exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2004-01-21

Nmap Scanning Utility 3.50
Posted Jan 21, 2004
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.

Changes: Integrated a ton of service fingerprints, increasing the number of signatures more than 50%. Various bug fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | dffa36ef20f7434a230e466f79f58755fb2ea3a9c673b2bd21810a595f14d06a
Cisco Security Advisory 20040121-voice
Posted Jan 21, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040124 - The default installation of Cisco voice products on the IBM platform will install the Director Agent in an unsecure state, leaving the Director services vulnerable to remote administration control and/or Denial of Service attacks. The vulnerabilities can be mitigated by configuration changes and Cisco is providing a repair script that will close the vulnerable ports and put the Director agent in secure state without requiring an upgrade.

tags | advisory, remote, denial of service, vulnerability
systems | cisco
SHA-256 | b014c3dae8a8c72af048e37ac74be6fdee1da91c923dba8d3a96583cfee56393
honeyd-2004-001.txt
Posted Jan 21, 2004
Authored by Niels Provos | Site honeyd.org

Honeyd is vulnerable to remote detection via a simple probe packet. All versions up to 0.8 are susceptible.

tags | advisory, remote
SHA-256 | cde958c21a34416d46b6613084575197d925bacde71a75b0abc1b5d2e44574f6
WebcamXP.txt
Posted Jan 21, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

WebcamXP versions 1.06.945 is susceptible to a cross site scripting attack.

tags | advisory, xss
SHA-256 | 6f7ddb9ae2a81dc995c905640c0b63ca8f6977f311391f05756247ab0490786c
SRT2004-01-17-0425.txt
Posted Jan 21, 2004
Authored by Kevin Finisterre | Site secnetops.com

Secure Network Operations Advisory SRT2004-01-17-0425 - Ultr@VNC, the client/server software that allows you to remotely control a computer over any TCP/IP connection, has a faulty ShellExecute() statement that allows a local attacker to gain SYSTEM access.

tags | advisory, local, tcp
SHA-256 | f28f3ed6c815915416535420f36bf7ce30645cb63ebc9a1df339d53450bf5b4b
SCSA026.txt
Posted Jan 21, 2004
Authored by frog-man | Site Security-Corp.com

Security Corporation Security Advisory [SCSA-026]: A vulnerability has been discovered in DUWARE Products, which allows malicious users to become administrators. It affects approximately 15 different products in all.

tags | exploit
SHA-256 | 0c960411e961d7e65a618c303917edb4acbe482261e21a68ece0032a7e326fb9
webtrends.txt
Posted Jan 21, 2004
Authored by Oliver Karow | Site oliverkarow.de

WebTrends Reporting Center is administrated via a web interface that has a flaw which would allow a remote attacker to disclose the physical path to the application.

tags | advisory, remote, web
SHA-256 | ceeeb73740ef5d6595ffe3b3bcfebbaa1bd0e01644d2b67237781bafd0e4eec4
2WireGateway.txt
Posted Jan 21, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

2Wire-Gateway is a router that has a webserver for maintenance. The CGI interface lacks input validation when returning an error with its return variable allowing for a directory traversal attack.

tags | exploit, cgi
SHA-256 | 7d327c33155ca85a9c8ffbe857abf59b58c2dd8d41a1f071dd99da63cc51605a
OwnServer10.txt
Posted Jan 21, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

OwnServer, a web server used for watching security cameras remotely, is susceptible to a directory traversal bug that allows a remote attacker to gain access to files outside of the webroot.

tags | exploit, remote, web
SHA-256 | b32b6045df134cd7484a3ae7c2e8bfa669777d8d1b0a5b081d9961a173b87d02
IEmultiples.txt
Posted Jan 21, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

When using the SNEWS protocol, Internet Explorer lacks its filtering engine and can trigger Outlook Express to be hit by a buffer overrun resulting in possible code execution.

tags | advisory, overflow, code execution, protocol
SHA-256 | b1c8758f7ae810befb59be9d3679bb31b88d48ffc8d5d5c14e2ef342f8769de7
vBulletinBBS.txt
Posted Jan 21, 2004
Authored by Darkwell | Site gcf.de

vBulletin Bulletin Board derivatives contain a security bug that may lead to disclosure of private information via cross site scripting attacks. This vulnerability may also enable an attacker to transmit sensitive information such as encrypted passwords, user identification numbers, or forum passwords to another server.

tags | advisory, xss
SHA-256 | 648da248485971d719402b2948f41a186eff85e43a7ac497adcf75b8977cbf58
NETCam.txt
Posted Jan 21, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

NETCam webserver running NETCam Viewers 1.0.0.28 and below have a directory traversal bug that allows remote attackers to gain access to files outside of the webroot.

tags | exploit, remote
SHA-256 | 3033ef31ebe260b918d9f1e9177da16b936b0caa1f3b1065986e5ccaa17a5f85
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close