RapidCache versions 2.2.6 and below suffer from denial of service and directory traversal bugs.
9e8235a36daf36f0ef225186bf427d9237e751f7245e744d783a418c71e1d0f5WWW File Share Pro versions 2.42 and below allow for files outside of the webroot to be overwritten due to invalid input validation, a denial of service attack when POSTs are made with large amounts of bytes, and directory authorization bypass.
4c071c11277f22ac564d41f1c75b17b4836ee660374acfd340f21bd50065149aPhpDig version 1.6.x allows for remote command execution in its config.php script. Anybody can inject a url in the relative_script_path variable and obtain command execution with web server privileges.
b24e855c02a2ea8f3937595116627162c9ebfb2051a870e2bd9c0282161bf0f6KDE Security Advisory: All versions of kdepim, as distributed with KDE versions 3.1.0 through 3.1.4 inclusive, have a buffer overflow in the file information reader of VCF files.
4bc3105bfc840db454199fc6055e58f5d0bb7a20944a902bb13c82ac0a4a15a3nCipher Security Advisory No. 8 - Versions 1.3.12, 1.5.18, and 1.6.18 of the payShield SPP library may return Status_OK regardless of what the real reply status should be.
5c8eacd2a6a36cd561e7674a8b96098272d42a7be2267074d5251cc298560d9bCERT Advisory CA-2004-01 - A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocol H.323. Voice over Internet Protocol (VoIP) and video conferencing equipment and software can use these protocols to communicate over a variety of computer networks. Exploitation of these vulnerabilities may result in the execution of arbitrary code or cause a denial of service, which in some cases may require a system reboot.
0cb8f99ad246f6fa9ef0d349c392489042110ed97fa233c5e150ecff6cf4d6e1FishCart versions 3.0 and below suffer from an integer overflow when using PHP2 and receiving an order of a billion or more. Patch available here.
2946a8743904f2413e9d0cb500b30f4a0b3084aa946a8a95dc72993514a01cc6racoon, KAME's IKE daemon, contains multiple flaws which allow for the unauthorized deletion of IPsec and ISAKMP SAs.
cbe0353e2d61b2cc2f27aba78a849a48ebb7737a512565da9ec47b3e188ecf13Local exploit that makes use of a symlink vulnerability in YaST when using SuSEconfig.gnome-filesystem.
b52db200e1ea04d1dd8b34e13eb95b40a438eeed156071a65829e4a699a709a6Local exploit that makes use of a symlink vulnerability that lies in Antivir for Linux version 2.0.9-9.
16c3a212203098718f24a83489734c130a494f00fe79ca71a4e1ce777906a39dCisco Security Advisory 20040113 - Multiple Cisco products contain vulnerabilities in the processing of H.323 messages, which are typically used in Voice over Internet Protocol (VoIP) or multimedia applications. All Cisco products running IOS software, Cisco CallManager versions 3.0 through 3.3, Cisco Conference Connection (CCC), Cisco Internet Service Node (ISN), Cisco BTS 10200 Softswitch, Cisco 7905 IP Phone H.323 Software Version 1.00, and Cisco ATA 18x series products running H.323/SIP loads with versions earlier than 2.16.1 are all susceptible to attack.
c1cdc150d25e07af67e4c08b6ff2b6c9c80d58d41b90e583c3fce4af8498da16Remote exploit for Windows FTP server version 1.6. Data for original vulnerability discovery made by Peter Winter-Smith here.
0aec0aed6891ae2629f8a646add69806a9b1a216e29c1bda7b123ef126e05408phpGedView version 2.65 beta 5 is susceptible to SQL injection attacks, path disclosure issues, cross site scripting, and denial of service attacks.
094b03352c5b18b33d01d1e8130f34dc9ebd3a1a84468e7051f67ce4e422685fSecure Network Operations Advisory SRT2004-01-09-1022 - Symantec LiveUpdate versions 1.70.x through 1.90.x has a vulnerability that allows local users to become SYSTEM. Products affected include Norton SystemWorks 2001-2004, Norton AntiVirus (and Pro) 2001-2004, Norton Internet Security (and Pro) 2001-2004, and Symantec AntiVirus for Handhelds v3.0.
4c775c66c82287be41345fd9ecb5d5bd94271ba0bb0a8ddc47b1cecff85dbac8DameWare Mini Remote Control versions 3.73 and below remote exploit. Tested against Windows 2000 with versions 3.68 and 3.72.
ef92006dbb8f3036693f95127cba9c8d48aec7349cfcdc2d8a0a95478c76a758The ezContents utility allows for arbitrary code execution on the server due to a lack of input validation.
36c30b0d861ec350e51582820117757d408e10079516d49c48514b47eb2d06feThe PHP class _Manpage Lookup_ is vulnerable to a directory traversal bug due to a lack of input validation.
7755ca5dd6ea60fc0ee416787fc1da2b9826689ee6413b1dbc16b268fd7834a9Accipiter Direct Server is susceptible to a directory traversal attack that allows retrieval of files outside of the webroot.
43fc021bddaaffb99f5f44fffa19c7dfe5be41363b597d9275e245ad021bdf0dGetRAW for Windows will query any web server on any given port for banner, date, server, content modification, ETag, Accept-Range, Content Length, current connection and content. Uses the perl IO::Socket::INET module. Includes source and win32 executable.
29f9bacbdaff083ccbdc127a8d60a43e3ebad6bdaf4ebe804790be5799faa592The Windows FTP Server is a small free third party ftp server which contains a format string vulnerability in v1.6.1 and below.
2039204c5b39559e9e823c8993dc86c4a3cc6f900672113b8b81cad3cfec257cThe webserver in FreeProxy v3.6.1 contains directory traversal and denial of service vulnerabilities.
700a78e4033e8e8df008a7d4bab8eefa338548196ba4190ce23b5ac6517e2f52afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
ae526f6650d9c0196964d717e60afd17c16aa9578ea1efe526350d8ed132e695The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
b575a8e739d48ad27b6b4dc9343c808e52914c5a74122670e3a75df2390e9386void11 is a 802.11(b) wireless network penetration utility. It implements basic attacks like de-authentication flooding (network dos) and authentication flooding (access point dos). void11 automatically searches and attacks target networks, stations or access points configurable by simple match-list expressions. It is possible to deny all 802.11(b) wireless service in a range, because of it's "roaming" capability. void11 has been built on top of the Linux hostap daemon and provides a simple command-line interface and a clicky-bunty gtk+-2 interface.
08d588ce0731d0c0e55a1cac35acf019e1b735d0f75f16962adfeb4fefd69441KpyM telnet server versions 1.05 and below for Microsoft Windows NT/2000/XP fail to properly clean up when disconnecting users, allowing for a remote attacker to commit a denial of service attack.
19e35a6c61741ea60049be9453fbe6a7585f49c0838bab33bf7140182a1fa39e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed