Sun Solaris 7 Useradd program contains a y2k bug in the '-e' expiration date parameter. Vendor fix included.
163924f7d262fbb98b12317a4658018f6d1da242226b7eaed1cfe8d04d869eb9/tmp directory symlink vulnerabilities in SuSE Linux 6.1 allow malicious users to create/overwrite arbitrary files. Numerous security implications.
308310efde8705a944870a702341bb4dd8c36288d75cec6064c0ce67a90c2919Core router TCP MD5 option leaves several router operating systems open to 'TCP connection choke' denial of service attacks.
cbe76d3e04caee5a104c39b8454a8c0f2646d67166dc9fdb403a893aa6d55891tcpdump v3.4 is vulnerable to a remote denial of service attack when hit with IP packets with Protocol-4 and ihl=0. Exploit description and patch included.
3b38d80728fc2856ef661f6e547907ba65719b6ba7b6b840549d99cae8682134UNIX port of the eEye NT4+IIS4 URL buffer overflow remote exploit, coded in C.
3397266642014e8f2162eab579ab1c4eee1e65882fd0712630dfc4d3223a8eb3Security hole in Trend Micro's InterScan 3.0 FTP Proxy allows anybody to log in to the FTP proxy, and does not allow connection filtering. Disabling the FTP Proxy Server cripples the software. No vendor response.
ab97d13c6b792b80981b64ad7c2964771459ee515cb688cb03a05a8cef1da3e5VMware for Linux v1.0.1 and earlier contains a security hole that allows malicious users to gain root access through an exploitable buffer overrun attack.
bd954c5e3a9cdfde443d0997fdbd3d7f5441c9be493905ada15daf700182dfe9The whois_raw.cgi perl script included in all freeware versions of the cdomain package allows remote attacker to view/retrieve any system files, such as /etc/passwd, and to execute commands. Exploit descriptions included. No fix available (unless you buy the latest commercial version).
6ed1a793045dc56df4418e0b293b2b3111c85a8ee6014137ee015cf366dd5294Windows (networked) PRN flaw allows any user to create files and directories that cannot be deleted. Recommended fix and KB article info included.
d45204e478dbab4609928cd1bb6eebdb60d4ce7c3a4c57c5df4cec0f20b85fa8Excellent and detailed analysis of the 'Worm.ExploreZip' trojan/worm that is wreaking havoc all over the world at an alarming rate.
48153de3b1b61f9b37e261a3ec2cabc5593b85b2aa89c9b07e92d902ed94e340Intel (x86) version of the Solaris sdtcm_convert buffer overflow exploit that leads to root compromise. Vendor patch available.
3e7269f5c0d92230ce57b19725d9fd4b4d59d52962726ff328feed787e5b6f9eBack Orifice server and fake server UDP packet flooder, with random source functionality, that quickly crashes BO servers, NoBo, FakeBo and possibly other BO-related programs. 4k.
104776eefe0ede05e0ccb7e8623568a9b640ce757f3b6c936c7af8816f3d65b6Windows NT 'neverending quantum' bug allows any local user to take advantage of Microsoft's multi-thread code design to bring NT machines to a quick halt. All versions of NT affected. No vendor fix. Exploit code included.
b8ef621e83c64fb23c232e29a04ccc2d1b61f1c2b392fe0cca4fad58216a0244fingerd denial of service exploit code. Linux binary (i.e. execute at your own risk).
b60fdf11aef66f2d86a47aeb9709ad31d7e13911ec206a521470d74cf21657bdSpoofs ICMP packets containing +++ATH0 which will cause some modems to disconnect.
f15e06ea3d66d30a4a8a5a638f80b1caa86ea8c99ec064e1fa77b49c783438cbA generic banner scanner that can be modified to scan remote systems for banners of any vulnerable software programs desired.
b8f3ec36c74322cbb8e0747941d7ee364b71e7ad9d8eb8b37d28b52e78b12310gscan is a generic banner scanner for windows, class A greps for any banner on any port. For Windows.
c3f1222f8132172fb9cef0ff3a47ee941d0d8c1b0a19cd5c66dcdbb5d6d32a72Perl script that scans a given list of hosts for Cold Fusion security vulnerabilities.
5f21a5f8109fdb84ad646ea46be3e56e77fbc14b708cd86f85e69a52bac4c914IIS Injector for NT is a custom C port (for Windows NT) of the eEye NT4+IIS4 URL buffer overflow remote exploit that allows the attacker to select any desired "payload file" for targets.
cf07c27e07c4631471fc40c39ed847d5e17110a03f3f8f3716659e58cb1a7386Perl exploit code port of the eEye NT4+IIS4 URL buffer overflow remote exploit.
f419657a242d3e5d91e6007bb9d04c2045f4df844e3d09e70230dffda4f888adPerl exploit code port of the eEye NT4+IIS4 URL buffer overflow remote exploit.
451a7cea47a609441f25a7c9436144c327157cbda93b944daf70e75fd5fba0b8asm source code for the eEye NT4+IIS4 URL buffer overflow remote exploit. Use with one of the ncx* files.
11759f245563a0a577e93805db9657a7e367501a6b60fb28aa65fcb2ed054e04Executable eEye NT4+IIS4 URL buffer overflow remote exploit program. Use with one of the ncx* files.
d285726fc63c31e1e2f636ea8777450b6d158051c05201b7d4200dc46f474b37Security hole in Windows NT 4 Server and Microsoft IIS allows any Internet user (IUSR_COMPUTER) to change any users password, including the administrator password. Root compromise. No fix yet.
b9bc1d482dfd500af3712ba8c0d5b923354b7d8747117294b47200c8a254dee8KDE K-Mail mail user agent software creates insecure temporary directories that allow local attackers to use symlink-based exploits to gain privileged, potentially root, access. KDE patch available.
5af14f4df9c73108034bed388958c19388356f5d032b97bee6e6843715cf8e0a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed