what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

Files Date: 2004-01-19 to 2004-01-20

networker60.txt
Posted Jan 19, 2004
Authored by l0om

A plausible symlink attack exists in networker version 6.0 in the shutdown script.

tags | advisory
SHA-256 | f71446ef6211d128c354e2004097b4569b81064c3ae7c06613e3f72160b90019
j2ee.pointbase.txt
Posted Jan 19, 2004
Authored by Marc Schoenefeld | Site illegalaccess.org

Attached is an exploit that crashes the Pointbase 4.6 database server that comes with the J2EE reference implementation. It is caused by fact that the Pointbase installation coming with j2ee/ri 1.4. is not equipped with an appropriate security manager, thus giving all jars implicitly all permissions. These unlimited permissions can be exploited by an attacker using jdbc to crash the jvm running the pointbase server. Further exploitations possible are information disclosure and remote command injection.

tags | exploit, remote, info disclosure
SHA-256 | dce14b7ba6ef63416061596683c967a3e51ca10f2c1f0204a348921ccdd803ca
qmailcrash.html
Posted Jan 19, 2004
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #65, 2004 - Qmail version 1.03 is susceptible to a couple attacks. A crash in qmail-smtpd occurs with a long SMTP session. The crash is not global, it affects only the current SMTP session. It is also possible to trigger a segmentation violation (SEGV) from the network.

tags | advisory
SHA-256 | 10dae39fc506d25c870163518f0077627ecaf939966caa0aad04678186ced065
pablo-ftp.txt
Posted Jan 19, 2004
Authored by Arnaud Jacques | Site securiteinfo.co

Pablo FTP server version 1.77 allows for information disclosure by detecting whether or not a file exists outside of the FTP root directory, allow a remote attack to peruse the system at will.

tags | advisory, remote, root, info disclosure
SHA-256 | 30472f2da0279acae8a308c9b219bd017b1c9a745f39a30ef1595f0e3ec6872e
mambo.txt
Posted Jan 19, 2004
Authored by FraMe | Site kernelpanik.org

The Mambo Open Source web content management system allows for remote command execution as the webserver user id due to a lack of input validation.

tags | advisory, remote, web
SHA-256 | da6f8e308f6903ca98dc9383805abc68a8004be17d4c4787d292645cd9e1a4cb
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close