what you don't know can hurt you
Showing 1 - 25 of 194 RSS Feed

Files Date: 2004-02-01 to 2004-02-29

Posted Feb 28, 2004
Authored by Axl

WFTPD Pro Server 3.21 Release 1 allows a remote attacker to allocate arbitrary amounts of memory and force the WFTPD server process to use 100% of the CPU. Another DoS vulnerability allows an attacker to send a special string to crash WFTPD.

tags | advisory, remote, denial of service, arbitrary
MD5 | 26a388a0b241c32f35cda21cd047a30d
Posted Feb 28, 2004
Authored by Knight Commander | Site security.com.vn

Invision Power Board is susceptible to a SQL injection vulnerability in its search.php script.

tags | exploit, php, sql injection
MD5 | 4bf0e8ed50f64846844b14d3696ada14
Posted Feb 28, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

Lan Suite Web Mail version 602Pro running server WEB602/1.04 has multiple vulnerabilities that include path disclosure, cross site scripting problems, and directory listings.

tags | advisory, web, vulnerability, xss
MD5 | f1485a401a2a427f6e16b82c0140d653
Posted Feb 28, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

The InnoMedia VideoPhone version au75200xvi04010x on the Windows platform is susceptible to an authorization bypass when attempting to via a file as a folder. The underlying webserver is GoAhead-Webs.

tags | advisory, web
systems | windows
MD5 | 9bc0a3993865e43e93e00e3419d29c32
Posted Feb 28, 2004
Authored by DuskDruid | Site tcpick.sourceforge.net

tcpick is a textmode sniffer that can track TCP streams and saves the data captured in files or displays them in the terminal. It is useful for picking files in a passive way. It can store all connections in different files, or it can display all the stream on the terminal with colors.

Changes: Added src directory, flags struct, various other improvements.
tags | tool, sniffer, tcp
MD5 | d9c6351d4875635cfbca705606948a5e
FreeBSD Security Advisory 2004.3
Posted Feb 27, 2004
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:03.jail - A vulnerability has been found where jailed processes can attach to other jails. A programming error has been found in the jail_attach(2) system call which affects the way that system call verifies the privilege level of the calling process. Instead of failing immediately if the calling process was already jailed, the jail_attach(2) system call would fail only after changing the calling process's root directory.

tags | advisory, root
systems | freebsd
MD5 | d2dd9443b680de4094398f1affe91b88
Posted Feb 27, 2004
Authored by Chris Adams

Paper discussing how the the standard Apple Filing Protocol (AFP) does not use encryption to protect transfered data. Login credentials may be sent in cleartext or protected with one of several different hashed exchanges or Kerberos. There does not appear to have been any serious third-party security review of Apple's client or server implementations.

tags | advisory, protocol
systems | apple
MD5 | 8bdd1487d6b85c881f615d77e4101b7b
Posted Feb 27, 2004
Authored by Sam Chen | Site 0x557.org

Serv-U FTPD 3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested on Windows 2000 and XP.

tags | exploit, remote, overflow
systems | windows, 2k
MD5 | 7903957bc2d05d99715a806c19f459b6
Posted Feb 27, 2004
Authored by Brian Soby

A cross site scripting vulnerability exists in Symantec Gateway Security's management service which could allow an attacker to hijack a management session to the device. Version affected is 2.0.

tags | advisory, xss
MD5 | 0826658d6b7788362f852a9bb21b8433
Posted Feb 27, 2004
Site idefense.com

iDEFENSE Security Advisory 02.27.04b: Exploitation of an access validation error within Microsoft Internet Explorer web browsers allows remote attackers to bypass the restrictions imposed on cross frame scripting.

tags | advisory, remote, web
MD5 | 4565b422c422c95fb8d8635bcb8843f7
Posted Feb 27, 2004
Site idefense.com

iDEFENSE Security Advisory 02.27.04a: Exploitation of a buffer overflow vulnerability within a parameter parsing routine of WinZip Computing Inc.'s WinZip Archive Utility for Windows allows remote attackers to execute arbitrary code. Versions below 9.0 affected.

tags | advisory, remote, overflow, arbitrary
systems | windows
MD5 | fc0beb52f438bd4dd8ec85fcf77ea1a1
Posted Feb 27, 2004
Authored by Roy Hills | Site nta-monitor.com

ike-scan is a utility that discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern.

Changes: ISAKMP payloads are now decoded, new switch options added, various bug fixes.
tags | tool, scanner
systems | unix
MD5 | 5cdc5633a2a7484805d76b3952b8cef6
Posted Feb 27, 2004
Authored by Claudio Panichi | Site rfc.sourceforge.net

RFC (Remote Filesystem Checker) is a set of scripts that aims to help system administrators run a filesystem checker (like tripwire, aide, etc.) from a master-node to several slave-nodes using ssh, scp, sudo, and few other common shell commands.

tags | tool, remote, shell, integrity
MD5 | 3e4a1d896c971f1445a6c25d3e3bef83
Posted Feb 27, 2004
Authored by DownBload

Calife versions 2.8.4c and 2.8.5 has a heap memory corruption vulnerability which can lead to local privilege escalation.

tags | advisory, local
MD5 | 6030b170dd39d3b94fd5f3a5363a792d
Posted Feb 27, 2004
Authored by eEye Digital Security | Site eEye.com

eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in both RealSecure and BlackICE. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code within the SYSTEM context. This attack will succeed with BlackICE using its most paranoid settings.

tags | advisory, remote, arbitrary
MD5 | cf58862e37b168562457080264c01a9d
Posted Feb 26, 2004
Authored by Shaun Colley aka shaun2k2

Remote denial of service exploit that makes use of a command buffer overrun in Serv-U MDTM versions and below.

tags | exploit, remote, denial of service, overflow
MD5 | 0c41ebf259b8390d059a70d948948051
Posted Feb 26, 2004
Authored by Bkbll | Site cnhonker.com

Serv-U MDTM versions and below suffer from a command buffer overflow.

tags | advisory, overflow
MD5 | 4daa465d2501788fda0d70d16a91407b
Posted Feb 26, 2004
Authored by wirepair

Dell's OpenManage Web Server versions 3.7.0 and below vulnerable to pre-authentication heap-based buffer overflows. The vendor was notified but Dell's security contact was on vacation. Support was also contacted but believed the issue was related to the hard drive being full.

tags | advisory, web, overflow
MD5 | 866c13ef2b1fd0ccb493d27b84a5a0c2
Posted Feb 26, 2004
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Fixed bugs and added signatures.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
MD5 | f53ce230616c1f6aafedf546a7cc0f0f
Posted Feb 25, 2004
Authored by Donato Ferrante | Site autistici.org

FreeChat version 1.1.1a has problems parsing certain strings resulting in a denial of service.

tags | advisory, denial of service
MD5 | c03ec67f5051430b8705f4b618675070
Posted Feb 25, 2004
Authored by Andreas Sandblad

Using the mozilla browser, while linking to a new page it is still possible to interact with the old page before the new page has been successfully loaded. Any javascript events fired will be invoked in the context of the new page, making cross site scripting possible if the pages belong to different domains.

tags | advisory, javascript, xss
MD5 | 0182fb09a637cc8e469d1eb51bc5fbd4
Posted Feb 25, 2004
Authored by Johnny Mast | Site rosiello.org

Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91. This version support the following operating systems: Windows XP Home Edtion SP1, Windows XP Pro Edtion SP1, Win2k Pro Edtion.

tags | exploit, remote, overflow
systems | windows, 2k, xp
MD5 | 4320054933d5ea571c771b6234c91d9f
Posted Feb 25, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

jgs version 0.1.0 on the win32 platform is vulnerable to a cross site scripting attack.

tags | advisory, xss
systems | windows
MD5 | da1b5872e4f4db6887707d7f2ed04ff8
Posted Feb 24, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

The Gamespy SDK used for online cd-keys validation in third party code has various vulnerabilities. Game servers getting crashed and privacy problems persist. Gamespy themselves sent the author a cease and desist due to his research.

tags | advisory, vulnerability
MD5 | 2329acac06ac4148eabd9dd778fd046c
Posted Feb 24, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

The Ghost Recon engine versions 1.4 and below along with some other games developed by Redstorm are vulnerable to a remote crash.

tags | advisory, remote
MD5 | 22c10d2cb22a420e9ad7f8ef47678b3d
Page 1 of 8

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    9 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By