what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2004-06-03

Posted Jun 3, 2004
Authored by Oliver Karow | Site oliverkarow.de

Sambar Server version 6.x has been found susceptible to directory traversal, direct file access, and cross site scripting attacks

tags | exploit, xss
SHA-256 | 5467d07e39bee02ec5cbf79f55db0f1dbd67f3df5968037eed86cdcbd00981a4
Posted Jun 3, 2004
Authored by priestmaster | Site priestmaster.org

If any ucd-snmp version, 4.2.6 and below, is installed setuid root, a local attacker can overwrite any file using the -P and -l parameters.

tags | advisory, local, root
SHA-256 | 1016752386d08c853e5ec5531500830362c7331f992a62a1b91766d6ec8dab73
Posted Jun 3, 2004
Site eff.org

Amusing flash movie from the Electronic Frontier Foundation that illustrates how silly the RIAA is being in their war against filesharing.

tags | tool, peer2peer
SHA-256 | 42c8ea31e39549d79eeef31878e139575b7abe570a879f84eda9e1317aacf54d
Posted Jun 3, 2004
Authored by Jose Nazario | Site monkey.org

vthrottle is an implementation of an SMTP throttling engine for Sendmail servers, based upon M. Williamson's mechanisms, as described in his 2003 Usenix Security paper. It allows the administrator to control how much email users and hosts may send, hindering the rapid spread of viruses, worms, and spam. Exceptions can be made using a whitelist mechanism, which can be generated manually or with the included tool vmeasure.

tags | worm
systems | unix
SHA-256 | 153f4f33f318d3141ce68d6b21c2a4d19c425bdc02bffd0fceffe0f0c762791a
Posted Jun 3, 2004
Authored by Simon Josefsson | Site josefsson.org

DNSSEC Walker is a tool to recover DNS zonefiles using the DNS protocol. The server does not have to support zone transfers, but the zone must contain DNSSEC NXT or NSEC records. Optionally, it can also verify DNSSEC signatures on the RRsets within the zone.

tags | tool, scanner, protocol
systems | unix
SHA-256 | 91ef193cba0d85329de8f9d7b30b1812e9b6d021f29cad9d13d598627d7c5803
Posted Jun 3, 2004
Authored by Solar Designer | Site openwall.com

Scanlogd is a TCP port scan detection tool originally designed to illustrate various attacks an IDS developer has to deal with, for a here.

tags | tcp
systems | unix
SHA-256 | 0ca9acc44e8421356790d2f865236ddf7ff0ee85ff255c6f2c1b93b70899a915
Posted Jun 3, 2004
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Bug fixes.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 58e197fb51af2ae398f50f9e4f08749e94e5572cc6ef82bf74b7560f4236a419
Posted Jun 3, 2004
Site security.greymagic.com

GreyMagic Security Advisory GM#007-OP - It is possible to use a shortcut icon in Opera to fool users into believing that they are in a domain they trust. Tested versions which are affected: Opera 7.23 and 7.50.

tags | advisory
SHA-256 | aa15d941d394ef2faa0357cea8954d563f49655812e96b374eebac771eef5fca
Posted Jun 3, 2004
Site greymagic.com

GreyMagic Security Advisory GM#006-MC - GreyMagic discovered that by sending a maliciously formed email to a Yahoo user it is possible to circumvent the filter and execute script in the context of a logged-in Yahoo! user due to a cross site scripting flaw.

tags | advisory, xss
SHA-256 | b68af6d21ce14685b4eb42ae8efb1c84859267ea5fe66cfc86989825728682c8
Posted Jun 3, 2004
Authored by b0f | Site b0f.net

Multiple denial of service attacks exist against various Linksys routers, causing them to need a factory reset in order to function again. Version affected: Linksys BEFSR41, BEFSR41 v3, BEFSRU31, BEFSR11, BEFSX41, BEFSR81 v2/v3, BEFW11S4 v3, BEFW11S4 v4.

tags | exploit, denial of service
SHA-256 | db186f84f45cf2b92a997aca7c56050a81e24eb42de92b84834c222e647b14e2
Posted Jun 3, 2004
Authored by Tim Newsham

A vulnerability in the mkdir system utility can allow an unprivileged user to gain root privileges in UNIX 7th Edition systems. Exploit for /bin/mkdir Unix V7 PDP-11 included.

tags | exploit, root
systems | unix
SHA-256 | 4e41e05c7bd4f54ea62b0ae08d7f52783bf2b9ebe3351bf9003ef69884cf8358
Posted Jun 3, 2004
Authored by Paul Herman

Tripwire commercial versions equal to and below 2.4 and Tripwire open source versions equal to and below 2.3.1 are susceptible to a format string vulnerability an email report is generated. This vulnerability allows an attacker to execute arbitrary code with the rights of the user running the file check, which is typically root.

tags | advisory, arbitrary, root
SHA-256 | 92e5eef21ab6cff8a801d98be62205f1d78683b06bdc07dc1cffa5141ea0a2a7
Page 1 of 1

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By