exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2004-07-08 to 2004-07-09

Posted Jul 8, 2004
Site lists.shorewall.net

A vulnerability exists in the way that Shorewall handles temporary files and directories. The vulnerability can allow a non-root user to cause arbitrary files on the system to be overwritten.

tags | advisory, arbitrary, root
SHA-256 | 6bbcf5bce92926266ba6aa58e3adb70e229a5eb9bfe6b537a38b1e8a69b62d57
iDEFENSE Security Advisory 2004-07-08.t
Posted Jul 8, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 07.08.04: SSLtelnet contains a format string vulnerability that could allow remote code execution. The problem specifically exists within telnetd.c, on line 530 where an argument deficient call is made to syslog().

tags | advisory, remote, code execution
advisories | CVE-2004-0640
SHA-256 | 4e543388d663cd33875f49d23593b699a5be1be2e1f2f992845ce28c404f7be4
Mozilla Security Advisory 2004-07-07
Posted Jul 8, 2004
Authored by Dan Veditz, Mozilla Foundation | Site mozilla.org

Mozilla Security Advisory - Windows versions of Mozilla products pass URIs using the shell: scheme to the OS for handling. The effects depend on the version of windows, but on Windows XP it is possible to launch executables in known locations or the default handlers for file extensions. It could be possible to combine this effect with a known buffer overrun in one of these programs to create a remote execution exploit, although at this time we have confirmed only denial-of-service type attacks. Versions affected: Mozilla (Suite), Mozilla Firefox, Mozilla Thunderbird.

tags | advisory, remote, overflow, shell
systems | windows
SHA-256 | 57a70625f36b6696077650b535747f47f76c4268befe5b019d687be4e6f7857d
Posted Jul 8, 2004
Authored by James C. Slora Jr.

Outlook 2000 and 2003 allow execution of remote web pages specified within the data property of OBJECT tags when there is no closing /OBJECT tag, while forwarding an HTML email message using Word 2000 or 2003 as the email editor. This behavior happens regardless of Security Zone settings.

tags | advisory, remote, web
SHA-256 | 77a5bf7ed41d1d5076c78d070bbafd955f62a940782384b651ebf42c89e813da
Nmap Scanning Utility 3.55
Posted Jul 8, 2004
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.

Changes: Added MAC address printing, more fingerprints, various other features, and bug fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | 1b75a20d79feeee28b5d39c239eb30468b742b7ddd073470e90cf0f92e2593da
Posted Jul 8, 2004
Authored by DG | Site geschke-online.de

FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.

Changes: Feature enhancements and bug fixes.
tags | tool, sniffer
SHA-256 | 84b189826dc1420aa93d5606a2abac3ef90da339f45f43d57b91514047c8d749
Posted Jul 8, 2004
Authored by bambam

A .diff file, applied to the MySQL 5.0.0-alpha source distribution will allow building a MySQL client that can be used to connect to a remote MySQL server with no password.

tags | exploit, remote
SHA-256 | 576c8349f99ca721889a85397e1a11e6091d306a88102e339b9bede903f555e3
Posted Jul 8, 2004
Authored by Laurent Constantin | Site laurentconstantin.com

Netwox is a utility that can be thought of as a one stop shop network toolbox. It includes a graphical front-end called Netwag. This kit comes with 150 tools that can be used to perform a multitude of tasks that are very useful to any administrator. It supports various protocols (DNS, FTP, HTTP, NNTP, SMTP, SNMP) and performs low level functions like sniffing, spoofing traffic, and playing client/server roles. Both Windows and Unix versions are included.

Changes: Feature enhancements and bug fixes.
tags | tool, web, spoof, protocol
systems | windows, unix
SHA-256 | 240958dc64c5ec558968cd9f12dabc9019c76506dbbae1c6fb366f02872ab4ff
Page 1 of 1

File Archive:

September 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    2 Files
  • 2
    Sep 2nd
    21 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    17 Files
  • 5
    Sep 5th
    34 Files
  • 6
    Sep 6th
    29 Files
  • 7
    Sep 7th
    11 Files
  • 8
    Sep 8th
    25 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    26 Files
  • 12
    Sep 12th
    23 Files
  • 13
    Sep 13th
    17 Files
  • 14
    Sep 14th
    22 Files
  • 15
    Sep 15th
    16 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    19 Files
  • 19
    Sep 19th
    60 Files
  • 20
    Sep 20th
    23 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    8 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By