Netscape Communicator find() vulnerabilities allow remote attacker to use JavaScript and HTML to read user cache, browse user directories, much more. Exploit code examples and workaround included.
4f61dc62dc914e8d4aed2e5fd85dd0c61fdab87c003607e464c6c4a7b28f862fWindows NT Case Sensitivity vulnerability allows any non-privileged user to use the permissions on the "\??" object directory and to exploit the case sensitivity of object manager and trojan any system executables. Windows NT 3.51, 4.0, and 5.0 are all vulnerable. No fix.
725eb61400f085ff8b5dd8d1473df4a7d602bf39b3489c0fffd4a8a3e8029895Windows NT Domain Denial of Service attack and Security Exploit with SAMBA Server. Detailed descriptions of problems and suggested solutions included.
88c73f58b148c07c8df0d14cd46d14e7b7f650cce27784508aa7f63fd11327dbWindows NT 3.51+SP*, 4.0+SP*, and 5.0b1-b2 screen saver vulnerability in Winlogon.Exe does not properly check for errors, allowing non-privleged user to gain access to admin group.
1da52ee8837a339891a2f9624d9c20d7a7e132cde5dcfe910a9552bb925cd5b1Microsoft's Index Server 2.0 allows anybody to discover the physical path to directories being indexed, or if a directory found in a network share is being indexed, they can learn the name of the machine on which the share resides and the name of the user account used to access that share on behalf of Index and Internet Information Server 4.
1d0ab1349677a5f4764c564c47751f2d857b11dce433226ba5d17336d4e2c794The Microsoft Java Virtual Machine that installs with Internet Explorer from the Service Pack 4 CD is NOT Y2K complaint.
3f4a2cd53320931c771db2a79f87f4326e707943d0d320721ec1a81a0edeb029Windows NT Service Pack 4 is not Y2K compliant??? You might want to hold off on that network-wide deployment .... or did you already make the mistake?
245df61576ec612d1d83752f8e01edf4ea0c1ae11796a6edb4517c72f5db0b37OpenSSL and SSLeay Security Alert - packages that use SSLeay and OpenSSL may suffer from a security problem: under some circumstances, SSL sessions can be reused in a different context from their original one. This may allow access controls based on client certificates to be bypassed. If you are using SSLeay, OpenSSL, Apache-SSL, mod_ssl, Raven, or Stronghold, among others, then read the advisory and upgrade your software now.
1efb63aab27a6aaf28524bf45ff14185f654030c448b36063be1901e3d62865fOracle 8.0.3 Enterprise Edition (maybe other versions too?) for Windows NT 4.0 leaves master password in plaintext and world readable with each new database creation.
db8b9c512d33d204a6583b78cb9853857031781ad3f23c0e1cafa36c7f9d06c4Add-in components for Microsoft Outlook such as custom forms or folders, even though supposedly password protected, are left in memory as plaintext.
bb9bea9113fcd786108221755b1a6bfb4df38ad994ed208900d4fa116d694ca0Mainstream press coverage of the "Major UNIX Flaw" referred to as "process table attacks" that we have all known about for quite some time. This ZDNN article though includes comments by Simson Garfinkel, Gene Spafford, Steven Bellovin, Bill Earl, and Peter G. Neumann, among others. Good read.
6a80c85f4aedc5d6d3853a9ffcc0117707da0f28c17d9a59450e82c1921d620cProMail v1.21, an advanced freeware mail program spread through several worldwide distribution networks (SimTel.net, Shareware.com and others), is a trojan. More details will follow as we investigate this matter ourselves.
6e87a410f79e2131996d7919cd91cb30c39bd6dd93b3f4d18dd281969449b947Demonstration exploit code for the Linux Blind TCP Spoofing Advisory just discovered/released involving Linux kernels <= 2.0.35. Check the files out for details.
e85dc6dfaf0e8f7119f3a60865ce18e6c6ac5bffc7cbc8358c6e1929283d5fa8bouncer to user with wingate or socks proxys.
775c1ffde2c192b8ecbd9df1646ab8bd9d45b5f0fe4cd7a606cfd4757bbe41beSCO OpenServer exploit shell script that allows non-privleged user to erase any file on the system.
3c08620145706430fd5e60cf19851ba25bcba0543fa3a235fa893388a90168ecDenial of Service exploit code (and patch) for Linux 2.1.89 - 2.2.3: a zero length fragment bug permits remote attacker to effectively disable a target's IP connectivity.
cdb222f4e08850d179b9100dfd9348bd964db504b3436ce7d25edd83a7bd8660Shockwave 7 sends personal user information, including passwords, back to Macromedia. Macromedia, like Intel and Microsoft have responded when confronted with recent similar revelations regarding Big Brotherish privacy invading software/hardware, claims ignorance and promises to release a patch RSN (real soon now).
4ad7942b027dadac7c6ac13abc60e8ba10345b60c66b8d8ad9afb13c6e72a27bSMTP server account probing by Earthonline's GeoList Professional software compromises all common user email accounts.
6399ef1044e4ed4300053b270815830f4ea53beb3f955ec3c41636fb6cfeacd364 bit Solaris 7 procfs vulnerability allows any non-privileged user to execute local Denial of Service attack. Simple exploit description included.
447321c4fb047172a26bba8c3a4b71da7552db502332d609284160cc76ce6964Exploitable buffer overflow exists in all versions of Solaris 2.6 and 2.7 (possibly other Solaris versions too) /usr/bin/write program.
e1373957c5904946c05e77ecf128c1362da8f2ca7c76114e4affe96ba316c016Linux Blind TCP Spoofing Advisory: An implementation flaw in the Linux TCP/IP stack allows remote attackers to forge TCP connections without predicting sequence numbers and pass data to the application layer before a connection is established. Linux kernels <= 2.0.35 are vulnerable.
b7b2b6d8172bb4e203ee67317afea8e0592ce0328f3010c237d3a876a8f49e9fSeapine Software's TestTrack bug-tracking software (how ironic!) contains several security vulnerabilities that allow remote attackers to retrieve userids and passwords, and to launch Denial of Service attacks. Exploit descriptions included; no patches or fixes available.
bc982c9d60651a11f326311cef44d34dd4ccf77444861fa4c7d5944956b73c48WarFTPD v1.70b1 stores all user passwords in plaintext.
795a70c6d975a2fbcd03bb867d5f134dc33a48e4865bc3ac8e68e567851b0cd2wu-ftpd v2.4.2-beta18 remote root exploit code.
ff5f289be4b8d331af7c9e7046de74ca38af956f91541790b9a0232b832d89c4A Time/Date bug in ALL Windows Operating Systems can prove to be a killer. Read this depressing, yet humorous, advisory. A classic.
8d520e6615c0aa38b97e3dec1bf40a0a4cf48585c2c93381935c25b6ebe97f58
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed