exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2004-02-27

FreeBSD Security Advisory 2004.3
Posted Feb 27, 2004
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:03.jail - A vulnerability has been found where jailed processes can attach to other jails. A programming error has been found in the jail_attach(2) system call which affects the way that system call verifies the privilege level of the calling process. Instead of failing immediately if the calling process was already jailed, the jail_attach(2) system call would fail only after changing the calling process's root directory.

tags | advisory, root
systems | freebsd
SHA-256 | 639d6bd5793d142816eebc4131a6389ec9dc7aeb7fd4ad2a9e06d5e395084bfd
MacOSXAFP.txt
Posted Feb 27, 2004
Authored by Chris Adams

Paper discussing how the the standard Apple Filing Protocol (AFP) does not use encryption to protect transfered data. Login credentials may be sent in cleartext or protected with one of several different hashed exchanges or Kerberos. There does not appear to have been any serious third-party security review of Apple's client or server implementations.

tags | advisory, protocol
systems | apple
SHA-256 | 16feb9364a339129da505a3e12219691b666acf40377cf696c052a27ed62f5aa
ex_servu.c
Posted Feb 27, 2004
Authored by Sam Chen | Site 0x557.org

Serv-U FTPD 3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested on Windows 2000 and XP.

tags | exploit, remote, overflow
systems | windows
SHA-256 | 3478cd244b21b32e8c447890c0eaf59dcf6629881d4d91708d1536ceff485b5c
symantecGS20.txt
Posted Feb 27, 2004
Authored by Brian Soby

A cross site scripting vulnerability exists in Symantec Gateway Security's management service which could allow an attacker to hijack a management session to the device. Version affected is 2.0.

tags | advisory, xss
SHA-256 | 0278d24db7750640d5af1c572f205449812da58bb9e4dbf864ab8eedf4307fce
02.27.04b.txt
Posted Feb 27, 2004
Site idefense.com

iDEFENSE Security Advisory 02.27.04b: Exploitation of an access validation error within Microsoft Internet Explorer web browsers allows remote attackers to bypass the restrictions imposed on cross frame scripting.

tags | advisory, remote, web
SHA-256 | 9c0aa4ef8605876b7eafcec1291f95cf5dfb43515f7c89d5c5a880251710c55d
02.27.04a.txt
Posted Feb 27, 2004
Site idefense.com

iDEFENSE Security Advisory 02.27.04a: Exploitation of a buffer overflow vulnerability within a parameter parsing routine of WinZip Computing Inc.'s WinZip Archive Utility for Windows allows remote attackers to execute arbitrary code. Versions below 9.0 affected.

tags | advisory, remote, overflow, arbitrary
systems | windows
SHA-256 | 53517af4c8cb6810ce93d885a7fbe09d4bed96da22e7c1e59bf7a257545b5c81
ike-scan-1.6.tar.gz
Posted Feb 27, 2004
Authored by Roy Hills | Site nta-monitor.com

ike-scan is a utility that discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern.

Changes: ISAKMP payloads are now decoded, new switch options added, various bug fixes.
tags | tool, scanner
systems | unix
SHA-256 | 50fa57f374ffd7a9406734dc7e7d5d00813ae61122ca580dd8221720e77d2ce2
RFC-NG-1.0.0.tar.gz
Posted Feb 27, 2004
Authored by Claudio Panichi | Site rfc.sourceforge.net

RFC (Remote Filesystem Checker) is a set of scripts that aims to help system administrators run a filesystem checker (like tripwire, aide, etc.) from a master-node to several slave-nodes using ssh, scp, sudo, and few other common shell commands.

tags | tool, remote, shell, integrity
SHA-256 | 779fd968fceb4d5dce672f5ece9edaf012e2f56e405d73a48a07b0abbd59f8a0
calife284.txt
Posted Feb 27, 2004
Authored by DownBload

Calife versions 2.8.4c and 2.8.5 has a heap memory corruption vulnerability which can lead to local privilege escalation.

tags | advisory, local
SHA-256 | 2e24a523d2205bb693235533ec49641a01370aee0464e41a45e1ee3d6769c6fe
eEye.realsecure.txt
Posted Feb 27, 2004
Authored by eEye Digital Security | Site eEye.com

eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in both RealSecure and BlackICE. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code within the SYSTEM context. This attack will succeed with BlackICE using its most paranoid settings.

tags | advisory, remote, arbitrary
SHA-256 | 93cd5a0b4754b466a9453652642e3208192566bab669f59e2f78794309c03ac3
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close