exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 39 RSS Feed

Files Date: 2007-05-17

cabright-help.txt
Posted May 17, 2007
Authored by Ken Williams | Site www3.ca.com

CA is aware that two functional exploit code samples were publicized on May 16, 2007. These two denial of service exploits are associated with vulnerabilities in CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe.

tags | advisory, denial of service, vulnerability
SHA-256 | 217dacb3ef74fd30d24c653312053d6e3b3cc12fdb8552dd63f62208d5371a8b
SYM07-007.txt
Posted May 17, 2007
Authored by Will Dormann | Site symantec.com

CERT notified Symantec that a buffer overflow exists in an ActiveX Control used by Norton Personal Firewall. The error occurs in the Get() and Set() functions used by ISAlertDataCOM, which is part of ISLALERT.DLL. A successful exploit of this vulnerability could potentially allow the remote execution of code on a vulnerable system, with the rights of the logged-in user.

tags | advisory, remote, overflow, activex
SHA-256 | d49a4538ed914205ac16fccdbfb47339d45d295f3853beba2e60cbf022694dfe
RFIDIOt-0.1m.tgz
Posted May 17, 2007
Authored by Adam Laurie | Site rfidiot.org

RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).

Changes: Various additions for better functionality and some bug fixes.
tags | tool, python, wireless
SHA-256 | b8bf6e36904336c295481c300f79d207a1c244835556b73486862065b4633089
vbul366-xss.txt
Posted May 17, 2007
Authored by laurent gaffie

vBulletin versions below 3.6.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1dd601758f6141dad6d537e45ad3cf03e9eed5f71b3add651d2768575918357d
i-bot.txt
Posted May 17, 2007
Authored by crossbower | Site playhack.net

I, Bot, Taking Advantage Of Robots Power. A response to the original bot related article in Phrack written by Michal Zalewski.

tags | paper
SHA-256 | 65125b1cb8181a69db22934fe67ab1f73eaca1c3d9d51fb03ab01b0cfb439066
Ubuntu Security Notice 460-1
Posted May 17, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 460-1 - Paul Griffith and Andrew Hogue discovered that Samba did not fully drop root privileges while translating SIDs. A remote authenticated user could issue SMB operations during a small window of opportunity and gain root privileges. Brian Schafer discovered that Samba did not handle NDR parsing correctly. A remote attacker could send specially crafted MS-RPC requests that could overwrite heap memory and execute arbitrary code. It was discovered that Samba did not correctly escape input parameters for external scripts defined in smb.conf. Remote authenticated users could send specially crafted MS-RPC requests and execute arbitrary shell commands.

tags | advisory, remote, arbitrary, shell, root
systems | linux, ubuntu
advisories | CVE-2007-2444, CVE-2007-2446, CVE-2007-2447
SHA-256 | 6914e4ef57d5cba14b131afee51e340df9513c0e417dc92314448e89e764889f
wikyblog-rfi.txt
Posted May 17, 2007
Authored by nkillers

WikyBlog version 1.4.12 suffers from a remote file inclusion vulnerability in index.php.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | e1c2a7cf10f16a06a458406ad4ffb1047c438dd2c65205287df32597ce9602c0
Debian Linux Security Advisory 1292-1
Posted May 17, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1292-1 - Andreas Nolden discovered a bug in the UTF8 decoding routines in qt4-x11, a C++ GUI library framework, that could allow remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters.

tags | advisory, remote, xss
systems | linux, debian
advisories | CVE-2007-0242
SHA-256 | 47f788a7e60361a1881491ab8ba5257c47134ca37c62789d73da1857652f12e6
jetboxcms-xss.txt
Posted May 17, 2007
Authored by laurent gaffie

Jetbox CMS is susceptible to multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 1467df3d1042f24c092b663fb2f7a2313f3aac84a2e9b7363e6bb4d70b86ad75
Zero Day Initiative Advisory 07-033
Posted May 17, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the LSA RPC interface. When parsing a request to LsarLookupSids/LsarLookupSids2, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2007-2446
SHA-256 | 76f65d4d71cc94e38a05ee64c8a9e20c5472e253f2a5d93e2c20babe3dec46da
Zero Day Initiative Advisory 07-032
Posted May 17, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the SRVSVC RPC interface. When parsing a request to NetSetFileSecurity, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2007-2446
SHA-256 | 2a0a7dc2a4a96db2502028c2798a6ba66cb146760c5a1fd399c59e4b938f5dc4
Zero Day Initiative Advisory 07-031
Posted May 17, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the SPOOLSS RPC interface. When parsing a request to RFNPCNEX, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2007-2446
SHA-256 | 80e32a153c6fb16975da4fe838eceb01622843a33e00fc6fddd48f3343300db8
Zero Day Initiative Advisory 07-030
Posted May 17, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the DFS RPC interface. When parsing a request to DFSEnum, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2007-2446
SHA-256 | 91e22055cc50dfceefce609e05032fcf5fcbf0d73d7f8055b284244bf02e2faf
Zero Day Initiative Advisory 07-029
Posted May 17, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the LSA RPC interface. When parsing a request to LsarAddPrivilegesToAccount, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2007-2446
SHA-256 | 4e58ac3963f27cec1b2f15f211c2a7326c21eed90dd19a2e29069017e1fd6f91
Debian Linux Security Advisory 1291-1
Posted May 17, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1291-1 - Several issues have been identified in Samba, the SMB/CIFS file and print server implementation for GNU/Linux. When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal security stack may result in a transition to the root user id rather than the non-root user. The user is then able to temporarily issue SMB/CIFS protocol operations as the root user. This window of opportunity may allow the attacker to establish addition means of gaining root access to the server. Various bugs in Samba's NDR parsing can allow a user to send specially crafted MS-RPC requests that will overwrite the heap space with user defined data. Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution

tags | advisory, remote, local, root, protocol
systems | linux, debian
advisories | CVE-2007-2444, CVE-2007-2446, CVE-2007-2447
SHA-256 | 2c5900e1912afd8808c8d32a8f51cf028a1f8f9945e52bcc70856e6f69c1562f
jetbox-inject.txt
Posted May 17, 2007
Authored by Jesper Jurcenoks | Site netvigilance.com

Jetbox CMS version 2.1 suffers from an e-mail injection vulnerability that allows for spamming.

tags | exploit
advisories | CVE-2007-1898
SHA-256 | c7dbc50ccce006e515819bdfd897c3f26b5d448ed854794e900d74ea6f84cf5b
Gentoo Linux Security Advisory 200705-15
Posted May 17, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200705-15 - Samba contains a logical error in the smbd daemon when translating local SID to user names (CVE-2007-2444). Furthermore, Samba contains several bugs when parsing NDR encoded RPC parameters (CVE-2007-2446). Lastly, Samba fails to properly sanitize remote procedure input provided via Microsoft Remote Procedure Calls (CVE-2007-2447). Versions less than 3.0.24-r2 are affected.

tags | advisory, remote, local
systems | linux, gentoo
advisories | CVE-2007-2444, CVE-2007-2446, CVE-2007-2447
SHA-256 | 11828015d844fd7596084722c8d3906387cfbfabeefee3497ff0cdd5165a5763
BTP00002P005CF.zip
Posted May 17, 2007
Site matousec.com

Proof of concept code that demonstrates a flaw with how Comodo Firewall uses process identifiers in Microsoft Windows allowing for complete bypass.

tags | exploit, proof of concept
systems | windows
SHA-256 | 554567a136180ed2caf57600fcc2ac53de65c4b4dc1b264bec728e134b623c95
BTP00000P000ZA.zip
Posted May 17, 2007
Site matousec.com

Proof of concept code that demonstrates a flaw with how ZoneAlarm uses process identifiers in Microsoft Windows allowing for complete bypass.

tags | exploit, proof of concept
systems | windows
SHA-256 | 85d488235cded3eec20abacf33b255071cbc8ab0b26d3ebfcb4f29456b781007
bypassing-pwf-hips.txt
Posted May 17, 2007
Site matousec.com

A flaw with how various personal firewalls and HIPS software use process identifiers in Microsoft Windows allows for complete bypass. Comodo Firewall Pro 2.4.18.184, Comodo Personal Firewall 2.3.6.81, and ZoneAlarm Pro 6.1.744.001 are some of the products affected.

tags | advisory
systems | windows
SHA-256 | a08b2e81d6fcc34325cc87218835cf89eb4ed2768bb3e42846f83adf580d458c
GS07-01.txt
Posted May 17, 2007
Authored by Fatih Ozavci, Caglar Cakici | Site gamasec.net

Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious content to bypass HTTP content scanning systems. Systems affected include Checkpoint Web Intelligence and IBM ISS Proventia Series systems.

tags | advisory, web
SHA-256 | ed7d99c4b0c8cf924026804e5a72dd264e34e794211f2f18d66d3c41fdd46077
w2box-upload.txt
Posted May 17, 2007
Authored by 4ur3v0ir

w2box web version 2.0 suffers from a file upload vulnerability that allows for remote code execution.

tags | exploit, remote, web, code execution, file upload
SHA-256 | f0a012cdb166391c4e9f98f767c1d5c041fccc9b1ea9943b9d745e98eadc8905
tinc-1.0.8.tar.gz
Posted May 17, 2007
Authored by Ivo Timmermans | Site tinc-vpn.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: Fixed some memory and resource leaks. Made network sockets non-blocking under Windows.
tags | encryption
SHA-256 | 454818555920cfc15815b9bfb4cb6432d315da73b692aaad39e9575eeedbfcbd
precision-overwrite.txt
Posted May 17, 2007
Authored by shinnai | Site shinnai.altervista.org

PrecisionID Barcode ActiveX version 1.9 remote arbitrary file overwrite exploit.

tags | exploit, remote, arbitrary, activex
SHA-256 | 1d2609dab203b1100ee239bb2e2955bb95f9288fa23799b0b797b5053b9dbc3b
eudora71-overflow.txt
Posted May 17, 2007
Authored by Krystian Kloskowski

Eudora version 7.1 SMTP ResponseRemote remote buffer overflow exploit that spawns calc.exe.

tags | exploit, remote, overflow
SHA-256 | dee4298443c6b9d9f415fc207a19503a11daee971e419b00b9f6a8fd6f8c4484
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close