Twenty Year Anniversary
Showing 1 - 25 of 66 RSS Feed


Posted Jan 11, 2005
Authored by random nut

EarthStation 5, aka ES5 or ESV, is a P2P application that has been poorly designed in that it will allow any remote attacker to delete any shared file on a victim's system.

tags | advisory, remote
MD5 | 89c1007872624a8d4919eb557b552ac4
Posted Nov 4, 2003

SCO Security Advisory CSSA-2003-SCO.27 - OpenServer 5.0.5 insecurely creates files in /tmp which can lead to a system compromise.

tags | advisory
advisories | CVE-2003-0872
MD5 | e5d3dca64960ab302c2208ec3a937b75
Posted Nov 4, 2003
Authored by Ezhilan | Site

MyClassifieds SQL Versions below 2.13 are vulnerable to a SQL injection attack. The problem is due to improper sanitization of user input for the email variable. A remote attacker could insert arbitrary SQL code in the email variable. The passwords of the users can be written into a file and made world readable.

tags | advisory, remote, arbitrary, sql injection
MD5 | 7fb44275dc75a1edebbcf4ddc3da0017
Posted Oct 30, 2003
Authored by CodeSamurai

Mac OS X v10.3 Build 7B85 contains a vulnerability in the screen lock which allows malicious local users to use the computer for a short amount of time, until the authentication window is displayed. Exploit information included.

tags | advisory, local
systems | apple, osx
MD5 | a4448def57fd48f6b7e034d1594360c9
Posted Oct 30, 2003
Authored by Joel Soderberg, Christer Oberg

Thttpd v2.2.1 through 2.23b1 contain a remotely exploitable buffer overflow in defang() which can allow remote code execution. Fix available here.

tags | advisory, remote, overflow, code execution
MD5 | 57ba2199816ae7ee306b0679bb7dceaa
Posted Oct 30, 2003
Authored by STG Security | Site

InfronTech's J2EE Web Application Server, WebTide v7.04 and below has a directory traversal vulnerability.

tags | advisory, web
MD5 | 89814865583f7b8520d11ece19ac57d9
Posted Oct 30, 2003
Authored by Zrekam

SiteKiosk v4.x and 5.x contain vulnerabilities which allow users to bypass URL restrictions and/or browse for free because the software fails to check if the supplied URL contains a wildcard DNS entry.

tags | advisory, vulnerability
MD5 | c1e1aeb9fed59419616fc25e4f39805c
Posted Oct 30, 2003
Authored by Robert Watson

Libnids v1.17 and below contains memory corruption vulnerabilities in the TCP stream reassembly code. Applications such as dsniff which are linked with libnids can be remotely exploited by sending overly long, specially crafted TCP packets. Fix available here.

tags | advisory, tcp, vulnerability
MD5 | 4aa6532d60104b6993cc7abc151325ca
Posted Oct 30, 2003
Authored by Michael Hendrickx

Wu-ftpd v2.6.2 contains a remote root vulnerability if SKEY support has been enabled. Patch included.

tags | advisory, remote, root
MD5 | b86a6c7f01741d36eeb7dbe29acea703
Posted Oct 30, 2003
Authored by Adam Dyga | Site

Mod_security v1.7RC1 to 1.7.1 (Apache 2 version) contains a remotely exploitable buffer overflow. Fix available <a href=""here.</a>

tags | advisory, web, overflow
MD5 | ee5c85c70d312322a49756db642eb976
Posted Oct 21, 2003

Novell iChain prior to v2.2 SP2 beta contains multiple remote vulnerabilities which allow user session hijacking, denial of service, and possibly system compromise.

tags | advisory, remote, denial of service, vulnerability
MD5 | 98141c2857fdeaea0a1c6b90730bf43f
Posted Oct 21, 2003
Authored by AngryB | Site

AOL Instant Messenger prior to v5.5.3415 contains a buffer overflow in the CCertsByUserName::Cleanup() function which can lead to remote code execution. Can be exploited via HTML web pages or email via long aim: URIs. Fix available here.

tags | advisory, remote, web, overflow, code execution
MD5 | 465e2069bb67063f495c2a1936bbf9df
Posted Oct 21, 2003

RealOne Player v1, v2, Enterprise Desktop, and Desktop Manager, and RealOne for OS X all contain tempfile vulnerabilities allowing malicious local users to escalate their privileges by manipulating URLs or embedding scripts when RealOne launches the default browser. More information available here.

tags | advisory, local, vulnerability
systems | apple, osx
MD5 | 1f84c216dc3a76207168355d481b0692
Posted Oct 21, 2003

Geeklog v1.3.8 and below contains a SQL injection vulnerability allowing malicious users to change passwords on arbitrary users. Fix available here.

tags | advisory, arbitrary, sql injection
MD5 | 8e76e6d4f3e04de09298039690c36c4f
Posted Oct 21, 2003

cpCommerce v0.5f and below contains an input validation error in _functions.php which allows remote arbitrary code execution. Fix available here.

tags | advisory, remote, arbitrary, php, code execution
MD5 | 446d9e6522f11df16c5db549428624fe
Posted Oct 21, 2003

Bytehoard prior to version 0.7 contains a remote directory traversal vulnerability which allows file access. Fix available here.

tags | advisory, remote
MD5 | 0938c625550a01a3019c93680deee0f4
Posted Oct 21, 2003

Fetchmail v6.24 and below contains a remote denial of service vulnerability which can be exploited by sending a specially crafted email. Fix available here.

tags | advisory, remote, denial of service
MD5 | 47da9e9e4966bdd9be06ed80f78a66b1
Posted Oct 17, 2003
Authored by Dr. Insane | Site

Under some circumstances, it seems that when some code is added into a Microsoft Word document and then spell checked, the application will crash.

tags | advisory
MD5 | 50005b9fc659e11dabb1ee6e26b7d152
Posted Oct 16, 2003
Authored by Salman Niksefat

A cross site scripting vulnerability in Microsoft Hotmail allows access to mailboxes via malicious Javascript in conjunction with cookie hijacking.

tags | advisory, javascript, xss
MD5 | f00911cd77f5b8221ea39691ab396671
Posted Oct 16, 2003
Authored by Cesar Cerrudo

Security Advisory detailing original research from the Microsoft Local Troubleshooter ActiveX control buffer overflow that affects all versions of Microsoft Windows 2000.

tags | advisory, overflow, local, activex
systems | windows, 2k
MD5 | b8d4a3696bc3358e92c12c6462e166e8
Posted Oct 16, 2003
Authored by Brett Moore SA | Site

Original research advisory for the Listbox And Combobox Control buffer overflows announced by Microsoft Advisory here. Affected Software: Microsoft Windows NT4.0, 2000, XP, and 2003.

tags | advisory, overflow
systems | windows
MD5 | d5760432312aa04c8d86df25171c2a71
Posted Oct 16, 2003

SCO Security Advisory - SCO OpenServer 5.0.5, 5.0.6, and 5.0.7 has had multiple vulnerabilities discovered in Xsco. One matches the command line parameter -co hole discovered in Xsun and another allows any local user with X access to gain read/write access to a shared memory segment.

tags | advisory, local, vulnerability
advisories | CVE-2002-0158, CVE-2002-0164
MD5 | 19eb5afd533353aaca78afc76827a7d9
Posted Oct 16, 2003

CERT Advisory CA-2003-27 - A number of vulnerabilities in both Microsoft Windows and Microsoft Exchange have been discovered with multiple bugs giving privilege escalation and remote command execution.

tags | advisory, remote, vulnerability
systems | windows
MD5 | be063887ae4c9a37d0f1176b909a14cb
Posted Oct 16, 2003
Authored by Oliver Karow

A cross site scripting vulnerability still exists in the newest Bajie HTTP server release even though the vendor had previously been notified of the problem.

tags | advisory, web, xss
MD5 | 854064cb84e24b64afb2341a5d644411
Posted Oct 16, 2003

NGSSoftware Insight Security Research Advisory - Several vectors exist that can be used by attackers to make use of a stack based buffer overflow in the PCHealth system of Microsoft Windows 2003 Server and Windows XP.

tags | advisory, overflow
systems | windows, xp
MD5 | 26fd00211f9f12279d2b11e5774adc59
Page 1 of 3

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Ukraine Claims It Blocked VPNFilter Attack At Chemical Plant
Posted Jul 13, 2018

tags | headline, malware, cyberwar, scada
Ticketmaster Breach Part Of Massive Card Skimming Campaign
Posted Jul 12, 2018

tags | headline, hacker, privacy, bank, data loss, fraud
Hackers Are Selling Backdoors Into PCs For $10
Posted Jul 12, 2018

tags | headline, hacker, fraud, backdoor
Cambridge Analytica Staff Set Up New Firm
Posted Jul 12, 2018

tags | headline, government, privacy, data loss, fraud, cyberwar, facebook
Stolen Sensitive Drone Files Sold On Dark Web
Posted Jul 12, 2018

tags | headline, hacker, government, data loss, cyberwar
A Curious Tale Of The Priest, The Broker, The Hacked Newswires, And $100 Million Of Insider Trades
Posted Jul 11, 2018

tags | headline, hacker, bank, russia, fraud
The Crypto Currencies That Die Before They Have Bloomed
Posted Jul 11, 2018

tags | headline, bank, fraud, cryptography
Adobe Fixes Over 100 Vulnerabilities In Latest Security Patch Update
Posted Jul 11, 2018

tags | headline, flaw, adobe, patch
Arch Linux PDF Reader Package Poisoned
Posted Jul 11, 2018

tags | headline, malware, backdoor
Looks Like Macy's And Bloomingdale's Got Breached Now
Posted Jul 10, 2018

tags | headline, hacker, privacy, data loss
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By