DBabble 2.5i suffers from cross site scripting issues that can lead to cookie hijacking.
9621a85331b7dc09b3f7e86de4a39a480e82852474c273f85f4ca1868cd200b6Remote Windows exploit for the RPC DCOM long filename heap overflow discovered by NSFOCUS. Upon success, the target will have a user added as the letter e with a password of asd#321.
1aecaf0cce333af298b5df7d6880ca92c9442ee27738f94ed70f45095f52b0a2Liquidwar 5.4.5 local exploit that has been tested on Slackware Linux 9.0.0 and Gentoo Linux 1.4.
6038ccaf0089d0c6b1b982024c5d6232813a117568c7c20900bb183dcfc26458Remote root exploit for rpc.mountd that makes use of the xlog off-by-one vulnerability discussed here.
8301fb1c155cefd9ce319e1358f25b7e25d8bf34a49b62722987e5f5a7b76328Remote Windows exploit for the RPC DCOM long filename heap overflow discovered by NSFOCUS. Upon success, the target will have a user added as the letter e with a password of asd#321.
8deeb2c01d158751b1bf4ee8adcd15343d9a1beaeded00158eb8c71a0eb8577aTexonet Security Advisory 20030902 - SCO OpenServer / Internet Manager (mana) versions 5.0.5 to 5.0.7 are susceptible to escalating a local attacker's privileges due to being tricked into executing the environment variable REMOTE_ADDR when it is set.
5046fb8c6f2157de1eeef06f1ff7086a72da814debcc822a30e046b466d87a8dRemote exploit for Mysql 3.x versions 3.23.56 and Mysql 4.x versions below 4.0.15. More information available here.
031cb79c22ead773279128cdcad002a6b7cea61a3829c158c874f16857a8ab9eRemote Pine exploit for versions 4.56 and below. Makes use of a vulnerability discussed here.Binds a shell to port 6682. Written for Slackware 8.0, 8.1, and 9.0 and works for RedHat as well.
e851c723d21209a6b26900e885356e35a071b04eb77c23187facc15b5835af99Minihttpserver 1.x Host Engine is susceptible to a directory traversal attack and has a login parsing flaw that allows a remote attacker to gain administrative privileges.
c3811137432dca7f6b3480030b9e97885c8de1ef80de534902b0ea664f882952Easy File Sharing Web Server 1.2 is vulnerable to directory traversal bugs, cross site scripting, HTML injection, and password snatching due to them being left in the clear.
f44612ef4731652eedc76c34971ccef6fbab01c107847e6496e2fa6d924e38f8Secunia Research Advisory - Two vulnerabilities have been identified in FTGatePro mail server version 1.x that allow malicious users to access sensitive information. One lies in the file ftgatedump.fts allowing an attacker to see the system configuration while another lies in exportmbx.fts that holds all the usernames and passwords for the system.
37e62379ae7d3410654e1b6dbec013a2f429722f7a11bac666000f9c31637ac1Bandsite portal system version 1.5 lacks authentication validation in its admin.php code when an administrator is added, thus allowing a remote attacker to gain administrative privileges.
5d166e4129b983e42146f8f03a2ab30cec5d84c35a9f1631e971a799a69627ba4D WebSTAR FTP server suite version 5.3.1 remote exploit that binds a shell to port 6969 as the uid running the server. This exploit makes use of the pre-authentication buffer overflow that exists in the login mechanism of the WebSTAR FTP service.
01bd8e388df9d06a72dc6ebd9d02e2c90f9818694359d81010f1bde7d75c1d8emyPHPNuke version 1.8.8_7 performs improper variable sanitizing that will inadvertently allow a remote attacker to upload files from another site to the current site.
3a1d3adb28ded0cb43ab4856777f220e3e957aa1f45290d28d02a1d2cd088a90RealOne Player 9 exploit for Unix/Linux that escalates privileges to the person using the utility by taking advantage of group write permissions on user configuration files.
a67aea9bdace7eee5565929ef499259903de9f4e7f7f1daf7852e5af5e5e6f4fWebX 1.1 and WebX Lite 1.1 web servers are vulnerable to a directory traversal attack that allows a remote attacker to access any files outside of the web root.
7014784cf66c6d123c7d3916676819429d1d52080f19f20f5455df1029596905Remote denial of service exploit for MyServer 0.4.3.
6f3302a7429180063c9629e4dcd76ed0569671725b2912b7a5a1de9b985dee4bStunnel v3.25 and below exploit which makes use of the file descriptor leak discussed in this Conectiva Security Advisory. Allows local attackers to hijack the stunnel server.
09a9bb3888296e39b2d5be94dc6ce4fb1ec76e2101199eaddf6995a5a5035a8aDenial of service exploit for Microsoft Windows 98 that floods UDP traffic to random destination ports causing the system to lock up.
d42c427dffab7c2d44d0d3ffe21318255dd5cf99fd207e095dd5ff374fa68ffeExploit that makes use of the Microsoft Word WordPerfect document converter which has been found vulnerable to a buffer overflow when a malicious .doc file is opened.
2fa509d670aa52809545e6a62f5886f884f5b653c4ef5c22e96e146011fc403fProof of concept remote exploit for Foxweb 2.5 on Microsoft Windows that achieves access of the web server user id and makes use of a buffer overflow found in the PATH_INFO variable in foxweb.dll.
acda3c0fb0938e9fbbd07848f2cc1d6b3651f7d31839f816dca84820331df857Tellurian TFTPDNT server version 1.8 for Windows NT and Windows 9x suffers from a buffer overflow that allows remote attackers to execute arbitrary code.
934987843a4ddfbb1fb41d02028e9084c43e90a88dbcd8c1079c016552ea4f9d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed