Microsoft Security Advisory MS02-010 - In a default state, Commerce Server 2000 installs a .dll with an ISAPI which contains an unchecked buffer in a section of code that handles authentication requests. An attacker who provided authentication data that overran the buffer can cause the Commerce Server process to fail, and run code in the security context of the Commerce Server process. The process runs with LocalSystem privileges, so exploiting the vulnerability would give the attacker complete control of the server. Microsoft FAQ on this issue available here.
13acc758ec0aebe2aa7aa112e8ab8bc8d4512fc7efc589f1393909ea2d5dc852Microsoft Security Advisory MS02-009 - A flaw in how VBScript is handled in IE relating to validating cross-domain access allows scripts of one domain to access the contents of another domain in a frame. A malicious user can exploit this vulnerability by using scripting to extract the contents of frames in other domains, then sending that content back to their web site. This would enable the attacker to view files on the user's local machine or capture the contents of third-party web sites the user visited after leaving the attacker's site. The latter scenario enables attackers to learn personal information like user names, passwords, and credit card information. Microsoft FAQ on this issue available here.
0f91c98cf38ca26e32abe4c063436cd307d46cf297f3bdc535e9b7ecf3de48a6Microsoft Security Advisory MS02-008 - Microsoft XML Core Services (MSXML) contains a flaw in how the XMLHTTP control applies IE security zone settings to a redirected data stream returned in response to a request for data from a web site. A vulnerability results because an attacker could seek to exploit this flaw and specify a data source that is on the user's local system. The attacker could then use this to return information from the local system to the attacker's web site. Microsoft FAQ on this issue available here.
c0e00ca988120d2309541ceb71c2dd6a8a34a3ad5082c48b7b901fc36081ab0eFreeBSD Security Advisory FreeBSD-SA-02:12 - The Squid port prior to 2.4-STABLE4 (port version 2.4_8) contains multiple vulnerabilities, one of which allows authenticated users to overflow buffers.
1a89bdd97fc0eaf82c8056c30c781e3f2f7edf55cdeccb3df1b3340926245421Microsoft Security Advisory MS02-007 - Microsoft SQL Server 7.0 and 2000 contains an exploitable buffer overflow in the handling of OLE DB provider names in ad hoc connections. An attacker could exploit this vulnerability in one of two ways. They could attempt to load and execute a database query that calls one of the affected functions. Conversely, if a web-site or other database front-end were configured to access and process arbitrary queries, it is possible for an attacker to provide inputs that would cause the query to call one of the functions in question with the appropriate malformed parameters. Microsoft FAQ on this issue available here.
9b4b236cd59f9142f6879b0a7f0d611db26549f96ce7f10ea6b05cc04d84c63aTimbuktu Pro 4.5 Build 869 and below stores the usernames in clear text in an unlocked file, allowing anyone to replace the tb2.plu file with one created at home with a known username / password combination and no restrictions at all. After a restart of the Timbuktu application it reads the new user / passes from the file, granting the intruder full administrator access.
0463c1c6762ce3fad56297e7af028a4c466c4889129d7ab93da7f9adefa2c80dUDP backdoor which uses raw sockets. It spoofs the packets origin address when communicating with the server end of the backdoor. It also uses encryption, and has several methods of security through obscurity.
c84875544294e85bde768b70f200475f01b28053bea5c7a746232b3cfa5fdda3mIRC Backdoors - An advanced overview. Backdooring somebody's IRC client is *not* "cool". You are not "leet" if you do this.
3d8c91e3b9cb67a3f87cb0310d63ee8f1728f97f8400d481ee8d804e0f1b94dbPHP for Windows Arbitrary Uploaded File Execution - PHP version 4.0.4 and 4.1.1 for Windows allows attackers to run arbitrary php code on the server.
4f19ac5dcb05f3745e076864142537fab80c6bdfa2cc745c76bb66411f064b357350854 - x86/bsd telnetd remote root exploit which takes advantage of the AYT buffer overflow. Tested against BSDI BSD/OS 4.1, NetBSD 1.5, FreeBSD 3.1, FreeBSD 4.0-REL, FreeBSD 4.2-REL, FreeBSD 4.3-BETA, FreeBSD 4.3-STABLE, and FreeBSD 4.3-RELEASE.
042fbb8216e3f92fad1e57df03d06a841a1450db42a5c0124584533b112dc627
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed