Angrypacket Security Advisory - The CGI rwcgi60 which comes with the Oracle Reports Server gives away the contents of several environment variables to attackers, disclosing version information and full paths.
0dfc187b0a6a2ff236da8d5333f2a0cdb6828869ef33bf29a0127ee64b318393A remove buffer overflow in IBM Tivoli ManagedNode v3.6.x through 3.7.1 allows attackers to crash the spider process or execute arbitrary code on TMR ManagedNotes. An overly long GET request results in a buffer overflow with registers being overwritten with user supplied data, resulting in code execution as SYSTEM on NT or root on Unix. Tested on Solaris 8 (Sparc).
8cfc7d24ca4e2b6ff9a79befe4e32557c6ab3305892f9376b8d975a511dce55cA remote buffer overflow in IBM Tivoli Management Framework v3.6.x through 3.7.1 running on tcp port 9495 allows attackers to deny service or execute arbitrary code. An overly long GET request results in a buffer overflow with registers being overwritten with user supplied data, resulting in code execution as SYSTEM on NT or root on Unix. Tested on Windows 2000 and NT4 SP6a.
e92e32242706e69a03bcae5286f23fa186f7abf143db928b16d7dc2496525c24Mercur mail server v4.2 remote exploit. The Mercur mail server's control service listens to tcp port 32000 and is vulnerable to a buffer overflow in the password field. Tested against Windows 2000 and XP pro. Sends a shell to port 3333.
5d47b93de6b6b5e44524436f14aa61eeae568221c556a2a9290570d4db621befX2 exploits the SSH CRC-32 attack detection code buffer overflow vulnerability that exists in SSH1 implementations. The exploit is distributed in binary form and has been encrypted. Includes 45 target types. 319 target types are available Fair Use Law 17 U.S.C.A 107
12258dcf8899d36e83ad1f68fd80e8b11b98188582068bf2c92b683f048f27117350wurm is a linux/x86 wu_ftpd remote root exploit for the double free() bug affecting v2.4.2 to 2.6.1. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107
61e426d8b881456407974cf5ba70fc5699bcc3a5684973685457044f14ce29c57350squish is a Linux / x86 Squid remote exploit. Tested against Debian Squid_2.3.4-2, squid_2.4.1-1, and squid_2.4.2. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107
c9d3a3dd4dd2f657e576ad62e4b0332e4678ac9a512951acc8c4fe28403a63efSolaris /bin/login remote root exploit for SPARC and x86. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107
9a7dc0465ec7420e64c78c101c235a1124f003775a78c77e6d511355683dc6897350fun is a remote exploit for mod_php v4.0.2rc1-v4.0.5 and v4.0.6-v4.0.7RC2. This exploit appears to be a revised version of the 73501867 exploit, which was written by the same author, contained less functionality and was not encrypted. Note: this exploit also causes PHP 4.1.2 versions to segfault. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107
8a1c0c6bcdd15226fa9559cd421b9ccc4eefd1e6864a6e563ecc6a07fb3258aa
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed