That May Never Be Fixed
Posted Feb 15, 2018

tags | headline, hacker, botnet, flaw
Anti-Clinton Wikileaks Chat Leaked
Posted Feb 15, 2018

tags | headline, government, data loss, fraud
NSA, FBI, CIA All Agree You Shouldn't Trust A Huawei Phone
Posted Feb 15, 2018

tags | headline, government, usa, phone, china, fbi, nsa, cia
Unsecured Server Exposed Thousands Of FedEx Customer Records
Posted Feb 15, 2018

tags | headline, privacy, data loss, flaw
Hack The Air Force 2.0 Uncovers Over 100 Vulnerabilities
Posted Feb 15, 2018

tags | headline, hacker, government, usa, flaw
UK Blames Russia For Malicious NotPetya Cyber Attack
Posted Feb 15, 2018

tags | headline, government, malware, britain, russia, cyberwar
Until Last Week, You Could Pwn KDE Linux Desktop With A USB Stick
Posted Feb 13, 2018

tags | headline, linux, flaw
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close