exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 77 RSS Feed

Files Date: 2004-12-12 to 2004-12-13

wget18x.txt
Posted Dec 12, 2004
Authored by Jan Minar

wget versions 1.8 and below allow for arbitrary overwriting, creating, and appending to files on the underlying system with the permissions of the user executing the binary. The files to be written to can be anywhere regardless of what the end user has requested. The primary flaw is a failure to sanitize redirection data.

tags | exploit, arbitrary
SHA-256 | 1be8cddd71aff948bf1e3a1902aa0ce2fa4a77c5d800966d1b956c4a162900a8
Secunia Security Advisory 13402
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Netscape, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.

tags | advisory, spoof
SHA-256 | 427e373adbd85dfa1d0b69050e0e10be3aea10a18b8d14f15fb63e338554c59b
Secunia Security Advisory 13393
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Codestriker, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | 2a4ae324585573e97d5ea7329dca965e578becc6da28c396b295e421788feac8
57659.html
Posted Dec 12, 2004
Site sunsolve.sun.com

Sun Security Advisory - A security vulnerability in the in.rwhod daemon may allow a remote privileged user to execute arbitrary code with root privileges when the in.rwhod daemon is enabled on the system.

tags | advisory, remote, arbitrary, root
SHA-256 | bc43fac1472b7b58b6e7d46b7c1cc7ccb2d871ebf725027324c89d9d1ebad9f0
Secunia Security Advisory 13252
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has reported a vulnerability in Safari, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.

tags | advisory, spoof
SHA-256 | bf4d29206a94b7cfe8ded32b34e99bebbca2bb6471fa8d49aa683f6ca7dd3232
Secunia Security Advisory 13129
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has reported a vulnerability in Mozilla / Mozilla Firefox, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.

tags | advisory, spoof
SHA-256 | e09fcdf5a8e7130b29fe0ecbb7e985984f11b56c179f4d677c79b3a24855e84c
Secunia Security Advisory 13251
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has reported a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.

tags | advisory, spoof
SHA-256 | 6d8308c518733c7776cb510cc0ea5d6ef37999dffc64664778046c4697324cea
Secunia Security Advisory 13253
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has reported a vulnerability in Opera, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.

tags | advisory, spoof
SHA-256 | b40166db4b8355c80cba9f21b479952933e2b36b6d081067806ffa384e0225b0
WebLibs10.txt
Posted Dec 12, 2004
Authored by John Bissell

WebLibs 1.0 is susceptible to arbitrary file access due to a lack of input validation for a hidden variable. Exploitation details included.

tags | exploit, arbitrary
SHA-256 | ee5d12510eaa234114305cd2d559efb5ef1c345f0631a684bbb76be21dcfe7dd
maxDBoverflow.txt
Posted Dec 12, 2004
Authored by Evgeny Demidov

MaxDB WebTools versions 7.5.00.18 and below suffer from a denial of service flaw and a WebDav stack overflow.

tags | advisory, denial of service, overflow
SHA-256 | c20f2fce6b880245de398b94db42eb5c621021013f6b5edf715a90dea9a81f62
bfcboom.zip
Posted Dec 12, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Denial of service exploit for Battlefield 1942 versions 1.6.19 and below and Battlefield Vietnam versions 1.2 and below.

tags | exploit, denial of service
SHA-256 | 0b896592570cc8b630a314aa69d661629c0c403170b2bc8075e88a3b258450d9
bfcboom.txt
Posted Dec 12, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Battlefield 1942 versions 1.6.19 and below and Battlefield Vietnam versions 1.2 and below suffer from a client side denial of service flaw.

tags | advisory, denial of service
SHA-256 | 7c1ccfd9631dc341f6c7024b49fbac8a74263c1fd741fa3ba79e08c8ad539969
Gentoo Linux Security Advisory 200412-5
Posted Dec 12, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200412-05 - mirrorselect is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

tags | advisory, arbitrary, local
systems | linux, gentoo
SHA-256 | d529ce009cef0f8a909805b51d672ec8f6d56209c11b2ba7b174b7885a6db86b
ieDetect.txt
Posted Dec 12, 2004
Authored by Gregory R. Panakkal

A security vulnerability in Internet Explorer allows remote attackers to discover what software is installed on the remote computer by testing for the existence of certain files.

tags | advisory, remote
SHA-256 | a81b0921a0baf46ab59d80d080a461e860a06714e7836a306ff2fec429cc6662
msnXSS.txt
Posted Dec 12, 2004
Authored by Jamie Fisher

A whole slew of cross site scripting flaws have been discovered and are listed here.

tags | exploit, xss
SHA-256 | 4bb02301bf39b0ef15290570e5a3d6eac0d983938e975028ff517cb527404030
Secunia Security Advisory 13311
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Unicenter Remote Control (URC), which can be exploited by malicious users to access arbitrary URC Management Servers.

tags | advisory, remote, arbitrary
SHA-256 | 25e65ba2e5e8c8f69656546d99af6002b6b7e89f906495b9a6709c15174ec833
Echo Security Advisory 2004.9
Posted Dec 12, 2004
Authored by y3dips, Echo Security | Site y3dips.echo.or.id

paFileDB 3.1 has a couple vulnerabilities that allow for admin password hash retrieval and full path disclosure.

tags | exploit, vulnerability
SHA-256 | 7941c69e2c5585e3dd631051168d891a80082570eee9864842499d58fad048a2
Gentoo Linux Security Advisory 200412-4
Posted Dec 12, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200412-04 - Some Perl modules create temporary files in world-writable directories with predictable names. A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere on the filesystem. When a Perl script is executed, this would result in the file being overwritten with the rights of the user running the utility, which could be the root user.

tags | advisory, local, root, perl
systems | linux, gentoo
SHA-256 | 58dc346cebba1a2a78b4111b013564b50ef1c6b714365306ca04861eebb37fe4
7a69ezine Advisory 15
Posted Dec 12, 2004
Authored by 7a69ezine | Site 7a69ezine.org

The Internet Explorer web browser fails to properly filter FTP requests to disallow for local command execution. Versions 6.0.2800.1106 and newer are affected.

tags | advisory, web, local
SHA-256 | 4204b344fb38bcaef3992deef8a2e2dfdde1c0bcea3959ff10fdd4b8ef94226b
Mandriva Linux Security Advisory 2004.146
Posted Dec 12, 2004
Authored by Mandriva | Site mandrakesoft.com

Mandrake Linux Security Update Advisory - SGI developers discovered a remote DoS (Denial of Service) condition in the NFS statd server. rpc.statd did not ignore the SIGPIPE signal which would cause it to shutdown if a misconfigured or malicious peer terminated the TCP connection prematurely.

tags | advisory, remote, denial of service, tcp
systems | linux, mandrake
SHA-256 | d6ee8ca8fd5762c70e690ea33f4421867002ac1714835bcf445645c863e83597
AdobeMac.txt
Posted Dec 12, 2004
Authored by Jonathan Bringhurst

Adobe Version Cue, which is setuid root on Mac OS X, allows for local compromise due to using an insecure PATH. Exploitation included.

tags | exploit, local, root
systems | apple, osx
SHA-256 | 3cb6be383e69be45d1602b5139833f64a9bcd6c1d8c6d04d8f4ad443c2c3663f
Absinthe-1.1.tar.gz
Posted Dec 12, 2004
Authored by nummish | Site 0x90.org

Absinthe is a gui-based tool that automates the process of downloading the schema and contents of a database that is vulnerable to Blind SQL Injection. This is the same tool that was released as SQueaL at Defcon 12 and Blackhat USA 2004.

Changes: Now supports Oracle and Postgres as well as MS SQL Server. Multiple proxy support. Fixed the CRLF bug by allowing user defined delimiters.
tags | sql injection
systems | unix
SHA-256 | 8f146cfecd14c0ce57b34a33e8ce1df5d91feebb3e8bd19a345e66b239bc9df6
Gentoo Linux Security Advisory 200412-3
Posted Dec 12, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200412-03 - Multiple overflows have been found in the imlib library image decoding routines, potentially allowing execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
SHA-256 | cf7dd292c03cbd4694963feaa806c0bbd50164f52c1459c5700ea6afb538843b
Secunia Security Advisory 13377
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in NetMail, which can be exploited by malicious people to access the mail store.

tags | advisory
SHA-256 | 74cc1789e97e49ec400f70acdf3bb5d142701d99cf2c5d06cdcaded4ee4f3933
Secunia Security Advisory 12856
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Ansel, which can be exploited by malicious people to conduct SQL injection and script insertion attacks. The vulnerabilities have been confirmed on version 2.1. Prior versions may also be affected.

tags | advisory, vulnerability, sql injection
SHA-256 | cf385a230867243ab9d0cc926c40bc54c67b91a352c21e0fc5e9c06f6860d4f0
Page 2 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close