There lies a way to inject a javascript url in the history list of Microsoft Internet Explorer causing a cross site/zone scripting attack when the user presses the backbutton. An attacker may use this to read arbitrary cookies/local files and execute programs leading to total system compromise if IE is run as administrator.
e01b9463a639085838e90199fac938b440e307d2558b62b00d81aa347385b6edTest exploit for the server of Chaser versions 1.50 and below.
5db8a2952d0d3502c0d77bedd136b57adbcd6b86f01c70c113c3ededd395d65bTest exploit for the client of Chaser versions 1.50 and below.
94f8a2af34c9faacbd305b4a981f59d043e979b2eac32d0782cae09ca7532000Chaser versions 1.50 and below have a memory allocation error in both the client and server parts of the game. Related test exploit for the server is here.
d9e7ca1f0f196f9e6a58f269fa77f64764ea5dd31266d1a7a403dbf23aa38445Web Crossing versions 4.x and 5.x have a denial of service vulnerability. When an HTTP POST request is made to the built-in server, if the 'Content-Length' header supplied with the request is an extremely large or negative number, the server will encounter a set of instructions which lead to an integer-divide-by-zero problem, immediately crashing the server and denying any further service.
a4cb26465dde1aa7db4e37e9bae87f085ad4ccdeb6c14a77fa125516a33bbbd6Research on the various reactions of anti-virus software against decompression bombs. Has a thorough comparison chart and is definately a good read.
960bc488f2320ff76aabcaee668318043ab11705ecc667a76e5cb089b8ab5799Cisco Security Advisory 20040203 - A layer 2 frame that is encapsulating a layer 3 packet (IP, IPX, etc.) may cause Cisco 6000/6500/7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) that have a FlexWAN or Optical Services Module (OSM) or that run 12.1(8b)E14 to freeze or reset, if the actual length of this frame is inconsistent with the length of the encapsulated layer 3 packet. This vulnerability may be exploited repeatedly causing a denial of service.
f53f930c27c6b8f7ff702062ca0e62275d1e976e6a83095f154fada2e7e521d4PHPscripts suffer from a file include vulnerability.
f7531beaf196d3efafda379976dbdb9162fcf36480cb7dff573a5603c34728e7phpMyAdmin versions 2.5.5-pl1 and below do not properly sanitize variables resulting in them being susceptible to a directory traversal attack.
81168b522d27c42876217622e1f8214fcf0c77dfd436e34b4b0aedbe9e03a637X-Cart version 3.4.3 fails to sanitize various input variables leaving itself open to directory traversal and remote command execution attacks.
310f9a8cac8979d8671622dad1d75561c158e182b0a88454b82adc760eb65407CERT Advisory TA04-033A - Microsoft Internet Explorer (IE) contains multiple vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code with the privileges of the user running IE. Versions affected: 5.01, 5.50, and 6.
3ab9362b8f0419320633d4fd73355c39832bf2aadb7cca04de4014fb1d89bd30GBook for Php-Nuke version 1.0 fails to sanity check user input allowing for script injection and cookie theft.
fce5e2fce952d0a6c5a421f4ab449466affb0e648acbc0c10809ce06d64d243bsmbmount can cause a denial of service attack on Microsoft Windows. The attack induces a memory shortage on the Windows system by creating directories in a special way.
8ccb97f425f4922eeaaacb2ffe330c9f9fa5c7bdf43159239648210620c8916aUnique ID is a Perl CGI that calculates and reverse engineers driver's license numbers. Given your name, birthday and gender, it will tell you your license number. Given the number it will tell you your birthday, gender, and take educated guesses at your name. It currently supports Florida, Illinois, Maryland, Michigan, Minnesota, New Hampshire, Washington, and Wisconsin. It's likely that similar systems are used in other states.
7f0cd9881734d0c362a66865179a6c3cdc62c650b649fdf4747da591e15ad243Motion uses a video4linux device for detecting movement. It makes snapshots of the movement which later will be converted to MPEG movies, making it useful as an observation or security system. It can send out email and SMS messages when detecting motion and includes a web interface.
2e199d5576e1cfe05afd4c9f51fb9da4d3e42a2aa36b03c4d0a8b4c0dfd7c9d6ADMsmb is a security scanner for Samba based on the source of smbclient. It will get the netbios name, share list, workgroup, domain, and OS. It will then try to access any exported shares, perform a session brute force, and perform brute force on a directory specified.
86f223b81fdd242286cc0abfd686b6acc71e36313afadd7b29b516e0fbfff89btcpick is a textmode sniffer that can track TCP streams and saves the data captured in files or displays them in the terminal. It is useful for picking files in a passive way. It can store all connections in different files, or it can display all the stream on the terminal with colors.
5a1326718ce9d0dfc8499d030af94e3538d02e9b4c03089e68e14d638191b547Hatchet is a log parsing and viewing utility for OpenBSD's PF firewall software. It presents HTML output of logged events and utilization graphs using pfstat.
47a9786bbd90a9d57996afe7cfada41529e3132232c7f0e8b8bb4a6e5413c0bePhotopost PHP Pro versions 4.6 and below suffer from a SQL injection vulnerability due to a lack of variable sanitization with the photo variable.
c068cb7f6a36484ab9999061ed91dd07ccfb77ea867b7a814ae664e44f706fb1Web Forums Server versions 1.6 and below suffer from CSS/XSS vulnerability.
56f2f5528222ced0594f6a36993aec2713bd9641f2c251911e66755c303079f6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed