Packet Storm new exploits for January, 2004.
866114f4d50d25516b545bc309392b0ea69c6f88f178f22a568c1d2faa5994d3
In the Apache httpd server version 2.0.47, a user can bypass a Deny directive by setting the ErrorDocument directive in their .htaccess file to access a php script which can then access the data they should be denied.
d2263f39b7545054db660f7e8f771995d42e67cdd3702d21ae045cec018945c0
Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below that binds a shell to port 28876.
ea506acc9b54478ebcde1305c05e03a4d7a82d57254fcf230248bb00ffe76634
PHP Portal is vulnerable to a directory traversal attack.
b9306c40d7fa1f3aad54667ffae18f59edda7f6b1c213708a6e6e29d981d4f47
thePHOTOtool is susceptible to SQL injection attacks.
21333df98d914b67f6369a92fd0b1af172ab28cbea7d3d8c24177dadfe654305
Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below.
c4174e145fda328216ce0c52e5bf305b7a9f9a1cea90df103ee512f28f76a97d
Windows XP/2003 Samba file sharing resource exhaustion exploit that commits a denial of service.
a91d653658d8a311303aac3232b3fab4ebcb1b7feb4f843ca68bdc4c5a2a202a
Brute forcer for OpenSSL ASN.1 parsing bugs that affects versions 0.9.6j and below and 0.9.7b and below.
8bbbf5ff84c17067f0cd384d9a2c32db1f752553417de9a7493aa5111f6897b7
Remote exploit that makes use of the try_netscape_proxy() overflow in versions 2.3 to 2.6.9 of lftp.
816d755b95467dc00ab06edb3f6891bcfd9a118f8f8af795a90ab0f3b444ba8a
phpGedView versions 2.65.1 and below suffer from multiple PHP Code Injection vulnerabilities that enable a malicious user to access arbitrary files or execute commands on the server.
be5e66ffc5826f681bd480cabfd994a4d7dc5f7649cca38b0bc6ec5ea2815885
Web Blog 1.1 allows for remote command execution due to an unsanitized file variable.
e0af8c56d3430aa463075d8e02f7ec239fa8e7490a1451b1eb83f2d3a80af5a9
PJ CGI Neo review is vulnerable to a directory traversal attack that allows a remote attacker to access any file outside of the webroot.
992dd31568c4fcc4ccd00ecd6c0ceb0917e4d9075666f57504e17c887cb3ecde
Any user with AAO privileges over the onshowaudit binary in IBM's Informix IDSv9.40 can read any system file.
72ed995c0d9c55f14fcc3e3b6054b130f3018ce7a50d8030dfc3d03869c0a948
A local vulnerability exists in the IBM Informix IDSv9.40 onedcu binary that allows local users to overwrite any root owned file.
db72f511fe4d56d0ece80a8d419ef2589c072cffdbf4185599095797b18a579e
BRE WebWeaver version 1.07 is vulnerable a cross site scripting attack.
72434b112da0910a837e767cf44c6ee6954e146ec34f69d6d828044685dfa900
Web Blog 1.1 allows for remote file retrieval outside of the web root via a directory traversal attack.
8ffba7542b46b6728704b40c87466c1fd319e96b82e24f45e7ff600b1fb8abcc
Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below.
284a2e89d944215f5b46bd4e96161625f632ef248662810dc10285b64cba0205
Trivial way to do file spoofing in Internet Explorer versions 6.0.2800.1106 and below.
77b83565d337b035d648444f5bce0a768b8022a42f296c2f964bd12f78475766
ProxyNow! versions 2.75 and below are susceptible to both heap memory corruption and stack-based buffer overflows. Exploitation of these vulnerabilities can lead to a denial of service and/or code execution with SYSTEM privileges. Detailed analysis and exploit included.
befbd5bf13e3b6d7dc791bb61f8d8476b36082b54e5da32d7a8aa177d07afba7
Oracle HTTP Server powered by Apache is susceptible to a cross site scripting attack in its isqlplus script.
748ac7cca1f921761e927eaa455cbf3fdf10094a39aecbc81e13aa6dc48834ec
BremsServer version 1.2.4 is vulnerable to directory traversal and cross site scripting attacks.
45ec16ae54b25850adf177d878a6be55addb1dfb712964e4d6ca473de6d221c4
Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below.
6de0ca83361dce52c08b5b33a10843f9f30d275a37f278cc1b412a7f0b524d08
NextPlace.com E-Commerce ASP engine is susceptible to a cross site scripting vulnerability.
2f8af53e9dfea6fe76abccd8960b5ec38f7d3444654525851e6ed78612f36c2e
Inrtra Forum is susceptible to a cross site scripting vulnerability.
ca0e46d20d49830a841e047a4df9766b3d3bd389d20c6872a8d8aeb7d6bf63c8
BWS or Borland Web Server, which is used as the Corel Paradox relational database interface, lacks input validation and is subject to directory traversal attacks. Versions 1.0b3 and below are affected.
8aa1c69b7c9c73d721abc38cc5f94f0d8119336e8aaff6c08fbd7a4b4880b3b7