Exploit the possiblities
Showing 1 - 25 of 62 RSS Feed

Files

mephistoles.txt
Posted Feb 10, 2004
Authored by Donato Ferrante | Site autistici.org

The Mephistoles Internet Suite version 0.6.0final is susceptible to a cross site scripting attack.

tags | advisory, xss
MD5 | 4f6399a53e2ceb4e2b4da8288b6c443d
FreeBSD Security Advisory 2004.1
Posted Feb 1, 2004
Authored by The FreeBSD Project, Kimura Fuyuki, Wiktor Niesiobedzki | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:01.mksnap_ffs - The mksnap_ffs command creates a snapshot of a filesystem. A snapshot is a static representation of the state of the filesystem at a particular point in time. The kernel interface for creating a snapshot of a filesystem is the same as that for changing the flags on that filesystem. Due to an oversight, the mksnap_ffs command called that interface with only the snapshot flag set, causing all other flags to be reset to the default value.

tags | advisory, kernel
systems | freebsd
advisories | CVE-2004-0099
MD5 | 631df2757f7b612025de9f600e8a2d2c
libtool152.txt
Posted Jan 30, 2004
Authored by Stefan Nordhausen

Versions below 1.5.2 of GNU's libtool have a symlink vulnerability that creates a temporary directory when a package using libtool is being compiled.

tags | advisory
MD5 | d766b2d1a4e7de15f711c5c120268916
Cisco Security Advisory 20040129-ms03-049
Posted Jan 30, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040129 - Cisco has released an advisory dictating that their products that make use of the Microsoft Workstation service may be susceptible to attack.

tags | advisory
systems | cisco
MD5 | 4ec43b01c38f4a077c94274af5b4e085
ELF_RPATH.txt
Posted Jan 29, 2004
Authored by Matthias Andree

Some dynamically linked binary builds of the CVSup package contain untrusted paths in the ELF RPATH fields of the executables which may allow for local privilege escalation.

tags | advisory, local
MD5 | 2e3a61279ceabffb4e20428e2e64c582
001.txt.asc
Posted Jan 29, 2004
Site ultramagnetic.sourceforge.net

Ultramagnetic, a utility based off of a fork of the GAIM IM software, is susceptible to the vulnerabilities found in GAIM versions 0.75 and below.

tags | advisory, vulnerability
advisories | CVE-2004-0005, CVE-2004-0006, CVE-2004-0007, CVE-2004-0008
MD5 | 40979778b61b51ef629d5a557c36b1dd
Atstake Security Advisory 04-01-27.1
Posted Jan 29, 2004
Authored by David Goldsmith, Atstake | Site atstake.com

Atstake Security Advisory A012704-1 - The version of TruBlueEnvironment that is shipped with Mac OS X 10.3.x and 10.2.x takes the value of an environment variable and copies it into a buffer without performing any bounds checking. Since this buffer is stored on the stack, it is possible to overwrite the return stack frame and execute arbitrary code as root.

tags | advisory, arbitrary, root
systems | apple, osx
MD5 | ef3249d227b311b24f7d6ae925005c3a
open3sIDSontape.txt
Posted Jan 28, 2004
Authored by Juan Manuel Pascual Escriba | Site open3s.com

A stack-based buffer overflow exists in the ONCONFIG environment variable read process when it is bigger than 495 bytes and read in by the IBM Informix IDSv9.40 ontape binary.

tags | advisory, overflow
MD5 | 17aba62d43551a5f45a47720c8ff8fa7
SRT2004-01-17-0227.txt
Posted Jan 28, 2004
Authored by Kevin Finisterre | Site secnetops.com

Secure Network Operations Advisory SRT2004-01-17-0227 - The BlackICE PC Protection firewall/IDS versions 3.6.cbz and below allows local users to gain SYSTEM privileges.

tags | advisory, local
MD5 | 3022d657274181d378344e8cf2e4f6d8
CA-2004-02.mail.txt
Posted Jan 27, 2004
Site cert.org

CERT Advisory CA-2004-02 - Recent weeks have shown a spike in mass-mailing viruses released on the Internet. Advisory released to keep the general public aware.

tags | advisory
MD5 | 282ba5c647da09ebc8c8cc8b4fe8612b
012004.gaim.txt
Posted Jan 26, 2004
Authored by Stefan Esser | Site security.e-matters.de

GAIM versions 0.75 and below are vulnerable to twelve overflows that allow for remote compromise.

tags | advisory, remote, overflow
advisories | CVE-2004-0005, CVE-2004-0006, CVE-2004-0007, CVE-2004-0008
MD5 | b81311fcacc952cd8b3e41cb8cdb91f7
reptile.txt
Posted Jan 26, 2004
Authored by Donato Ferrante | Site autistici.org

Reptile, the web server written completely in Python, has a flaw that allows for completely CPU resource consumption which results in a denial of service.

tags | advisory, web, denial of service, python
MD5 | 5b8e612733d379995d02da6b024a3cbd
servu.txt
Posted Jan 26, 2004
Authored by kkqq | Site 0x557.org

Serv-U FTP server versions 4.2 and below have an internal memory buffer that may be overrun while handling the site chmod command with a filename containing excessive data.

tags | advisory, overflow
MD5 | 7c371527ce6128fefc45044ad4584576
Adv-20040123.txt
Posted Jan 24, 2004
Authored by Nick Gudov

S-Quadra Advisory #2004-01-23 - QuadComm Q-Shop ASP Shopping Cart Software has multiple SQL injection and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, sql injection, asp
MD5 | 913076b7cf76eea8ed71345d5313ad2c
nfshp2cbof-adv.txt
Posted Jan 23, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Need for Speed Hot Pursuit 2 has a vulnerable client that is susceptible to a buffer overflow attack by a hostile server. The buffer overflow occurs when too long of a string is sent back to the client during an information query. Electronic Arts has not bothered to even return e-mails regarding this problem.

tags | advisory, overflow
MD5 | b230abcd649ea7baef8f4888deaeae85
tbeBanner.txt
Posted Jan 22, 2004
Authored by Ed J. Aivazian

Native Solutions TBE Banner Engine is vulnerable to allowing an attacker to embed code to be executed by the server when text for a banner is added.

tags | advisory
MD5 | 2c12e6d41c2a540e173e7a4ed23d105b
Cisco Security Advisory 20040121-voice
Posted Jan 21, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040124 - The default installation of Cisco voice products on the IBM platform will install the Director Agent in an unsecure state, leaving the Director services vulnerable to remote administration control and/or Denial of Service attacks. The vulnerabilities can be mitigated by configuration changes and Cisco is providing a repair script that will close the vulnerable ports and put the Director agent in secure state without requiring an upgrade.

tags | advisory, remote, denial of service, vulnerability
systems | cisco
MD5 | 06bcc673a931ec89c195327e70216404
honeyd-2004-001.txt
Posted Jan 21, 2004
Authored by Niels Provos | Site honeyd.org

Honeyd is vulnerable to remote detection via a simple probe packet. All versions up to 0.8 are susceptible.

tags | advisory, remote
MD5 | 37aad30362c5442ca781f43d25058799
WebcamXP.txt
Posted Jan 21, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

WebcamXP versions 1.06.945 is susceptible to a cross site scripting attack.

tags | advisory, xss
MD5 | d6b3ff49bac4d12f3e6b465bd776087c
SRT2004-01-17-0425.txt
Posted Jan 21, 2004
Authored by Kevin Finisterre | Site secnetops.com

Secure Network Operations Advisory SRT2004-01-17-0425 - Ultr@VNC, the client/server software that allows you to remotely control a computer over any TCP/IP connection, has a faulty ShellExecute() statement that allows a local attacker to gain SYSTEM access.

tags | advisory, local, tcp
MD5 | b364ba749d45ee9d44afa9249bed99fa
webtrends.txt
Posted Jan 21, 2004
Authored by Oliver Karow | Site oliverkarow.de

WebTrends Reporting Center is administrated via a web interface that has a flaw which would allow a remote attacker to disclose the physical path to the application.

tags | advisory, remote, web
MD5 | 937ac402be71aa04081516bcd6708c22
IEmultiples.txt
Posted Jan 21, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

When using the SNEWS protocol, Internet Explorer lacks its filtering engine and can trigger Outlook Express to be hit by a buffer overrun resulting in possible code execution.

tags | advisory, overflow, code execution, protocol
MD5 | bdc9002fe20bf8b416f58764633cf33b
vBulletinBBS.txt
Posted Jan 21, 2004
Authored by Darkwell | Site gcf.de

vBulletin Bulletin Board derivatives contain a security bug that may lead to disclosure of private information via cross site scripting attacks. This vulnerability may also enable an attacker to transmit sensitive information such as encrypted passwords, user identification numbers, or forum passwords to another server.

tags | advisory, xss
MD5 | 3f197c1d220e6abf13c6b6c7f362b095
suse90symlinks.txt
Posted Jan 20, 2004
Authored by l0om

Various init related script in SuSE 9.0 are susceptible to symlink attacks.

tags | advisory
systems | linux, suse
MD5 | b0a771d87e4879f9b01efe708f43ed7e
getware.txt
Posted Jan 20, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

WebCam Live and Photohost are 2 shareware programs used to share webcam streams and photo albums through the web. WebCam Live versions 2.01 and below and Photohost versions 4.0 and below are all susceptible to a denial of service attack when the Content-Length parameter is set to a negative number during a transaction.

tags | advisory, web, denial of service
MD5 | 710c784e10753b7d4d1e61b2e59448fb
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Language Bugs Infest Downstream Software
Posted Dec 11, 2017

tags | headline, flaw
German Spy Agency Warns Of Chinese LinkedIn Espionage
Posted Dec 11, 2017

tags | headline, government, china, cyberwar, germany, spyware, social
Dynamics 365 Sandbox Leaked TLS Certificates
Posted Dec 11, 2017

tags | headline, privacy, microsoft, data loss, flaw, cryptography
Keylogger Uncovered On Hundreds Of HP PCs
Posted Dec 11, 2017

tags | headline, flaw, spyware, backdoor
PlexCoin Scam Founder Sentenced To Jail And Fined $10k
Posted Dec 10, 2017

tags | headline, cybercrime, fraud, scam, cryptography
Google Lifts Lid On FBI Data Requests: Now You Can Read Actual Letters Online
Posted Dec 9, 2017

tags | headline, government, privacy, usa, google, fbi
Android Flaw Lets Attack Code Slip Into Signed Apps
Posted Dec 9, 2017

tags | headline, malware, phone, flaw, google
Millions Stolen In NiceHash Bitcoin Heist
Posted Dec 9, 2017

tags | headline, hacker, cybercrime, fraud, cryptography
Apple HomeKit Flaw Left Smart Gadgets Vulnerable
Posted Dec 9, 2017

tags | headline, flaw, apple
Intel Management Engine Pwned By Buffer Overflow
Posted Dec 7, 2017

tags | headline, hacker, flaw, conference, intel
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close