Packet Storm new exploits for February, 2005.
191da9ffce9c9d89dc8e51895a6ec83a809653dcc1b497f0d0af65dc61cfbda4BadBlue webserver version 2.55 remote buffer overflow exploit. Tested under Windows 2000 Professional SP3/SP4 Spanish, Windows 2000 Server SP4 Spanish, and Windows XP SP1 Spanish.
fe7238baf095c01f92cdae15b943f6068e411290a7891e914c4bab324c9f43f7BadBlue webserver version 2.5 is susceptible to a remote buffer overflow vulnerability that allows for code execution. Full exploit provided.
73a20d2002ca46bb0adf0da831ff0b843279055c07ced4db282a219e1074b5fbKnet versions 1.04c and below are susceptible to a remote buffer overflow vulnerability that allows for execution of code. Exploit provided.
60916343a3d935b16e07490d6a9c71a0069c13e49589207f3b8f49047e798544CIS WebServer version 3.5.13 is susceptible to a classic directory traversal attack.
93df2506c88017d0e9da0fc1375ee927b8269b2b7e995a36e0a7764f710afd3aImproper handling of several arguments in the moderate.php code in punbb version 1.2.1 allows a malicious moderator to inject arbitrary SQL statements.
6bdc9357ff20bb7f7303ff83fef6913311150b993239cb8d7c76abff375397bdDue to a flaw in punbb version 1.2.1, a remote attacker without an account can set the password of any user on the system to NULL, effectively shutting them out of the system.
3034c8b9bfd452eee66b4d3131399bf4eb4662a52606ffdf7b798f4fc2a8493fA remote attacker can cause register.php punbb version 1.2.1 to execute arbitrary SQL statements by supplying malicious values to the language or email parameters.
50193fa1b4c0adde13ec79fb65995c4f0740db19db311771e4c52fb259438b50Proof of concept exploit for a denial of service flaw in Soldier of Fortune II versions 1.03 and below.
c5e8573170e032f3f72a70f8901f7faed97c2e1fc56704d4f40e1c4de77b80e3phpMyAdmin versions 2.6.1 and below suffer from remote file inclusion and cross site scripting flaws. Detailed exploitation given.
9f0143a5f3ebf05e88c5f0394ce572ec703356e04312c6052f687970cd284f6cThe Cyclades AlterPath Manager (APM) Console Server has design flaws that expose restricted consoles to unauthorized APM users, allow any APM user to obtain administrative privileges, and provide detailed system information to unauthorized users.
cc0a5901c66788e7f89de06b9bfc9207dd869543df84240254df06245109d1bdwu-ftpd versions 2.6.2 and below file globbing denial of service exploit.
aef936eb0d14e525d6b2d01ab0a0e40e28fbaf9287e89142dcf8c7c027d47f62Remote pluginmode command execution exploit for AWStats versions 5.7 through 6.2.
a82a72fd891c5a191c588719e00bd1107ef2daed56cb475e9bf979f5be6ae538Avaya IP Office Phone Manager exploit that attempts to extract sensitive data from the Windows registry.
ff0a4079c402c4cf0790dcb6c7d725ce9160fd962b77a2c52670e8f2f6179804WebConnect remote exploit that makes use of a directory traversal vulnerability in versions 6.4.4 and 6.5.
2d547bdd62b6ceb8e18c55857e4b388aefd9f219e6a9f3609806e27395367f24WWW File Share Pro version 2.72 local exploit that discloses passwords.
81eaeb644c226a7688b86697632cd0330ffd01eabac0e89cc20d8c0a47bf8a32Chat Anywhere version 2.72a local exploit that discloses passwords.
eccaa791eb33b884cb920670795cbca9584e20bf600e2d9f825f3beea963b7f9SendLink version 1.5 local exploit that discloses passwords.
37e5ea50633ffc6f0e2798bfeaa612f1e2eacae8a144ea3f98370b29c3a636dbeXeem version 0.21 local exploit that discloses passwords for proxy settings.
e3a6ae0ffe766a9ec580e9b32d00e00cbf99b913d2bf2c743ce35d446a4a6729Multiple information disclosure and possible SQL injection vulnerabilities have been discovered in iGeneric eShop 1.2.
f59d229f8ecc21f0abcef8bb3ede37c092a780a456329ed165f078318f19dc81SD Server versions 4.0.70 and below suffer from a classic directory traversal flaw.
0a6a0e0996717aed2c5d24bdc18e0f7e391365c5aca6a7f0b5c1f67e4b43cd99Bontago versions 1.1 and below remote exploit that makes use of a buffer overflow when a nickname longer than 512 bytes is sent.
3de0fc3cba9cb28bfb5fc6dd46c632438e39b87cdce96b3746fd833a07415d82Xinkaa WEB Station versions 1.0.3 and below suffer from a classic directory traversal flaw.
ebdc7cfe17067a16d1cd49bab06187be027ee4a194a2543e9b8654794b765d49paNews version 2.0b4 is susceptible to remote php code injection.
7c3f4832b719cb2d10dcb657b087dcc5acf068569fbc8690a73599d620bd01bfUsing magic DNS, the domain name in the Internet Explorer titlebar can be exploited to trick users into visiting a malicious pop-up window. The weakness has been confirmed in version 6.0 on a fully patched system running Windows XP with SP2 installed.
f924acc6bb5e37cd8aa464442e76f36b69327f239e6558688048b36fb5c7246c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed