what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 45 RSS Feed

Files Date: 2005-03-03

p_wu.c
Posted Mar 3, 2005
Authored by Adam Zabrocki | Site pi3.int.pl

Exploit for wu-ftpd that makes use of the globbing denial of service flaw.

tags | exploit, denial of service
SHA-256 | 77b446fb929c57c3b6eb8452ee7f7f4034c86535094cd0eb6f01b548f2c92aea
awstats_shell.c
Posted Mar 3, 2005
Authored by omin0us | Site dtors.ath.cx

Awstats remote exploit that allows for remote command execution on the host with privileges of the httpd process. Versions 5.7 through 6.2 are affected.

tags | exploit, remote
SHA-256 | e0d6aacf97481633bcc02f886a5337792a2211c0e98331682b0c4276982738ae
trillian.py
Posted Mar 3, 2005
Authored by Tal Zeltzer | Site see-security.com

Trillian Basic 3.0 PNG image processing buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 0d9a068f2b0a271b2df57c4326763f0cf3aa4f856d5d81c504e510b3c6b4206c
Secunia Security Advisory 14450
Posted Mar 3, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Burning Board and Burning Board Lite, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 8b9df74bda168c0e8ed93ae86c92d47ef4a7b26960f0c2739ad091b56fa1a204
Secunia Security Advisory 14464
Posted Mar 3, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - benjilenoob has reported a vulnerability in D-Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 28c1b87add96dedadfd3053d5851b094bb52be0f059af7407d36c36f4629895a
Secunia Security Advisory 14462
Posted Mar 3, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tavis Ormandy has reported a vulnerability in Xloadimage, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 92b3dec816734412430c81903822f3bc1d9ed64ffe828af7c1b6ce44140c2caf
Secunia Security Advisory 14451
Posted Mar 3, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Squid, which may disclose sensitive information to malicious people.

tags | advisory
SHA-256 | 3cb7e4e96647594c0e336eac43de4125889643d83169ccc9a6d0425e9a10e6da
pGRAPH.zip
Posted Mar 3, 2005
Authored by Pedram Amini | Site labs.idefense.com

Built on top of the IDA Function Analyzer, pGRAPH (Pedram's Grapher), provides an interface to generate more detailed and user defined control-flow graphs using the bundled Wingraph package. Extended features include: support for chunked functions, instruction level coloring, edge customization (manhattan vs splines), layout algorithm and more.

SHA-256 | e884794cd3dfa8188c3837653c79596619bda49502f9fe0b4395d9e6fd15a5b0
function_analyzer.zip
Posted Mar 3, 2005
Authored by Pedram Amini | Site labs.idefense.com

Written as a C++ class, Function Analyzer was originally developed to provide an abstracted layer over chunked functions frequently found in Microsoft optimize compiled binaries. As of IDA version 4.7 much of this functionality is built into the SDK. However, Function Analyzer can be used to construct plug-ins compatible across older versions and provides abstracted next_ea()/prev_ea() routines for stepping through an internal unchunked instruction list. The abstraction layer also exposes the following function-level information: basic block enumeration (nodes, edges), call count, MD5 hash, CRC and customizable GDL (Wingraph) generation.

SHA-256 | e45937cff22b0b58d2d2f6281711df2324ba077e1b6057559639aaee26a72207
ida_sync.zip
Posted Mar 3, 2005
Authored by Pedram Amini | Site labs.idefense.com

IDA Sync was written to allow multiple analysts to synchronize their reverse engineering efforts with IDA Pro in real time. Users connect to a central server through the ida_sync plugin. Once connected, all comments and name changes made with the registered hot keys are immediately transmitted to all other users working on the same project. The central server stores a copy of all changes as well, allowing new analysts to jump on the project and immediately receive up to date information. Included in the source release is a C++ class providing IDA Pro plugin developers with an abstracted asynchronous I/O interface.

SHA-256 | a8ace8b8c3a60a7793256dfbcfd40b4789f253acf72167fdee3968a049b8502c
eEye.CAlicense.txt
Posted Mar 3, 2005
Authored by Barnaby Jack | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered multiple stack-based vulnerabilities within the licensing component that processes incoming network requests in the Computer Associates License Management software.

tags | advisory, vulnerability
SHA-256 | 5797432c9b96dca5b15d0492af228f5700c812e44f776bf9de0dc187869c5343
SSRT4866.txt
Posted Mar 3, 2005
Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP OpenVMS VAX version 7.x and 6.x and OpenVMS Alpha Version 7.x or 6.x that may allow a local authorized user to gain unauthorized privileged access to data and system resources.

tags | advisory, local
systems | vax
SHA-256 | e283f4530ed6c29bc71d9222276c349099fe3ce03e49783411729c4b5ee35948
ksb26-2.6.11.tar.gz
Posted Mar 3, 2005
Authored by Paolo Ardoino

KSB26, Kernel Socks Bouncer for 2.6.x, is a Linux 2.6.x-kernel patch that redirects full tcp connections through a socks5 proxy. KSB26 uses a character device to pass socks5 and the target IPs the the Linux kernel. This is obviously quite useful if you want to transparently tunnel certain things through a given proxy to remain anonymous, or if you want to transparently be able to sniff certain network traffic.

Changes: Updated for 2.6.11.
tags | tool, kernel, tcp
systems | linux, unix
SHA-256 | 6e77a4eefdcf7a4ffe8778d62bb3ea5a419a26bb287f59e4098593cb0dc2e714
iDEFENSE Security Advisory 2005-03-02.6
Posted Mar 3, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GCR requests. Exploitation allows remote attackers to execute arbitrary code under the privileges of Local System.

tags | advisory, remote, overflow, arbitrary, local
advisories | CVE-2005-0581
SHA-256 | 3ed8db083fbddded4122d2db0cd334c7599112b3c46d0ccaef1dc9ab0e5deb0e
iDEFENSE Security Advisory 2005-03-02.5
Posted Mar 3, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GCR requests.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-0581
SHA-256 | 571fd92ea5c1f9ef9b16940e571fdaee9943fa6dd6db5d5d980657782898d14e
iDEFENSE Security Advisory 2005-03-02.4
Posted Mar 3, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GETCONFIG requests.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-0581
SHA-256 | 9211269875c1cbd81361a79ae27cd7a41120c3167d87b09ffbbce8fcf8003b14
iDEFENSE Security Advisory 2005-03-02.3
Posted Mar 3, 2005
Authored by iDefense Labs, Greg MacManus | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a directory traversal vulnerability in Computer Associates International Inc. License Client can allow attackers create files in arbitrary locations. The vulnerability specifically exists in the handling of the filename used in PUTOLF requests.

tags | advisory, remote, arbitrary
advisories | CVE-2005-0583
SHA-256 | 91475277c8d64cb526f375cd267e3a59760b6b528b6b0b3e126b4fea519944a6
iDEFENSE Security Advisory 2005-03-02.2
Posted Mar 3, 2005
Authored by iDefense Labs, Greg MacManus | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates International Inc. License Server can allow attackers to execute arbitrary code. The vulnerability specifically exists in the handling of the filename used in PUTOLF requests.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-0582
SHA-256 | d4a15d53bb20b276509b0955bd2cf55df0ef8988e6f2aee00122c68bed36686a
iDEFENSE Security Advisory 2005-03-02.1
Posted Mar 3, 2005
Authored by iDefense Labs, Greg MacManus | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates International Inc. License Server and License Client can allow attackers to execute arbitrary code. iDEFENSE has confirmed that CA License Server 0.1.0.15 and CA License Client 0.1.0.15 are vulnerable. It is suspected that most CA products are running vulnerable versions of the client and/or server.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-0581
SHA-256 | e0658a00eaab03b8c22bd160e7374593472c52c0576efd78f3408ab8e94cba54
CProxyRemote.txt
Posted Mar 3, 2005
Authored by Kristof Philipsen | Site ubizen.com

Computalynx CProxy versions 3.3.x and 3.4.x are susceptible to denial of service and directory traversal attacks. Detailed exploitation provided.

tags | exploit, denial of service
SHA-256 | b59285890b0fe1711b6b600c33215928b7523920cb4f2953589670170c16e8ae
goldenFTP192.txt
Posted Mar 3, 2005
Authored by Carlos Ulver | Site debarry2.com.br

Golden FTP server version 1.92 suffers from a buffer overflow when more than 284 characters is entered in the Username field at logon. As EIP can be overwritten, it is possible to execute arbitrary code in systems running this version of the daemon.

tags | exploit, overflow, arbitrary
SHA-256 | fb180903ad4f40525a0bd52a26b62cfbed17d7b32acbc0a71a31803bce43357b
Secunia Security Advisory 14438
Posted Mar 3, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in the CA License software, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | cf79713a6a36ec63c6ab81b386e68182ce44209b2fb7698bd3657992f627fd5e
Gentoo Linux Security Advisory 200503-5
Posted Mar 3, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200503-05 - Tavis Ormandy of the Gentoo Linux Security Audit Team has reported that xli and xloadimage contain a flaw in the handling of compressed images, where shell meta-characters are not adequately escaped. Rob Holland of the Gentoo Linux Security Audit Team has reported that an xloadimage vulnerability in the handling of Faces Project images discovered by zen-parse in 2001 remained unpatched in xli. Additionally, it has been reported that insufficient validation of image properties in xli could potentially result in buffer management errors. Versions less than 4.1-r2 are affected.

tags | advisory, shell
systems | linux, gentoo
advisories | CVE-2001-0775
SHA-256 | 8e3ec8f40b0fa45953e55fa9394ff35a9ebfa317cd56f3360a74d8f41b36ab01
Secunia Security Advisory 14414
Posted Mar 3, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Doctor Grim has reported two vulnerabilities in MercuryBoard, which can be exploited by malicious people to conduct script insertion and SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 1c3fa07d1abbadda1a3e6c240e19764126338fd3f134321b8bc7edd8defafcd8
Secunia Security Advisory 14437
Posted Mar 3, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - FraMe has reported a vulnerability in CuteNews, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 82f70aaed32df0aadd45f5641e71f066a91a179a09b6b89847dea5ac2cfe6c48
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close