what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2004-10-24

excelBOF.txt
Posted Oct 24, 2004
Authored by Brett Moore SA | Site security-assessment.com

When thinking about buffer overflow vulnerabilities, a file can sometimes be as harmful as a packet. Even though past security issues have taught us that it is unwise to use an unvalidated value from a file/packet as a text length parameter, that is what happened with Microsoft Excel.

tags | advisory, overflow, vulnerability
advisories | CVE-2004-0846
SHA-256 | d3572a90acc842149e47149c8cbb247cdee198ab4f24cd4795627dd7cfba6637
shixxbof.zip
Posted Oct 24, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Proof of concept exploit that makes use of a buffer overflow vulnerability existing in Shixxnote 6.net.

tags | exploit, overflow, proof of concept
SHA-256 | f0864adaed3f32db3d6685725e0302eb64bd399df04d997236ba21875b8654e5
shixxnote6.txt
Posted Oct 24, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

A buffer overflow vulnerability exists in the field used to specify the font to use in the messages sent by Shixxnote 6.net. If this specific field is bigger than 1698 bytes the return address will be fully overwritten.

tags | advisory, overflow
SHA-256 | b65e626cc9a52695eb35f414d38bf9cf83b5124622a454bb84f0e9045e7d5aff
phpMyAdmin Security Announcement 2004.2
Posted Oct 24, 2004
Authored by phpMyAdmin Devel Team | Site phpmyadmin.net

When specifying specially formatted options to external MIME transformation, an attacker can execute any shell command restricted by privileges of httpd user.

tags | advisory, shell
SHA-256 | 653c1d641fce3d340f0ed50c6a9b2990cbfd01531ec29f00702011a65ea1d0d1
ACROS Security Problem Report 2004-10-13.1
Posted Oct 24, 2004
Authored by Mitja Kolsek, ACROS Security | Site acrossecurity.com

ACROS Security Problem Report #2004-10-13-1 - The public report released discussing the poisoning of cached HTTPS documents in Internet Explorer including workarounds and mitigating factors.

tags | advisory, web
advisories | CVE-2004-0845
SHA-256 | b31003f292ce532e33ac3e00b98fd52f3b033acdcbb19bcde9eb0dc39d7e3160
HexView Security Advisory 2004-10-12.1
Posted Oct 24, 2004
Authored by HexView | Site hexview.com

Insufficient data validation for incoming calendar data makes possible to cause buffer overflow condition leading to stack corruption. As a result, it is possible to reboot the device (all stored messages will be lost since RAM storage will be reinitialized). It is also possible to execute code embedded by the attacker. It should be mentioned that Blackberry developers tools are freely available.

tags | advisory, overflow
SHA-256 | 92f19aced80d13dd354f933fc08c07fda2df3c70c05fdcf8c2fff682d778be56
fusetalk.xss.txt
Posted Oct 24, 2004
Authored by Matthew Oyer

Fusetalk forum 4.0 is susceptible to a cross site scripting flaw due to a lack of filtering img tags.

tags | advisory, xss
SHA-256 | 3b0b5404dc37639becf8449caf160752b3e9c099234ddd50b7d3b04cacc83cc8
ms04-037.html
Posted Oct 24, 2004
Site microsoft.com

Microsoft Security Bulletin MS04-037 - Vulnerability in Windows Shell Could Allow Remote Code Execution (841356). If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. However, user interaction is required to exploit these vulnerabilities.

tags | remote, shell, vulnerability, code execution
systems | windows
advisories | CVE-2004-0214, CVE-2004-0572
SHA-256 | ef95a3ed5d31bffeedd4ac822b7d01bbfc20d8a0bc19f0302adf9f68df418478
sct.xss.txt
Posted Oct 24, 2004
Authored by Matthew Oyer

Fusetalk SCT Campus Pipeline is susceptible to a cross site scripting flaw.

tags | advisory, xss
SHA-256 | 12d48987f90efa01747f2379fa91451284ec9106d079942816a5858365971b70
ms04-035.html
Posted Oct 24, 2004
Site microsoft.com

