exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2004-07-14

Posted Jul 14, 2004
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It is useful for pinpointing which process is using each network socket. FAQ available here.

Changes: Fixes bugs, adds the +m and "+m m" options, supports FreeBSD 5.2 and 4.10, OpenBSD 3.5, and NetBSD 2.0.
tags | tool, intrusion detection
systems | unix
MD5 | a84cff97425ca842433946de41037a22
Posted Jul 14, 2004
Authored by HexView

A denial of service condition exists in the Microsoft SMS Client where a data packet that gets analyzed will cause the server to throw an exception while attempting to read or write an invalid memory address. Tested against: Microsoft Systems Management Server version 2.50.2726.0.

tags | advisory, denial of service
MD5 | bbf3da2645436728b6cafef56500c1fa
Posted Jul 14, 2004
Authored by Brett Moore SA | Site security-assessment.com

A remote code execution vulnerability exists in the Task Scheduler (mstask.dll) because of an unchecked buffer. Affected Software: Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP, Microsoft Windows XP Service Pack 1.

tags | advisory, remote, code execution
systems | windows, 2k, xp
advisories | CVE-2004-0212
MD5 | 03d352af4dfa72396c4e7934987da494
Posted Jul 14, 2004
Authored by Peter Winter-Smith | Site ngssoftware.com

Microsoft Windows Task Scheduler is vulnerable to a stack-based buffer overflow. The flaw can be exploited by creating a specially-crafted .job file. This will most frequently be a local exploit, but it is possible to imagine some cases where this could be remotely exploited as well.

tags | advisory, overflow, local
systems | windows
MD5 | cfafc6e92727b06c8186984f6f610665
Posted Jul 14, 2004
Authored by msconzo | Site security.tamu.edu

NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.

Changes: Bug fixes and code cleanup.
tags | tool, web, perl, sniffer
MD5 | 19e7aae0da3a00b4c06694f6f8809919
Posted Jul 14, 2004
Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: Added support for Mandrake 8.2, 9.0, 9.1, Redhat Enterprise Linux AS, Slackware 10, Gentoo 1.5. Improved various other support and updated hashes.
tags | tool, shell, perl, integrity, rootkit
systems | netbsd, unix, solaris
MD5 | f580ee74e3cbcbe945bfd87e403f3145
Posted Jul 14, 2004
Authored by Stefan Esser | Site security.e-matters.de

PHP memory_limit remote vulnerability allows for remote code execution on PHP servers with activated memory_limit.

tags | advisory, remote, php, code execution
advisories | CVE-2004-0594
MD5 | 4cbf9d53c4b6392a1826cd5673b6db43
Posted Jul 14, 2004
Authored by Stefan Esser | Site security.e-matters.de

PHP strip_tags() bypass vulnerability may allow for Cross-site scripting attacks launched via websites that run PHP and depend on strip_tags() for security. The attack requires a vulnerable browser such as IE, Safari, or Mozilla in order to work.

tags | advisory, php, xss, bypass
advisories | CVE-2004-0595
MD5 | 863e7ba7525c9271c3acb7416575f74b
Posted Jul 14, 2004
Authored by Brett Moore SA | Site security-assessment.com

The HtmlHelp application (hh.exe) in Microsoft windows read a value from a .CHM file to set a length parameter. By setting this to a large value, it is possible to overwrite sections of the heap with attacker supplied values. Affected software includes: Microsoft Windows 98, 98SE, ME, Microsoft Windows NT 4.0, Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP, Microsoft Windows XP Service Pack 1, Microsoft Windows Server 2003.

tags | advisory
systems | windows, 2k, 9x, nt, xp
advisories | CVE-2004-0201
MD5 | 4cf83725f559f27e1ea920fc7aa97828
Posted Jul 14, 2004
Authored by Cesar Cerrudo

A local elevation of privileges exists in the Windows Utility Manager which allows any user to take complete control over the operating system. This vulnerability affects the Windows 2000 operating system family.

tags | advisory, local
systems | windows, 2k
advisories | CVE-2004-0213
MD5 | 2b4514b7f08e2e518c0e9d06663ed71d
Atstake Security Advisory 04-07-13.1
Posted Jul 14, 2004
Authored by David Goldsmith, Atstake | Site atstake.com

Atstake Security Advisory A071304-1 - 4D WebSTAR versions 5.3.2 and below suffer from numerous vulnerabilities that allow for an attacker to escalate privileges or obtain access to protected resources. These include a remotely exploitable pre-authentication FTP overflow, directory indexing of any directory on the host, file disclosure of PHP.INI, and local privilege escalation and file overwrite via symbolic links.

tags | advisory, overflow, local, php, vulnerability
MD5 | 46a6d79962855470a1303bb27c4b5f7c
Posted Jul 14, 2004
Authored by Maarten Tielemans

Aterm version 0.4.2 has a tty permission weakness that allows the world to write to a terminal.

tags | advisory
MD5 | 597aa16b13faa18a12d684039557b8c4
Bugzilla Advisory 2.16.5
Posted Jul 14, 2004
Authored by The Bugzilla Project | Site bugzilla.org

Bugzilla Advisory: Multiple security issues in Bugzilla have been discovered. These include information gathering issues (for example, database passwords may be revealed in webserver error messages), Cross Site Scripting issues, and design flaws which may make "confidential" data "protected" by Bugzilla available to all users.

tags | advisory, xss
MD5 | baadfa59d4230cc77770f62e45b9b746
Posted Jul 14, 2004
Authored by Thomas Waldegger

Moodle 1.3.2 and Moodle 1.4 dev is susceptible to a cross site scripting flaw.

tags | advisory, xss
MD5 | d1dba3807db1d272421a6b822449d32c
Technical Cyber Security Alert 2004-196A
Posted Jul 14, 2004
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA04-196A - Multitudes of vulnerabilities have been discovered amongst the Microsoft product line. Flaws that exist include Outlook Express failing to properly validate malformed e-mail headers, the Utility Manager allowing code execution, POSIX allowing code execution, IIS having a buffer overflow, the Task Scheduler having a buffer overflow, the HTML Help component failing to properly validate input data, and the Windows Shell allowing remote code execution.

tags | advisory, remote, overflow, shell, vulnerability, code execution
systems | windows, osx
advisories | CVE-2003-1041, CVE-2004-0201, CVE-2004-0205, CVE-2004-0210, CVE-2004-0212, CVE-2004-0213, CVE-2004-0215, CVE-2004-0420
MD5 | bbf0898a83a0cd9e8ec0525a14664b41
Posted Jul 14, 2004
Authored by Todd J.

Packet Storm new exploits for June, 2004.

tags | exploit
MD5 | 29c7c2674eab4520cd20b7302b9e9301
Page 1 of 1

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By