exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2004-05-04

Posted May 4, 2004
Authored by Todd J. | Site packetstormsecurity.com

Packet Storm new exploits for March, 2004.

tags | exploit
SHA-256 | cfaceed6fb98501b73a6b3f8ffef33d4ba76ca8a5e534ed5c8ac151d426863f7
Posted May 4, 2004
Authored by Matt Edman

autoRST is an automated TCP RST exploit. It uses the Winpcap libraries to sniff for TCP packets on a network and then sends out a forged RST packet after calculating the appropriate sequence number and forging the MAC address. Makes use of the recent vulnerable released by Paul A. Watson.

tags | exploit, tcp
advisories | CVE-2004-0230
SHA-256 | 42cb6ede12e9199900a5e6282342a4505e4a0df06f3b97e39afc1e2143e7b326
Posted May 4, 2004
Authored by Proxy Labs | Site proxylabs.netwu.com

ProxyCap enables users to tunnel Internet applications through HTTP, SOCKS v4, and SOCKS v5 Proxy Servers. It can be told which applications will connect to the Internet through a proxy and under what circumstances. This is done through a user friendly interface, without the need to reconfigure any clients. ProxyCap provides a flexible rule system and allows the end user to define their own tunneling rules. ProxyCap version 2.0 introduces support for UDP-based networking clients, optional remote name resolution, and more detailed Session Logs.

tags | remote, web, udp
SHA-256 | f3d219d793029162c4fa053ee2a58e4f4d70e87c733f0b822ac77c04ad1ccf0d
Posted May 4, 2004
Authored by Ulf Harnhammar

LHa versions 1.14d to 1.14i and 1.17 suffer from buffer overflows and directory traversal flaws.

tags | advisory, overflow
advisories | CVE-2004-0234, CVE-2004-0235
SHA-256 | 7ae3e4725ed69dd046198c050806c9823138937d3f1cdf941f31a097fd5ab9b4
Secunia Security Advisory 11525
Posted May 4, 2004
Authored by Alexander Antipov, Secunia | Site secunia.com

Alexander Antipov has reported some vulnerabilities in Web Wiz Forum, allowing malicious people to conduct SQL injection attacks and perform certain administrative functions.

tags | advisory, web, vulnerability, sql injection
SHA-256 | 024ed03e7937f3b0cf30e5a45a9ee9bce998f485ff34e66cf5910706d8b35241
Posted May 4, 2004
Authored by Michal Stys

Local root exploit for Squirrelmail's chpasswd utility. Tested on GNU/Debian with kernel 2.4.24 and on RH 9.0 shrike with kernel 2.4.20. Original bug found by Matias Neiff.

tags | exploit, kernel, local, root
systems | linux, debian
SHA-256 | 6157a4eb97ac74cc3337b905b33aa88c26ff87f621b2f36ac1cf440cdd4a4aad
Posted May 4, 2004
Authored by vade79

X-Chat versions 2.0.8 through 1.8.0 remote exploit that makes use of a buffer overflow in the SOCKS-5 proxy code. Successful exploitation binds a shell to port 7979.

tags | exploit, remote, overflow, shell
SHA-256 | 2fee8170f90a051fd47c72f81150fec692e3bf4fac546c3cd394c69c90bc8001
Posted May 4, 2004
Authored by storm

Serv-U ftpd versions older than suffer from a flaw where a user issuing a long parameter as a value to a LIST command can cause the server to try and read a value that is outside the memory location causing a crash.

tags | exploit
SHA-256 | a65b66ef8af1cc9495cc9fd0ca5c58f21b69e261b6e0304aa32ec1022fd5e31b
Posted May 4, 2004
Authored by Oliver Karow | Site oliverkarow.de

Aldo's web server version 1.5 on Windows is susceptible to path disclosure and pathetic directory traversal attack that allows for remote access to any file on the system.

tags | exploit, remote, web
systems | windows
SHA-256 | 639a5b9daeec5ce3fedb73bbc100d9733a8a0a3dfedccdc525198e2cf000b64e
Posted May 4, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

Multiple vulnerabilities in Coppermine Photo Gallery version 1.2.2b for PhpNuke. These range from small flaws like path disclosure, cross site scripting, and arbitrary directory browsing, to remote command execution on the underlying server.