Microsoft Security Advisory MS04-035 - An attacker who successfully exploited an SMTP vulnerability in Windows could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.

tags | advisory
systems | windows
advisories | CVE-2004-0840
SHA-256 | d8b5ce3d9d0907ec2f21a418dfbac6121cbc95e4bfb24a5d3200f76f086def7c
ms04-031.html
Posted Oct 24, 2004
Site microsoft.com

Microsoft Security Bulletin MS04-031 - Vulnerability in NetDDE Could Allow Remote Code Execution (841533). An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. However, the NetDDE services are not started by default and would have to be manually started, or started by an application that requires NetDDE, for an attacker to attempt to remotely exploit this vulnerability.

tags | remote, code execution
advisories | CVE-2004-0206
SHA-256 | 4ac78afe5a06625a0861a4ab6c335b3d28117ab77454d84120ad07fe0d94891a
ms04-031.html
Posted Oct 24, 2004
Site microsoft.com

Microsoft Security Bulletin MS04-031 - Vulnerability in NetDDE Could Allow Remote Code Execution (841533). An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. However, the NetDDE services are not started by default and would have to be manually started, or started by an application that requires NetDDE, for an attacker to attempt to remotely exploit this vulnerability.

tags | remote, code execution
advisories | CVE-2004-0206
SHA-256 | 4ac78afe5a06625a0861a4ab6c335b3d28117ab77454d84120ad07fe0d94891a
ms04-038.html
Posted Oct 24, 2004
Authored by Mitja Kolsek, John Heasman, Greg Jones | Site microsoft.com

Microsoft Security Advisory MS04-038 - Multiple Internet Explorer vulnerabilities have been patched by Microsoft. If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

tags | advisory, vulnerability
advisories | CVE-2004-0842, CVE-2004-0727, CVE-2004-0216, CVE-2004-0839, CVE-2004-0844, CVE-2004-0843, CVE-2004-0841, CVE-2004-0845
SHA-256 | 8c12c38d2335efcde6058b11b2939c069107c03e4343a03882cdaf1d2b2296ee
uml.c
Posted Oct 24, 2004
Authored by embyte | Site spine-group.org

UmL - Userspace Logger. This is functioning code based on the the example given in the article in Phrack 51 entitled "Shared Library Redirection". The following functions are logged: read()/recv() output and intercepts open(), open64(), close(), socket(), connect(), exit(). This is an effective keystroke logger, among other things, despite that the author says it is only at the Proof-of-Concept phase. License: GPL2. Version 0.0.2 testing.

tags | system logging
systems | unix
SHA-256 | d2553958c615551070ee685fb398040eefcef6ae792f7601a2657a75f7a43a62
eEye.ZIP.txt
Posted Oct 24, 2004
Authored by Yuji Ukai | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a buffer overflow in DUNZIP32.DLL, a module that offers support for ZIP compressed folders in the Windows shell. An exploitable buffer overflow occurs when a user opens a ZIP folder that contains a long file name.

tags | advisory, overflow, shell
systems | windows
SHA-256 | 74498eeb938601ac386acca23e9c64ceb6dd02a5bcd6488628996a9f230da45b
ksb26-2.6.9.tar.gz
Posted Oct 24, 2004
Authored by Paolo Ardoino

KSB26, Kernel Socks Bouncer for 2.6.x, is a Linux 2.6.x-kernel patch that redirects full tcp connections through a socks5 proxy. KSB26 uses a character device to pass socks5 and the target IPs the the Linux kernel. This is obviously quite useful if you want to transparently tunnel certain things through a given proxy to remain anonymous, or if you want to transparently be able to sniff certain network traffic.

tags | tool, kernel, tcp
systems | linux, unix
SHA-256 | 7d89f06ace74e773d054418c60742c9b8db462a9eba50cdec4e486d296a6bc93
creating_a_asp_command_shell_using_BACKUP.txt
Posted Oct 24, 2004
Authored by Swan | Site 0x557.org

This is a small text document that describes how MS SQL can be "tricked" into creating a command.asp script under the webroot, even when you do not have access to 'sa' privs (dbo privs are probably still a must, though). The technique described uses the SQL server 'backup' command.

tags | paper, web, asp
SHA-256 | 00f4e7c9f7cd17235e6b6b60f335065c99183f5e4af191f5b7d9dfcb8975e8a2
lgool.c
Posted Oct 24, 2004
Authored by l0om

Lgool is a program that will search Google for a given vulnerability. It does the exact same thing you could do by going to Google and searching for nasty stuff like passwd.cfg, but without all the trouble of actually opening a web browser. It operates in a way that is similar to "gooscan" (written by johnny and presented at defcon this year).

tags | web
systems | unix
SHA-256 | fc84bedf31be38ae83ff3d535b74ab23de27f74cc69a13e4347fc8c5f24bbf9e
Complete_Spyware_Whitepaper.pdf
Posted Oct 24, 2004
Authored by Jonathan Read | Site anti-trojan.org

This is a fairly light-weight introduction to what spyware is, what it does, and how to detect/block it. Mostly, it refers to other tools rather than giving any new info, but it does have a reasonable overview of different tools.

tags | paper
SHA-256 | c4b00641b0e3bd8c0a0f45313ccdca6374e318e1eacae3bf0e0439ffea56aaa5
unixasm-1.0.0.tar.gz
Posted Oct 24, 2004
Authored by Ramon de C Valle | Site risesecurity.org

A collection of shellcode for various platforms bsd-x86, linux-x86, sco-x86, and solaris-x86.

tags | x86, shellcode
systems | linux, solaris, bsd
SHA-256 | 4ea425bd8e8add22af39fcb210a108dff108ad05535d97ce8c0b6f3b84699efc
SnortSnmpMod-2.2.0-01.tgz
Posted Oct 24, 2004
Site cysol.co.jp

The snortSnmpPlugin enables snort to send SNMP alerts to network management systems (NMS). The alerts can be traps (the alert will not be acknowledged by the receiver) or informs (the alert will be acknowledged by the receiver ). This is version 2.2.0-01.

tags | tool, sniffer
SHA-256 | 44d5265b9d04e1782de2350a0151bec4e8ab23e871e6d6244258e461efce687f
eEye Security Advisory 2004-10-12
Posted Oct 24, 2004
Authored by eEye Digital Security | Site eeye.com

eEye Security Advisory - Windows VDM #UD Local Privilege Escalation. Describes in more detail but with different terminology the "shatter" attacks corrected by MS04-032, and also discussed in a paper by Brett Moore.

tags | advisory, local
systems | windows
SHA-256 | 6d969851dce47717c7c8d2b34a7d86e3e4b6339359ea1b5ff2767ce9961e7872
SetWindowLong_Shatter_Attacks.pdf
Posted Oct 24, 2004
Authored by Brett Moore SA | Site security-assessment.com

This paper gives an example of the variety of shatter attack which should be corrected by MS04-032 (KB840987). This sort of attack can typically be used for local privilege escalation.

tags | advisory, local
SHA-256 | b85c177e413daeba0b079bcf4270af5caa8ea90d4ca38f90165174415a48ef12
razor.ms_rpc_vuln_oct12_2004.txt
Posted Oct 24, 2004
Site bindview.com

Bindview Advisory - Critical Flaw in rpc__mgmt_inq_stats. A remote attacker can read large amounts of memory from and/or crash any NT4 RPC server.

tags | advisory, remote
advisories | CVE-2004-0569
SHA-256 | 4cc245fa9536dd03ba6b06c540bb025befec2fbddae044eec8fd9ed16b789535
Hackgen Security Advisory 2004.2
Posted Oct 24, 2004
Authored by Exoduks, Hackgen | Site hackgen.org

ocPortal is a Content Management System and portal. ocPortal versions up to 1.0.3 may allow for execution of commands via included scripts on the system where it is installed.

tags | advisory
SHA-256 | eca3b9732f89bcc8ba47ae442b4066acc6b229b03d92e81739b856751de8094c
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close