FloodWorld, the IRC tool, is susceptible to a denial of service attack due to a mishandling of special characters.
23dd67e0372cde726e8461ace20d585dcdaff729688e872facf617f98973c2fbHelpBox version 3.0.1 is susceptible to multiple SQL injection attacks, including ones that do not require the attack to be logged in.
87e8a6e2016aa8666af63bb99a95022d6d845f836d4c59fa675d2a2e1c2496bdInternet Software Sciences's Web+Center version 4.0.1 suffers from a lack of sanity checking when parsing Cookie data and due to this is susceptible to a SQL injection attack. Full exploit provided.
e6fd7850e36b99da49d2e48ed56430740774adcc0722a02517238528e4f9634fPolar HelpDesk version 3.0 does not adequately verify whether the user logged onto the system has proper administrative access when performing administrative duties.
369c74af2bef236f285af211302fea6a714d58aababbfc74cde8cf5225e29562Denial of service test exploit for the flaw in Apache httpd 2.0.49.
982b22c0f47e2033d7ce6076df0a8b543ac44ff9ed3989f154408b09a37f4144Sun Security Advisory - A security vulnerability in Sun Java System Portal Server Software 6.2 may allow a user to gain Calendar Server administrator credentials if the user changes the display options to select a non-default view. With these credentials, a user's session has unrestricted access to the calendar data and hence manipulation of that data. Such manipulation could include, but is not limited to: the deletion, creation, and modification of users, user information, calendar entries, and historical data.
d287e2606d23f723574ed699487302e05dc90940a4abe6588681bab388ac9856Serena Software's TeamTrack version 6.1.1 is susceptible to a sensitive content disclosure vulnerability that can be exploited without having valid login credentials. Full exploit provided.
4191339b894cafd37ff68e0c11cad6e7bb1acf9ff0f9dd3451335ff761ce077bNetSupport DNA Helpdesk 1.x is susceptible to a SQL injection vulnerability. Full exploit provided.
a38e02e674a7c12a4b1a0261fe4698c50758836182a131d2a0e1148be2617f39Leigh Business Enterprises's (LBE) Web HelpDesk versions 4.0.80 and below suffer from a SQL injection attack vulnerability. Full exploit included.
bd45f9f6fbfdd6f65136f34c999c7e00d14f2bed97b355a02acac0c7104f7e0aLyceum is an advance stealthed client/server backdoor that uses encrypted spoofed UDP packets to administer the server and the two built-in ICMP backdoors. Each ICMP backdoor exploits a different feature of the protocol, the first creating a bi-directionally spoofed ICMP tunnel and the second uses passive nodes as zombies to relay ICMP backdoor traffic.
860ca6295d4f0a55057e5b9280edffa1b18da5925a54817cf734ab2fb853bf9aSecunia Security Advisory - Cyrille Barthelemy has reported a vulnerability in Nessus, potentially allowing malicious users to escalate their privileges. The problem is caused by a race condition in nessus-adduser if the user has not specified the environment variable TMPDIR. This has been reported to affect version 2.0.11. Prior versions may also be affected.
2da900c4d0c2542195ad87610199687b4c2599227bcecee7b1c7224405afa3bdAPC PowerChute Business Editions 6.x and 7.x are susceptible to a denial of service attack.
dfa32798aed9323747ae0eff79d93f8b7a2b1f78cb6d6ec77827d162e91f280aVPOP3 2.0.0k is susceptible to a denial of service attack due to a buffer overflow.
6c22d9fddd0a36e540923cff600266688d963a50990b53967f54aac1f8833548afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
8ff9574970b3fa4cfef4e40c21a953879f2735583a6281a5e5145e2a23e19fa0popa3d is a POP3 daemon which attempts to be extremely secure, reliable, RFC compliant, and fast (in that order).
37cbee03214d305d03f63d81be39a538b5254ee16b17a0a907ec01f1a6a837bb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed