Exploit the possiblities
Showing 1 - 21 of 21 RSS Feed

Files Date: 2003-10-16

Posted Oct 16, 2003
Authored by Salman Niksefat

A cross site scripting vulnerability in Microsoft Hotmail allows access to mailboxes via malicious Javascript in conjunction with cookie hijacking.

tags | advisory, javascript, xss
MD5 | f00911cd77f5b8221ea39691ab396671
Posted Oct 16, 2003
Authored by Cesar Cerrudo

Security Advisory detailing original research from the Microsoft Local Troubleshooter ActiveX control buffer overflow that affects all versions of Microsoft Windows 2000.

tags | advisory, overflow, local, activex
systems | windows, 2k
MD5 | b8d4a3696bc3358e92c12c6462e166e8
Posted Oct 16, 2003
Authored by Brett Moore SA | Site security-assessment.com

Original research advisory for the Listbox And Combobox Control buffer overflows announced by Microsoft Advisory here. Affected Software: Microsoft Windows NT4.0, 2000, XP, and 2003.

tags | advisory, overflow
systems | windows
MD5 | d5760432312aa04c8d86df25171c2a71
Posted Oct 16, 2003
Site sco.com

SCO Security Advisory - SCO OpenServer 5.0.5, 5.0.6, and 5.0.7 has had multiple vulnerabilities discovered in Xsco. One matches the command line parameter -co hole discovered in Xsun and another allows any local user with X access to gain read/write access to a shared memory segment.

tags | advisory, local, vulnerability
advisories | CVE-2002-0158, CVE-2002-0164
MD5 | 19eb5afd533353aaca78afc76827a7d9
Posted Oct 16, 2003
Authored by millhouse

Remote irc2.10.3p3 denial of service exploit that makes use of a bug in channel.c that occurs when handling a specially crafted JOIN command.

tags | remote, denial of service
MD5 | 8f948c7ab259776661b4864b6d819a31
Posted Oct 16, 2003
Site cert.org

CERT Advisory CA-2003-27 - A number of vulnerabilities in both Microsoft Windows and Microsoft Exchange have been discovered with multiple bugs giving privilege escalation and remote command execution.

tags | advisory, remote, vulnerability
systems | windows
MD5 | be063887ae4c9a37d0f1176b909a14cb
Posted Oct 16, 2003
Authored by Oliver Karow

A cross site scripting vulnerability still exists in the newest Bajie HTTP server release even though the vendor had previously been notified of the problem.

tags | advisory, web, xss
MD5 | 854064cb84e24b64afb2341a5d644411
Posted Oct 16, 2003
Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - Several vectors exist that can be used by attackers to make use of a stack based buffer overflow in the PCHealth system of Microsoft Windows 2003 Server and Windows XP.

tags | advisory, overflow
systems | windows, xp
MD5 | 26fd00211f9f12279d2b11e5774adc59
Posted Oct 16, 2003
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It is useful for pinpointing which process is using each network socket. FAQ available here.

Changes: Fixes for OpenBSD, FreeBSD, and NetBSD including support for FreeBSD 5.1-CURRENT, adds support for Solaris 10 and Mac OX X 10.3.
tags | tool, intrusion detection
systems | unix
MD5 | d13e98fc85806424e371efde71f1e186
Posted Oct 16, 2003
Authored by Proxy Labs | Site proxylabs.netwu.com

ProxyCap enables users to tunnel Internet applications through HTTP, SOCKS v4, and SOCKS v5 Proxy Servers. It can be told which applications will connect to the Internet through a proxy and under what circumstances. This is done through a user friendly interface, without the need to reconfigure any clients. ProxyCap provides a flexible rule system and allows the end user to define their own tunneling rules. ProxyCap version 2.0 introduces support for UDP-based networking clients, optional remote name resolution, and more detailed Session Logs.

tags | remote, web, udp
MD5 | ed8e88a6437ad28cb638935fad8e6f3f
Posted Oct 16, 2003
Authored by Simon Josefsson

GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers such as IMAP and SMTP to request authentication from clients, and in clients to authenticate against servers. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM, and KERBEROS_V5 mechanisms.

tags | imap, library
MD5 | eae923fe86e38e4822f6d9e2459fe7de
Posted Oct 16, 2003
Authored by Kain | Site sourceforge.net

CA Web Helper is a helper Web application written in PHP and Perl to maintain a local Certificate Authority based on OpenSSL. It provides the ability to view issued certificates, issue new certificates, and revoke compromised certificates.

tags | web, local, perl, encryption, php
MD5 | 6b6d550befde77f220174ad73f9e4b87
Posted Oct 16, 2003
Authored by posidron | Site tripbit.org

105 byte size shellcode that executes: setuid(), setgid(), mkdir(), chroot(), chdir(), chroot(), execv(), exit(). ASM code and syscall table are included.

tags | shellcode
MD5 | d963881ce09f08de83bcfaa1adbeab39
Posted Oct 16, 2003
Site microsoft.com

Microsoft Security Advisory MS03-045 - An attacker who had the ability to log on to a system interactively could run a program that could send a specially-crafted Windows message to any applications that have implemented the ListBox control or the ComboBox control, causing the application to take any action an attacker specified. This could give an attacker complete control over the system by using Utility Manager in Windows 2000.

tags | advisory
systems | windows, 2k
MD5 | c79feab266313ad69ea8b5f8515ac3eb
Posted Oct 16, 2003
Site microsoft.com

Microsoft Security Advisory MS03-047 - Microsoft Exchange Server 5.5, Service Pack 4, suffers from a cross site scripting attack due to the way Outlook Web Access (OWA) performs HTML encoding in the Compose New Message form.

tags | advisory, web, xss
MD5 | e2d2bc1dd1e26a32b9c5a6c06b626fde
Posted Oct 16, 2003
Site microsoft.com

Microsoft Security Advisory MS03-046 - A denial of service condition exists in Exchange Server 5.5 that can be exploited by a remote attacker and Exchange 2000 Server suffers the same denial of service and a buffer overrun that can result in an attacker running malicious programs.

tags | advisory, remote, denial of service, overflow
MD5 | 06e1fa7e9b7980b3fe0d8c742a9eac43
Posted Oct 16, 2003
Authored by STE Jones | Site NetworkPenetration.com

Network Penetration conducted a survey at the start of 2003 to check the status of the United Kingdom's DNS infrastructure. This paper discusses the second run of what was tested, the results, some sample zone transfers, and recommendations.

tags | paper, protocol
MD5 | 7841d7b80b30c00c25fb3d7f0498b3fb
Posted Oct 16, 2003
Site DigitalPranksters.com

The Linksys EtherFast Cable/DSL Firewall Router BEFSX41 (Firmware 1.44.3) is susceptible to a denial of service attack when a long string is sent to the Log_Page_Num parameter of the Group.cgi script.

tags | exploit, denial of service, cgi
MD5 | 1e142d2d4429f36d6bdbd08409720df8
Posted Oct 16, 2003
Authored by error

Simple notes on how to exploit GAIM via the festival plugin that was written quite poorly.

tags | exploit
MD5 | bf092631c2e47257ae9f6aa6be652dda
Posted Oct 16, 2003
Authored by Lorenzo Hernandez Garcia-Hierro | Site nsrg-security.com

ColdFusion servers suffer from a SQL injection vulnerability due to cross site scripting.

tags | advisory, xss, sql injection
MD5 | 16b82749cca0052e2626984a82a22dc6
Posted Oct 16, 2003
Site microsoft.com

Microsoft Windows Security Bulletin Summary for October 2003 that covers MS03-041, the vulnerability in Authenticode Verification that could allow remote code execution, MS03-042, the buffer overflow in ActiveX that could allow code execution, MS03-043, the buffer overrun in its Messenger Service, and MS03-044, the buffer overrun in the Windows Help and Support Center.

tags | advisory, remote, overflow, code execution, activex
systems | windows
MD5 | db2d1b419418f51896119077d3a3954f
Page 1 of 1

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    7 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By