exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2004-02-06

Posted Feb 6, 2004
Authored by Ferruh Mavituna | Site ferruh.mavituna.com

DotNetNuke versions 1.0.6 to 1.0.10d are susceptible to file disclosure and cross site scripting attacks.

tags | advisory, xss
SHA-256 | 53e05d2df3888af46549f045b457473e3f5a8930124b0e49bf694ced25fafb8e
Posted Feb 6, 2004
Authored by Adam Laurie

If configured with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth, Apache-SSL 1.3.28+1.52 and all earlier versions would permit a client to use real basic authentication to forge a client certificate.

tags | advisory
SHA-256 | 451c67a07615fb41c04236b83880095a572fd4760c9b81fc36692baed757e5a0
Posted Feb 6, 2004
Authored by Nick Gudov | Site s-quadra.com

S-Quadra Advisory #2004-02-06 - A backdoor exists in CactuSoft CactuShop 5.0 Lite shopping cart software that allows a remote attacker to delete any file on the target system.

tags | advisory, remote
SHA-256 | 264371449a786722a768f921a478dfb456e426a3e7b10e8ae5eea3fc8f03d804
Posted Feb 6, 2004
Authored by Nourredine Himeur | Site security-challenge.com

A cross site scripting flaw exists in formmail.php.

tags | advisory, php, xss
SHA-256 | d49f56633d701471196ff37392bfceff436e67bd19935a0a27674c25c4999346
Posted Feb 6, 2004
Authored by Juan Casillas | Site jmcresearch.com

Jail Chroot Project is an attempt of write a tool that builds a chrooted environment. The main goal of Jail is to be as simple as possible, and highly portable. The most difficult step when building a chrooted environment is to set up the right libraries and files. Here, Jail comes to the rescue with a tool to automatically configures & builds all the required files, directories and libraries.

Changes: Various feature enhancements.
systems | unix
SHA-256 | af4880f077acc054eac6ca5fdd7c692df6a5e0ac40abc1500fa7d79b3725de77
Posted Feb 6, 2004
Authored by ByteBeater | Site geektown.de

SystemSearcher is a Linux security scanner written in Perl. It scans single hosts or subnets for anonymous FTP servers, TFTP servers, SMTP servers which allow relaying, SSH servers, Telnet servers, NFS servers with exported directories, mail servers, Web servers (HTTP/HTTPS), well- known trojan ports, and exploitable CGIs. You can also scan a list of specific servers and specific ports. It uses non-blocking socket communication with a 3-second socket timeout. It can also scan for proxy servers which are open to the world (on port 80,8080,1080, or 3128), and SMB servers or Windows boxes sharing directories.

tags | tool, web, cgi, scanner, trojan, perl
systems | linux, windows, unix
SHA-256 | 3efb5356e2a6ec640c386daf6e7148265d6f8f4c6ee0701fbfe80ec389372b93
Posted Feb 6, 2004
Authored by Simon Castro | Site gray-world.net

CCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.

tags | tool, sniffer
SHA-256 | 8cf44524aeec333268aa73ad3f6091da455b0506221fd4436901b5aaf1f5763f
Posted Feb 6, 2004
Authored by Philip Coombes | Site zoneminder.com

ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.

Changes: Bug fixes and major language additions.
tags | web
systems | linux
SHA-256 | 09d5fe2099d28a171a3e7de3e19068cca51c7a9d52206219758a46edff59d478
Posted Feb 6, 2004
Authored by Markus Mueller

Local exploit that breaks out of a vserver, even if it is secured with chmod 000 /vservers. Modified version of the chroot-again exploit. Tested with linux 2.4.24 and vserver 1.24. Fixed in release 1.25.

tags | exploit, local
systems | linux
SHA-256 | ecb32af70153e79f3accdcb8ad729fc7c190f6447576c9716239b96b27b6bad2
Technical Cyber Security Alert 2004-36A
Posted Feb 6, 2004
Authored by US-CERT, Jeffrey P. Lanza | Site cert.org

CERT Advisory TA04-036A - Several versions of Check Point Firewall-1 contain a vulnerability that allows remote attackers to execute arbitrary code with administrative privileges. This allows the attacker to take control of the firewall, and in some cases, to also control the server it runs on.

tags | advisory, remote, arbitrary
SHA-256 | 185ba52ee2244db8227bfa7c35e8337b0f6af6a360d2b7dd4c77a80b22414736
Page 1 of 1

File Archive:

December 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    32 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By