what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2003-09-25

atphttp0x06.c
Posted Sep 25, 2003
Authored by r-code

Remote exploit for atphttpd version 0.4b and below on Linux x86 that binds a shell to port 65535. Tested against Debian 3.0 and RedHat 8.0.

tags | exploit, remote, shell, x86
systems | linux, redhat, debian
SHA-256 | 88c26342e5f68deb853d183ed815a06e8979d2f24a421572d430729ffa44b177
myserver043.txt
Posted Sep 25, 2003
Authored by Arnaud Jacques | Site securiteinfo.com

MyServer 0.4.3 is susceptible to a directory traversal attack that allows access to files and directories outside of the web root.

tags | exploit, web, root
SHA-256 | 68bb16515c9ee3c7c84f0f2841e61a967e5f41bddba16ef2109fdc524f55d956
cfengine.txt
Posted Sep 25, 2003
Authored by Nick Cleaton

The cfservd daemon in Cfengine 2.x prior to version 2.08 has an exploitable stack overflow in the network I/O code used.

tags | advisory, overflow
SHA-256 | 4f06f3f2f02b486dfdd217a7ff03223f7424d241ec1afc4a509699b4844b8187
sbox-adv.txt
Posted Sep 25, 2003
Authored by e2fsck | Site eightone.mafiadodiva.org

sbox version 1.04, the CGI wrapper that allows for safer execution of scripts, has a path disclosure vulnerability.

tags | advisory, cgi
SHA-256 | fc5c9dad742ebccdda421f6976490552abe905fc46a6e3f379b4330516de256a
Mirc-USERHOST-Poc.zip
Posted Sep 25, 2003
Authored by Sylvain Descoteaux

Remote MIRC proof of concept exploit that makes use of an overflow in the USERHOST reply to the mirc-client.

tags | exploit, remote, overflow, proof of concept
SHA-256 | 3774e02cc6ee4c5aca911c9c7b205bbe05c9bb15c2744e361b6003cd73bb6347
vomit-0.2.tar.gz
Posted Sep 25, 2003
Authored by Niels Provos | Site vomit.xtdnet.nl

Vomit, or voice over misconfigured internet telephones, is a utility that converts a Cisco IP phone conversation into a wave file that can be played with ordinary sound players. Vomit requires a tcpdump output file.

tags | telephony
systems | cisco
SHA-256 | 39781b0d74b5139af7a5256779e01855f6e015c12dafc16f9fc6f86d7c316ceb
chat-Xploit.c
Posted Sep 25, 2003
Authored by Polygrithm

Proof of concept exploit for /usr/sbin/chat on RedHat Linux 7.3. Note: chat is not setuid by default on most installations.

tags | exploit, proof of concept
systems | linux, redhat
SHA-256 | c9a281b9044a9467791c8614d54bcf288295b2f5098c342bdf3f19623a7da630
coldfusion.txt
Posted Sep 25, 2003
Authored by T.Hara | Site scan-web.com

Macromedia's ColdFusion is susceptible to a cross site scripting attack under certain conditions.

tags | advisory, xss
SHA-256 | a735d602394b50e656bc281563c0a6fa0a3b76a6ea07c95001ca5055469a229a
ReBootSQLinject.txt
Posted Sep 25, 2003
Authored by Bahaa Naamnmeh | Site bsecurity.tk

Re-Boot Design ASP Forum is vulnerable to a SQL injection attack that allows remote accessing of a user account without prior knowledge of their password.

tags | advisory, remote, sql injection, asp
SHA-256 | e678d70617cc30fc5813f731c6760853903497a982dccceee63e02e782e18f04
threadITsql.txt
Posted Sep 25, 2003
Authored by Bahaa Naamnmeh | Site bsecurity.tk

Thread-ITSQL is susceptible to cross site scripting attacks in its Topic Title, Name and Message fields.

tags | advisory, xss
SHA-256 | a8673828a2c183f9ff8049970d8dbf6c66a148d78e082ca0072c4acc741f989a
threadIT.txt
Posted Sep 25, 2003
Authored by Bahaa Naamnmeh | Site bsecurity.tk

The Thread-IT Message board is vulnerable to cross site scripting injection via the Topic Title, Name and Message fields.

tags | advisory, xss
SHA-256 | 10e3db50f48b3886d5c8ae6c8e46cadf3fa8ec612cab4d818e88e79ee5f0385f
commentxss.txt
Posted Sep 25, 2003
Authored by Bahaa Naamnmeh | Site bsecurity.tk

Comment Board is susceptible to cross site scripting attacks in the Topic Title, Name, and Message fields.

tags | advisory, xss
SHA-256 | 827dc62fdf35b1cc001920e7959315e067206ab13b453f97e6841f66fd718d36
BRSwebweaver.txt
Posted Sep 25, 2003
Authored by euronymous

WebWeaver version 1.06 and below allows for anonymous surfing of the server if the Host field is set excessively long. It is also susceptible to various denial of services attacks.

tags | exploit, denial of service
SHA-256 | d379db7c0aee30b485cfe256c1ea095e1ecc0ca84aa0b246acdf7e56cbf677dc
FreeBSD Security Advisory 2003.14
Posted Sep 25, 2003
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-03:14.arp - Under certain circumstances, it is possible for an attacker to flood a FreeBSD system with spoofed ARP requests, causing resource starvation which eventually results in a system panic.

tags | advisory, spoof
systems | freebsd
SHA-256 | dde29ce8a88cf20ce908f5b73c17ed056e549898e79d57c425cc8cd42cc921c5
ESA-20030924-026
Posted Sep 25, 2003
Site guardiandigital.com

Guardian Digital Security Advisory - The Guardian Digital WebTool mistakingly uses a GET method instead of a POST method when passing along a user passphrase for SSH keys being generated allowing for the passphrases to get logged in /var/log/userpass.log along with the rest of the query string.

tags | advisory
SHA-256 | f3c7790699c2de28eff06ee5c00de602e489b1a387068cec05c864ef10156833
lansuite2003.txt
Posted Sep 25, 2003
Authored by Phuong Nguyen

602PRO LanSuite 2003 for Windows is vulnerable to sensitive information disclosure, logs freely being accessible to any remote attacker, the ability to read any file on the server, and directory traversal attacks.

tags | exploit, remote, info disclosure
systems | windows
SHA-256 | 9f04a1d343d4cc73ccc8d7925f80792502dfe9ae066749060a5a410c141bac4b
savant31.txt
Posted Sep 25, 2003
Authored by Phuong Nguyen

The Savant Web Server version 3.1 for Windows 95, 98, ME, NT, and 2000 is remotely vulnerable to a denial of service condition when various malformed GET requests are passed to the server.

tags | exploit, web, denial of service
systems | windows
SHA-256 | 2bd87abf901a44d0071f6039019aec576f2bf17865434df7b85c0d48b661fdc7
TCLHttpd.txt
Posted Sep 25, 2003
Authored by Phuong Nguyen

TCLHttpd version 3.4.2 is susceptible to arbitrary directory browsing when an absolute path is entered against Dirlist.tcl even though it does prevent and filter basic URL attacks. This release also suffers from multiple cross site scripting vulnerabilities.

tags | advisory, arbitrary, vulnerability, xss
SHA-256 | cd7f1d11b3ca6f5557a7089d0ad41c6cfe112cbae11c131b99ae3ae789457d9e
gauntlet.txt
Posted Sep 25, 2003
Authored by Oliver Heinz | Site arago.de

The Oracle-Proxy aka SQL-Gateway of Gauntlet Firewall version 6 crashes when invalid data is sent over any defined SQL-gw disallowing any future connections.

tags | advisory
SHA-256 | a0e10a92d97abbd19d53edba384816435d156b0d725e5b27d36f4936aab82bbe
nullhttpd.xss.txt
Posted Sep 25, 2003
Authored by Luigi Auriemma | Site aluigi.altervista.org

NULLhttpd version 0.5.1 and below is vulnerable to a simple cross-site scripting attack.

tags | advisory, xss
SHA-256 | 9bd9eaaee3c3e86fe3542b65ecfc1b31fb82cef2f2febf220de60c32a9c33f01
nullhttpd.dos.txt
Posted Sep 25, 2003
Authored by Luigi Auriemma | Site aluigi.altervista.org

NULLhttpd version 0.5.1 and below is vulnerable to a remote denial of service attack that utilizes 100% of the CPU and consumes any unused memory.

tags | advisory, remote, denial of service
SHA-256 | 5e460644a7de9fa6951e7addf77a7867790c8a4a7e60614db8e8431f63fde7dc
mondo.protego.txt
Posted Sep 25, 2003
Authored by Jens H. Christensen | Site protego.dk

PROTEGO Security Advisory #PSA200302 - MondoSearch versions 4.4, 5.0, and 5.1 are all susceptible to having arbitrary ASP code executed on the server via the Msmsetup.exe binary.

tags | advisory, arbitrary, asp
SHA-256 | dd2110920726df2b84f352c14daafac87f04aa60c0693776f805424930b8f0f7
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close