what you don't know can hurt you
Showing 1 - 21 of 21 RSS Feed

Files Date: 2004-05-04

Posted May 4, 2004
Authored by Todd J.

Packet Storm new exploits for March, 2004.

tags | exploit
MD5 | 4e97d41068bbd2b4d4ff013e93caa7d6
Posted May 4, 2004
Authored by Matt Edman

autoRST is an automated TCP RST exploit. It uses the Winpcap libraries to sniff for TCP packets on a network and then sends out a forged RST packet after calculating the appropriate sequence number and forging the MAC address. Makes use of the recent vulnerable released by Paul A. Watson.

tags | exploit, tcp
advisories | CVE-2004-0230
MD5 | 654ea5a0648371422ac6c68929cff3d4
Posted May 4, 2004
Authored by Proxy Labs | Site proxylabs.netwu.com

ProxyCap enables users to tunnel Internet applications through HTTP, SOCKS v4, and SOCKS v5 Proxy Servers. It can be told which applications will connect to the Internet through a proxy and under what circumstances. This is done through a user friendly interface, without the need to reconfigure any clients. ProxyCap provides a flexible rule system and allows the end user to define their own tunneling rules. ProxyCap version 2.0 introduces support for UDP-based networking clients, optional remote name resolution, and more detailed Session Logs.

tags | remote, web, udp
MD5 | 8848e7f85383047a4afa48483dcde0aa
Posted May 4, 2004
Authored by Ulf Harnhammar

LHa versions 1.14d to 1.14i and 1.17 suffer from buffer overflows and directory traversal flaws.

tags | advisory, overflow
advisories | CVE-2004-0234, CVE-2004-0235
MD5 | 031b3444c6323f7d1b41f760f1265411
Secunia Security Advisory 11525
Posted May 4, 2004
Authored by Alexander Antipov, Secunia | Site secunia.com

Alexander Antipov has reported some vulnerabilities in Web Wiz Forum, allowing malicious people to conduct SQL injection attacks and perform certain administrative functions.

tags | advisory, web, vulnerability, sql injection
MD5 | f7a1fdd1a23ef0ca570ca46ec64a3de5
Posted May 4, 2004
Authored by Michal Stys

Local root exploit for Squirrelmail's chpasswd utility. Tested on GNU/Debian with kernel 2.4.24 and on RH 9.0 shrike with kernel 2.4.20. Original bug found by Matias Neiff.

tags | exploit, kernel, local, root
systems | linux, debian
MD5 | 0d39b4dd9b57ce7c70057d669bb68cfd
Posted May 4, 2004
Authored by vade79

X-Chat versions 2.0.8 through 1.8.0 remote exploit that makes use of a buffer overflow in the SOCKS-5 proxy code. Successful exploitation binds a shell to port 7979.

tags | exploit, remote, overflow, shell
MD5 | 962882454041913d71efc4a5444ef886
Posted May 4, 2004
Authored by storm

Serv-U ftpd versions older than suffer from a flaw where a user issuing a long parameter as a value to a LIST command can cause the server to try and read a value that is outside the memory location causing a crash.

tags | exploit
MD5 | e1ac518faa09770360a61a3b10698007
Posted May 4, 2004
Authored by Oliver Karow | Site oliverkarow.de

Aldo's web server version 1.5 on Windows is susceptible to path disclosure and pathetic directory traversal attack that allows for remote access to any file on the system.

tags | exploit, remote, web
systems | windows
MD5 | f0e78cddf0d74c429c81530532d3f80f
Posted May 4, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

Multiple vulnerabilities in Coppermine Photo Gallery version 1.2.2b for PhpNuke. These range from small flaws like path disclosure, cross site scripting, and arbitrary directory browsing, to remote command execution on the underlying server.

tags | advisory, remote, arbitrary, vulnerability, xss
MD5 | cd1d70aec83d6377a9d7c484457221d2
Posted May 4, 2004
Authored by Martin Overton

Snort signatures that identify the new Sass worm that is propagating.

tags | tool, worm, sniffer
MD5 | 65392ba74c0fbbd684793905ac32c32d
Posted May 4, 2004
Authored by Karl Lynn | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in Apple's QuickTime Player. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code within the SYSTEM context. Versions affected are Apple QuickTime 6.5 and Apple iTunes

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2004-0431
MD5 | 7d5df22d85b6fdb5dcc3e2513ed9efc7
Posted May 4, 2004
Authored by Chris | Site cr-secure.net

A denial of service condition exists in the PaX kernel patch for the 2.6 series that will put the kernel in an infinite loop when ASLR is enabled.

tags | advisory, denial of service, kernel
MD5 | eb21d32408eb877a5db16ba7dc01cedc
Posted May 4, 2004
Authored by Dmitry Shurupov

YaBB 1 Gold SP 1.2 written in Perl suffers from a flaw where data put into the subject line isn't properly sanitized allowing an attacker to inject newlines, starting a new thread.

tags | advisory, perl
MD5 | 3e1a634b6e35ebadacf06fceff744029
Posted May 4, 2004
Authored by Ofer Maor | Site imperva.com

Imperva's Application Defense Center has announced that several vulnerabilities exist in BusinessObject's Crystal Reports' Web Interface. These vulnerabilities allow a potential hacker to retrieve and delete any file from the file system of the server on which it runs, as well as causing a complete denial of service to the server.

tags | advisory, web, denial of service, vulnerability
MD5 | 97e058b7658f8cab3f13b8fc0082baab
Posted May 4, 2004
Authored by Manuel Lopez

Props version 0.6.1 is susceptible to cross site scripting attack and allows an attacker the ability to see any file on the system due to flaws in glossary.php.

tags | advisory, php, xss
MD5 | dc448db60056a58bf9c72c8afd7328dc
Posted May 4, 2004
Authored by Bartek Nowotarski | Site silence.0.pl

Moodle versions 1.3 and below suffer from a cross site scripting flaw.

tags | advisory, xss
MD5 | 43b17860cae91cf14465bd4e99d36a37
Posted May 4, 2004
Authored by ax09001h

Dameware's Mini Remote Control System version 4.2 uses a weak key agreement scheme. The scheme consists of the sharing of pointers into a fixed key lookup table. Both the client and the server have access to a key lookup table (KLT) consisting of 1000 32-bit values.

tags | exploit, remote
MD5 | f971234888749d3f8d58c426d86398c0
Posted May 4, 2004
Authored by E. Kellinis | Site cipher.org.uk

Internet Explorer version 6.0.2800 (and possibly others) suffers from a certificate theft bug that can be used against victims for phishing scams.

tags | advisory
MD5 | d54552efc93210c23a9b6940f487cfb7
Posted May 4, 2004
Authored by Patrik Karlsson | Site cqure.net

MetaFrame XP Presentation Server and MetaFrame 1.8 have a flaw that allows an administrator account to mount any client drive available in any user's Citrix session.

tags | advisory
MD5 | 4e78bb9e52e44f87d4c6a271a57bcf50
Posted May 4, 2004
Site samba.anu.edu.au

A security problem exists in all versions of rsync prior to 2.6.1 that affects anyone running a read/write daemon without using a chrooted environment.

tags | advisory
MD5 | 5c922ad89a5afd206074db1ca1e54ae5
Page 1 of 1

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    4 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2019 Packet Storm. All rights reserved.

Security Services
Hosting By