exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 46 RSS Feed

Files

000276.html
Posted Dec 1, 2003
Authored by Werner Koch | Site lists.gnupg.org

Phong Nguyen identified a severe bug in the way GnuPG creates and uses ElGamal keys for signing. This is a significant security failure which can lead to a compromise of almost all ElGamal keys used for signing. Note that this is a real world vulnerability which will reveal your private key within a few seconds.

tags | advisory
SHA-256 | 85e50ed51bad2ccd298b77d5a8b7daf4ef35336d896cce52b84c4db05a6c0ba2
openca.txt
Posted Dec 1, 2003
Site openca.org

OpenCA Security Advisory - Multiple flaws in OpenCA before version 0.9.1.4 could cause OpenCA to use an incorrect certificate in the chain to determine the serial being checked which could lead to certificates that are revoked or expired being incorrectly accepted.

tags | advisory
advisories | CVE-2003-0960
SHA-256 | 2d8bf6a4c4e3a857072f500345d0d66c8422632aae593d41cd7f4d2e92012deb
gnuscreen.txt
Posted Dec 1, 2003
Authored by Timo Sirainen

The GNU Screen utility versions 4.0.1, 3.9.15, and below, suffer from a buffer overflow vulnerability that allows local users to escalate their privileges. The screen utility is installed either setgid-utmp or setuid-root. It also has some potential for remote attacks and allows an attacker to get control of another user's screen, providing a 2-3 gigabyte transfer of data needed to exploit this vulnerability.

tags | advisory, remote, overflow, local, root
SHA-256 | 6dd123f1fa7d2605626d7627c38ae214dcddbe9ee058e57e88595aedaa3c365e
FreeBSD Security Advisory 2003.19
Posted Dec 1, 2003
Authored by The FreeBSD Project, Internet Software Consortium | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-03:19.bind - A programming error in BIND 8 named can allow an attacker the ability to arrange for malicious DNS messages to be delivered to a target name server, and cause that name server to cache a negative response for some target domain name. The name server would thereafter respond negatively to legitimate queries for that domain name, resulting in a denial-of-service for applications that require DNS. Affected versions are up to FreeBSD 4.9-RELEASE and 5.1-RELEASE.

tags | advisory
systems | freebsd
advisories | CVE-2003-0914
SHA-256 | de46a2eed27c50e9d58b35e42ad502868bd6b827919f08f4908ff0233d3c61fb
_SRT2003-TURKEY-DAY.txt
Posted Dec 1, 2003
Authored by Kevin Finisterre | Site secnetops.com

Secure Network Operations Advisory SRT2003-TURKEY-DAY - Administrators using the traceroute detection utility published in Phrack Volume 7, Issue 51 may be leaving themselves exploitable to a format strings issue in detecttr.c.

tags | advisory
SHA-256 | 33e3182819127da3ad076e5420778a32b82010b43f282830765514729f9307f2
Adv-20031126.txt
Posted Nov 27, 2003
Authored by Evgeny Legerov

S-Quadra Advisory #2003-11-26 - FreeRADIUS version 0.9.3 and below suffers from a stack overflow in the rlm_smb module. Successful exploitation of the vulnerability leads to code execution abilities as root.

tags | advisory, overflow, root, code execution
SHA-256 | 986f4ddf02645e0675d8de23c83f5150b4fe80517b2215a3c1ec52ab1b89b1b1
combofun.txt
Posted Nov 27, 2003
Authored by Liu Die Yu

Utilizing the MHTML parsing vulnerability in conjunction with the BackToFramedJpu vulnerability, a malicious attacker can obtain full MYCOMPUTER security zone access to a victim machine.

tags | advisory
SHA-256 | 8fc2fdff885ad4c4d244ca251097a58a30fe147f299629978d607b790d85fb22
mhtmlredir.txt
Posted Nov 27, 2003
Authored by Liu Die Yu

A flaw exists in the way Microsoft Internet Explorer performs MHTML redirection that can lead to a victim having executables downloaded and run. Link to a demonstration included.

tags | advisory
SHA-256 | 5c306ddeb0aa01ef9333f01161239c18011c97126963ca69abcbbe7de0d0f94f
IEcache2.txt
Posted Nov 26, 2003
Authored by Liu Die Yu

By combining the Microsoft Internet Explorer cache file disclosure vulnerability with several other unpatched vulnerabilities, a malicious INTERNET page can reach the MYCOMPUTER zone. Link to two demonstrations included.

tags | advisory, vulnerability
SHA-256 | cc43c3bb8c3472af6421059b2f7d473dcbcc23680fa944324c5fc42c247a1411
IEcache.txt
Posted Nov 26, 2003
Authored by Liu Die Yu

Microsoft Internet Explorer v6.SP1 and below has a vulnerable download function that can be exploited by a malicious attacker to gain access to a user's cache directory. Link to two demonstrations included.

tags | advisory
SHA-256 | dcaee30b8ef3a1cceeae51d751d897cc6278c21e1025eac9cf682ea1ae4fd7ab
BackToFramedJpu.txt
Posted Nov 26, 2003
Authored by Liu Die Yu

A cross-zone scripting vulnerability has been found in Internet Explorer. If a web page contains some sub-frame, its security zone may be compromised. Link to a demonstration included.

tags | advisory, web
SHA-256 | a7c936db9ccb610dafbe96908b866aeba03e8da8fc499b043cc313c4e16d79ef
hijack2.txt
Posted Nov 26, 2003
Authored by Liu Die Yu

After applying the patch for MS03-048, Windows is still susceptible to the Hijack Click attack when performed in conjunction with the method caching attack which can make the window.move accessible again. Link to a demonstration included.

tags | advisory
systems | windows
SHA-256 | a06ff9d109e90948b1621c8cc5f4399cd3f2acd4266b9a925067a1f7cac1a306
Rapid7 Security Advisory 16
Posted Nov 25, 2003
Authored by Rapid7 | Site rapid7.com

Rapid7 Security Advisory - Sybase Adaptive Server Enterprise (ASE) 12.5 is susceptible to a denial of service attack when a login is made with an invalid remote password array. A valid login is required to exploit this vulnerability. Version 11.0.3.3 for Linux is not vulnerable.

tags | advisory, remote, denial of service
systems | linux
SHA-256 | ce1334b583816398c0865c95b48954c24802309142977d252ef92a816628f0f9
CS-2003-04.txt
Posted Nov 25, 2003
Site cert.org

CERT Quarterly Summary CS-2003-04 - There have been documented vulnerabilities in the Microsoft Windows Workstation Service, RPCSS Service, and Exchange, various SSL/TLS implementations, a buffer overflow in Sendmail, and a buffer management error in OpenSSH. There have also been reports of W32/Swen.A, W32/Mimail variants, and exploitation of an Internet Explorer vulnerability reported in August of 2003.

tags | advisory, overflow, vulnerability
systems | windows
SHA-256 | 111a7f74273b65a5b0d1626916be4f03e2691e306b91abf17827c06c747319c8
Adv-20031124.txt
Posted Nov 25, 2003
Authored by Evgeny Legerov

S-Quadra Advisory #2003-11-24 - Monit version 4.1 is susceptible to a denial of service via a negative Content-length field and is also vulnerable to a stack overflow when accepting long HTTP requests.

tags | advisory, web, denial of service, overflow
SHA-256 | 640b7a1304c873c6888f2e239b9dd442a50d1a7bfc300a638ff7e843e49e4c1d
primebaseLWC.txt
Posted Nov 25, 2003
Authored by Larry W. Cashdollar | Site vapid.dhs.org

Vapid Labs Security Note - The PrimeBase SQL Database Server 4.2 stores passwords in clear text. Depending on the installation user's umask settings, it may be readable by all local users.

tags | advisory, local
SHA-256 | 43002c694b892879a9fefb2c4763eaa0435c8018f79e132da7c50c1395f81a57
opera722.txt
Posted Nov 25, 2003
Authored by Jouko Pynnonen | Site klikki.fi

Two vulnerabilities were found in the Opera web browser versions up to 7.22. Both are related to skin files, with one being a directory traversal attack that allows an attacker to upload a file to a victim's machine while the other is a buffer overflow in the skin file handling.

tags | advisory, web, overflow, vulnerability
SHA-256 | 1fe7a3b278a5f299a11bc53c79e45f6df58c6100dbd0c6ca31456d8ee6312569
xitami.txt
Posted Nov 25, 2003
Authored by Tri Huynh

Xitami's LiteServe webserver versions 2.5 and below suffer from a denial of service vulnerability that stems from a logic error during the processing of a POST request.

tags | advisory, denial of service
SHA-256 | cd786a6a7908e740a47fa4b504d54c3c4bf44e73bbf892f5c3f1f6a1c40cab1a
squadra.txt
Posted Nov 22, 2003
Authored by Evgeny Legerov

FreeRADIUS versions 0.9.2 and below have a tunnel-password attribute handling vulnerability. When a malformed attribute trigger gets passed, the server invokes memcpy() with a negative third argument, causing a crash.

tags | advisory
SHA-256 | 1dadd2e3ca40a13e9ce1eb8ddd2ae503f4b94a7f5a399a92dc7c8e84b1a03849
debiancomp.txt
Posted Nov 22, 2003
Site debian.org

Debian Security Advisory - Within the last thirty hours, some Debian project machines have been compromised, including the bug tracking system, the mailing list, the cvs server, and more.

tags | advisory
systems | linux, debian
SHA-256 | 0ef12d03e523eef94f8b0292d280440a7f426a02ad7d189e7d7177ba2242a834
Atstake Security Advisory 03-11-17.2
Posted Nov 17, 2003
Authored by Atstake, Ollie Whitehouse | Site atstake.com

Atstake Security Advisory A111703-2 - A directory traversal vulnerability lies in the web-tools component of the SAP database server that enables any remote attacker to gain access to any file on the host due to the server running as SYSTEM. The Web Agent Administration service pages are also open by default, allowing any remote attacker to reconfigure the server as they see fit and the service also has at least one buffer overflow vulnerability. Default services within the Web Agent, such as waecho, contain buffer overflows that can be exploited remotely. The session identification generated is also considered to be unsafe since they are stored in the URL and not kept in a cookie either.

tags | advisory, remote, web, overflow
advisories | CVE-2003-0940, CVE-2003-0941, CVE-2003-0942, CVE-2003-0943, CVE-2003-0944, CVE-2003-0945
SHA-256 | cfe1dbd3931e689a57bfc15b63567e94bcca765a6d0bc9f4b283731e4015c6bd
Atstake Security Advisory 03-11-17.1
Posted Nov 17, 2003
Authored by Atstake, Ollie Whitehouse, Dino Dai Zovi | Site atstake.com

Atstake Security Advisory A111703-1 - Using the SQLAT stored procedure, a local attacker can obtain system access by swapping the NETAPI32.DLL in the current working directory. There is also a remote buffer overflow in the niserver interface on TCP port 7629.

tags | advisory, remote, overflow, local, tcp
advisories | CVE-2003-0938, CVE-2003-0939
SHA-256 | 3fbb71973327006d5917535cafb01158647356e443df45dc5dcdececc29c125b
symbol.txt
Posted Nov 14, 2003
Authored by Michael Scheidell

The Symbol PDT 8100 does not attempt to change its default existing WEP keys during installation. If not changed, the PDT 8100 will reveal the WEP keys to any user in plain text by taping on the wireless icon on lower right hand of 8100 and scrolling to the 'encryption tab'. A stolen PDT 8100 or copied keys can allow an insider the ability to totally compromise the Wi-Fi network.

tags | advisory
advisories | CVE-2003-0934
SHA-256 | 0ef878b8880cfbb42ed45bacdfc32fa99f275624901e1d58461985859e733d1f
_SRT2003-11-13-0218.txt
Posted Nov 14, 2003
Authored by Kevin Finisterre | Site secnetops.com

Secure Network Operations Advisory SRT2003-11-13-0218 - Symantec PCAnywhere versions 10.x to 11.x allow for a local attacker to gain SYSTEM privileges via AWHOST32.exe that can be run via an icon.

tags | advisory, local
SHA-256 | 06a0532b6f5bf502d7995e8c3aae01db81045cd634c514dc2d89f1ab19d59781
peoplesoftCGI.txt
Posted Nov 14, 2003
Authored by Martin O'Neal

Corsaire Security Advisory - The PeopleSoft PeopleBooks Search CGI is susceptible to argument handling vulnerabilities that allow a remote attacker to gain access to files outside of the webroot.

tags | advisory, remote, cgi, vulnerability
SHA-256 | 54bdecc65f1cc150934bc3dc63cf2ef28eea6cf37d5cea1c26b8bb166ac96381
Page 1 of 2
Back12Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close