HP Web JetAdmin Version 7.5.2546 has multiple vulnerables. They include denial of service, the ability to upload any file to the server, the ability to write to any file on the filesystem, and the ability to read any file via a directory traversal attack.
780900bad23973701e54c68a4f7f56ef66254bb168b915fea16bf8201c311dc8Proof of concept exploit for PicoPhone versions 1.63 and below that makes use of a buffer overflow in the logging functionality.
e0631cf6bec415c1808b84f96b56815afd7052f75d64d713abeba40da34a113cPicoPhone versions 1.63 and below have a buffer overflow in their logging function that allows an attacker to take over the server.
272375c297125602b9c603522ebc037890efc0a2961dea48470bef45f3d0af4cTrendMicro Interscan Viruswall versions 3.5 and below suffer from a directory traversal vulnerability that allow a remote attacker to access any files outside of the web root.
f25f638f906ad129cdbb8d328799330facc7b5d94a900c921325721bd2ecf3f8Rapid7 Security Advisory - OpenBSD isakmpd payload handling is subject to multiple denial of service vulnerabilities. Known vulnerable: OpenBSD 3.4 and earlier, OpenBSD-current as of March 17, 2004.
8da0f659cc2f01757fe76a02ef81c99462ce0723e0c7b0c9c6d5be0d74ba2547Immunity Security Advisory - A vulnerability lies in Solaris 2.6 through 10 that allows a local user to load kernel modules without being root due to a directory traversal problem in vfs_getvfssw().
5c936a09f4f3f66b70760fb5d3f874837bb9b5030610fd82f6ddf49325674c4fRemote proof of concept denial of service exploit for Terminator 3 that makes use of a broadcast client buffer overflow.
0d641c022483a59a51b40970eba53e0b52c0c58762425942c400509db3dae76fTerminator 3: War of the Machines version 1.0 for Windows has a broadcast client buffer overflow that results in a game network denial of service.
5bbd57e0ea47f9ad7dbc552039e2126709a71fe804eaa6a809e07653ccee4b47Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
f9980469af70423a03cca7209195819965d3b667de384c8a420a9898545aae73Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
6ec449abbb90d4b10e1c2d055d508d51d568ec0af561890b9085f14ed8dff0f2Immunity Security Advisory - A double-free weakness in the XDMCP parser of dtlogin (CDE) results in remote code execution against popular server operating systems, such as Solaris. This attack is performed over UDP port 177.
34a2ff7508addcf429bd6658dd04890ff4df50eab6a7461c5b52a69bb51e0b7dDameware Mini Remote Control version 4.1.0.0 passes its Blowfish encryption key on the wire in the clear. It also uses a poor random bit generator to create the key.
7645b350d10e4bf407c1b67c4e1ccaee2cc5aade90a07b7a4ea069e8f53107a6Ethereal versions 0.8.14 through 0.10.2 were found to be vulnerable to thirteen remote stack overflows during a code audit. The vulnerable dissectors in question are namely: BGP, EIGRP, IGAP, IRDA, ISUP, NetFlow, PGM, TCAP and UCP. Ten of the overflows allow for arbitrary code execution.
381080b5ef005f71331d2984b019292db1046026552c446cfec0adc047875699Remote denial of service exploit for The Rage game versions 1.01 and below.
4cce12588b3ef0ace39cff4594e1a48cf42cba02f088ee85aa601d736d465c5aThe Rage game versions 1.01 and below are vulnerable to a remote denial of service. The packet used by the client to join the match hosted on the server contains a sockaddr_in structure inside the data that is composed by the AF_INET family, the source port and the IP address of the client. This structure is used by the server to send the next packets to the client. If an attacker fills it with a port and an IP equal to zero the server will enter in an infinite loop.
714d794129be89c2a51454b4e92a78a136797ae0d00e5463617b167b2a64d08f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed