exploit the possibilities
Showing 1 - 25 of 39 RSS Feed

Files Date: 2007-05-17

cabright-help.txt
Posted May 17, 2007
Authored by Ken Williams | Site www3.ca.com

CA is aware that two functional exploit code samples were publicized on May 16, 2007. These two denial of service exploits are associated with vulnerabilities in CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe.

tags | advisory, denial of service, vulnerability
MD5 | fb0c6a521acccd5bd50ad4e8d0b6006b
SYM07-007.txt
Posted May 17, 2007
Authored by Will Dormann | Site symantec.com

CERT notified Symantec that a buffer overflow exists in an ActiveX Control used by Norton Personal Firewall. The error occurs in the Get() and Set() functions used by ISAlertDataCOM, which is part of ISLALERT.DLL. A successful exploit of this vulnerability could potentially allow the remote execution of code on a vulnerable system, with the rights of the logged-in user.

tags | advisory, remote, overflow, activex
MD5 | ede6160ce3905e7d5b3e1667b1d5fcaf
RFIDIOt-0.1m.tgz
Posted May 17, 2007
Authored by Adam Laurie | Site rfidiot.org

RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).

Changes: Various additions for better functionality and some bug fixes.
tags | tool, python, wireless
MD5 | 72e38cbbd29c0743bd1fd0327694fbec
vbul366-xss.txt
Posted May 17, 2007
Authored by laurent gaffie

vBulletin versions below 3.6.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9315fa7bdfe0556f76ce627dceee0062
i-bot.txt
Posted May 17, 2007
Authored by crossbower | Site playhack.net

I, Bot, Taking Advantage Of Robots Power. A response to the original bot related article in Phrack written by Michal Zalewski.

tags | paper
MD5 | 50a152ffdd28969e6ad885b444f34b17
Ubuntu Security Notice 460-1
Posted May 17, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 460-1 - Paul Griffith and Andrew Hogue discovered that Samba did not fully drop root privileges while translating SIDs. A remote authenticated user could issue SMB operations during a small window of opportunity and gain root privileges. Brian Schafer discovered that Samba did not handle NDR parsing correctly. A remote attacker could send specially crafted MS-RPC requests that could overwrite heap memory and execute arbitrary code. It was discovered that Samba did not correctly escape input parameters for external scripts defined in smb.conf. Remote authenticated users could send specially crafted MS-RPC requests and execute arbitrary shell commands.

tags | advisory, remote, arbitrary, shell, root
systems | linux, ubuntu
advisories | CVE-2007-2444, CVE-2007-2446, CVE-2007-2447
MD5 | 476081583b5fad8dc1a8e0b09b69c66f
wikyblog-rfi.txt
Posted May 17, 2007
Authored by nkillers

WikyBlog version 1.4.12 suffers from a remote file inclusion vulnerability in index.php.

tags | exploit, remote, php, code execution, file inclusion
MD5 | eacd08c948f8a1672b560053f0f7e584
Debian Linux Security Advisory 1292-1
Posted May 17, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1292-1 - Andreas Nolden discovered a bug in the UTF8 decoding routines in qt4-x11, a C++ GUI library framework, that could allow remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters.

tags | advisory, remote, xss
systems | linux, debian
advisories | CVE-2007-0242
MD5 | 12a7b7221ee6b51883cf8a3d510ec1d1
jetboxcms-xss.txt
Posted May 17, 2007
Authored by laurent gaffie

Jetbox CMS is susceptible to multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 90fd47852e92d3120a540d5a468075a4
Zero Day Initiative Advisory 07-033
Posted May 17, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the LSA RPC interface. When parsing a request to LsarLookupSids/LsarLookupSids2, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2007-2446
MD5 | 35687f97d20fbe66af1e1da1c5b0e9ab
Zero Day Initiative Advisory 07-032
Posted May 17, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the SRVSVC RPC interface. When parsing a request to NetSetFileSecurity, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2007-2446
MD5 | f4fe06853dd941c84f9b054af34a737b
Zero Day Initiative Advisory 07-031
Posted May 17, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the SPOOLSS RPC interface. When parsing a request to RFNPCNEX, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2007-2446
MD5 | f8dc71e8ab1c7c4c646b490428db484b
Zero Day Initiative Advisory 07-030
Posted May 17, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the DFS RPC interface. When parsing a request to DFSEnum, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2007-2446
MD5 | d549778dfbb738edf585c7b51106b601
Zero Day Initiative Advisory 07-029
Posted May 17, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the LSA RPC interface. When parsing a request to LsarAddPrivilegesToAccount, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2007-2446
MD5 | ce96031b28a8ba05deb2c066745918c9
Debian Linux Security Advisory 1291-1
Posted May 17, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1291-1 - Several issues have been identified in Samba, the SMB/CIFS file and print server implementation for GNU/Linux. When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal security stack may result in a transition to the root user id rather than the non-root user. The user is then able to temporarily issue SMB/CIFS protocol operations as the root user. This window of opportunity may allow the attacker to establish addition means of gaining root access to the server. Various bugs in Samba's NDR parsing can allow a user to send specially crafted MS-RPC requests that will overwrite the heap space with user defined data. Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution

tags | advisory, remote, local, root, protocol
systems | linux, debian
advisories | CVE-2007-2444, CVE-2007-2446, CVE-2007-2447
MD5 | abe8236f5ffb6e401b46583bc92e37e5
jetbox-inject.txt
Posted May 17, 2007
Authored by Jesper Jurcenoks | Site netvigilance.com

Jetbox CMS version 2.1 suffers from an e-mail injection vulnerability that allows for spamming.

tags | exploit
advisories | CVE-2007-1898
MD5 | 8ee84f29e8299d5fa0cce5361d5b26d3
Gentoo Linux Security Advisory 200705-15
Posted May 17, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200705-15 - Samba contains a logical error in the smbd daemon when translating local SID to user names (CVE-2007-2444). Furthermore, Samba contains several bugs when parsing NDR encoded RPC parameters (CVE-2007-2446). Lastly, Samba fails to properly sanitize remote procedure input provided via Microsoft Remote Procedure Calls (CVE-2007-2447). Versions less than 3.0.24-r2 are affected.

tags | advisory, remote, local
systems | linux, gentoo
advisories | CVE-2007-2444, CVE-2007-2446, CVE-2007-2447
MD5 | 65698138a6ca1abe5ee01f4f35c2a8eb
BTP00002P005CF.zip
Posted May 17, 2007
Site matousec.com

Proof of concept code that demonstrates a flaw with how Comodo Firewall uses process identifiers in Microsoft Windows allowing for complete bypass.

tags | exploit, proof of concept
systems | windows
MD5 | a52ac420ca7716f99be0fb512788583a
BTP00000P000ZA.zip
Posted May 17, 2007
Site matousec.com

Proof of concept code that demonstrates a flaw with how ZoneAlarm uses process identifiers in Microsoft Windows allowing for complete bypass.

tags | exploit, proof of concept
systems | windows
MD5 | 8000bd70c5341bd4a19fe358e745fb1d
bypassing-pwf-hips.txt
Posted May 17, 2007
Site matousec.com

A flaw with how various personal firewalls and HIPS software use process identifiers in Microsoft Windows allows for complete bypass. Comodo Firewall Pro 2.4.18.184, Comodo Personal Firewall 2.3.6.81, and ZoneAlarm Pro 6.1.744.001 are some of the products affected.

tags | advisory
systems | windows
MD5 | 579317c5c7048a1cd8e38680cff269df
GS07-01.txt
Posted May 17, 2007
Authored by Fatih Ozavci, Caglar Cakici | Site gamasec.net

Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious content to bypass HTTP content scanning systems. Systems affected include Checkpoint Web Intelligence and IBM ISS Proventia Series systems.

tags | advisory, web
MD5 | 0a9c643277ef9ac0d42b10d2a455e812
w2box-upload.txt
Posted May 17, 2007
Authored by 4ur3v0ir

w2box web version 2.0 suffers from a file upload vulnerability that allows for remote code execution.

tags | exploit, remote, web, code execution, file upload
MD5 | 9359fee007b64aeb433cfae5ff26d3a8
tinc-1.0.8.tar.gz
Posted May 17, 2007
Authored by Ivo Timmermans | Site tinc-vpn.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: Fixed some memory and resource leaks. Made network sockets non-blocking under Windows.
tags | encryption
MD5 | 1b59583b5bc57806459c81a413fb0cc4
precision-overwrite.txt
Posted May 17, 2007
Authored by shinnai | Site shinnai.altervista.org

PrecisionID Barcode ActiveX version 1.9 remote arbitrary file overwrite exploit.

tags | exploit, remote, arbitrary, activex
MD5 | 5ec06f4b62373472d9d31674d7e51cc0
eudora71-overflow.txt
Posted May 17, 2007
Authored by Krystian Kloskowski

Eudora version 7.1 SMTP ResponseRemote remote buffer overflow exploit that spawns calc.exe.

tags | exploit, remote, overflow
MD5 | 62336856e83a61fc944b23ae7ccf79aa
Page 1 of 2
Back12Next

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    13 Files
  • 28
    May 28th
    18 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close