A specially constructed Java Applet crashes Opera versions 6.05 and 7.01. Opera's own class files in the opera.jar library are susceptible to a buffer overrun which causes a JVM crash and then crashes Opera.
348fa9d0eb2e4f65de49b13f851cd88cba36942bf730efaae4b722eecbce6fa8IDScenter is a control and management front-end for the Windows platform. Main features: Snort 1.9/1.8/1.7 support, Snort service support, Snort configuration wizard, Rule editor, AutoBlock plugins (Network ICE BlackICE Defender plugin included (Delphi, open-source), Plugin framework for Delphi included), MySQL alert detection & file monitoring, e-mail alerts / alarm sound alerts / visual notification, etc.
69cbc9866723c2a52f2fe4ea7f68cc35f117253d649d9afa4245f43c1d6680a7YAPH, or Yet Another Proxy Hunter, is a stealth proxy hunter that finds public access proxy servers on the Internet and validates proxy lists. YAPH reveals SOCK4, SOCKS5 and HTTP (CONNECT method) proxies.
62c236eb1cd4a5140b712726ae18fb9f8a1eaee597912ff49170d43d56674a2cLocal Exploit for a buffer overflow in /usr/ports/games/nethack32 which gives a privilege escalation to group id games.
abb5288b7bfd7cc323676bad19715c4a998d3dc8a42907c4990dee00d5bc2822iDEFENSE Security Advisory 02.10.03: Eset Software's NOD32 Antivirus System is a cross-platform anti-virus application which contains a locally exploitable buffer overflow on the Unix version which could allow attackers to gain root privileges.
9c873e85cfe6992b13b2e8da5382e348d3979db26cf79e682de57495f210babfMandrake Linux Security Advisory MDKSA-2003:015 - A buffer overflow vulnerability was discovered in slocate by team USG. The overflow appears when slocate is used with the -c and -r parameters, using a 1024 (or 10240) byte string. This has been corrected in slocate version 2.7. Affected Mandrake versions: 8.0, 8.1, 8.2 and 9.0
aadb5388056e5519e20c8bceae53605626d6a2a12bf45477b585fd83693fef06Mandrake Linux Security Advisory MDKSA-2003:014 - An updated kernel for Mandrake 9.0 is available with a number of bug fixes. This new package also fixes a security problem that allows non-root users to freeze the kernel, and a fix for a vulnerability in O_DIRECT handling that can create a limited information leak. This last bug also allows users to create minor file system corruption (this can easily be repaired by fsck).
c116e3fc3745453b25f2c7dce5ded5e55c55e7bc93d37b907f46a59d8a81e5a1The code that sets the programs title bar in AbsoluteTelnet contains a buffer overflow vulnerability that can allow code execution. This affects AbsoluteTelnet version 2.00, 2.11 and has been fixed in this beta version of AbsoluteTelnet.
65f6d610ec78851f395bbebde3a968de65fed38e03e1bd3371bc86a90631695fRed Hat Security Advisory RHSA-2003:037-09 - Xpdf v2.01 and below contains remote vulnerabilities which allow attackers to execute code via malformed PDF files.
d36bd83c1e631ca88b084773941fc003645cf2620c32e9cea362d123ae67f368Red Hat Security Advisory RHSA-2003:043-12 - A buffer overflow in Window Maker v0.80.0 and earlier allows remote attackers to execute arbitrary code via an image file that is not properly handled when Window Maker uses width and height information to allocate a buffer. This could be exploited by a user opening a malicious theme.
dcb96d7190a5017b1ad85fba57f8db0ab2b5e205a1b1efcc5fdeb082a66fd3ecRed Hat Security Advisory RHSA-2002-014 - Libldap and the slapd and slurpd servers that come with OpenLDAP v1.2.13 and below contains local and remote buffer overflow vulnerabilities.
d9a0934797365d47e79498ec86e7fcaf8d412e815d2c12f3616bd01c66513348Solaris "at -r" tmp race condition exploit which allows users to remove any file on the system.
0e4eab68b09f0e8fa8ff07d18d3403760f7028cb038b1899882f303593f7e53aMicrosoft Security Advisory MS03-005 - A buffer overflow in the Windows XP Windows Redirector allows local users to gain increased privileges provided they are able to log onto the system interactively.
8bfdb49825e91a5de6549e055b50782a186b046a126f241d61d6f888147ccc6dMicrosoft Security Advisory MS03-004 - A large patch for IE 5.01, 5.5, 6.0 has been released which fixes two newly discovered vulnerabilities, one of which allows malicious web sites to execute remote code on client browsers by misusing a dialog box. A cross-domain vulnerability in Internet Explorer's showHelp() functionality can be tricked into invoking executables already present on a user's local system, downloading malicious code onto a user's local system, and allowing attackers to download users data.
b362e647344b3d8fd63fe7d03e850546c8bde19ce683f1a987e257d371541666LibExploit is a generic exploit creation library to help the security community when writing exploits to test a vulnerability. Using the API you can write buffer overflows (stack/heap/remote/local) and format strings fast and easily by taking care of a lot of the redundant code. Features network and overflow functions, shellcode for several platforms, NIDS evading shellcode, OS detection, multiplatform exploits, and more.
046cce8986889c3f51abdd31b061df4593c566aaede812809e4a06a1fe5865bcThis 137 byte Linux shellcode creates a remote ICMP backdoor that can be controlled trough the ping utility.
9b7f1bf697b9a01fb4663131fe0f9e6fccb1296052337e0f27f72333d60f55dfRed Hat Security Advisory RHSA-2003:017-06 - Red Hat released new PHP packages that are no longer affected by the wordwrap() heap overflow vulnerability. These packages are available for Red Hat version 8.0.
65201ac8d85f84a7a6297dd65aa74862be4e863494a472c0612a0d7544f4ae02FreeBSD Security Advisory FreeBSD-SA-03:01 - It has been found that the CVS server can be tricked to free memory more then once, which can be used for remote code execution. Additionally, the CVS server allowed clients with write access to specify arbitrary commands to execute as part of an update (update-prog) or commit (checkin-prog). This behavior has been restricted. This affects all FreeBSD versions prior to 4.6-RELEASE-p7, 4.7-RELEASE-p4 and 5.0-RELEASE-p1.
04676dcda11f1a243bf6290503b701850ff6c455eef9399e03ed4dc95e392be6Red Hat Security Advisory RHSA-2003:025-20 - Updated kernel packages for Red Hat Linux 7.1, 7.2, 7.3, and 8.0 have been made available that fix an information leak from several ethernet drivers (reported by Atstake), and a file system issue.
211f41f3c990e4ed3e36343477ac000e9faf9989b97be3b78b93aa11fa0bdf7aSMAC v1.1 is a Windows MAC Address Modifying Utility which allows users to change MAC address for almost any Network Interface Cards (NIC) on the Windows 2000 and XP systems, regardless of whether the manufactures allow this option or not.
42d16987f4a90ce771fc4ae9b391e0466508486a0eceaed0396da1d48a0d21caSPIKE is an attempt to write an easy to use generic protocol API that helps reverse engineer new and unknown network protocols. It features several working examples. Includes a web server NTLM Authentication brute forcer and example code that parses web applications and DCE-RPC (MSRPC). Changelog available here.
86d96bf99bcd039981ca89f8b55edca9f39fa71986a9df7c51797e24f233dbcdBoth the 32 FTP Client version p9.49.01 and ByteCatcher FTP Client V1.04b are susceptible to being crashed due to a large banner. Arbitrary code execution against the client may be possible.
dbd4fb324ffcac9ecb0d8c4f98982a0eb9e3c1f0b1ca20e8533d6773e2440c31Majordomo, the popular mailing list utility, defaults which_access to open in the configuration file. A list of email accounts for a mailing list can be compromised by this de-facto setting by sending which @. Patch included.
8efeb015e6583cfd9603c53d758fcd752e89c4d7096f788f8d997d1a1b2f0abeMIT krb5 Security Advisory 2003-001: Multiple vulnerabilities have been found in MIT Kerberos 5 releases prior to release 1.2.5. These vulnerabilities allow a remote user the ability to crash the KDC, a user authenticated in a remote realm may be able to claim to be other non-local users to an application server, and it may be possible for a user to gain access to the KDC system and database.
b4f8f659f09ba8c3ad8b82d31e826dd9864091b0a2158b838d6900b5c237cea2Two simple utilities that test the use of the crypt function. des-crypt.c takes in a user entered string and outputs the encrypted hash. des-decrypt.c tests for a valid password.
5e039b17397c46cdcd88bc0165dad7a6fccb7e02cbb5705effeed7daa77bec55
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed