Exploit the possiblities
Showing 1 - 25 of 106 RSS Feed

Files

redfaction120.txt
Posted Mar 1, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Red Faction versions 1.20 and below for Windows and MacOS is susceptible to a buffer overflow client-side.

tags | advisory, overflow
systems | windows
MD5 | 142a5eeea2b52b07f705d67926670026
phpBBXSS.txt
Posted Feb 29, 2004
Authored by Cheng Peng Su

phpBB's ViewTopic.php script is vulnerable to a cross site scripting attack.

tags | advisory, php, xss
MD5 | cf7d999c135a18776b6c789e7da3f45c
wftpdBO.txt
Posted Feb 29, 2004
Authored by Axl

WFTPD server versions 3.1 through 3.21 and Pro server versions 3.2x have a stack based buffer overflow vulnerability that a remote attacker can exploit to execute arbitrary code. The daemon runs with SYSTEM privileges under Pro server releases and it runs under the user ID that spawn the process under regular server releases.

tags | advisory, remote, overflow, arbitrary
MD5 | f4963b824c10d98644f5bf9c6890e366
wftpdDoS.txt
Posted Feb 28, 2004
Authored by Axl

WFTPD Pro Server 3.21 Release 1 allows a remote attacker to allocate arbitrary amounts of memory and force the WFTPD server process to use 100% of the CPU. Another DoS vulnerability allows an attacker to send a special string to crash WFTPD.

tags | advisory, remote, denial of service, arbitrary
MD5 | 26a388a0b241c32f35cda21cd047a30d
lansuite.txt
Posted Feb 28, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

Lan Suite Web Mail version 602Pro running server WEB602/1.04 has multiple vulnerabilities that include path disclosure, cross site scripting problems, and directory listings.

tags | advisory, web, vulnerability, xss
MD5 | f1485a401a2a427f6e16b82c0140d653
innomedia.txt
Posted Feb 28, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

The InnoMedia VideoPhone version au75200xvi04010x on the Windows platform is susceptible to an authorization bypass when attempting to via a file as a folder. The underlying webserver is GoAhead-Webs.

tags | advisory, web
systems | windows
MD5 | 9bc0a3993865e43e93e00e3419d29c32
FreeBSD Security Advisory 2004.3
Posted Feb 27, 2004
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:03.jail - A vulnerability has been found where jailed processes can attach to other jails. A programming error has been found in the jail_attach(2) system call which affects the way that system call verifies the privilege level of the calling process. Instead of failing immediately if the calling process was already jailed, the jail_attach(2) system call would fail only after changing the calling process's root directory.

tags | advisory, root
systems | freebsd
MD5 | d2dd9443b680de4094398f1affe91b88
MacOSXAFP.txt
Posted Feb 27, 2004
Authored by Chris Adams

Paper discussing how the the standard Apple Filing Protocol (AFP) does not use encryption to protect transfered data. Login credentials may be sent in cleartext or protected with one of several different hashed exchanges or Kerberos. There does not appear to have been any serious third-party security review of Apple's client or server implementations.

tags | advisory, protocol
systems | apple
MD5 | 8bdd1487d6b85c881f615d77e4101b7b
symantecGS20.txt
Posted Feb 27, 2004
Authored by Brian Soby

A cross site scripting vulnerability exists in Symantec Gateway Security's management service which could allow an attacker to hijack a management session to the device. Version affected is 2.0.

tags | advisory, xss
MD5 | 0826658d6b7788362f852a9bb21b8433
02.27.04b.txt
Posted Feb 27, 2004
Site idefense.com

iDEFENSE Security Advisory 02.27.04b: Exploitation of an access validation error within Microsoft Internet Explorer web browsers allows remote attackers to bypass the restrictions imposed on cross frame scripting.

tags | advisory, remote, web
MD5 | 4565b422c422c95fb8d8635bcb8843f7
02.27.04a.txt
Posted Feb 27, 2004
Site idefense.com

iDEFENSE Security Advisory 02.27.04a: Exploitation of a buffer overflow vulnerability within a parameter parsing routine of WinZip Computing Inc.'s WinZip Archive Utility for Windows allows remote attackers to execute arbitrary code. Versions below 9.0 affected.

tags | advisory, remote, overflow, arbitrary
systems | windows
MD5 | fc0beb52f438bd4dd8ec85fcf77ea1a1
calife284.txt
Posted Feb 27, 2004
Authored by DownBload

Calife versions 2.8.4c and 2.8.5 has a heap memory corruption vulnerability which can lead to local privilege escalation.

tags | advisory, local
MD5 | 6030b170dd39d3b94fd5f3a5363a792d
eEye.realsecure.txt
Posted Feb 27, 2004
Authored by eEye Digital Security | Site eEye.com

eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in both RealSecure and BlackICE. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code within the SYSTEM context. This attack will succeed with BlackICE using its most paranoid settings.

tags | advisory, remote, arbitrary
MD5 | cf58862e37b168562457080264c01a9d
servU.MDTM.txt
Posted Feb 26, 2004
Authored by Bkbll | Site cnhonker.com

Serv-U MDTM versions 5.0.0.4 and below suffer from a command buffer overflow.

tags | advisory, overflow
MD5 | 4daa465d2501788fda0d70d16a91407b
domadv.txt
Posted Feb 26, 2004
Authored by wirepair

Dell's OpenManage Web Server versions 3.7.0 and below vulnerable to pre-authentication heap-based buffer overflows. The vendor was notified but Dell's security contact was on vacation. Support was also contacted but believed the issue was related to the hard drive being full.

tags | advisory, web, overflow
MD5 | 866c13ef2b1fd0ccb493d27b84a5a0c2
freechat111a.txt
Posted Feb 25, 2004
Authored by Donato Ferrante | Site autistici.org

FreeChat version 1.1.1a has problems parsing certain strings resulting in a denial of service.

tags | advisory, denial of service
MD5 | c03ec67f5051430b8705f4b618675070
sandblad13.txt
Posted Feb 25, 2004
Authored by Andreas Sandblad

Using the mozilla browser, while linking to a new page it is still possible to interact with the old page before the new page has been successfully loaded. Any javascript events fired will be invoked in the context of the new page, making cross site scripting possible if the pages belong to different domains.

tags | advisory, javascript, xss
MD5 | 0182fb09a637cc8e469d1eb51bc5fbd4
jgs010.txt
Posted Feb 25, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

jgs version 0.1.0 on the win32 platform is vulnerable to a cross site scripting attack.

tags | advisory, xss
systems | windows
MD5 | da1b5872e4f4db6887707d7f2ed04ff8
GamespySDK.txt
Posted Feb 24, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

The Gamespy SDK used for online cd-keys validation in third party code has various vulnerabilities. Game servers getting crashed and privacy problems persist. Gamespy themselves sent the author a cease and desist due to his research.

tags | advisory, vulnerability
MD5 | 2329acac06ac4148eabd9dd778fd046c
ghostrecon.txt
Posted Feb 24, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

The Ghost Recon engine versions 1.4 and below along with some other games developed by Redstorm are vulnerable to a remote crash.

tags | advisory, remote
MD5 | 22c10d2cb22a420e9ad7f8ef47678b3d
haegemonia.txt
Posted Feb 24, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Haegemonia versions 1.07 and below have a remote vulnerability where the reading of unallocated memory causes a crash.

tags | advisory, remote
MD5 | 0bb1907284719014c8060b11d83e4222
trillian.txt
Posted Feb 24, 2004
Authored by Stefan Esser | Site security.e-matters.de

Trillian versions 0.71 through 0.74 and Pro versions 1.0 through 2.01 have two vulnerabilities that allow for remote compromise.

tags | advisory, remote, vulnerability
MD5 | 85754744a2d93a8e680aa1b45f9814bd
gigabytebb.txt
Posted Feb 24, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

Gigabyte Broadband Router version Gn-B46B with firmware version 1.003.00 is vulnerable to a remote authorization bypass.

tags | advisory, remote
MD5 | 898f3ace7d6904b65998fc22270a0e18
iDEFENSE Security Advisory 2004-02-23.t
Posted Feb 24, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 02.23.04: Exploitation of a flaw in Apple Computer Inc's Darwin Streaming Server allows unauthenticated remote attackers to prevent legitimate usage.

tags | advisory, remote
systems | apple
MD5 | eff45c2697024a5ec7a5cee6b6c6277b
Atstake Security Advisory 04-02-23.1
Posted Feb 24, 2004
Authored by David Goldsmith, Atstake | Site atstake.com

Atstake Security Advisory A022304-1 - The ppp daemon that comes installed by default in Mac OS X is vulnerable to a format string vulnerability. It is possible to read arbitrary data out of pppd's process. Under certain circumstances, it is also possible to 'steal' PAP/CHAP authentication credentials.

tags | advisory, arbitrary
systems | apple, osx
advisories | CVE-2004-0165
MD5 | d6b94cbbeede03a57a36522e07c9415f
Page 1 of 5
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
BIND Comes Apart Thanks To Ancient Denial Of Service Vuln
Posted Jan 17, 2018

tags | headline, dns, denial of service, flaw
Another Round Of Click-Fraud Extensions Pulled From Chrome Store
Posted Jan 17, 2018

tags | headline, malware, phone, google
Satori Botnet Successor Targets Ethereum Mining Rigs
Posted Jan 17, 2018

tags | headline, malware, bank, botnet, fraud
Flaw In VR Porn App Leaves 20,000 Names Exposed
Posted Jan 17, 2018

tags | headline, privacy, flaw
After False Hawaii Missile Notice, FCC Launches Investigation
Posted Jan 15, 2018

tags | headline, government, usa, cyberwar
MaMi Malware Targets Mac OS X DNS Settings
Posted Jan 15, 2018

tags | headline, malware, dns, fraud, apple
Meltdown-Spectre Patches Causing Issues With Industrial Companies
Posted Jan 15, 2018

tags | headline, flaw, patch, scada, intel
Oracle Still Silent On Meltdown, But Lists Patches For x86 Servers Among 233 New Fixes
Posted Jan 15, 2018

tags | headline, database, flaw, patch, oracle, intel
House Expands Warrantless Surveillance Against US Citizens
Posted Jan 12, 2018

tags | headline, government, privacy, usa, phone, spyware, nsa
Retpoline Fix Supposedly Solves Performance Hits For Spectre
Posted Jan 12, 2018

tags | headline, flaw, google, patch, intel
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close