what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2002-12-21

eeye.flash.6.0.65.0.txt
Posted Dec 21, 2002
Authored by eEye Digital Security | Site eEye.com

Macromedia Shockwave Flash Malformed Header Overflow #2 - Macromedia Flash Player versions less than 6.0.65.0 allows remote code execution via HTML email and web pages. Fix available here.

tags | advisory, remote, web, overflow, code execution
SHA-256 | 018888a6c288f72d88dd0f5fddd22ecea22e5d438947c9dabdd5059490d624a6
iDEFENSE Security Advisory 2002-12-20.t
Posted Dec 21, 2002
Authored by iDefense Labs, David Zentner | Site idefense.com

iDEFENSE Security Advisory 12.20.02 - Microsoft"s Hotmail service contains cross site scripting vulnerabilities which allow session hijacking and arbitrary action execution.

tags | advisory, arbitrary, vulnerability, xss
SHA-256 | aafa3e18425d9f046e54dc567ee2fcce025cf56610f8af6c1a137a6f802f4eca
real.helix.9.0.txt
Posted Dec 21, 2002
Authored by Mark Litchfield | Site ngssoftware.com

RealNetworks Helix Universal Server v9.0 and below for Windows, FreeBSD, HP-UX, AIX, Linux, Sun Solaris 2.7 & 2.8 contains buffer overflows which can cause code to be executed as SYSTEM over tcp port 554.

tags | advisory, overflow, tcp
systems | linux, windows, solaris, freebsd, aix, hpux
SHA-256 | b39acaf9964d4389121ef064fdeeef266502772719c45556094be1fe82988b89
tmpwatch.txt
Posted Dec 21, 2002
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

Common use of 'tmpwatch' utility and its counterparts triggers race conditions in many applications, sometimes allowing privilege escalation. Includes information on races, file removal, fixes, and more.

tags | paper
systems | unix
SHA-256 | b15d4299f68a0564b2dbf1976f2695381bb7cba4b78e5f66221c135ce941492e
enceladus-3.9.11.txt
Posted Dec 21, 2002

The Enceladus Web and FTP server suite for Windows below v3.9.11 contains a buffer overflow which allows remote command execution. More information available http://www.mollensoft.com.

tags | advisory, remote, web, overflow
systems | windows
SHA-256 | bc56ff8f7fcff42ba61b72dc3e45978976994ff033fe3cee6516d6863ba75f6e
php-nuke_mail_crlf.patch
Posted Dec 21, 2002
Authored by Ulf Harnhammar

PHP-Nuke v6.0 allows remote users to send email to any address on the internet by entering malformed email addresses. Patch included.

tags | advisory, remote, php
SHA-256 | f324c19dbb506141832f85077a736850e56b7b492f689c7d1dbbcc19a71e156e
oss-00001.txt
Posted Dec 21, 2002
Authored by Burn-X | Site opensourcesecurity.com

Pine v4.44 contains a local buffer overflow in the -x command line option.

tags | advisory, overflow, local
SHA-256 | 1ef3e1c8a908d842ce87bbcf654b3e3ef0f8778d1b327a332d6955a77aa0658f
CA-2002-37.windows.shell
Posted Dec 21, 2002
Site cert.org

CERT Advisory CA-2002-37 - A buffer overflow vulnerability in the Microsoft Windows Shell allows remote attackers to execute arbitrary code via malicious email message, malicious web page, or browsing through a folder containing a malicious .MP3 or .WMA file. More information available here.

tags | remote, web, overflow, arbitrary, shell
systems | windows
SHA-256 | b026b59e3f14b7596aad9085a7b4d8183bb3649a364863979123a168facb9351
CA-2002-36.ssh
Posted Dec 21, 2002
Site cert.org

CERT Advisory CA-2002-36 - Multiple vendors' implementations of the secure shell (SSH) transport layer protocol contain vulnerabilities that could allow a remote attacker to execute arbitrary code with the privileges of the SSH process or cause a denial of service. The vulnerabilities affect SSH clients and servers, and they occur before user authentication takes place. OpenSSH is not vulnerable. More information available here.

tags | remote, denial of service, arbitrary, shell, vulnerability, protocol
SHA-256 | fc2411c6232f4bec9861e44cc3a10cda790c69eb0b22484d00b48e73b52c0feb
iDEFENSE Security Advisory 2002-12-19.t
Posted Dec 21, 2002
Authored by Zen-Parse, David Endler, iDefense Labs | Site idefense.com

iEasy Software Products' Common Unix Printing System (CUPS) vCUPS-1.1.14-5 to 1.1.17 contains an integer overflow in the CUPSd interface which allows attackers to gain the permissions of the LP user and the sys GID. In addition, a race condition allows any file to be overwritten as root. Affected systems include Red Hat 7.3, 8.0, and OS/X 10.2.2.

tags | advisory, overflow, root
systems | linux, redhat, unix, apple, osx
SHA-256 | 7c6ba1d4608fa090e656e197e22e24c9627af18d3d3a39b6434f0b189bc7eae8
polycom.auth-bypass.txt
Posted Dec 21, 2002
Authored by Tamer Sahin | Site securityoffice.net

The Polycom ViewStation FX set top video system allows users to change configuration of the video conferencing system. A bug introduced in the Polycom ViewStation FX Release v4.2 allows users full access to the video conferencing system including changing the admin password.

tags | advisory, bypass
SHA-256 | efc1399c213252cbb952cdd78a552988b8c768fd731044eb40928f453a8af4c3
smbrelay.cpp
Posted Dec 21, 2002
Authored by Sir Dystic | Site cultdeadcow.com

Smbrelay.cpp is a TCP NetBT level SMB man-in-the-middle relay attack for Windows in c++ which uses Winsock.

tags | tcp
systems | windows, unix
SHA-256 | 25be6d08cf50dae600f844fd91c3a35cfea28bd3048af0b343fac39a45b76dee
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    16 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close