tags | advisory, remote, arbitrary, vulnerability, xss
SHA-256 | 7415e5415321c84c93f3ecfdfa2f75966b919e898dbdd4cc97a03587a1583d66
Posted May 4, 2004
Authored by Martin Overton

Snort signatures that identify the new Sass worm that is propagating.

tags | tool, worm, sniffer
SHA-256 | b69ecb8046fb28e2ec5770410354925379943778ef8847ca1a3d9898bd74f9bc
Posted May 4, 2004
Authored by Karl Lynn | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in Apple's QuickTime Player. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code within the SYSTEM context. Versions affected are Apple QuickTime 6.5 and Apple iTunes

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2004-0431
SHA-256 | 23422f64bc4e7a74941faa7d950894e64994663ccbfd1bcf7dc0f7fbb51a6548
Posted May 4, 2004
Authored by Chris | Site cr-secure.net

A denial of service condition exists in the PaX kernel patch for the 2.6 series that will put the kernel in an infinite loop when ASLR is enabled.

tags | advisory, denial of service, kernel
SHA-256 | 0adbded51cf9a6b8441fa58bccc91d76d1b646be40a1f40dae448219c15501cb
Posted May 4, 2004
Authored by Dmitry Shurupov

YaBB 1 Gold SP 1.2 written in Perl suffers from a flaw where data put into the subject line isn't properly sanitized allowing an attacker to inject newlines, starting a new thread.

tags | advisory, perl
SHA-256 | d8eee29041423b23fd7deddccc13a610845fa02059cee014612d67f0e0fd6c58
Posted May 4, 2004
Authored by Ofer Maor | Site imperva.com

Imperva's Application Defense Center has announced that several vulnerabilities exist in BusinessObject's Crystal Reports' Web Interface. These vulnerabilities allow a potential hacker to retrieve and delete any file from the file system of the server on which it runs, as well as causing a complete denial of service to the server.

tags | advisory, web, denial of service, vulnerability
SHA-256 | a06e1cc4e1bcef2ca1c33358c45ac5483715ad03340741bed12f00d3b9676eab
Posted May 4, 2004
Authored by Manuel Lopez

Props version 0.6.1 is susceptible to cross site scripting attack and allows an attacker the ability to see any file on the system due to flaws in glossary.php.

tags | advisory, php, xss
SHA-256 | f598b9ed8a7b6ff22759af3b10826567272decde5f2a0302648d6e96d89ddcee
Posted May 4, 2004
Authored by Bartek Nowotarski | Site silence.0.pl

Moodle versions 1.3 and below suffer from a cross site scripting flaw.

tags | advisory, xss
SHA-256 | 45a15dcab7c11c1a129cbac1523b23eb9598a1a5f970a5cbcdb0f4dabfeb645f
Posted May 4, 2004
Authored by ax09001h

Dameware's Mini Remote Control System version 4.2 uses a weak key agreement scheme. The scheme consists of the sharing of pointers into a fixed key lookup table. Both the client and the server have access to a key lookup table (KLT) consisting of 1000 32-bit values.

tags | exploit, remote
SHA-256 | 2a0a8f9b0413c82fcc2ef7d6bb5e5aee1c479ab3b69d3d2982122a9159c3e2fe
Posted May 4, 2004
Authored by E. Kellinis | Site cipher.org.uk

Internet Explorer version 6.0.2800 (and possibly others) suffers from a certificate theft bug that can be used against victims for phishing scams.

tags | advisory
SHA-256 | 9970cca3cc94d677df7bc9884a6f5b3bb7df08e8471168e67ed67445d4331d5f
Posted May 4, 2004
Authored by Patrik Karlsson | Site cqure.net

MetaFrame XP Presentation Server and MetaFrame 1.8 have a flaw that allows an administrator account to mount any client drive available in any user's Citrix session.

tags | advisory
SHA-256 | 34f23f9738b94f17232372cad784b2bf785946c38d216b82724c99af44ef901a
Posted May 4, 2004
Site samba.anu.edu.au

A security problem exists in all versions of rsync prior to 2.6.1 that affects anyone running a read/write daemon without using a chrooted environment.

tags | advisory
SHA-256 | a3255b5967118be2f68ba9a3e9714d06eb078a92b26a2dc88d8b214621db6d18
Page 1 of 1

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By