what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 56 RSS Feed

Files Date: 2004-11-20

Posted Nov 20, 2004
Authored by Pokleyzz, How Dark | Site howdark.com

Remote command execution exploit for phpBB 2.0.10 that makes use of a flaw in the viewtopic.php code.

tags | exploit, remote, php
SHA-256 | aee65c849185b91d9b59593d7e00fe8fd6ad03efd250948a95761326bdf70a7d
Gentoo Linux Security Advisory 200411-29
Posted Nov 20, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-29 - unarj contains a buffer overflow and a directory traversal vulnerability. This could lead to overwriting of arbitrary files or the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
SHA-256 | 00d28a18026243d507fbe200677f214b89fb74f4c7748c5f6654dddbe7e4b685
Posted Nov 20, 2004
Authored by cyber flash | Site k-otik.com

Microsoft Internet Explorer (including IE for Windows XP SP2) is reported vulnerable to a file download security warning bypass. This unpatched flaw may be exploited to download a malicious executable file masqueraded as a HTML file. Full exploitation given. Original posted on k-otik.

tags | exploit
systems | windows
SHA-256 | 5cf54bfc3b98194b62e01d674a293f76a8b55e5d1942178a1fcfe020e729bc73
Posted Nov 20, 2004
Authored by Paul Starzetz | Site isec.pl

A subtle race condition in Linux kernels below 2.4.28 allow a non-root user to increment (up to 256 times) any arbitrary location(s) in kernel space. This flaw could be used to gain elevated privileges.

tags | advisory, arbitrary, kernel, root
systems | linux
SHA-256 | d671cbd752252bb78a3d63491ad5f4be3c8c380bfeaa1eecfe09915f101df920
Corsaire Security Advisory 2004-07-20.1
Posted Nov 20, 2004
Authored by Stephen de Vries, Corsaire | Site penetration-testing.com

Corsaire Security Advisory - The aim of this document is to define a vulnerability in the Netopia Timbuktu 7.0.3 product for Mac OS X that suffers from a buffer overflow.

tags | advisory, overflow
systems | apple, osx
advisories | CVE-2004-0810
SHA-256 | cbc907a49668c0fcf9a73b904dee166db917a6d624962997421a44440286d2ae
Corsaire Security Advisory 2004-06-19.1
Posted Nov 20, 2004
Authored by Martin O'Neal, Corsaire | Site penetration-testing.com

Corsaire Security Advisory - The aim of this document is to clearly define several vulnerabilities in the Danware NetOp Host product that suffers from multiple information disclosure issues.

tags | advisory, vulnerability, info disclosure
advisories | CVE-2004-0950
SHA-256 | 42db080f94b4a9d2053f5f711e043ba751541dcd77b4eb01d14059438cd13bce
Posted Nov 20, 2004
Authored by Marc Schoenefeld | Site illegalaccess.org

Opera 7.54 is vulnerable to leakage of the java sandbox, allowing malicious applets to gain privileges. This allows for information gathering as well as denial of service effects.

tags | advisory, java, denial of service
SHA-256 | 1f4ec2410d1b05e6a1c8e4034bf16cf1d34b5675d0c35d73f31016c81d7cf149
Posted Nov 20, 2004
Authored by Reed Arvin

Altiris Deployment Solution 5.6 SP1 (Hotfix E) suffers from a privilege escalation flaw that allows for SYSTEM level access. Step by step exploitation given.

tags | exploit
SHA-256 | 2eeeb547e723092ea08f4321e09bdaa44b9d7db09a51e44e2d576c63d5afa53b
Posted Nov 20, 2004
Site zonelabs.com

ZoneAlarm Security Suite and ZoneAlarm Pro have been updated to address a vulnerability in their ad-blocking functions.

tags | advisory
SHA-256 | 6cdb000d655e7f0ca7361b33bdc652f24d545c5b63e5cd6664020f90d068fe59
Posted Nov 20, 2004
Authored by Reed Arvin

A privilege escalation technique can be used to gain SYSTEM level access while using the Mailtraq administration console. Mailtraq Version is vulnerable.

tags | exploit
SHA-256 | 754a99a37c23e5ce9586839e1dbef857f90469878efeac14f8dd013ad62fd9e5
Posted Nov 20, 2004
Authored by muts | Site whitehat.co.il

SLMail 5.x POP3 remote PASS buffer overflow exploit that binds a shell to port 4444. Tested on Windows 2000 SP4.

tags | exploit, remote, overflow, shell
systems | windows
advisories | CVE-2004-0942
SHA-256 | e52e26d43fc8281cdd86366385864d1faabe76d496cbf284434a32a5b495a1f4
Posted Nov 20, 2004
Authored by Reed Arvin

A buffer overflow exists in DMS POP3 Server for Windows 2000/XP 1.5.3 build 37 and prior versions. Demonstration exploit included.

tags | exploit, overflow
systems | windows
SHA-256 | 1b44dbca0b215e58195b7ccab58ff39ef302fbcfb6e5a9242f59b5d2f444e7c9
Posted Nov 20, 2004
Authored by Saudi Linux

AppServ versions 2.5.x and below use a blank root password allowing for compromise.

tags | advisory, root
SHA-256 | bcef00af38b54207c93431630430ac96eb1b1336f0fb89132738ac874a8f83ff
Posted Nov 20, 2004

Unofficial addition to the NISCC DNS vulnerability advisory giving an additional list of vulnerable implementations.

tags | advisory
SHA-256 | 9d1582d18317951d040e27cb9e70fc96fb6dc9de1d083244f6f511ef364afe1e
FreeBSD Security Advisory 2004.16
Posted Nov 20, 2004
Authored by The FreeBSD Project, Colin Percival | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:16.fetch - The fetch utility suffers from an integer overflow condition in the processing of HTTP headers that can result in a buffer overflow.

tags | advisory, web, overflow
systems | freebsd
SHA-256 | 6a018e23dd8de8d84de9f7d1f8a504a855c7a82a0f3059e216c48ef84a19658a
Posted Nov 20, 2004
Site maxpatrol.com

An input validation vulnerability in Invision Power Board version 2.x allows a remote user the ability to conduct SQL injection attack.

tags | exploit, remote, sql injection
SHA-256 | eb51a14581063ecdb55762f96413e0fed28ee78821e319e6748be503de8978cd
Posted Nov 20, 2004
Authored by Jerome Athias

Vulnerabilities that allow an attacker to inject malicious PHP code exist in the phpBB2 forum using the Cash_Mod module.

tags | advisory, php, vulnerability
SHA-256 | 624d762e4f5dae8b18a82ee5892ea42e4e0889fbe304466a9772639cf8109294
Posted Nov 20, 2004
Authored by Bryan Burns

Brief analysis of the Bofra, aka MyDoom.AG/AH, worm that was first discovered circulating in the wild November 8th.

tags | paper, worm, virus
SHA-256 | c523a041b3bc82189566ff9554e40f8715e7d4a5d1e9058a5fbee8335170bea2
Gentoo Linux Security Advisory 200411-26
Posted Nov 20, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-26 - Improper file ownership allows user-owned files to be run with root privileges by init scripts. These vulnerabilities exist within GIMPS, SETI@home, and ChessBrain.

tags | advisory, root, vulnerability
systems | linux, gentoo
SHA-256 | 0da976e17df1840210df7a15cd86d9adac4c3b8ba12f57922846856c843ac5b5
Posted Nov 20, 2004
Authored by Psirac

Cscope 15.5 and possibly earlier versions may suffer from a race condition that allows for local compromise. Proof of concept exploits included.

tags | exploit, local, proof of concept
SHA-256 | 7ae2b4d33100aae1c181383bb5e6a8fb9fb26048a4552dd090b6f87f7443ab82
Posted Nov 20, 2004
Authored by Stefan Esser | Site security.e-matters.de

During an audit of the smb filesystem implementation within Linux several vulnerabilities were discovered ranging from out of bounds read accesses to kernel level buffer overflows. The 2.4 series up to 2.4.27 is affected and the 2.6 series up to 2.6.9 is affected.

tags | advisory, overflow, kernel, vulnerability
systems | linux
advisories | CVE-2004-0883, CVE-2004-0949
SHA-256 | b7b977ebbeedcfaf0b2c7258fb9da5b47131762e6dff111d09944b9387963f4d
Posted Nov 20, 2004
Authored by Andrew Smith

The Click and Build online eCommerce platform suffers from cross site scripting flaws.

tags | advisory, xss
SHA-256 | 6c6ea864e68c41963fd5902ca74a270ebcd833579e2044b24db470808208e7cc
Secunia Security Advisory 13203
Posted Nov 20, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - cyber flash has discovered two vulnerabilities in Internet Explorer, which can be exploited by malicious people to bypass a security feature in Microsoft Windows XP SP2 and trick users into downloading malicious files.

tags | advisory, vulnerability
systems | windows
SHA-256 | e5045e765f5620e40be7400c96987a38ac99f4efa59cbb8f0b8fbaee14baf687
Posted Nov 20, 2004
Authored by Martin Eiszner

Microsoft tools ipconfig.exe, forcedos.exe, and mrinfo.exe suffer from buffer overflow and format string vulnerabilities.

tags | advisory, overflow, vulnerability
SHA-256 | 4519930c5ff226431824ee642aab5cd3cd1f1dd4ceea32e9e703aaa8dc9d9c45
Posted Nov 20, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

The Event Calendar module for PHP-Nuke suffers from cross site scripting, path disclosure, SQL injection, and script insertion attacks.

tags | exploit, php, xss, sql injection
SHA-256 | a36efcbb8d52ca32bb59f65773b5a67d142f0908a7cc7268b38847facdb0b68d
Page 1 of 3

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By