exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2002-04-17 to 2002-04-18

ms02-019
Posted Apr 17, 2002

Microsoft Security Advisory MS02-019 - A serious buffer overflow has been found in IE 5.1 and Office v. X for Macintosh. The vulnerability can be exploited via HTML email or web pages. In addition, a a vulnerability that can allow local AppleScripts to be invoked by a web page without first calling the Helper application has been patched. Microsoft FAQ on this issue available here.

tags | web, overflow, local
SHA-256 | 0df4eea8b519da3c639afe8b40d901041deccb1026f17bf145c7034c68d0de6e
microsoft.ftp.glob.txt
Posted Apr 17, 2002
Authored by H D Moore | Site digitaloffense.net

The Microsoft FTP service is vulnerable to a Denial of Service attack in the STAT command. This condition can be triggered by a remote attacker using either a valid user account or anonymous, which is enabled by default. Once exploited, all services running under the inetinfo.exe process will terminate. MS02-018 addresses this problem. Example crash string included.

tags | remote, denial of service
SHA-256 | 2d287a384101b42f3989cffb8032594adeaccdae10b2f64870116030bbe24157
FreeBSD Security Advisory 2002.20
Posted Apr 17, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:20 - Two denial of service vulnerabilities were found in the syn cookie implementation in FreeBSD. When a SYN was accepted via a syncookie, it used an uninitialized pointer to find the TCP options for the new socket. This pointer may be a null pointer, which will cause the machine to crash. In addition, restarting applications using syn cookie protected sockets can cause a reference to an old inpcb pointer, crashing the system.

tags | denial of service, tcp, vulnerability
systems | freebsd
SHA-256 | 8b6f4a7fd0cea3fb0298753657a3d2e32a940bde4640bc28a17a99e80f3479b2
oracle.html.txt
Posted Apr 17, 2002
Authored by David Reign

Oracle databases contain a security hole which allows HTML and SQL injection.

tags | sql injection
SHA-256 | 9b235a8d11d035da4f272f10984b3a10b1a7578387b1c59fcaab207c87ef8184
centurion.tar.gz
Posted Apr 17, 2002
Authored by LByte | Site lbyte.void.ru

Centurion checks any cgi script on remote server for vulnerabilities like directory traversal bugs, null byte, and incorrect filtering of meta characters. Tested on CGI, PL, PHP, and SHTML.

tags | tool, remote, cgi, scanner, php, vulnerability
systems | unix
SHA-256 | d198a0549f10a92ccbdc7f00b7981ac82849918ead0e30d588de869414cafcfb
w00w00.office.txt
Posted Apr 17, 2002
Authored by w00w00, Matt Conover | Site w00w00.org

Multiple Microsoft Products for Mac OS contain serious remote vulnerabilities. Affected software includes IE 5.1, Outlook Express 5.0.2, Microsoft Entourage, Powerpoint 98, 2001, and X, Excel 2001 and X, and Microsoft Word 2001. The problem lies in the handling of a lengthy subdirectory in the file:// directive.

tags | remote, vulnerability
SHA-256 | 0d1685a0d3bfbd5389152c55e3cb7bd952d9225c2961bbf6c7cd577e029199b4
linspy2beta2.tgz
Posted Apr 17, 2002
Authored by Xian

Linspy is keystroke logger for linux kernels v2.2 and 2.4 which records TTY activity. Based on Halflife's article from Phrack 50.

tags | tool, kernel, rootkit
systems | linux, unix
SHA-256 | a9e4cd35b9e7429a92963387223b4ee11f8682e2191061851aa0bc4329c20904
webalizer.dns.txt
Posted Apr 17, 2002
Authored by Spybreak

Webalizer v2.01-09 contains a remote buffer overflow if DNS lookups are turned on. A compromised DNS server can be used to return hostnames that are too long, executing code as root.

tags | remote, overflow, root
SHA-256 | 7055a3e82518d1a2f7545979aec64c7bdca857a417b4fd51475fe18fab55e87c
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close