Exploit the possiblities
Showing 1 - 25 of 66 RSS Feed


Posted Jan 11, 2005
Authored by random nut

EarthStation 5, aka ES5 or ESV, is a P2P application that has been poorly designed in that it will allow any remote attacker to delete any shared file on a victim's system.

tags | advisory, remote
MD5 | 89c1007872624a8d4919eb557b552ac4
Posted Nov 4, 2003
Site sco.com

SCO Security Advisory CSSA-2003-SCO.27 - OpenServer 5.0.5 insecurely creates files in /tmp which can lead to a system compromise.

tags | advisory
advisories | CVE-2003-0872
MD5 | e5d3dca64960ab302c2208ec3a937b75
Posted Nov 4, 2003
Authored by Ezhilan | Site sintelli.com

MyClassifieds SQL Versions below 2.13 are vulnerable to a SQL injection attack. The problem is due to improper sanitization of user input for the email variable. A remote attacker could insert arbitrary SQL code in the email variable. The passwords of the users can be written into a file and made world readable.

tags | advisory, remote, arbitrary, sql injection
MD5 | 7fb44275dc75a1edebbcf4ddc3da0017
Posted Oct 30, 2003
Authored by CodeSamurai

Mac OS X v10.3 Build 7B85 contains a vulnerability in the screen lock which allows malicious local users to use the computer for a short amount of time, until the authentication window is displayed. Exploit information included.

tags | advisory, local
systems | apple, osx
MD5 | a4448def57fd48f6b7e034d1594360c9
Posted Oct 30, 2003
Authored by Joel Soderberg, Christer Oberg

Thttpd v2.2.1 through 2.23b1 contain a remotely exploitable buffer overflow in defang() which can allow remote code execution. Fix available here.

tags | advisory, remote, overflow, code execution
MD5 | 57ba2199816ae7ee306b0679bb7dceaa
Posted Oct 30, 2003
Authored by STG Security | Site stgsecurity.com

InfronTech's J2EE Web Application Server, WebTide v7.04 and below has a directory traversal vulnerability.

tags | advisory, web
MD5 | 89814865583f7b8520d11ece19ac57d9
Posted Oct 30, 2003
Authored by Zrekam

SiteKiosk v4.x and 5.x contain vulnerabilities which allow users to bypass URL restrictions and/or browse for free because the software fails to check if the supplied URL contains a wildcard DNS entry.

tags | advisory, vulnerability
MD5 | c1e1aeb9fed59419616fc25e4f39805c
Posted Oct 30, 2003
Authored by Robert Watson

Libnids v1.17 and below contains memory corruption vulnerabilities in the TCP stream reassembly code. Applications such as dsniff which are linked with libnids can be remotely exploited by sending overly long, specially crafted TCP packets. Fix available here.

tags | advisory, tcp, vulnerability
MD5 | 4aa6532d60104b6993cc7abc151325ca
Posted Oct 30, 2003
Authored by Michael Hendrickx

Wu-ftpd v2.6.2 contains a remote root vulnerability if SKEY support has been enabled. Patch included.

tags | advisory, remote, root
MD5 | b86a6c7f01741d36eeb7dbe29acea703
Posted Oct 30, 2003
Authored by Adam Dyga | Site adsystems.com.pl

Mod_security v1.7RC1 to 1.7.1 (Apache 2 version) contains a remotely exploitable buffer overflow. Fix available <a href="http://www.modsecurity.org"here.</a>

tags | advisory, web, overflow
MD5 | ee5c85c70d312322a49756db642eb976
Posted Oct 21, 2003
Site support.novell.com

Novell iChain prior to v2.2 SP2 beta contains multiple remote vulnerabilities which allow user session hijacking, denial of service, and possibly system compromise.

tags | advisory, remote, denial of service, vulnerability
MD5 | 98141c2857fdeaea0a1c6b90730bf43f
Posted Oct 21, 2003
Authored by AngryB | Site digitalpranksters.com

AOL Instant Messenger prior to v5.5.3415 contains a buffer overflow in the CCertsByUserName::Cleanup() function which can lead to remote code execution. Can be exploited via HTML web pages or email via long aim: URIs. Fix available here.

tags | advisory, remote, web, overflow, code execution
MD5 | 465e2069bb67063f495c2a1936bbf9df
Posted Oct 21, 2003

RealOne Player v1, v2, Enterprise Desktop, and Desktop Manager, and RealOne for OS X all contain tempfile vulnerabilities allowing malicious local users to escalate their privileges by manipulating URLs or embedding scripts when RealOne launches the default browser. More information available here.

tags | advisory, local, vulnerability
systems | apple, osx
MD5 | 1f84c216dc3a76207168355d481b0692
Posted Oct 21, 2003

Geeklog v1.3.8 and below contains a SQL injection vulnerability allowing malicious users to change passwords on arbitrary users. Fix available here.

tags | advisory, arbitrary, sql injection
MD5 | 8e76e6d4f3e04de09298039690c36c4f
Posted Oct 21, 2003

cpCommerce v0.5f and below contains an input validation error in _functions.php which allows remote arbitrary code execution. Fix available here.

tags | advisory, remote, arbitrary, php, code execution
MD5 | 446d9e6522f11df16c5db549428624fe
Posted Oct 21, 2003
Site secunia.com

Bytehoard prior to version 0.7 contains a remote directory traversal vulnerability which allows file access. Fix available here.

tags | advisory, remote
MD5 | 0938c625550a01a3019c93680deee0f4
Posted Oct 21, 2003
Site secunia.com

Fetchmail v6.24 and below contains a remote denial of service vulnerability which can be exploited by sending a specially crafted email. Fix available here.

tags | advisory, remote, denial of service
MD5 | 47da9e9e4966bdd9be06ed80f78a66b1
Posted Oct 17, 2003
Authored by Dr. Insane | Site members.lycos.co.uk

Under some circumstances, it seems that when some code is added into a Microsoft Word document and then spell checked, the application will crash.

tags | advisory
MD5 | 50005b9fc659e11dabb1ee6e26b7d152
Posted Oct 16, 2003
Authored by Salman Niksefat

A cross site scripting vulnerability in Microsoft Hotmail allows access to mailboxes via malicious Javascript in conjunction with cookie hijacking.

tags | advisory, javascript, xss
MD5 | f00911cd77f5b8221ea39691ab396671
Posted Oct 16, 2003
Authored by Cesar Cerrudo

Security Advisory detailing original research from the Microsoft Local Troubleshooter ActiveX control buffer overflow that affects all versions of Microsoft Windows 2000.

tags | advisory, overflow, local, activex
systems | windows, 2k
MD5 | b8d4a3696bc3358e92c12c6462e166e8
Posted Oct 16, 2003
Authored by Brett Moore SA | Site security-assessment.com

Original research advisory for the Listbox And Combobox Control buffer overflows announced by Microsoft Advisory here. Affected Software: Microsoft Windows NT4.0, 2000, XP, and 2003.

tags | advisory, overflow
systems | windows
MD5 | d5760432312aa04c8d86df25171c2a71
Posted Oct 16, 2003
Site sco.com

SCO Security Advisory - SCO OpenServer 5.0.5, 5.0.6, and 5.0.7 has had multiple vulnerabilities discovered in Xsco. One matches the command line parameter -co hole discovered in Xsun and another allows any local user with X access to gain read/write access to a shared memory segment.

tags | advisory, local, vulnerability
advisories | CVE-2002-0158, CVE-2002-0164
MD5 | 19eb5afd533353aaca78afc76827a7d9
Posted Oct 16, 2003
Site cert.org

CERT Advisory CA-2003-27 - A number of vulnerabilities in both Microsoft Windows and Microsoft Exchange have been discovered with multiple bugs giving privilege escalation and remote command execution.

tags | advisory, remote, vulnerability
systems | windows
MD5 | be063887ae4c9a37d0f1176b909a14cb
Posted Oct 16, 2003
Authored by Oliver Karow

A cross site scripting vulnerability still exists in the newest Bajie HTTP server release even though the vendor had previously been notified of the problem.

tags | advisory, web, xss
MD5 | 854064cb84e24b64afb2341a5d644411
Posted Oct 16, 2003
Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - Several vectors exist that can be used by attackers to make use of a stack based buffer overflow in the PCHealth system of Microsoft Windows 2003 Server and Windows XP.

tags | advisory, overflow
systems | windows, xp
MD5 | 26fd00211f9f12279d2b11e5774adc59
Page 1 of 3

Top Authors In Last 30 Days

Recent News

News RSS Feed
Language Bugs Infest Downstream Software
Posted Dec 11, 2017

tags | headline, flaw
German Spy Agency Warns Of Chinese LinkedIn Espionage
Posted Dec 11, 2017

tags | headline, government, china, cyberwar, germany, spyware, social
Dynamics 365 Sandbox Leaked TLS Certificates
Posted Dec 11, 2017

tags | headline, privacy, microsoft, data loss, flaw, cryptography
Keylogger Uncovered On Hundreds Of HP PCs
Posted Dec 11, 2017

tags | headline, flaw, spyware, backdoor
PlexCoin Scam Founder Sentenced To Jail And Fined $10k
Posted Dec 10, 2017

tags | headline, cybercrime, fraud, scam, cryptography
Google Lifts Lid On FBI Data Requests: Now You Can Read Actual Letters Online
Posted Dec 9, 2017

tags | headline, government, privacy, usa, google, fbi
Android Flaw Lets Attack Code Slip Into Signed Apps
Posted Dec 9, 2017

tags | headline, malware, phone, flaw, google
Millions Stolen In NiceHash Bitcoin Heist
Posted Dec 9, 2017

tags | headline, hacker, cybercrime, fraud, cryptography
Apple HomeKit Flaw Left Smart Gadgets Vulnerable
Posted Dec 9, 2017

tags | headline, flaw, apple
Intel Management Engine Pwned By Buffer Overflow
Posted Dec 7, 2017

tags | headline, hacker, flaw, conference, intel
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Security Services
Hosting By