Twenty Year Anniversary
Showing 1 - 10 of 10 RSS Feed


Posted Jan 31, 2003
Authored by Jouko Pynnonen | Site

Apache Tomcat can be tricked to disclose files, directory listings and unprocessed JSP files. This issue affects Apache Tomcat version 3.3.1 and earlier. Tomcat users should upgrade to version 3.3.1a.

tags | advisory
MD5 | 0711dd25c34bb121e569a2a04f39eb7e
Posted Jan 30, 2003

NGSSoftware Security Advisory NISR29012003 - There is a remotely exploitable buffer overflow vulnerability in the Microsoft RPC (Remote Procedure Call) Locator Service. This vulnerability, which especially affects Windows Domain Controllers, has been fixed by Microsoft and patch information can be found in Microsoft security advisory MS03-001.

tags | advisory, remote, overflow
systems | windows
MD5 | 65eb9ac93802f55ed2de5a92a6cfd606
Posted Jan 30, 2003
Authored by Carl Livitt

Carl Livitt security advisory CLIVITT-2003-2 - A format string vulnerability has been found in the plpnfsd daemon that comes with versions of the plptools package prior to 0.7. This issue can allow code execution with elevated privileges and has been fixed in newer versions of plptools. This advisory contains exploit code that may be used against affected SuSE Linux systems.

tags | advisory, code execution
systems | linux, suse
MD5 | ac9f4e45a524276516f7ca240c0ae0a0
Posted Jan 27, 2003
Authored by inkubus | Site

The utility slocate has a local buffer overflow vulnerability when the -r and -c switches are used. Due to this utility being setgid slocate on many default installs, slight privilege escalation is possible.

tags | advisory, overflow, local
MD5 | 183a5220d52fe7a1bf9e1f346889bb9c
Posted Jan 23, 2003
Authored by Stefan Esser | Site

CVS v1.11.4 and below contains a double free bug which allows attackers with read access to execute code on the server by sending a malformed directory name. By default, CVS runs with root privileges. Patch available here.

tags | advisory, root
advisories | CVE-2003-0015
MD5 | 04389f84addb51044ce4e82de3bf21cf
iDEFENSE Security Advisory 2003-01-21.t
Posted Jan 23, 2003
Authored by Karol Wiesek, iDefense Labs | Site

iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package. Three vulnerabilities exist, the worst of which allows local root compromise. Overflows in the mtink and escputil binaries, which are set group id sys, allow an attacker to gain sys group privileges. A race condition in the ml85p binary, which is set user id root, allows an attacker to create a file with super user privileges.

tags | advisory, overflow, local, root, vulnerability
systems | linux, mandrake
MD5 | fb32a4acc9576b038a89bcfa8ef7a947
Posted Jan 10, 2003
Authored by Stijn Durant | Site

The WebIntelligence application v2.x is a web interface which uses HTTPS and cookies to keep track of user sessions. Guessing session cookies, remote attackers can hijack the sessions of other users and take any action the account owner can take.

tags | advisory, remote, web
MD5 | 028411aba8f0d205341c12f2f49b3db0
Posted Jan 9, 2003

Tanne v0.6.17 contains a remote format string vulnerability in logger() which can lead to arbitrary code execution as root. for Linux/x86 which has been tested against Redhat 6.1, 7.0, and 8.0. Tanne is a secure http session management tool sometimes used in online banking.

tags | advisory, remote, web, arbitrary, x86, root, code execution
systems | linux, redhat
MD5 | e82f28d58237d7cebb5cd5afc51b7b60
Posted Jan 6, 2003
Authored by Joost Pol | Site

Pine Digital Security Advisory PINE-CERT-20030101 - A local vulnerability has been found in the FreeBSD kernel which allows privilege escalation or denial of service by taking advantage of the socket file counter. FreeBSD 4.X after 20021111 has been fixed.

tags | advisory, denial of service, kernel, local
systems | freebsd
MD5 | f3524837f48eaa73a53fcc6ee5a1ba6e
Posted Jan 6, 2003
Authored by Matrix

The Platinum FTP Server v1.06 contains remote directory traversal vulnerabilities that allow denial of service, list any directory on the server, and possibly arbitrary file deletion. Denial of service exploit in perl included. Fix available here.

tags | advisory, remote, denial of service, arbitrary, perl, vulnerability
MD5 | 864c40d419eb5997082b084cb768595c
Page 1 of 1

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
After Indictment, Russian Hackers' Lives Changed Forever, Ex-Ambassador Says
Posted Jul 16, 2018

tags | headline, hacker, government, usa, russia, fraud, cyberwar, spyware
Can Graphical Passwords Keep Us Secure Online?
Posted Jul 16, 2018

tags | headline, data loss, password
Kodak Bitcoin Mining Scam Evaporates
Posted Jul 16, 2018

tags | headline, fraud
Russians Mined Bitcoin To Fund DNC Hack
Posted Jul 16, 2018

tags | headline, hacker, government, usa, russia, cyberwar
Mueller Indicts 12 Russian Intelligence Officers, Including Guccifer 2.0, For Hacking Democrats
Posted Jul 13, 2018

tags | headline, hacker, government, usa, russia, cyberwar, spyware, fbi
Bogus MDM System Used To Hack iPhones In India
Posted Jul 13, 2018

tags | headline, malware, phone, india, fraud, apple
Chrome Adds Ambitious Browser Mitigation For Spectre
Posted Jul 13, 2018

tags | headline, flaw, google, patch, chrome, intel
Cisco Patches High-Severity Bug In VoIP Phones
Posted Jul 13, 2018

tags | headline, flaw, patch, cisco
Ukraine Claims It Blocked VPNFilter Attack At Chemical Plant
Posted Jul 13, 2018

tags | headline, malware, cyberwar, scada
Ticketmaster Breach Part Of Massive Card Skimming Campaign
Posted Jul 12, 2018

tags | headline, hacker, privacy, bank, data loss, fraud
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By