Packet Storm new advisories for all of 2004.
a78833f12adaa17febcf862ccf36be61b496ba7243db1e22d6a85f2c0ec4091ePacket Storm new exploits for all of 2004.
fb601255d4be50e99ebb0952e0c847f73241c8ecf4a4d95bd3db855653c55fcaPacket Storm new exploits for November, 2004.
21544ae105ed5cb283e29d421cc87574a1d6adaccea11dc9f8f02d99c852662dPacket Storm new exploits for April, 2004.
742d111c62091254ec064cab105727a130297b31c3e8a6d87832e94e88d4ef34Win32 based wardialer called Kalimba. Included Blue Box capabilities, such as 0 - 9 dialing, quarter, dime, nickel tones, Operator tones, conference capabilities. Source included.
5f5b3258aa5224890c60e893fcf933528d6a2faf9754f9a852895e8d5104c219ViewCVS 0.9.2 is susceptible to cross site scripting and HTTP-response splitting flaws.
23164ad29a94dbb57e8ead3fcbc782400756468d8bf6a6c9bd963df7fb07b740Cross site scripting and possible code execution vulnerabilities exists in SugarCRM versions 1.x.
582ee763024b5b87ca36814363d1819db4fc7309d863de9fa83ef364b76a07a7OWL versions 0.7 and 0.8 suffer from cross site scripting and SQL injection vulnerabilities.
af9b35a1487e1076df74597581b6cd866b62c29c7a8b93bc66356aebfd04c86aA vulnerability in Xanga allows for malicious theft of cookies.
537fccc764101942525959b89108c9addb273449c25f7e5bdb5d89642465021fAOL's Online Password Reset feature does not fully validate user information.
6360be8f77cfa54486b56369d74757273b26fcc9ba88fe0e49590994497345d4Jacks FormMail.php script can be manipulated into sending arbitrary files from the server. Version 5.0 is affected.
f0b8e6608716da6296ab9be0b7e223adf0c401e1180e46a5525bf1484d5f0f76Remote Microsoft Windows 2000 WINS exploit that has connectback shellcode. Works on SP3/SP4.
d2152c45929430731c0dd099a9a070fa4074d6ea1f2186221cc81aabd85c4f89A flaw exists in the high scores module of IbProArcade which allows for malicious SQL injection.
cb57b1789765acc2260049eac8f3fda899d21004e3880d382e1410c230cf0e82Versions prior to 1.4.2.1 of the ArGoSoft FTP server will disclose whether or not a supplied username is valid or not. A login name supplied with the USER command will not be accepted unless it is valid.
89ccfd2a196725b8e9084c125c42f0d20b43c9aa550dedd42679aa8a4121ac54Remote proof of concept exploit for the NetDDE buffer overflow vulnerability as described in MS04-031. Tested on: Windows XP Professional SP0, Windows XP Professional SP1, Windows 2000 Professional SP2, Windows 2000 Professional SP3, Windows 2000 Professional SP4, Windows 2000 Advanced Server SP4.
ed242658979dfa1884e2aa77a982d4ccf26b819190eca90639d35aa38c38b027KorWeblog suffers from a directory traversal vulnerability that enables malicious attackers to access files and include malicious php files. Versions 1.6.2-cvs and below are susceptible.
dfd299c99981ec960300f24328bfeb043fe798ab0aaf68b62781b852e862fae7Gentoo Linux Security Advisory GLSA 200412-27 - cYon discovered that the authform.inc.php script allows a remote user to define the global variable path_pre.
302e083956c4e9d535211a0e087ff8cf7771ae87b9c57c44fb4ba802744efdc3Gentoo Linux Security Advisory GLSA 200412-24 - New integer overflows were discovered in Xpdf, potentially resulting in the execution of arbitrary code. GPdf includes Xpdf code and therefore is vulnerable to the same issues.
99c92e9ed327bdf61cd14458d9ffcd70882b4eb6cd7ff444abbdff35a5d37d3eProof of concept exploit for Internet Explorer version 6.0.3790.0 that demonstrates an FTP download path disclosure flaw.
55766c1390d55c6c760ceb55d4900a3e20b18e356cac593b6b1db3e83688ca417a69ezine Advisories #17 - Internet Explorer version 6.0.3790.0 suffers from an FTP download path disclosure flaw.
f829843a3f2ac0a1644d494c0cb49e25bfb90a61e50ec58f66cc5fa74a8bc87aSecunia Security Advisory - The vendor has acknowledged a vulnerability in kio_ftp, which can be exploited by malicious people to conduct FTP command injection attacks.
02bbae4dec3af0b17cf926532f1af258386feb7c54e1e34527e6bab214605fabSecunia Security Advisory - sullo has reported multiple vulnerabilities in Eventum, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks and potentially bypass certain security restrictions.
c61ffc1ad7861cd0cbd55a27081cb9061eaa04e134a4d6b0afb8b7adeda89fc7Secunia Security Advisory - Symantec has acknowledged three vulnerabilities in the Nexland Firewall Appliances, which can be exploited by malicious people to cause a DoS (Denial of Service), identify active services, and manipulate the firewall configuration.
4803087c1aa3833fb14343e12dda8b3921d0e4b3b4444fe122440c1e47937c9fA heap overflow in Mozilla browser versions 1.7.3 and below in the NNTP code may allow for arbitrary code execution.
d6dc6a959b8812c3ef22ec8765b647390f6ac1056c0d6c36d151eedf7bb4bf0ePHP-Calendar suffers from a file inclusion vulnerability. All versions are affected.
f24f9c929a06b9631a27ebe5f0b8b4cd5d75fdd417bed107a0930d8350e2200e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed