what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 227 RSS Feed

Files Date: 2004-06-01 to 2004-06-30

linux.SbusPROM.txt
Posted Jun 29, 2004
Authored by infamous41md

There exists multiple integer overflows in routines that handle copying in user supplied data for the Linux Sbus PROM driver. They allow for a local denial of service attack and possible code execution.

tags | advisory, denial of service, overflow, local, code execution
systems | linux
SHA-256 | d82e6c596490895e4fdf7268fb5bd8cee56764769900a142ebd3a32e518925b8
SSRT3552.txt
Posted Jun 29, 2004
Site hp.com

A potential vulnerability has been identified in the HP-UX ARPA Transport which could be exploited by a local user to create a Denial of Service. Impacted versions: HP-UX B.11.00, B.11.04, B.11.11.

tags | advisory, denial of service, local
systems | hpux
SHA-256 | 17f663c163cc0a1b3955e0baaedcee9ff9074517b9c67194e9c1726046d3f4cb
SSRT4758.txt
Posted Jun 29, 2004
Site hp.com

A potential vulnerability has been identified with HP-UX running ObAM 5.0 with the WebAdmin capability enabled. This vulnerability could be exploited remotely to allow unauthorized access. Impacted version: HP-UX B.11.11 running ObAM 5.0.

tags | advisory
systems | hpux
SHA-256 | a5d595e7e8db5feb1e24a0320f356a22d80058000f4edf28636fd3d517698024
Secunia Security Advisory 11950
Posted Jun 29, 2004
Authored by Secunia | Site secunia.com

A vulnerability in JUNOS can be exploited by transmitting specially-crafted IPv6 packets.

tags | advisory
advisories | CVE-2004-0468
SHA-256 | 12ff91720d4131c0c520633c03bd6f056ede06b3fb7f9246677476486695d7b3
Clam AntiVirus Toolkit 0.74
Posted Jun 29, 2004
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Various fixes.
tags | virus
systems | unix
SHA-256 | d227ab776db6a98ba8fc6fe490d06e340aebe7f5636fc14af294ec5091ee14f4
p_atari800.c
Posted Jun 29, 2004
Site pi3.int.pl

Exploit for the atari800 atari emulator. This exploit is local, and may in some circumstances give local root.

tags | exploit, local, root
advisories | CVE-2003-0630
SHA-256 | 726481df498f83c26393c601faeb59541a54dda4fc18be0dda8d134d643a2ff3
BEA Systems Security Advisory 04-64.00
Posted Jun 29, 2004
Authored by Oracle | Site dev2dev.bea.com

A security issue has been discovered in BEA WebLogic, potentially allowing unauthorised users to access affected web applications. Due to improper filtering of data, an asterisk may be used in a spot to allow for a random user to get loaded into a role. The issue affects WebLogic Server and WebLogic Express version 8.1 and 7.0.

tags | advisory, web
SHA-256 | 7dbb3e1ef8269fddff36b4231c3c003fb8a07bf8f1ece8e1cfcd8c3cb95191b5
httpd1.html
Posted Jun 29, 2004
Authored by Georgi Guninski | Site guninski.com

There is denial of service in Apache httpd 2.0.49. It is possible to consume arbitrary amount of memory. On 64 bit systems with more than 4GB virtual memory this may lead to heap based buffer overflow whose exploitation is unclear at the moment.

tags | advisory, denial of service, overflow, arbitrary
SHA-256 | a8cc5f8ac30aaea07627d9adc2917e311c049a9732c8e5df1d08b9e3855672e0
confixx.txt
Posted Jun 29, 2004
Authored by Dirk Pirschel

Confixx Pro 2 and 3 are susceptible to an attack where files in /root can be accessed due to an error in the backup script.

tags | advisory, root
SHA-256 | e3a9ee63cd35f3378997d12f529189f75d0e6e0f0b1e74d1c4cc326272ac4347
Openswan.txt
Posted Jun 29, 2004
Site openswan.org

Two authentication errors within a verify_x509cert() function allows for malicious people to bypass security restrictions. Affected products include: superfreeswan 1.x, openswan 1.x to 2.x, strongSwan below 2.1.3, and any version of FreeS/WAN 1.x or 2.x with the X.509 patch.

tags | advisory
advisories | CVE-2004-0590
SHA-256 | 253023ac78a99200fa4a578eb2c552042b67862d2e97d6c8f5ec337c052c25e6
Secunia Security Advisory 11944
Posted Jun 29, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Valerie Holfield has discovered a vulnerability in phpmyfamily, which can be exploited by malicious people to gain edit privileges. It is possible to be automatically logged in as user nobody when clicking to download a document and then leaving the page. This grants the person ability to add people, change information, upload and delete documents and images.

tags | advisory
SHA-256 | ef0bd9a2a68bcae1d6b1b92976dc9b320fce5d68f1024b28d5795349f5c19787
popclient30b6.txt
Posted Jun 29, 2004
Authored by Dean White, John Cartwright

An off-by-one condition exists in the POP3 handler code present in popclient 3.0b6. By crafting a malicious email a remote attacker may cause a denial of service against users of this software.

tags | advisory, remote, denial of service
SHA-256 | 37477ee91fb39858381402adf7f0db7f0667492f2d0b8d2109a09061ffc25866
TSSA-2004-012.txt
Posted Jun 29, 2004
Site http.tinysofa.org

A remote exploit has been discovered in the Apache 2.0.49 HTTP server which allows an attacker to cause the server to allocate increasing amounts of memory until system memory is exhausted or until process limits are reached.

tags | advisory, remote, web
SHA-256 | d52c9414d2197f648b3d31a6f01f66b36cd2811cf96502d02d2519eb5d7614b1
scob.trojan.zip
Posted Jun 28, 2004
Site k-otik.com

Full source code of the Scob trojan downloader. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
SHA-256 | 9d3ea6980c1a089c7b195db591439b0e1223ce24749786e85d7765405443f7a2
dhcpdDOS.txt
Posted Jun 28, 2004
Authored by Gregory Duchemin

Original research data regarding ISC DHCPD 3.0.1 rc12 and rc13 denial of service attacks.

tags | advisory, denial of service
SHA-256 | af7361e4caaf6e24854e73423f133ae3002cdac83b977215361840b8ae51b713
advisory-08.txt
Posted Jun 28, 2004
Authored by DarkBicho | Site darkbicho.tk

csFAQ is susceptible to a path disclosure vulnerability.

tags | advisory
SHA-256 | e82731bb7aafdfb21d28fa46bad6977a00deffb2a4e5fb1caabc0fdedba9efaa
advisory-07.txt
Posted Jun 28, 2004
Authored by DarkBicho | Site darkbicho.tk

PowerPortal version 1.x suffers from full path disclosure, cross site scripting, and arbitrary directory browsing flaws.

tags | advisory, arbitrary, xss
SHA-256 | c2ead58aa5b18cef122380780b1677c7bfd50ea35b5f30c403f12cce123047e2
advisory-06.txt
Posted Jun 28, 2004
Authored by DarkBicho | Site darkbicho.tk

CuteNews version 1.3.1 is susceptible to a cross site scripting flaw.

tags | advisory, xss
SHA-256 | 7ed2bbb81e542045e1ee215883d3871bb25403d00ee7161199bfb071268e10bd
lotus.inject.txt
Posted Jun 27, 2004
Authored by Jouko Pynnonen | Site klikki.fi

During the client-side Windows installation of Lotus Notes, a notes: URL handler is registered in the registry. An argument injection attack allows an intruder to pass command line arguments to notes.exe, which can lead to execution of arbitrary code.

tags | advisory, arbitrary, registry
systems | windows
SHA-256 | 7f1d5d7fa6e4854573d335dc29ba01617e06478c0fbeabab00dc2a8338959037
ZH2004-14SA.txt
Posted Jun 27, 2004
Authored by D'Amato Luigi | Site zone-h.org

The Zone-H Security Team has discovered a SQL injection flaw in Infinity WEB that allows malicious attackers to bypass the authentication mechanism without having an account.

tags | advisory, web, sql injection
SHA-256 | 38f4ddea3d5eb05ff4217cd5f69e210542b334b36ba152257c34449d81ff759e
memplayer.c
Posted Jun 27, 2004
Authored by c0ntex

All versions of MPlayer, the movie player for Linux, are vulnerable to a buffer overflow attack that allows for privilege escalation. Local exploit included. Tested against Redhat Linux with Gnome, FreeBSD and latest cvsup plus ports with Gnome.

tags | exploit, overflow, local
systems | linux, redhat, freebsd
SHA-256 | 6850af71802ee705a1be21d2e279558327d7f8c14f4363ad429d736e33bfa329
artmedic.txt
Posted Jun 25, 2004
Authored by Adam Simuntis aka n30n

artmedic_links 5, the PHP script, is susceptible to a file and URL inclusion vulnerability.

tags | advisory, php
SHA-256 | fcb5bd9d71d92305c88ad7546002bb9461b97c61d6b4476192e7c92d834817af
DumpSIS-0.81.zip
Posted Jun 25, 2004
Authored by Jimmy Shah

Symbian SIS file dumping utility that allows for analysis of potential malware without actual installation of files. It provides information on file headers (UIDs, Version, Number of Languages, Number of files), file list (Destination name by default, Source filename and file type).

Changes: Minor fix for decoding If/Else If statements in SIS files.
systems | unix
SHA-256 | d0b5a4ac2ae9c2a7e25d96eb3a066b7934371142f4f87debfe9c326b0ca0ab29
Secunia Security Advisory 11941
Posted Jun 25, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Alan Fitton has discovered a vulnerability in giFT-FastTrack, allowing malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error, which can be exploited to crash the giFT daemon via a specially crafted signal. Version 0.8.6 and prior are reportedly affected.

tags | advisory, denial of service
SHA-256 | 952b88a417674f0acb22f4a6dfd67756190439d585dfd1efab3bb1623259e089
57587.html
Posted Jun 25, 2004
Site sunsolve.sun.com

A flaw in Kerberos password handling under Sun Solaris 9 allows for passwords to be logged in clear text on clients with services using pam_krb5 as an auth module.

tags | advisory
systems | solaris
SHA-256 | 3e8f112307c599098b445c863693bd8fada2f48c9458a8350f1589bcb01e67a7
Page 1 of 10
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close