exploit the possibilities
Showing 1 - 17 of 17 RSS Feed

Files Date: 2004-05-07

Posted May 7, 2004
Authored by Joel Eriksson | Site 0xbadc0ded.org

DeleGate versions 8.9.2 and below have a remotely exploitable buffer overflow vulnerability that exists in the SSLway filter.

tags | advisory, overflow
MD5 | 445eeac5fcf2a83fe07bb922dd565578
Posted May 7, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

PHP-Nuke version 6.x through 7.2 suffer from various SQL injection and cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss, sql injection
MD5 | e6e2537ec2fd1485641bcb0bfc844659
Posted May 7, 2004
Authored by Georgi Guninski | Site guninski.com

Two stack based buffer overflows exist in Exim 3.35. Both bugs need features enabled and are not in the default configuration. Proof of concept exploitation given.

tags | exploit, overflow, proof of concept
MD5 | a8e4942b9a3c3e0b2511c7b3e7f6a8d6
Posted May 7, 2004
Authored by Cesar Cerrudo

The Microsoft Active Server Pages (ASP) engine does not properly handle special cookie values when they are retrieved. Because of this, an unhandled error is returned to the client. This behavior can be used maliciously to gather sensitive information from web applications. All Microsoft Internet Information Server (IIS) web applications using Active Server Pages (ASP) are affected.

tags | advisory, web, asp
MD5 | 75c0cc47922f883dd028dd0ea48ef8d9
Posted May 7, 2004
Authored by Luca Villani

Kolab server version 1.x suffers from an information disclosure vulnerability where it stores the OpenLDAP root password in clear text in slapd.conf.

tags | advisory, root, info disclosure
MD5 | e947dbd6444a6d2ca3139a7ca0eee667
Posted May 7, 2004
Authored by Cheng Peng Su

SMF version 1.0 Beta 5 public is susceptible to a script injection vulnerability. This company used to produce YaBB SE.

tags | advisory
MD5 | 5c7ea5f73c2bb240c36c5545e9223a66
Posted May 7, 2004
Authored by Stuart Jamieson

Fuse Talk version 4.0 has various flaws that would enable a remote attacker to ban users and the possibility of tricking an administrator into adding accounts for them. It is also susceptible to various cross site scripting issues.

tags | advisory, remote, xss
MD5 | 936ee940234bce6ec5bfcf6db8c93176
Posted May 7, 2004
Authored by Jon McClintock

P4DB versions 2.01 and below suffer from a lack of proper user input validation that allows for remote arbitrary command execution. Some cross site scripting flaws also exist.

tags | advisory, remote, arbitrary, xss
MD5 | ae4d1f584dcca17dc47571d4cceb2348
Posted May 7, 2004
Authored by Evgeny Demidov

Heimdal releases prior to 0.6.2 with kadmind version4 have been found vulnerable to a remote pre-auth heap overflow.

tags | advisory, remote, overflow
advisories | CVE-2004-0434
MD5 | 3714c70cdaa7bc3f8b7c84249e6bdbcf
SP Research Labs Advisory 11
Posted May 7, 2004
Authored by Badpack3t, SP Research Labs | Site security-protocols.com

MyWeb version 3.3 is susceptible to a buffer overflow attack when a specifically crafted HTTP GET request which contains over 4096 bytes of data is sent to the server.

tags | exploit, web, overflow
MD5 | 513d1662430ae50e6576fa379a6de607
Posted May 7, 2004
Authored by storm | Site securiteam.com

A security vulnerability exists in South River Technologies' Titan FTP Server. An attacker issuing a LIST command and disconnecting before the LIST command had the time to connect, will cause the program to try and access an invalid socket. This results in the FTP service crashing. Version affected: 3.01 build 163.

tags | exploit
MD5 | 06ec27cef6424d9953fbee1c03bdbe2c
Posted May 7, 2004
Authored by Martin O'Neal

Verity Ultraseek versions 5.2.1 and below suffer from a path disclosure vulnerability.

tags | advisory
advisories | CVE-2004-0050
MD5 | 4cd573175d8440191d3f24311517d039
Posted May 7, 2004
Authored by Oliver Karow | Site oliverkarow.de

Appfoundry Message Foundry version 2.75.0003 is susceptible to a denial of service attack when an HTTP GET request for /com1 is passed to the server.

tags | advisory, web, denial of service
MD5 | f649618b1e777e5239a8b635ae464531
Posted May 7, 2004
Authored by Gyan Chawdhary

Local root exploit for sendmail versions 8.12.9 and below that makes use of the prescan function vulnerability originally discovered by Michal Zalewski back in September.

tags | exploit, local, root
MD5 | e6a94843ad03750d2f73beb8a33a7cdd
Posted May 7, 2004
Authored by James Bercegay | Site gulftech.org

PHPX versions 3.2.6 and below have cross site scripting, path disclosure and arbitrary command execution vulnerabilities. Full exploitation given.

tags | exploit, arbitrary, vulnerability, xss
MD5 | 5bc64564204e7b43c40dfb249c361ca4
Posted May 7, 2004
Authored by Konstantin Ryabitsev

Hilarious take on how Red Hat is changing over to Fedora and letting the community know how things will work in general.

systems | linux, redhat, unix, fedora
MD5 | 6daa4038308659331dcc0ee9f6e98fe7
Atstake Security Advisory 04-05-03.1
Posted May 7, 2004
Authored by David Goldsmith, Atstake, Dino Dai Zovi | Site atstake.com

Atstake Security Advisory A050304-1 - The AppleFileServer provides Apple Filing Protocol (AFP) services for both Mac OS X and Mac OS X server. AFP is a protocol used to remotely mount drives, similar to NFS or SMB/CIFS. There is a pre-authentication, remotely exploitable stack buffer overflow that allows an attacker to obtain administrative privileges and execute commands as root. Versions affected are Mac OS X 10.3.3, 10.3.2, and 10.2.8.

tags | advisory, overflow, root, protocol
systems | apple, osx
advisories | CVE-2004-0430
MD5 | 5de2bae707073a58346e46a1633898bb
Page 1 of 1

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    4 Files
  • 9
    Jul 9th
    9 Files
  • 10
    Jul 10th
    7 Files
  • 11
    Jul 11th
    4 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By