Sambascan2 allows you to search an entire network or a number of hosts for SMB shares. It will also list the contents of all public shares that it finds. The difference between sambascan2 and other SMB viewers and scanners is that it will search everything using TCP/IP, and it will not send a lot of broadcast messages, so it can be used over LAN boundaries. It only uses SMB to list the shares and their contents.
c969fbe1147bb7291ed820fc635285fe82c3cfa70824b6674dd7cdbb603094fdAllMyGuests suffers from a PHP code injection vulnerability that allows a remote attacker to execute arbitrary commands on the server.
942969a79939e95cfeb0e66489b2a7bb67da8d59077abece9d3530faf4dd8620AllMyLinks suffers from a PHP code injection vulnerability that allows a remote attacker to execute arbitrary commands on the server.
455fe13e78ca8b714120c34b21cfa370f26b8f7c2c0cfce088dba787c7fc699bAllMyVisitors suffers from a PHP code injection vulnerability that allows a remote attacker to execute arbitrary commands on the server.
df8aa30a5295614238725f5082a8277bb929aac6924ee98fb15d32f55b2aeb85ASP Portal suffers from multiple vulnerabilities that can lead to disclosure of authentication information, disclosure of user information, execution of arbitrary code remotely, modification of user information, and identity spoofing. Cookie hijacking exploit enclosed.
e8e1d8a121e11e0a9246f324ce6326b2f6d53ab92eace97fe8e0cd1214ba9a81Remote denial of service exploit that causes a windows machine to reboot by manipulating the ASN.1 vulnerabilities mentioned here.
4b1303246713d534c4f2ba06e4601987ac52ec41c2f9c015ca77017cf870ed60Sami FTP server version 1.1.3 has multiple vulnerabilities that can lead to a denial of service.
8e85094ba9a6a67593d7a265f163919d0f7792d81fbde5e9bbd4b87c19634b52A cross site scripting vulnerability exists in VBulletin.
63600b0f7b537ceec34e8b8deb78e268a56b5b031bfc20a99ff94bc21caef919mailmgr version 1.2.3 is vulnerable to symlink attacks. If the utility is run as root, any file on the system can be overwritten.
93ee7bc51fe3ac504ce9e5a8fdfd64f5776ac41c90200f5e29296b8b1bab4e7eCrob FTP version 2.5.2 is vulnerable to a denial of service attack.
d203607240612684c7152609c705dc92cf03ee5e54cb90b79d49814973d234f4A cross site scripting vulnerability exists in VBulletin.
fd66808e15a736a0b19ab79de528aa189d3c154e6d989518c950b793d4db25a6aimSniff.pl 0.9b has a file deletion flaw. If the utility is run as root, a symlink attack can be used against a file in tmp to get root to remove any file on the system.
d35abb58d182e2ac03ec120bfbe800992445c733034160f3f66e0705ad173573iDEFENSE Security Advisory 02.11.04: Exploitation of a buffer overflow in the XFree86 X Window System allows local attackers to gain root privileges. The vulnerability specifically exists in the use of the CopyISOLatin1Lowered() function with the 'font_name' buffer. While parsing a 'font.alias' file, the ReadFontAlias() function uses the length of the input string as the limit for the copy, instead of the size of the storage buffer. A malicious user may craft a malformed 'font.alias' file, causing a buffer overflow upon parsing and eventually leading to the execution of arbitrary code.
969dc5cfdd69d231c477b299e5f6ef17b853eac7ca564fd483dcefed01c82792DallasCon Information Security Conference and Network Security Boot Camp will be April 27 to May 2, 2004. The Call for Papers is now open.
a3f5e2b49b0e431fc0cc8642f2fa2d0f01f8b51695c625e8b037fda98fa6ae17Various game engines and games developed by Ratbag is vulnerable to a denial of service attack. Full analysis given.
0b1089fe129f3c8ed14504b82bf9fa212d6479c35297ebd93aed59986e66802dMonkey httpd versions 0.8.1 and below suffer from a denial of service vulnerability when subjected to specially crafted HTTP requests.
5c7729ef7ce7341a339b4a7ec35c0a80d1826a23abee971b151f18e4c15e4879Jumper is a program for the search and analysis of hosts. It maps the network using the ARP protocol, and optionally can create an Nmap script. For example, it can tell you which IP addresses are free in your LAN segment or it can tell you which hosts are on your LAN.
da9f673c6a5447ac78e1765d5b1f5104ae05b4275d54e5c8b79d44a84b6f1f71Red Hat Security Advisory - A bug was found in the index menu code in versions of mutt. A remote attacker could send a carefully crafted mail message that can cause mutt to segfault and possibly execute arbitrary code as the victim.
4dafc8aeb12c53d9369ce922c96b1b8f0d286ad1d1ff1657aac4664ebd37034bLocal root exploit for the XFree86 font.alias vulnerability discussed in the advisory here. Tested on various versions of RedHat Linux.
ed1c569efa3e325a52a9440160ee982d9cf1d8e3c61594c37edad149d60c1e3aBosDates lacks sufficient sanitization of user-supplied data. Inadvertantly, it allows a remote attacker to influence SQL query logic to disclose sensitive information that can be used to gain unauthorized access.
99f16a5fc0fa02d0ef6ab68973a1477d5cc41f825bce692666aeaceb13a1ba27PHP code injection vulnerabilities in ezContents versions 2.0.2 and prior allow for a remote attacker to access arbitrary files and execute commands on the server.
f852d6bdd374bb2095a159b9896252b872a652c440495812ac704a127c25800aCERT Advisory TA04-041A - Multiple integer overflow vulnerabilities in the Microsoft Windows ASN.1 parser library could allow an unauthenticated, remote attacker to execute arbitrary code with SYSTEM privileges. Related eEye advisory here.
d15efbcc2142bc5ef34ae1dde8178035fc9aac8c3983d2d7ee7acf880431603cAtstake Security Advisory A021004-1 - Both Connectix Virtual PC 6.0.x and Microsoft Virtual PC 6.1 on Mac OS X suffer from an insecure temporary file creation vulnerability.
957d7e39e1983bcf0c08476d79bf23df3df003fbce3396e952ea4e50e60e12a6iDEFENSE Security Advisory 02.10.04: Exploitation of a buffer overflow in the XFree86 X Window System allows local attackers to gain root privileges. The problem specifically exists in the parsing of the font.alias file. The X server, which runs as root, fails to check the length of user provided input. A malicious user may craft a malformed font.alias file causing a buffer overflow upon parsing, eventually leading to the execution of arbitrary code.
d3db7fd0322ed5a49202a2729ebb1ac91eed13e5e70c0f5df79d02d83e05906bThe Microsoft Base Analyzer fails to properly report vulnerabilities on its systems when machines have been patched but not rebooted for the patches to take affect.
5d7ef01936df0292fd8830d6bc1fa9f605adfe64a768a6a871f90eefcd147494
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed