Serv-U FTPD 2.x/3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested against Windows 2000 and XP en/cn.
971af3ae699a87cfda98262f022d27b79d9091273909f6803bec8bc73a25f046Packet Storm new exploits for February, 2004.
eaeb49e26e34807dbf429d7665b585b06e121bbf3fef3a146ed9759cfa380e38Exploit for WFTPD server versions 3.1 through 3.21 and Pro server versions 3.2x that makes use of a stack based buffer overflow.
a57bebe6f1b27bc7da42783916b3a84a28681d61b69b68dca9abdbcc05f6ff60Invision Power Board is susceptible to a SQL injection vulnerability in its search.php script.
d8c4c4a478f2f5a37f2f0b0241c4cc23ec20627875f2ca4105794ca7d97cd20aServ-U FTPD 3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested on Windows 2000 and XP.
3478cd244b21b32e8c447890c0eaf59dcf6629881d4d91708d1536ceff485b5cRemote denial of service exploit that makes use of a command buffer overrun in Serv-U MDTM versions 5.0.0.4 and below.
b2d3006fc0646e31f2974ba75991ad575fe9b9f0032eb41efccfeb84a3983900Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91. This version support the following operating systems: Windows XP Home Edtion SP1, Windows XP Pro Edtion SP1, Win2k Pro Edtion.
62202900b3384ce959dde0cd62c292867091c117c07c81cfffbd72ae412dbd85FlexWATCH-Webs versions 2.2 (NTSC) and below suffer from an authorization bypass via double slashes and also a cross site scripting attack.
30f2d7d384b06c83532dccf7d1af6e57c41375c5a13abfadfe0e4861c59106a0Extreme Messageboard aka XMB version 1.8 Partagium Final SP2 is vulnerable to multiple SQL injection and cross site scripting attacks.
94202bebf3a32f786fd685a5f8e27fde71d3af5d8268b3550c55c6d9a2fd6d7fPhpNewsManager version 1.46 allows for arbitrary file reading due to being susceptible to a directory traversal attack.
340c2bf12eaf6e9a64fbb3a6e669b7646c444d064e1d432c3c336d3153659923GateKeeper Pro 4.7 on the win32 platform has a buffer overflow vulnerability when processing GET requests. Full remote exploit included. Tested against Microsoft Windows 2000 Pro and Microsoft Windows XP.
22417fdf4aa577d2e8c2e2119dcb08754e7078a4aad8cb318d882381d9f6dd0cProof of concept DoS exploit for 3Com OfficeConnect DSL Routers. Successful exploitation of the vulnerability should cause the router to reboot.
254023ca8d4768c04c5c20cfa49d209a6bbc5b70b7a80ccd6bf8833bff56ebcblbreakout2 versions 2.4beta-2 and below local exploit.
51e14a7159f51e0c9c23bf324116ff606ddd4adc0e76e11198615b14ef9e8a41Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91.
73f0d6e8adffd79bbf923eab06a241c867975c0e85912c18f2cc7a407730bc67Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91.
ebb77334f93a0da0a47c9f0b9eeadbfd93710550e91f8cdd62436719f01c0594iMail 8.05 LDAP service remote exploit.
9308795e0e2b70dc27363fc26273fbb06ce2f88366c5c9995195e1f558830ebfExploit that tests for several vulnerabilities in one of Windows XP kernel's native API functions.
c8b58e5f68561dfb961a121c815bb7e3491dd98dec183140d1decc563346e63cS-Quadra Advisory #2004-02-18 - WebCortex Webstores2000 version 6.0 has a SQL injection vulnerability that allows a remote attacker to add an administrative account and it also has a cross site scripting flaw.
413be3fc56f6d324062e5d7d79c97bdd9b708064513a7e39c078ee57bbf3f793OWLS version 1.0 allows for remote file retrieval via directory traversal attacks.
13843490796feb811f362b4296313ee648e9ac12354d4bc7831e144c1b2970a5S-Quadra Advisory #2004-02-16 - EarlyImpact ProductCart shopping cart software incorrectly makes use of cryptography, is susceptible to a cross site scripting attack, and allows for SQL injection attacks as well.
3330d8b93aad8afb29f6c2680fb973686c8aec2837cc6efd89d60eb6b3d896caIn the Online Store Kit 3.0 Products, problems exist where user-supplied data is not properly sanitized, allowing for a remote attacker to influence SQL queries and gain sensitive information.
91655534097ed426223b3cbc07ebef79a74c042776ee4f6fd5ddc69f2150cfa5Two security vulnerabilities in Broker FTP server version 6.1.0.0 cause the server to crash and utilize 100 percent of the systems CPU cycles.
468c4ebd2f2d3bba08b987b1bfbe71803d631e237f34b3603b7a4170a7b0d3acShopCartCGI version 2.3 has multiple directory traversal vulnerabilities that allow for remote attackers to gain access to files outside of the webroot.
3eeebaf9d2b5e316af46dacc9f5e43e3514a13a208d6dd32174dafe0c219bc6dLocal exploit for rsync 2.5.7 and below. Note: This exploit only escalates privileges if rsync is setuid, which it is not by default.
270bdea5748826ce67adcc4b529f6cd1b686e05b8b2e8c44d1da806d67bad852A specifically crafted HTTP GET request which contains over 4096 bytes of data will cause the KarjaSoft Sami HTTP server to crash. Versions affected: 1.0.4, possibly earlier versions as well.
dc2928c9421bbb30e94ea02193251f37fba7827280f552f237e486db9b59936f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed