exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 228 RSS Feed

Files Date: 2004-11-01 to 2004-11-30

dmsPOP3.txt
Posted Nov 20, 2004
Authored by Reed Arvin

A buffer overflow exists in DMS POP3 Server for Windows 2000/XP 1.5.3 build 37 and prior versions. Demonstration exploit included.

tags | exploit, overflow
systems | windows
SHA-256 | 1b44dbca0b215e58195b7ccab58ff39ef302fbcfb6e5a9242f59b5d2f444e7c9
appservVulns.txt
Posted Nov 20, 2004
Authored by Saudi Linux

AppServ versions 2.5.x and below use a blank root password allowing for compromise.

tags | advisory, root
SHA-256 | bcef00af38b54207c93431630430ac96eb1b1336f0fb89132738ac874a8f83ff
758884.txt
Posted Nov 20, 2004

Unofficial addition to the NISCC DNS vulnerability advisory giving an additional list of vulnerable implementations.

tags | advisory
SHA-256 | 9d1582d18317951d040e27cb9e70fc96fb6dc9de1d083244f6f511ef364afe1e
FreeBSD Security Advisory 2004.16
Posted Nov 20, 2004
Authored by The FreeBSD Project, Colin Percival | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:16.fetch - The fetch utility suffers from an integer overflow condition in the processing of HTTP headers that can result in a buffer overflow.

tags | advisory, web, overflow
systems | freebsd
SHA-256 | 6a018e23dd8de8d84de9f7d1f8a504a855c7a82a0f3059e216c48ef84a19658a
mp-invision.txt
Posted Nov 20, 2004
Site maxpatrol.com

An input validation vulnerability in Invision Power Board version 2.x allows a remote user the ability to conduct SQL injection attack.

tags | exploit, remote, sql injection
SHA-256 | eb51a14581063ecdb55762f96413e0fed28ee78821e319e6748be503de8978cd
phpbbcashmod.txt
Posted Nov 20, 2004
Authored by Jerome Athias

Vulnerabilities that allow an attacker to inject malicious PHP code exist in the phpBB2 forum using the Cash_Mod module.

tags | advisory, php, vulnerability
SHA-256 | 624d762e4f5dae8b18a82ee5892ea42e4e0889fbe304466a9772639cf8109294
bofra_overview.txt
Posted Nov 20, 2004
Authored by Bryan Burns

Brief analysis of the Bofra, aka MyDoom.AG/AH, worm that was first discovered circulating in the wild November 8th.

tags | paper, worm, virus
SHA-256 | c523a041b3bc82189566ff9554e40f8715e7d4a5d1e9058a5fbee8335170bea2
Gentoo Linux Security Advisory 200411-26
Posted Nov 20, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-26 - Improper file ownership allows user-owned files to be run with root privileges by init scripts. These vulnerabilities exist within GIMPS, SETI@home, and ChessBrain.

tags | advisory, root, vulnerability
systems | linux, gentoo
SHA-256 | 0da976e17df1840210df7a15cd86d9adac4c3b8ba12f57922846856c843ac5b5
advRX181104.txt
Posted Nov 20, 2004
Authored by Psirac

Cscope 15.5 and possibly earlier versions may suffer from a race condition that allows for local compromise. Proof of concept exploits included.

tags | exploit, local, proof of concept
SHA-256 | 7ae2b4d33100aae1c181383bb5e6a8fb9fb26048a4552dd090b6f87f7443ab82
142004.txt
Posted Nov 20, 2004
Authored by Stefan Esser | Site security.e-matters.de

During an audit of the smb filesystem implementation within Linux several vulnerabilities were discovered ranging from out of bounds read accesses to kernel level buffer overflows. The 2.4 series up to 2.4.27 is affected and the 2.6 series up to 2.6.9 is affected.

tags | advisory, overflow, kernel, vulnerability
systems | linux
advisories | CVE-2004-0883, CVE-2004-0949
SHA-256 | b7b977ebbeedcfaf0b2c7258fb9da5b47131762e6dff111d09944b9387963f4d
clickandbuild.txt
Posted Nov 20, 2004
Authored by Andrew Smith

The Click and Build online eCommerce platform suffers from cross site scripting flaws.

tags | advisory, xss
SHA-256 | 6c6ea864e68c41963fd5902ca74a270ebcd833579e2044b24db470808208e7cc
Secunia Security Advisory 13203
Posted Nov 20, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - cyber flash has discovered two vulnerabilities in Internet Explorer, which can be exploited by malicious people to bypass a security feature in Microsoft Windows XP SP2 and trick users into downloading malicious files.

tags | advisory, vulnerability
systems | windows
SHA-256 | e5045e765f5620e40be7400c96987a38ac99f4efa59cbb8f0b8fbaee14baf687
msboftools.txt
Posted Nov 20, 2004
Authored by Martin Eiszner

Microsoft tools ipconfig.exe, forcedos.exe, and mrinfo.exe suffer from buffer overflow and format string vulnerabilities.

tags | advisory, overflow, vulnerability
SHA-256 | 4519930c5ff226431824ee642aab5cd3cd1f1dd4ceea32e9e703aaa8dc9d9c45
waraxe-2004-SA038.txt
Posted Nov 20, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

The Event Calendar module for PHP-Nuke suffers from cross site scripting, path disclosure, SQL injection, and script insertion attacks.

tags | exploit, php, xss, sql injection
SHA-256 | a36efcbb8d52ca32bb59f65773b5a67d142f0908a7cc7268b38847facdb0b68d
artikel53297.txt
Posted Nov 20, 2004
Authored by Juergen Schmidt | Site heise.de

Flaws in SP2 security features, part II - With Service Pack 2, Microsoft introduced a couple of new security features. However, some of them suffer from implementation flaws.

tags | advisory
SHA-256 | 28a5ff6c2253f4f3033f8366da87986794ec4f93e78315699a8e20aa3c132977
Secunia Security Advisory 13206
Posted Nov 20, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in phpScheduleIt, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | 6463cab561ef7043ed89be1ff8a4fd0b0c1b984b2901d75032c1886e60db4bf2
Trustix Secure Linux Security Advisory 2004.58
Posted Nov 20, 2004
Site trustix.org

Trustix Secure Linux Security Advisory #2004-0058 - Various security fixes have been released for gd, samba, sqlgrey, and sudo.

tags | advisory
systems | linux
advisories | CVE-2004-0941, CVE-2004-0990, CVE-2004-0882, CVE-2004-0930
SHA-256 | af1941d44b2d625d6d648c069094f5e516373122e419fdc1bc2f119121a1cbe4
whitepaper_shellcode.html
Posted Nov 20, 2004
Authored by SkyLined | Site edup.tudelft.nl

Writing IA32 Restricted Instruction Set Shellcode Decoder Loops - This article addresses the requirements for writing a shellcode decoder loop using a limited number of characters that limits the instruction set. Most of it is based on the author's experience with alphanumeric decoders but the principles apply to any piece of code that is written to work with a limited instruction set.

tags | paper, shellcode
SHA-256 | 2aea2ebf088e500f6e82bebaad1ecbf8639a257cb6f76e1538ffef1687c2a19a
dsa-593.txt
Posted Nov 20, 2004
Site debian.org

Debian Security Advisory 593-1 - A vulnerability has been reported for ImageMagick, a commonly used image manipulation library. Due to a boundary error within the EXIF parsing routine, a specially crafted graphic images could lead to the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2004-0981
SHA-256 | 7c45a6e3ec9a467c69c8afd772906d6b506f4cf8f42fee772a85fdca2c32c2d9
SNS Advisory 79
Posted Nov 20, 2004
Authored by Keigo Yamazaki, Little eArth Corporation | Site lac.co.jp

SNS Advisory 79 - Microsoft Internet Explorer contains a vulnerability that could cause a Cookie to be overwritten under certain conditions. Tested against Microsoft Internet Explorer 6.0 Service Pack 1.

tags | advisory
SHA-256 | f8e8e031b29edfbd8f4c1c957c970be213c8034091cdd7faf4b2a53d38a67228
iDEFENSE Security Advisory 2004-11-15.t
Posted Nov 20, 2004
Authored by Karol Wiesek, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 11.15.04 - Multiple vulnerabilities have been found in Fcron 2.0.1 and 2.9.4. Local exploitation of vulnerabilities in the fcronsighup component of Fcron may allow users to view the contents of root owned files, bypass access restrictions, and remove arbitrary files or create arbitrary empty files.

tags | advisory, arbitrary, local, root, vulnerability
advisories | CVE-2004-1030, CVE-2004-1031, CVE-2004-1032, CVE-2004-1033
SHA-256 | 1e3a7a297e5c9cf6eef481188a172658e3a5fce82dfb0d82a7bcfd0ddfb53772
hiredteam.txt
Posted Nov 20, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Hired Team: Trial versions 2.0/2.200 and below suffer from format string, malformed packet, and status/kick remote vulnerability flaws.

tags | advisory, remote
SHA-256 | 48d0de0d8b027316b2b64bb516c71819b83ddb7fbf4b158332b44601757163cf
Secunia Security Advisory 13202
Posted Nov 20, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - benji lemien has reported two vulnerabilities in Aztek Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 2c94a8e0a416b43021010d5676ed7d0d5c0c48429bdf844cb73ae325802749d5
Secunia Security Advisory 13201
Posted Nov 20, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Digital-X has reported two vulnerabilities in Private Message System module for PunBB, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.

tags | advisory, vulnerability, xss
SHA-256 | 3a3920afb7b9e888dac9dc382ade8c9cbdfc15f96638b6a65a7e03a3c6e1f0a3
nsg-advisory-08.txt
Posted Nov 20, 2004
Authored by CoKi | Site nosystem.com.ar

TipxD versions 1.1.1 and below suffer from a local format string vulnerability. Proof of concept local exploit included.

tags | exploit, local, proof of concept
SHA-256 | bd7c3d962bfd392f9d0af4f86b1f47acbfce58b9232069d15848c54ccdb24870
Page 2 of 10
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close