exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2004-02-06

Posted Feb 6, 2004
Authored by Ferruh Mavituna | Site ferruh.mavituna.com

DotNetNuke versions 1.0.6 to 1.0.10d are susceptible to file disclosure and cross site scripting attacks.

tags | advisory, xss
SHA-256 | 53e05d2df3888af46549f045b457473e3f5a8930124b0e49bf694ced25fafb8e
Posted Feb 6, 2004
Authored by Adam Laurie

If configured with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth, Apache-SSL 1.3.28+1.52 and all earlier versions would permit a client to use real basic authentication to forge a client certificate.

tags | advisory
SHA-256 | 451c67a07615fb41c04236b83880095a572fd4760c9b81fc36692baed757e5a0
Posted Feb 6, 2004
Authored by Nick Gudov | Site s-quadra.com

S-Quadra Advisory #2004-02-06 - A backdoor exists in CactuSoft CactuShop 5.0 Lite shopping cart software that allows a remote attacker to delete any file on the target system.

tags | advisory, remote
SHA-256 | 264371449a786722a768f921a478dfb456e426a3e7b10e8ae5eea3fc8f03d804
Posted Feb 6, 2004
Authored by Nourredine Himeur | Site security-challenge.com

A cross site scripting flaw exists in formmail.php.

tags | advisory, php, xss
SHA-256 | d49f56633d701471196ff37392bfceff436e67bd19935a0a27674c25c4999346
Posted Feb 6, 2004
Authored by Juan Casillas | Site jmcresearch.com

Jail Chroot Project is an attempt of write a tool that builds a chrooted environment. The main goal of Jail is to be as simple as possible, and highly portable. The most difficult step when building a chrooted environment is to set up the right libraries and files. Here, Jail comes to the rescue with a tool to automatically configures & builds all the required files, directories and libraries.

Changes: Various feature enhancements.
systems | unix
SHA-256 | af4880f077acc054eac6ca5fdd7c692df6a5e0ac40abc1500fa7d79b3725de77
Posted Feb 6, 2004
Authored by ByteBeater | Site geektown.de

SystemSearcher is a Linux security scanner written in Perl. It scans single hosts or subnets for anonymous FTP servers, TFTP servers, SMTP servers which allow relaying, SSH servers, Telnet servers, NFS servers with exported directories, mail servers, Web servers (HTTP/HTTPS), well- known trojan ports, and exploitable CGIs. You can also scan a list of specific servers and specific ports. It uses non-blocking socket communication with a 3-second socket timeout. It can also scan for proxy servers which are open to the world (on port 80,8080,1080, or 3128), and SMB servers or Windows boxes sharing directories.

tags | tool, web, cgi, scanner, trojan, perl
systems | linux, windows, unix
SHA-256 | 3efb5356e2a6ec640c386daf6e7148265d6f8f4c6ee0701fbfe80ec389372b93
Posted Feb 6, 2004
Authored by Simon Castro | Site gray-world.net

CCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.

tags | tool, sniffer
SHA-256 | 8cf44524aeec333268aa73ad3f6091da455b0506221fd4436901b5aaf1f5763f
Posted Feb 6, 2004
Authored by Philip Coombes | Site zoneminder.com

ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.

Changes: Bug fixes and major language additions.
tags | web
systems | linux
SHA-256 | 09d5fe2099d28a171a3e7de3e19068cca51c7a9d52206219758a46edff59d478
Posted Feb 6, 2004
Authored by Markus Mueller

Local exploit that breaks out of a vserver, even if it is secured with chmod 000 /vservers. Modified version of the chroot-again exploit. Tested with linux 2.4.24 and vserver 1.24. Fixed in release 1.25.

tags | exploit, local
systems | linux
SHA-256 | ecb32af70153e79f3accdcb8ad729fc7c190f6447576c9716239b96b27b6bad2
Technical Cyber Security Alert 2004-36A
Posted Feb 6, 2004
Authored by US-CERT, Jeffrey P. Lanza | Site cert.org

CERT Advisory TA04-036A - Several versions of Check Point Firewall-1 contain a vulnerability that allows remote attackers to execute arbitrary code with administrative privileges. This allows the attacker to take control of the firewall, and in some cases, to also control the server it runs on.

tags | advisory, remote, arbitrary
SHA-256 | 185ba52ee2244db8227bfa7c35e8337b0f6af6a360d2b7dd4c77a80b22414736
Page 1 of 1

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By