artmedic_links 5, the PHP script, is susceptible to a file and URL inclusion vulnerability.
fcb5bd9d71d92305c88ad7546002bb9461b97c61d6b4476192e7c92d834817afSymbian SIS file dumping utility that allows for analysis of potential malware without actual installation of files. It provides information on file headers (UIDs, Version, Number of Languages, Number of files), file list (Destination name by default, Source filename and file type).
d0b5a4ac2ae9c2a7e25d96eb3a066b7934371142f4f87debfe9c326b0ca0ab29Secunia Security Advisory - Alan Fitton has discovered a vulnerability in giFT-FastTrack, allowing malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error, which can be exploited to crash the giFT daemon via a specially crafted signal. Version 0.8.6 and prior are reportedly affected.
952b88a417674f0acb22f4a6dfd67756190439d585dfd1efab3bb1623259e089A flaw in Kerberos password handling under Sun Solaris 9 allows for passwords to be logged in clear text on clients with services using pam_krb5 as an auth module.
3e8f112307c599098b445c863693bd8fada2f48c9458a8350f1589bcb01e67a7Syscheck version 0.6.3 is a utility for performing sanity checking on system files, services, and ports. It attempts to identify any trojans or rootkits that may be getting used and also looks for vulnerable software installed. ELF binary included.
acd45abdf8d192ac0196d7584cbc89736c1a1b3ef25c4a5899f2b0dd9277f2c9mod_rootme is a very cool module that sets up a backdoor inside of Apache where a simple GET request will allow a remote administrator the ability to grab a root shell on the system without any logging.
5d4dbf999c7882a9556deb51b0d6c190b7a93de32438eaf87319407dde904309A format string bug has been discovered in the Gnats package version 4.0 which could possibly be exploited to execute arbitrary commands.
cfca36ef8b0b5c888ed1009e7585a1649bce8e2d751f4117f5322cc8b06614f1An unspecified vulnerability has been discovered in Sun StorEdge Enterprise Storage Manager, which can be exploited by malicious, local users to gain root privileges.
2d9524179730bf2bea09666c1915fa03c6e51c0cdf2fb55150023d2850e35e23Remote exploit that makes use of a format string vulnerability in rlpr version 2.x.
671d9ed33356c2438a4c4a70a5e1e61d2e6b9186125af05bd345ee60f4144974Vulnerabilities in rlpr version 2.x include a format string error and boundary error in the msg() function that can lead to remote arbitrary code execution.
909257fe013334eb749954d5e33494289bf97fdbac67301020845d045a82f68bssharp is a tool for man in the middle attacks against SSH.
2e4df21e2413ddc4731a20b6106f2fb5a75feeccc9288a687315659cefe6ee28Secunia Security Advisory - VeNoMouS has reported a vulnerability in php-exec-dir, which can be exploited by malicious users to bypass certain security restrictions.
b77c7db1305cebf95c146c518a55922776a3ea9a90a6612fba19cd5c78c70092Zone-h Security Advisory - Drcatd is susceptible to multiple local and remote buffer overflows.
c443329a687a604fe5080a5f5db4419823ad5aabf4d102051246b2bd45890ea9New UPNP exploit that affects Microsoft Windows XP SP0. Binds a shell on port 1981.
b32da5228997cbf8201fa805c7daa21ca9f569746c832b6fa6f5c82886895b75DCE for HP Tru64 UNIX is susceptible to a potential RPC buffer overrun attack that can result in a denial of service. Affected releases: All versions of DCE/DFS for Tru64 UNIX are vulnerable v4.1.4 (ifspec), v4.1.5, v4.2 and v4.3.
88ded2925fbaa20f1de257401093d0f0bb211a7c60340a7fe8951877202795c7A cross site scripting vulnerability exists in VBulletin.
aafd39f6a324f6ee241a54e4a45662c562a61a5a9f22136d28a71e084b6a82d6iDEFENSE Security Advisory 06.23.04: Remote exploitation of a parameter filtering vulnerability in IBM Corp.'s Lotus Notes application allows remote attackers to execute arbitrary code.
71b073911f9767c8350a24944678f84d597446f7e45d0310cf096ff44008c533IBM Lotus recognized the potential for a cross-site scripting vulnerability to exist under certain circumstances.
e2282f5c9d84329522a9a0fc435d38a51690757fa9ff1aa4e13916f9eaac358dAn error within the Basic Security Module (BSM) under Sun Solaris versions 7, 8, and 9 allows a malicious local attacker to cause a denial of service against the system.
52e41ffe245705a1556b3565d2b6b29b18f82e072108fd1e407839bbbb067dccThere exists an integer overflow in the Broadcom 5820 Cryptonet driver. A user supplied value is used to size a dynamic buffer, and this buffer is subsequently filled with user supplied data. This allows for a local denial of service attack with possible code execution.
e054cb5f6c00876a9b469f206a34496e8c5a8492521c2abdc71ff82951387141It is possible to crash the kernel on FreeBSD/Alpha by passing an unaligned memory address as a 2nd or 3rd argument to execve() syscall. Affected versions: FreeBSD 5.1-RELEASE/Alpha and possibly others. Not affected: FreeBSD 5.1-RELEASE/IA32.
a4526052ca2cb1a9ff1b6dffe4989feaa6565bda6886895d2f79921d22533f39Internet Explorer allows local users to cause a denial of service against the system when attempting to print a certain HTML page.
58a12f65eb35074551f1ea9e9c4a526a630bdb238680515640a6defcd2a606dbArbitroWeb suffers from a java injection flaw.
b468e30020287fa9dc1cb6f695913e9f49e0bb52cbe7686dfe692207115986e3A clear text account password is obtainable using SNMP on the BT Voyager 2000 Wireless ADSL router.
97dc052ac3e0b1453eaaea2d5bb1c4c31b7c9e9033008710e300211fe44a295cWhite paper discussing possible exploitation of memory returned by kmalloc().
94224655fc72bfec74e3d6de5dbfccf52e48efab8a9e3883c65a2847b95c4366
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed