Local exploit for the SUNWlldap library buffer overflow vulnerability on Sun Solaris x86.
9741295723632b8059de0525584841db6e2fb91f9d27d52e0c0d9caf0562ad64Packit offers the ability to monitor, manipulate and inject IPv4 (and soon IPv6) traffic (TCP/UDP/ICMP) on and into your network. This can be valuable in testing firewalls, intrusion detection systems and in general TCP/IP auditing. At the comment Packit can be run using one of two modes. packet capture, and IPv4 packet injection. Packit is dependent on libnet 1.1.0+ and libpcap and has been tested with numerous FreeBSD and Linux kernels.
bb1010dd3019726b778a6ca1ad09bb5a11a141ea0260a0fc581292dfbebb2b45Atstake Security Advisory A031303-2 - Nokia SGSN (DX200 Based Network Element) is a platform that exists between legacy GSM networks and the new IP core of the GPRS network. The SGSN, or Serving GPRS Support Node, is vulnerable in that it allows any attackers to read the SNMP options with any community string.
a743e83228a8aa4690b234f2fa9cd8ae048f018026c6d5f4f2c72ee4558edd4dAtstake Security Advisory A031303-1 - A stack buffer overflow exists in the Connector Module that ships with the Sun ONE Application Server. The module is an NSAPI plugin that integrates the Sun ONE Web Server (formerly iPlanet Enterprise Server) with the Application Server. Incoming HTTP request URLs are handled by the module and an unbounded string operation causes the overflow.
d3e56ce7b90eff64e31f495c396f7513465f86ec2348d3cd53df4ab0ba8e61dcRapid 7 Security Advisory - In July 2001, the PROTOS protocol testing group at the University of Oulu in Finland released an LDAP protocol test suite that exposed flaws in LDAP implementations from multiple vendors. Lotus Domino R5.0.7a addressed these issues but regression testing on the R6 Beta release shows that it is still vulnerable to the issues PROTOS discovered. Vulnerable Versions: Lotus Notes/Domino R6 pre-release and beta versions, Lotus Domino R5.0.7 and earlier versions.
cdbcbb8ace4dd1eac056a47326a4c7d94f7ee4cee734a2d5b0c50984a1c31022Rapid 7 Security Advisory - The Lotus Notes/Domino Web Retriever functionality has an HTTP Status buffer overflow. By issuing an overly long status message in its HTTP response, a remote server can crash the Web Retriever process. The response line consists of the standard HTTP version and code followed by an overly long (~6000 bytes) status message, followed by two carriage return/linefeed pairs. Vulnerable Versions: Lotus Notes/Domino R4.5/4.6/5/6Beta servers and clients.
3f2e0431aa427592a575437b66bdc0a85215a479d21c84a10bf295c095007de3Remote exploit for Apache + OpenSSL v0.9.6d and below. This exploit is based upon the openssl-too-open exploit by Solar Eclipse and offers more than 130 targets including various flavors of Linux.
3a5210e98085c90e9f463fc1ab409702683f014b9cd595a3baf694c9a429a289Remote CGI exploit written in Perl for Cpanel 5 Guestbook. Spawns a bash shell with the uid of the webserver.
ca9f2885c908445eb60e8177358c48d394aa727280a6bb55d5f86eff26d45bb7A paper written on timing attacks against OpenSSL 0.9.7. In this experiment, it shows that the extraction of private keys from an OpenSSL-based webserver is realistic. Monitoring about a million queries allows an attackers to remotely extract a 1024-bit RSA private key.
3d4961ee75c84a008149b8dd877da26a4c5981aca08e27f73afa074a0c1cf0a5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed