Proof of concept exploit for IglooFTP PRO 3.8 and possibly earlier versions. This package suffers from multiple client side vulnerabilities including the banner, username, password, and account SMTP parameters.
012f188e05c0cd48ca2d55347c1fef1243732b738b287ec3f6b9007ffa7a13f5Linux eXtremail versions 1.5-8 and below remote root exploit that makes use of a format string vulnerability in its logging mechanism.
f73f3161c91641b7b5567b990f13c9d5b919ba33786bbedc6f63f3cc2fb52d54The CGI script whereami.cgi that gets distributed by CCBill lacks input validation and in return allows for remote command execution as the web uid.
ce15f8d74362f11898352d1bbf86d0330e48248dd00ae31bec0febbb7a67da0cYahoo Messenger 5.5 and below suffers from a buffer overflow that was originally discovered and fixed in May of 2002, but has since resurfaced. Systems Affected: Windows NT/2000/SP1/SP2/SP3, Windows ME, Windows 95/98, Windows XP.
3dbd08466a589690e261f4eb0f747ba191bda6e704b3f88ec4d48204eb593792The ColdFusion Server versions 4.5 and 5 suffer from multiple vulnerabilities. They range from the default RDS password being blank by default to allowing a normal remote user to reconfigure their website properties to put and get any file on the server.
faa0a31742d24a814cbf24ab9f645633cf615b253c7800154079460c4cdc420bThe screen saver that comes with MacOSX crashes when an large amount of characters are entered and then the return key is pressed. At this point, access to the desktop is achieved.
580c1aa4b027ccdd05e8525a8ed42272ff29b6f6fedab5539018ad21fadd994cCore Security Technologies Advisory ID: CORE-2003-0305-04 - Windows NetMeeting is vulnerable to a directory traversal attack that allows remote arbitrary code execution. Vulnerable version: NetMeeting 3.01 (4.4.3385), possibly others. Fixed in Service Pack 4.
37573598836434eb829a0bd11e8ad4eae7fa6d4cbf8c3647e8d0168be675a1eaKereval Security Advisory KSA-003 - Cross Site Scripting vulnerabilities exist in Phpgroupware very 0.9.14.003.
115009ff8f21003689ec49c463c4c30c56eedbbdb2ef2b35c538dd0cec9fc89cCore Security Technologies Advisory ID: CORE-2003-0305-03 - The Microsoft Active Directory functionality is remotely and locally vulnerable to a stack overflow that allows an attacker to crash and force a reboot of any Windows 2000 server. Vulnerable package: Windows 2000 Server with Active Directory SP3. Fixed with Service Pack 4.
afedd8c7f809a694f9bb53497d9c62835d5aef2a503c9fd6108f9274b8cd15f5A buffer overflow exists in the Essentia Web Server for Linux due to bad boundary checking with long urls which are greater than 2000 bytes. Versions higher than 2.12 are vulnerable.
f55766bfff8269fac9c31113d14529568080f5e761e6c0b22990bb0daaf7d482This tool make uses of the recent vulnerabilities discussed here regarding a broadcast buffer overflow and server freeze denial of service discovered in Roger Wilco.
62f78f06b0794bd0e528ae135c68d893b70aae1ba695c071a7e8b7f5937a0cdfSTG Security Advisory SSA-20030701-02 - The Verity K2 Toolkit Query Builder suffers from a cross site scripting vulnerability.
47b9a884062a2fa4a62f0c83e481dc34e665de880a67fb70500473063be7008dHilariously amusing and simple exploit that makes use of the fact that the cuxs binary on InterSystems Corp. Cache management system executes a binary as root without that binary having a static path.
7e9b9f1c5dc3a4b6f8a786e2d7e3b1817c0c0fd7c6899b52e1d6da8a428b2287iDEFENSE Security Advisory 07.01.03: InterSystems Corp. Cache installs with insecure file and directory permissions, thereby allowing local attackers to gain root access by manipulating items in the main package tree. The vulnerability specifically exists because files and directories are open to all users for read, write, and execute operations.
a94ec4e715dbd55bc4d0dfb19dc4102c0d75702736bfe3b8af0e08165f59aa3a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed