exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 193 RSS Feed

Files Date: 2004-03-01 to 2004-03-31

jelsoftvb.txt
Posted Mar 17, 2004
Authored by James Bercegay | Site gulftech.org

Jelsoft vBulletin 3.0.0 RC4 and other releases and susceptible to cross site scripting attacks.

tags | exploit, xss
SHA-256 | 9ba7da743e628349c8ee4a1a744b90aa09ff076bcd1c22b86689eb34a1126b4e
crafty.zip
Posted Mar 17, 2004
Authored by Angelo Rosiello | Site rosiello.org

Local exploit for the Crafty game versions 19.3 and below that makes use of a buffer overflow vulnerability. Tested on Red Hat 9.0 and Slackware 8.0.

tags | exploit, overflow, local
systems | linux, redhat, slackware
SHA-256 | 82dbacb90891acc5cb1caec18b225e003314199535445fa71cd2de41626faf7d
crafty-adv.txt
Posted Mar 17, 2004
Authored by Debian | Site rosiello.org

A vulnerability exists in the Crafty game versions 19.3 and below that allows a local user to escalate privileges via a buffer overflow.

tags | advisory, overflow, local
SHA-256 | d713ebffde11218f34d8b01dc14e79a08b13899fd42c6dc9b3f2f306677c6691
phorum503.txt
Posted Mar 17, 2004
Authored by James Bercegay

Cross site scripting vulnerabilities exists in Phorum versions 5.0.3 Beta and below.

tags | exploit, vulnerability, xss
SHA-256 | 5b4e2faeef8fc7c76847ad3ef1332b7b89e7e904e4fcb3dad65ce3a6d8adb457
waraxe-2004-SA007.txt
Posted Mar 17, 2004
Authored by Janek Vind aka waraxe

Both cross site scripting and SQL injection vulnerabilities exist in the 4nGuestbook version 0.92 module for PHP-Nuke versions 6.5 through 6.9.

tags | exploit, php, vulnerability, xss, sql injection
SHA-256 | f732ec2b913b6d095bd8180dac6ad638b87e3c15c8c333cfdacde98395e7fb6d
waraxe-2004-SA006.txt
Posted Mar 17, 2004
Authored by Janek Vind aka waraxe

The 4nalbum module for PHP-Nuke versions 6.5 to 7.0 suffers from path disclosure, cross site scripting, remote file inclusion, and SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, xss, sql injection, file inclusion
SHA-256 | b72910a8ea7f3795a3370ca420ebdd0d9f784cdcd93d78ee2fde747165559de9
waraxe-2004-SA005.txt
Posted Mar 17, 2004
Authored by Janek Vind aka waraxe

PHP-Nuke 7.1.0 is susceptibel to multiple cross site scripting attacks.

tags | exploit, php, xss
SHA-256 | bf21be75eb9e862841810c4026922d4b2d10f41775f4e6120c0f1755aee6e9a2
soapy.txt
Posted Mar 17, 2004
Authored by Amit Klein | Site SanctumInc.com

Multiple vendors suffer from a denial of service vulnerability in their SOAP servers. Products affected: Macromedia ColdFusion/MX 6.0 and 6.1, ColdFusion/MX 6.0 and 6.1 J2EE, all editions of Macromedia JRun 4.0, and Sun Java System Application Server 7 Update 2 Upgrade and prior releases.

tags | advisory, java, denial of service
SHA-256 | edfd88863f29ed6adcb5fa19d6baa42407918c5ba0a3e4f0296be2a21ea83fbd
mpsb04-03.html
Posted Mar 16, 2004
Authored by Chris Irvine | Site macromedia.com

Macromedia Security Bulletin MPSB04-03 - Macintosh versions of the Macromedia installers and e-licensing client install a service whose file permissions allow other users to write to the file. This may allow one local user to obtain the permissions of another local user, resulting in privilege escalation.

tags | advisory, local
SHA-256 | 06569fc73f56b134f1c6ccc379a1250b834fd97e8c4fbcb362ffbf3611186893
novellweb.htm
Posted Mar 16, 2004
Site support.novell.com

Novell has identified an issue with the default configuration of GroupWise 6 and 6.5 WebAccess that could allow unauthorized access to the WebAccess server. This issue affects only systems running GroupWise 6 or 6.5 WebAccess on NetWare using the Apache 1.3x web server and where Apache is loaded using the GWAPACHE.CONF file.

tags | advisory, web
SHA-256 | 3af321a0b71da464f106be0cbfd62b884c6d174fcc11563a1739cc9ed3673c13
2004alert66.pdf
Posted Mar 16, 2004
Site otn.oracle.com

Oracle Security Alert 66 - Security vulnerabilities have been discovered in Oracle Application Server Web Cache 10g (9.0.4.0.0) and Oracle9i Application Server Web Cache.

tags | advisory, web, vulnerability
SHA-256 | 2265276da46e246bf16627f4b8bd512ba4c18a873a847af0740783b7284199f8
afick-2.0-0.tgz
Posted Mar 16, 2004
Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Various bug fixes and feature enhancements.
tags | tool, integrity
systems | windows, unix
SHA-256 | 13c2dfdd859d8d5178d0d1ad9dcc054cee17dac78a9d3eafda495df62b259f65
motiontrack-0.0.8.tar.gz
Posted Mar 16, 2004
Authored by Corvus V Corax | Site motiontrack.sourceforge.net

Motiontrack is a set of tools that detects motion between two images. It is able to successfully distinguish random flicker from real object movement by applying a set of filters to the images, and can optionally ignore given colors and/or image regions. The roadmap provides for being able to identify objects by pattern detection and AI routines. Currently, this tool is able to turn line-art images into ASCII-art text as a demo feature.

systems | linux
SHA-256 | a6939f44565f5b1c0b8a867e6690d784222af761336425e7e8d7c2b506415bf4
vocaltec8.txt
Posted Mar 16, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

VocalTec Gateway version 8 has multiple vulnerabilities. Using an information disclosure vulnerability existant in this server, an attacker can then traverse directories when treating the file as a directory, and gain access to any file normally protected.

tags | exploit, vulnerability, info disclosure
SHA-256 | d2d7e12389fdeb8f5acccd3265801cd775e76256b88501a5b4d43b3d6ea8a296
wsftp802.txt
Posted Mar 16, 2004
Authored by John Layman

WS_FTP Pro versions 8.02 and below suffer from a buffer overrun when ASCII mode directory data is passed to the client from the server. If the data exceeds 260 bytes without a terminating CR/LF, the application will crash. Arbitrary code execution is possible.

tags | advisory, overflow, arbitrary, code execution
SHA-256 | 053fdbe09d3248b0bcb77193ec1300cfa9c274c9284e37fa1da31338c10879d8
hp_http.sxw.pdf
Posted Mar 16, 2004
Authored by Dave Aitel | Site immunitysec.com

Immunity Security Advisory - The Compaq Web Management system (HP HTTP) has a bug in its validation system that allows an anonymous user to upload trusted certificates.

tags | advisory, web
SHA-256 | abd992377e84fc44d38444954b8896715b7619fe2c505a46a3639e73084980f2
awservices.sxw.pdf
Posted Mar 16, 2004
Authored by Dave Aitel | Site immunitysec.com

Immunity Security Advisory - Remotely exploitable stack overflows exist in Computer Associates Unicenter TNG Utilities awservices.exe. Successful exploitation elevates an attacker to SYSTEM privileges. All known versions of Unicenter TNG 2.4 are affected.

tags | advisory, overflow
SHA-256 | 1625a608ed26cffca06238ca193f1bde9f9b610f98606c2b6088043899bef4c8
mdaemon-exploit.c
Posted Mar 16, 2004
Authored by Angelo Rosiello, rosiello | Site rosiello.org

Remote exploit for MDaemon Mail Server versions 6.52 to 6.85 that makes use of a buffer overflow in its raw message handler. This exploit has only been tested on Windows XP Home and Pro Edition (Dutch) SP1.

tags | exploit, remote, overflow
systems | windows
SHA-256 | f2ad6f0382c6310f3658254e54ad15974683f2ce8e29ff239c7888bb1e7b02fd
lsof_4.71.tar.gz
Posted Mar 15, 2004
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It is useful for pinpointing which process is using each network socket. FAQ available here.

Changes: Supports reporting of TCP flags, socket options, and states. Adds support for OS X 10.3.2, improved POSIX support, added compatability with newer OS's, and fixed some bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | c23ef6493b89ac1e98a180640c4541f79189ca5c60c354f9a7c0ce4584e1b47a
phpBB206a.txt
Posted Mar 15, 2004
Authored by Pokleyzz | Site scan-associates.net

phpBB versions 2.0.6 and below suffer from a SQL injection vulnerability in the search.php file. Workaround included.

tags | advisory, php, sql injection
SHA-256 | 44c9e7e77f8b0035b663e5007df768b98d174db76143681916d252a11e5bef0a
YaBBXSS.txt
Posted Mar 15, 2004
Authored by Cheng Peng Su

YaBB 1 Gold and YaBB SE 1.5.1 Final are both susceptible cross site scripting attacks.

tags | exploit, xss
SHA-256 | a7f9088dbb62d0ccaacc4cb36fbe64c2510ec07a174ee7239c8ac9e9139f9d0a
opera723.txt
Posted Mar 15, 2004
Authored by d3thstar | Site rootthief.com

Opera version 7.23 on Linux and Windows is susceptible to a denial of service attack.

tags | exploit, denial of service
systems | linux, windows
SHA-256 | f1b8be232303b141d1bda5a5d7fdd2031d5d44123151705e76ac664178c83549
phpBBXSS206d.txt
Posted Mar 15, 2004
Authored by James Bercegay | Site gulftech.org

phpBB versions 2.0.6d and below suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 0f69c90c7244bc04e1403480f08e24c47a0ed84ae9e2d13eb580f312f385f800
netmrg-0.14.tar.gz
Posted Mar 13, 2004
Authored by Brady Alleman, Douglas E. Warner | Site netmrg.net

NetMRG is a database-driven network monitoring and graphing tool for use on Linux systems. It offers an intuitive web-based configuration, customized monitoring capabilities for unusual situations, a fast multi-threaded polling application, and brilliant graphs rendered by RRDTOOL.

tags | web
systems | linux
SHA-256 | fdba0efe571d4bba7106954850a6c8ea4b787974a0ee66719ecf49f3937d9073
hydra-3.1.tar.gz
Posted Mar 13, 2004
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Various bug fixes and feature enhancements.
tags | web, cracker, imap
systems | cisco
SHA-256 | 913be04024b19d6c629e70b277350275d61d85481ff36af6ec37cf13454a998b
Page 5 of 8
Back34567Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close