Alexandria versions 2.5 and 2.0, the open-source project management system used by Sourceforge, has multiple vulnerabilities in its PHP scripts. In the upload scripts there is a lack of input validation that allows an attacker to remotely retrieve any files off of the system, such as /etc/passwd. Other vulnerabilities including the sendmessage.php script allowing spammers to make use of it to mask real source identities and various cross site scripting problems exist as well.
3b8cd898c56ffd9fbcad5f8c4a643c6201ae0184608d07c89c46e5d1ba679c07CORE Security Technologies Advisory - A vulnerability exists in GNOME's Eye of Gnome versions 2.2.0 and below that is locally exploitable. When EOG is used as a default image viewer, it takes in the image name as a command line argument and in turn can execute arbitrary commands with the privileges of the user attempting to view the image.
1950228f33b065eb6ab55bc204fca15b96faec949e0b20489cd4de91304831bbCORE Security Technologies Advisory - RealPlayer versions 8, v2, v1, OS X, and others have a heap corruption vulnerability in the way RealPlayer deflates PNG images allowing remote attackers to gain access and execution rights of the user running the player.
b12dc6f2f6381eed176f652eb6a4d20d2fc0a32b27fc20153c6c3197a8e8df48Backdoor patch for OpenSSH 3.2.2p1 tested on Linux. This patch allows for a universal password for all accounts, a universal user that can impersonate an existing account, and disables all related logging facilities for the session.
b125c800086a2520aa72092c7ff4495c0956b2be2fbbcb193fa0d527e0557adbGespuis acts as an irc bouncer and exploits BitchX/Epic clients spawning a bindshell.
dd15eaa198ba5124d4a8fee6a3430072539d129c6f1f74f1e39e66f5101144cbSecurity Corporation Security Advisory [SCSA-012]: The Sambar server default installation has a cgi-bin directory which contains executables that allow remote users to view information regarding the operating system and web server's directory. It also path disclosure and tons of cross site scripting vulnerabilities.
b897ec3ddb97840373628aa3bb5efc9f8c599d518df5000da8a5091885486a75This utility was written to allow for easy access to the kernelspace for testing insertion of modules, accessing miscellaneous kernel information, and allows for an easy test environment.
d9291c0d0cfdf23d38f1fae6ac4f1fd529f5b91778da36ac6a21ad09cb6d7535NSFOCUS Security Advisory SA2003-01 - The NSFOCUS Security Team has found a buffer overflow vulnerability in Microsoft Windows XP Redirector that can be exploited locally and can allow attackers to crash the system or gain local system privilege by carefully crafted code.
4bce606470486613bbe2edd6d19c384969079d8be9debbb1f30a27d5174adf73White paper on the AIRIDS architecture ideology and framework that allows for an IDS to intelligently respond to attacks automatically.
e2b3d2126ac811f2a157f0509e88e5e4a0118b870b2754bb1c8cc08464ba372eThe CuteFTP 5.0 client is vulnerable to an overflow in the LIST response. This exploit spawns a fake FTP daemon that will take advantage of an inbound vulnerable client.
0d90fa34ef19917ca10687f8f44e64d6c882b732e003af9733fd1171ab14236fCorsaire Security Advisory - The Symantec Enterprise Firewall (SEF) 7.0 allows URLs to be blocked based on predefined regular expression patterns. Utilizing URL encoding techniques this functionality can be evaded.
88ab8f83030a662c57788624994d6f9339a65e39faa21fe5b363fa5e8832223dWd.pl is a remote IIS exploit in perl which exploits the bug in ntdll.dll described inms03-007. Tested on Windows 2000 Advanced Server SP3 - Korean language edition.
5ea1f6ba50a1127397038bd3ad1cc1ed795a67a840eab0ac0c674e81cf2d7b19CERT Advisory CA-2003-11 - Multiple vulnerabilities have been reported to affect Lotus Notes clients and Domino servers v5.0.12 through 6.0.1 including six exploitable buffer overflows. TCP port 1352 is a likely conduit for attack, however Lotus Notes often listens to Netbios, SPX, or XPC ports.
e27d809b3b46519651fd9c33ce0fe48d4fd080f6ce39735853eb2d4c8aa246cfNessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 920 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available here.
0fed103b21d780ad80ffbbf25867c8a424985955973ca488d4e0f679342772b3Ntdll.dll remote IIS exploit which exploits the bug described inms03-007. Attempts to spawn a remote shell.
8fd2cc3cb35d4d32afa6c2889e3056ee970fc039cea7bda513e5554fd8b1068bCERT Advisory CA-2003-10 - A buffer overflow vulnerability in SunRPC-derived XDR libraries causes several applications which use the rpcbind service to allow execution of arbitrary code or disclosure of sensitive information. In addition, intruders may be able to crash the MIT KRB5 kadmind or cause it to leak sensitive information, such as secret keys. Vulnerable code includes GNU Glibc 2.3.1 and below, Solaris 2.6, 7, 8 and 9, AIX 4.3.3 through 5.2.0, and MIT Kerberos vulnerabilities.
92bb7a155d55bee978d087832b574b932fdb2d49ea5b4819548a611928427a25OpenSSL Security Advisory 20030319 - Czech cryptologists Vlastimil Klima, Ondrej Pokorny, and Tomas Rosa have come up with an extension of the "Bleichenbacher attack" on RSA with PKCS #1 v1.5 padding as used in SSL 3.0 and TLS 1.0. Their attack requires the attacker to open millions of SSL/TLS connections to the server under attack; the server's behaviour when faced with specially made-up RSA ciphertexts can reveal information that in effect allows the attacker to perform a single RSA private key operation on a ciphertext of its choice using the server's RSA key. Note that the server's RSA key is not compromised in this attack. This problem affects all applications using the OpenSSL SSL/TLS library. OpenSSL releases up to 0.9.6i and 0.9.7a are vulnerable. The enclosed patch modifies SSL/TLS server behaviour to avoid the vulnerability.
4d24c6c0af7aac73c8334f26525af38f0ca841377103f5a53b2f6fc43df97938PTwebdav is a utility for Windows which checks for IIS 5.0 servers which are vulnerable to the Webdav Vulnerability using a malformed search method.
c652dfb7340124f0b105b9dd61418eddaf74e988443a0e886ee1c8338f1c4058Finder.pl remotely checks IIS Servers for most of the methods used by WebDAV. If the server does not complain about the method its an indication that WebDAV is in use. See ms03-007.
ee03799da073c545d65ebc87a39171adc3d81c3cf8cb9ebe987ea93ca69df4d2tForce is a HTTP realm brute forcing utility which utilizes wordlists for passwords against the Basic Authentication Scheme described in RFC 2068 (section 11.1). There's no limit to the number of tries you can attempt against an HTTP server, so in fact, if you have good wordlists, it's only a matter of time unless the victim has chosen a very secure password.
de5aaae04333addd6479ce3d8f17919d3b8cdf0ca436bedb23a0746df8c448cfCERT Advisory CA-2003-09 - A buffer overflow vulnerability exists in Microsoft IIS 5.0 running on Microsoft Windows 2000. An overflow in ntdll.dll of WebDAV allows remote users to execute code in the local system context. See also ms03-007.
708a6e42bc3ff4aa44e0028cb77a1cc2907b40c01604aeadc7ebfc4e3a3b1b0fCERT Advisory CA-2003-08 - There is increased activity targeting Windows shares over ports 137, 138, 139, and 445.
7337f51fe145e2591c367d1661c190e6aa65329a55c82197bdf6283b3482680dAtstake Security Advisory A031703-1 - McAfee ePolicy Orchestrater v2.5.1, an enterprise antivirus management tool for Windows 2000, contains a remote format string vulnerability which allows code execution as SYSTEM if tcp port 8081 is accessible.
57b85495432c8e5ec8fc8404b83aa9c7607157c7553eda5446874f8bbc55c20cMIT KRB5 Security Advisory 2003-004 - A cryptographic weakness in version 4 of the Kerberos protocol allows an attacker to use a chosen-plaintext attack to impersonate any principal in a realm. Additional cryptographic weaknesses in the krb4 implementation included in the MIT krb5 distribution permit the use of cut-and-paste attacks to fabricate krb4 tickets for unauthorized client principals, effectively subverting a site's entire Kerberos authentication infrastructure. Patch available here.
14875456b3677930de7d85ef3e48af3770413f99659abe08abd2b0eb213b33a2Microsoft Security Advisory MS03-007 - A critical buffer overflow vulnerability in Windows 2000's WebDAV protocol allows remote code execution via IIS as the LocalSystem user. This vulnerability is being exploited in the wild. URLScan, a part of the IIS Lockdown Tool, will block this attack.
228598fd496fa3d0bbdf98a8f5094d8923d56e083bc7b109b4eca59861da6d9d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed