exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 90 RSS Feed

Files

repredhat.txt
Posted May 1, 2004
Authored by BlackAngels | Site blackangels.it

A local buffer overflow vulnerability exists in REP version 0.15.1 on RedHat Linux 7.3. Proof of concept exploitation included.

tags | advisory, overflow, local, proof of concept
systems | linux, redhat
SHA-256 | 8e1fdc0cc3c3bec4177fbfd6ba811f0eac0e4c1f712dacde188c47bea51db84c
msSharePointXSS.txt
Posted Apr 5, 2004
Authored by Ory Segal | Site SanctumInc.com

Microsoft SharePoint Portal Server 2001 suffer from cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2004-0379
SHA-256 | 10169682debdfb934b48a36f761142428188f321b766946424a38fe3d7ad8251
rogerwilco2.txt
Posted Mar 31, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

RogerWilco versions 1.4.1.6 and below and RogerWilco Base Station versions 0.30a suffer from multiple bugs. From being crashed with a malformed UDP packet to spoofing 'voice' traffic when not even being connected to a channel, quite a few amusing problems are listed.

tags | advisory, udp, spoof
SHA-256 | 22ab3fb2653158c6541bf495cfa5519f2bf1f7f1d2a4c897d0324b8762076abc
phpkit.txt
Posted Mar 30, 2004
Authored by Yanosz

PHPKIT version 1.6.03 suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 0e9f13f39f0629b6717e15fd8fd08fd262f7ba7663d8bb985d87444d8acb4245
Rapid7 Security Advisory 17
Posted Mar 30, 2004
Authored by Rapid7 | Site rapid7.com

Rapid7 Security Advisory - tcpdump versions 3.8.1 and below contain multiple flaws in the packet display functions for the ISAKMP protocol. Upon receiving specially crafted ISAKMP packets, tcpdump will try to read beyond the end of the packet capture buffer and crash.

tags | advisory, protocol
advisories | CVE-2004-0183, CVE-2004-0184
SHA-256 | bf610b65d6dfc6a1e758210dd11a41752fa7ae6f05f82c0910e413398c61725a
linbit.txt
Posted Mar 30, 2004
Authored by Daniel Fabian | Site sec-consult.com

SEC-CONSULT Security Advisory - Linbit Linbox is vulnerable to authentication circumvention on its administration portal, password disclosure for all existing users, and using the obtained passwords, any account can be logged into via SSH.

tags | advisory
SHA-256 | 64158a7cf03bea19c8dd9020b9f99b7e6bcf2fe97d86ac1d244377dc6d5c7978
MG-2004-01.txt
Posted Mar 30, 2004
Authored by Guido van Rooij, Arjan de Vet | Site madison-gurkha.com

Hard coded login sequence values for Oracle SSO allow for easy man in the middle attacks.

tags | advisory
SHA-256 | 7b8e79653622db46a6b91adc1109b89bba51e9e2a63859147c6505fd5a25220e
mplayer02.txt
Posted Mar 30, 2004
Authored by Gabucino

MPlayer Security Advisory #002 - A remotely exploitable buffer overflow vulnerability was found in MPlayer. A malicious host can craft a harmful HTTP header (Location:), and trick MPlayer into executing arbitrary code upon parsing that header. Versions affected: MPlayer 0.90pre series, MPlayer 0.90rc series, MPlayer 0.90, MPlayer 0.91, MPlayer 1.0pre1, MPlayer 1.0pre2, MPlayer 1.0pre3.

tags | advisory, web, overflow, arbitrary
SHA-256 | f5cc85b108a50d1675f96946734a505c74cbf8a7e20335d3382143ea84a4a043
clamVE.txt
Posted Mar 30, 2004
Authored by l0om | Site excluded.org

Security comments regarding the way clamav sets up VirusEvent information and how it could be improved. Due to a lack of input sanitizing, the variable taken in on the command line could be used for malicious purposes when put to a system().

tags | advisory
SHA-256 | c4b9e905084bd1c5af9e8ca8c970424ede8be3a4306833892f7fe3f5f705853b
FreeBSD Security Advisory 2004.6
Posted Mar 29, 2004
Authored by The FreeBSD Project, Katsuhisa ABE, Colin Percival | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:06.ipv6 - Applications may manipulate the behavior of an IPv6 socket using the setsockopt(2) system call. This may allow a local attacker to read portions of kernel memory.

tags | advisory, kernel, local
systems | freebsd
advisories | CVE-2004-0370
SHA-256 | 70e1c4c7ccbdf1b90bac831af83ac26a62adca45386ee48ac5f0dfdafab17978
dsa-469.txt
Posted Mar 29, 2004
Authored by Debian | Site debian.org

Debian Security Advisory DSA 469-1 - Primoz Bratanic discovered a bug in libpam-psgl, a PAM module to authenticate using a PostgreSQL database. The library does not escape all user-supplied data that are sent to the database. An attacker could exploit this bug to insert SQL statements.

tags | advisory
systems | linux, debian
advisories | CVE-2004-0366
SHA-256 | e04e7014ae9789fdab12a457b44dc8b74065eb9f8b174a4afde885751bd74765
RHSA-2004:134-01.txt
Posted Mar 29, 2004
Site redhat.com

Red Hat Security Advisory RHSA-2004:134-01 - A bug was found in the processing of %-encoded characters in a URL in versions of Squid 2.5.STABLE4 and earlier. If a Squid configuration uses Access Control Lists (ACLs), a remote attacker could create URLs that would not be correctly tested against Squid's ACLs, potentially allowing clients to access prohibited URLs.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2004-0189
SHA-256 | 39303053afa5c4c6ad8257b0ae22265b1b4be246171e3264649c906efbc46a35
webctCE41.txt
Posted Mar 28, 2004
Authored by Simon Boulet

WebCT Campus Edition 4.1 suffers from cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 9811273a7d7f6f67502a55786b4bd23a23642644d3f8eaebf2dc404d231626bb
RSTACK-20040325.txt
Posted Mar 27, 2004
Authored by Rstack Team | Site rstack.org

Rstack Team Security Advisory RSTACK-20040325 - Nstxd has been found vulnerable to a denial of service attack due to a null-pointer-dereference.

tags | advisory, denial of service
SHA-256 | d4de4aa22804d1da1775735c057713af54e0dd21b46baab500dfe906cb86973f
bloggerXSS.txt
Posted Mar 27, 2004
Authored by Ferruh Mavituna | Site ferruh.mavituna.com

Blogger from Google has a cross site scripting flaw.

tags | advisory, xss
SHA-256 | 8a582098eeb59bd8ee61257aed05f705b240695f0136b5bdd5944e557c59a20b
bblog.txt
Posted Mar 27, 2004
Authored by penfold

Bblog has a cross site scripting flaw.

tags | advisory, xss
SHA-256 | 32065e8690bb819df575b5e57206a3b622828287600f3749bf4ad343d7161ca6
freshmeatXSS.txt
Posted Mar 27, 2004
Authored by Debian

Freshmeat.net is susceptible to a cross site scripting flaw.

tags | advisory, xss
SHA-256 | 0acf352dab31c6e061e50dc8a25ba3eb01934bd42ab791295c9e099c147490cb
etherlords.txt
Posted Mar 26, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Etherlords I versions 1.07 and below and Etherlords II versions 1.03 and below suffer from a bug where reading of unallocated memory causes a crash.

tags | advisory
SHA-256 | 86d3b03376e87dd21664999646d2de080f050a5eaf1a4eef7312f4c720bd382a
vz012004-esignal7.txt
Posted Mar 26, 2004
Authored by insect | Site viziblesoft.com

VizibleSoft Security Advisory #2004/01 - eSignal versions 7.6 and 7.5 have a stack based buffer overflow in the WinSig.exe binary, allowing for remote code execution.

tags | advisory, remote, overflow, code execution
SHA-256 | ea68e78e59e75709cc5a6d65db16bdb0f0f2c6c08fe4e58d8ddfdfd63c93aebd
camelot.txt
Posted Mar 25, 2004
Authored by Todd Chapman

Dark Age of Camelot from Mythic Entertainment has flaws in the login client that allow an attacker to read customer information via a man in the middle attack. All versions below 1.68 are affected.

tags | advisory
SHA-256 | 938ec52b9910ec712a9ae408928faa55114e1ca98b4cdd97e839580cee070a63
picophone163.txt
Posted Mar 24, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

PicoPhone versions 1.63 and below have a buffer overflow in their logging function that allows an attacker to take over the server.

tags | advisory, overflow
SHA-256 | 272375c297125602b9c603522ebc037890efc0a2961dea48470bef45f3d0af4c
Rapid7 Security Advisory 18
Posted Mar 24, 2004
Authored by Rapid7 | Site rapid7.com

Rapid7 Security Advisory - OpenBSD isakmpd payload handling is subject to multiple denial of service vulnerabilities. Known vulnerable: OpenBSD 3.4 and earlier, OpenBSD-current as of March 17, 2004.

tags | advisory, denial of service, vulnerability
systems | openbsd
advisories | CVE-2004-0218, CVE-2004-0219, CVE-2004-0220, CVE-2004-0221, CVE-2004-0222
SHA-256 | 8da0f659cc2f01757fe76a02ef81c99462ce0723e0c7b0c9c6d5be0d74ba2547
solaris_kernel_vfs.sxw.pdf
Posted Mar 24, 2004
Authored by Sinan Eren | Site immunitysec.com

Immunity Security Advisory - A vulnerability lies in Solaris 2.6 through 10 that allows a local user to load kernel modules without being root due to a directory traversal problem in vfs_getvfssw().

tags | advisory, kernel, local, root
systems | solaris
SHA-256 | 5c936a09f4f3f66b70760fb5d3f874837bb9b5030610fd82f6ddf49325674c4f
terminator3.txt
Posted Mar 24, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Terminator 3: War of the Machines version 1.0 for Windows has a broadcast client buffer overflow that results in a game network denial of service.

tags | advisory, denial of service, overflow
systems | windows
SHA-256 | 5bbd57e0ea47f9ad7dbc552039e2126709a71fe804eaa6a809e07653ccee4b47
dtlogin.sxw.pdf
Posted Mar 24, 2004
Authored by Dave Aitel | Site immunitysec.com

Immunity Security Advisory - A double-free weakness in the XDMCP parser of dtlogin (CDE) results in remote code execution against popular server operating systems, such as Solaris. This attack is performed over UDP port 177.

tags | advisory, remote, udp, code execution
systems | solaris
SHA-256 | 34a2ff7508addcf429bd6658dd04890ff4df50eab6a7461c5b52a69bb51e0b7d
Page 1 of 4
Back1234Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close