exploit the possibilities
Showing 1 - 25 of 160 RSS Feed

Files Date: 2003-11-01 to 2003-11-30

Posted Nov 27, 2003
Authored by r3b00t | Site r3b00t.tx.pl

Linux/x86 shellcode that performs a chmod of 4777.

tags | x86, shellcode
systems | linux
MD5 | 1fe2ea4a81c26110a9f36ab0cd4aa3e7
Posted Nov 27, 2003
Authored by Li0n7

EPIC4 remote exploit that acts as an IRC server and makes use of a stack-based overflow in EPIC4 versions later than pre2.003. Upon success, this exploit yields a shell with the privileges of the user id connecting into the server.

tags | exploit, remote, overflow, shell
MD5 | 60364157eaa053fedb0f4fd986a98e85
Posted Nov 27, 2003
Authored by Evgeny Legerov

S-Quadra Advisory #2003-11-26 - FreeRADIUS version 0.9.3 and below suffers from a stack overflow in the rlm_smb module. Successful exploitation of the vulnerability leads to code execution abilities as root.

tags | advisory, overflow, root, code execution
MD5 | e0af404d1347c842bb816348e3d130af
Posted Nov 27, 2003
Authored by Bojan Zdrnja

My_eGallery versions below 3.1.1.g has PHP files which do not filter all parameters fed to functions, allowing a malicious attacker the ability to execute any command as the user id the webserver is running under. Vendor supplied patch available here.

tags | exploit, php
MD5 | b43abc56c3104b46370ca73811988658
Posted Nov 27, 2003
Authored by Liu Die Yu

Utilizing the MHTML parsing vulnerability in conjunction with the BackToFramedJpu vulnerability, a malicious attacker can obtain full MYCOMPUTER security zone access to a victim machine.

tags | advisory
MD5 | 560f5f3680ade229e1b80ea41d4412d0
Posted Nov 27, 2003
Authored by Liu Die Yu

A flaw exists in the way Microsoft Internet Explorer performs MHTML redirection that can lead to a victim having executables downloaded and run. Link to a demonstration included.

tags | advisory
MD5 | 4a0f22ce33818d4d8b5e8ad0e4a72970
Posted Nov 26, 2003
Authored by Liu Die Yu

By combining the Microsoft Internet Explorer cache file disclosure vulnerability with several other unpatched vulnerabilities, a malicious INTERNET page can reach the MYCOMPUTER zone. Link to two demonstrations included.

tags | advisory, vulnerability
MD5 | 6af73a20bb010072be91f05cc8b71f9a
Posted Nov 26, 2003
Authored by Liu Die Yu

Microsoft Internet Explorer v6.SP1 and below has a vulnerable download function that can be exploited by a malicious attacker to gain access to a user's cache directory. Link to two demonstrations included.

tags | advisory
MD5 | f5f58452fe96ccac411affb2f9aa1ac7
Posted Nov 26, 2003
Authored by Liu Die Yu

A cross-zone scripting vulnerability has been found in Internet Explorer. If a web page contains some sub-frame, its security zone may be compromised. Link to a demonstration included.

tags | advisory, web
MD5 | 321eb5687bad72de83a782fb73439364
Posted Nov 26, 2003
Authored by Liu Die Yu

After applying the patch for MS03-048, Windows is still susceptible to the Hijack Click attack when performed in conjunction with the method caching attack which can make the window.move accessible again. Link to a demonstration included.

tags | advisory
systems | windows
MD5 | bbbe6142ef64fb71d189c053a995c343
Rapid7 Security Advisory 16
Posted Nov 25, 2003
Authored by Rapid7 | Site rapid7.com

Rapid7 Security Advisory - Sybase Adaptive Server Enterprise (ASE) 12.5 is susceptible to a denial of service attack when a login is made with an invalid remote password array. A valid login is required to exploit this vulnerability. Version for Linux is not vulnerable.

tags | advisory, remote, denial of service
systems | linux
MD5 | 68c419231c535ce39ca3187c3c632165
Posted Nov 25, 2003
Authored by Aion

Simple patch for OpenSSL 0.9.7c that adds a PKCS#12 brute-forcing option which takes in a wordlist.

tags | patch
systems | unix
MD5 | f13b90dd9a84af1e68eeccd7760fbcad
Posted Nov 25, 2003
Site cert.org

CERT Quarterly Summary CS-2003-04 - There have been documented vulnerabilities in the Microsoft Windows Workstation Service, RPCSS Service, and Exchange, various SSL/TLS implementations, a buffer overflow in Sendmail, and a buffer management error in OpenSSH. There have also been reports of W32/Swen.A, W32/Mimail variants, and exploitation of an Internet Explorer vulnerability reported in August of 2003.

tags | advisory, overflow, vulnerability
systems | windows
MD5 | 64bcd2eac439122f37c384aaa8bd86b5
Posted Nov 25, 2003
Authored by Evgeny Legerov

S-Quadra Advisory #2003-11-24 - Monit version 4.1 is susceptible to a denial of service via a negative Content-length field and is also vulnerable to a stack overflow when accepting long HTTP requests.

tags | advisory, web, denial of service, overflow
MD5 | ddfa2ceae5a29fda453212302c494a98
Posted Nov 25, 2003
Authored by Roy Hills | Site nta-monitor.com

ike-scan is a utility that discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern.

Changes: More backoff patterns added, more flexible pattern specification, man page added, and more.
tags | tool, scanner
systems | unix
MD5 | 6425534104fd9f6f644c6f7286ed40e1
Posted Nov 25, 2003
Authored by Dominique Karg, David Gil, Fabio Ospitia Trujillo, Julio Casal, Jesus D. Munoz | Site sourceforge.net

Os-sim attempts to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, Acid, MRTG, NTOP, OpenNMS, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security. Supported platform is Linux.

tags | system logging
systems | linux, unix
MD5 | c6f3cb40950de18d054ff3b84bb57712
Posted Nov 25, 2003
Authored by Mariusz Ciesla

CommerceSQL shopping cart allows remote file reading via a directory traversal vulnerability in its index.cgi.

tags | exploit, remote, cgi
MD5 | 5a17b3f5332c2e8437aa225dc2841a71
Posted Nov 25, 2003
Authored by Andres Tarasco

The embedded webserver for the Thomson TCM315 cable modem is vulnerable to a buffer overflow during a typical GET method HTTP request.

tags | exploit, web, overflow
MD5 | 51198bef948a30a3927152acb48c8e3f
Posted Nov 25, 2003
Authored by Larry W. Cashdollar | Site vapid.dhs.org

Vapid Labs Security Note - The PrimeBase SQL Database Server 4.2 stores passwords in clear text. Depending on the installation user's umask settings, it may be readable by all local users.

tags | advisory, local
MD5 | 1dcb3778cf0666564820fc49425c8d2f
Posted Nov 25, 2003
Authored by Jouko Pynnonen | Site klikki.fi

Two vulnerabilities were found in the Opera web browser versions up to 7.22. Both are related to skin files, with one being a directory traversal attack that allows an attacker to upload a file to a victim's machine while the other is a buffer overflow in the skin file handling.

tags | advisory, web, overflow, vulnerability
MD5 | 8021b039c337a9b27a5ea27d4cc63157
Posted Nov 25, 2003
Authored by clappymonkey

Brief research paper that audits and discusses the true scope of how many hosts on the Internet actually have TCP port 139 listening and are susceptible to attack.

tags | paper, tcp
systems | windows
MD5 | bdd6e30719b9fc83c5360faff129ac70
Posted Nov 25, 2003
Authored by frog-man | Site Security-Corp.com

Security Corporation Security Advisory [SCSA-021]: vBPortal versions 2.0 alpha 8.1 and below allow a remote attacker the ability to send mail anonymously via a vulnerability in its friend.php script.

tags | exploit, remote, php
MD5 | b9b406a1de68f15e93c5a0044938ddfa
Posted Nov 25, 2003
Authored by jsk

webfs 1.7.x remote root exploit that binds a shell to port 26112 and makes use of a User-Agent buffer overflow.

tags | exploit, remote, overflow, shell, root
MD5 | 5d7053881beaf39ab594c60a0b0cd44c
Posted Nov 25, 2003
Authored by Hi_Tech_Assassin, Brice aka THR

A bug exists in MSN's Messenger client that allows a user's IP address to be exposed due to improper parsing of the Ip-Address field when parsing requests.

tags | exploit
MD5 | 20299636636f63dc45c73c692442d9d2
Posted Nov 25, 2003
Authored by Tri Huynh

Xitami's LiteServe webserver versions 2.5 and below suffer from a denial of service vulnerability that stems from a logic error during the processing of a POST request.

tags | advisory, denial of service
MD5 | f99731f08cbe75282ebf2e8919136ef4
Page 1 of 7

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By