Some areas of the Cobalt XTR UI are not .htaccess protected, allowing remote users to exploit the MultiFileUpload.php remote root vulnerability. Requires shell access to exploit. Includes a perl script to base64 encode the time for filename guessing.
0335dc5f5c37c8c68507a7da7f1bc5e9845dec9c23e2c1867d5f13a90ff49b69FreeBSD Security Advisory FreeBSD-SA-02:17 - The mod_frontpage port prior to version mod_portname-1.6.1 contains several remotely exploitable buffer overflows in the fpexec wrapper, which is installed setuid root.
6baaa26e93cb19abe4d52eaea219513b94a7b57aba7a390dac5d9e0085650a3bFreeBSD Security Advisory FreeBSD-SA-02:16 - Versions 4.76 and earlier of the Netscape browser will execute JavaScript contained in gif and jpeg comment blocks, allowing a hostile web server to see what is in your cache.
01e68c967241355e54d0dbda9dfd7c8b5b192f70e3f4324fc7e3b5072fa315c0FreeBSD Security Advisory FreeBSD-SA-02:15 - The port of the cyrus-sasl library prior to v1.5.24_8 contains a format string overflow in the syslog() call. Applications linked to that library could be affected.
ca1331948c84e83bcb66af1dcea4f17326b3ce7aa470a48f16bd1f4ffb9e66d8FreeBSD Security Advisory FreeBSD-SA-02:14.pam-pgsql - The pam-pgsql port prior to v0.5.2 contains a vulnerability which allows remote users to cause arbitrary SQL code to be executed because the username and password given are inserted into a SQL statement with no safety checks.
6e3b0e22ccea6f55953d641696c316bff3e1aa4a2c38403ddae911b7abdcd9c8CERT Advisory CA-2002-07 - A bug in the zlib compression library prior to v1.1.4 manifests itself as a vulnerability in any of the many programs that are linked with zlib, and allows an attackers to mount a dos attack, gather info, or execute arbitrary code. Passing a specially-crafted block of invalid compressed data to a program that includes zlib, the program's attempt to decompress the crafted data can cause the zlib routines to corrupt the internal data structures. Fix available here.
027ea4a9b9fc60c7fe3a2fa2e98a44ecd8a73fe17a8674c2a37e4e3c66be400ePtrace2.4 is a local root exploit for linux kernels prior to v2.4.9 and 2.2.20.
e985a2a3cfca07b197336e769c86daa09d889ea8c80b3e00fc8291655c670ba1Wellenreiter is a GTK/Perl program that makes the discovery and the auditing of 802.11b wireless-networks much easier. It has an embedded statistics engine for the common parameters provided by the wireless drivers, enabling you to view details about the consistency and signal strength of the network. A scanner window can be used to discover access-points, networks, and ad-hoc cards. It detects essid broadcasting or non-broadcasting networks in every channel, automatically switching frequencies. Wellenreiter can run on low-resolution devices that can run GTK/Perl and Linux/BSD (such as iPaqs).
c9b6dc3395ff1b64fbe2b8c00b21bac822f84ceb255603b81ce306b90c3453cdPHP Nuke v5.5 has a cross site scripting vulnerability. Exploit information included.
ea0a2f907d32e11a8d8ea2a9d231190a234851a4b50bf5f9b2a309b314e8c10aHhp-qtip.c is a local root exploit for /usr/bin/tip on BSDI 4.2. Requires access to tip, usually gid(dialer).
68b298f994c8c477f0f7455e566dc8f16aa96901ae020b249e0593c73d2ca8d6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed