exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 77 RSS Feed

Files Date: 2004-12-12 to 2004-12-13

browserFind.txt
Posted Dec 12, 2004
Authored by Giovanni Delvecchio

Mozilla, Firefox, and Opera appear to allow access to the content from one frame from another, allowing for disclosure of the local directory structure. Tested versions include Firefox 1.0, Mozilla 1.7, and Opera 7.51 through 7.54.

tags | advisory, local
SHA-256 | 0a0393dbbab84fc2cd6e30254f4fb3548969fc925b9176a7777b5533c92e4d2a
Exaprobe Security Advisory 2004-12-06
Posted Dec 12, 2004
Authored by Nicolas Gregoire, Exaprobe | Site exaprobe.com

Exaprobe Security Advisory - The w3who.dll in Windows 2000 is susceptible to multiple cross site scripting attacks and a buffer overflow.

tags | advisory, overflow, xss
systems | windows
advisories | CVE-2004-1133, CVE-2004-1134
SHA-256 | 8ece849689003d2f57457e84d45b0e4e644b9bb92da86652b968cbe2ed278a03
dsa-605.txt
Posted Dec 12, 2004
Site debian.org

Debian Security Advisory 605-1 - Hajvan Sehic discovered several vulnerabilities in viewcvs, a utility for viewing CVS and Subversion repositories via HTTP. When exporting a repository as a tar archive the hide_cvsroot and forbidden settings were not honored enough.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2004-0915
SHA-256 | e1113dfaa9f8a3711d839647dfc8dce5504937d8589a4e299b1a42b85d251260
pimpremote.txt
Posted Dec 12, 2004
Authored by Paul Craig

Remote Execute version 2.30 is susceptible to denial of service after receiving seven connections.

tags | advisory, remote, denial of service
SHA-256 | 49ee6e5ceb0bc99d32ba6587548c39a6ffe58de8d31d3b37d1503dc17b3dea83
hostingControl.txt
Posted Dec 12, 2004
Authored by Mouse, s7az2mm, bl2k | Site Shabgard.org

Hosting Controller web automation tools suffer from a lack of input validation, allowing any remote attacker the ability to browse the hard drive. Versions 6.1 and below are susceptible.

tags | exploit, remote, web
SHA-256 | c0d107347bcf5ec5394845d3530fb7786cbe47b5f0829639f87d951f3a4d4d14
7a69ezine Advisory 16
Posted Dec 12, 2004
Authored by 7a69ezine | Site 7a69ezine.org

The Konqueror web browser fails to properly filter FTP requests to disallow for local command execution. Versions 3.3.1 and newer are affected.

tags | advisory, web, local
SHA-256 | 7f77bd00ca2b228448b93ab3f8771df0a2ca1907aa31108cc3cb5080cd5e42e7
Gentoo Linux Security Advisory 200412-2
Posted Dec 12, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200412-02 - PDFlib is vulnerable to multiple overflows, which can potentially lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
SHA-256 | ce5aba7a88d95b1ba5547120cd22dd568152353632e25d5f814c5825d326bb38
12.03.2004.txt
Posted Dec 12, 2004
Site idefense.com

iDEFENSE Security Advisory 12.03.2004 - Remote exploitation of an input validation vulnerability in Apple Computer Inc.'s Darwin Streaming Server allows attackers to cause a denial of service condition. The vulnerability specifically occurs due to insufficient sanity checking on arguments to DESCRIBE requests.

tags | advisory, remote, denial of service
systems | apple
advisories | CVE-2004-1123
SHA-256 | fd4e9485e21ca1fc86ddcb0713b7e139129b4be0e8e4ab6a1a5a995d932c8777
Secunia Security Advisory 13234
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in IBM WebSphere Commerce, which potentially may disclose customer information. The problem reportedly exists if store views update the database or directly invoke commands that perform the database update, which may result in customer information being stored under the default user. The security issue has been reported in versions 5.1, 5.4, 5.5, and 5.6.

tags | advisory
SHA-256 | 205b1263a5954aa82c0f119b39d2337cf00c243b3feb4b11c7b67f9bbfb595f8
woolchat.txt
Posted Dec 12, 2004
Authored by White E | Site nogimmick.org

WoolChat IRC client is susceptible to a buffer overflow when a DCC send query is sent with more than 260 bytes.

tags | exploit, overflow
SHA-256 | a6d1f6823641006525e6c0878dfea4547cacc36a01aca5c25c1b55a0cb0a6157
Secunia Security Advisory 13370
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in AIX, which can be exploited by malicious, local users to inject arbitrary data into the ODM (Object Data Manager) or cause a vulnerable system to hang during boot. The vulnerability is caused due to an unspecified error within the system startup scripts. The vulnerability affects versions 5.1, 5.2, and 5.3.

tags | advisory, arbitrary, local
systems | aix
SHA-256 | 71d6bcd63f75730eca45361ee07cb655ee630f50747147c4b9f8048f09dfb4f0
nufw-0.8.6.tar.bz2
Posted Dec 12, 2004
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: Two small bug fixes.
tags | tool, remote, firewall
systems | unix
SHA-256 | b993059e3d7a30e4aad74f2c951652b7892040587b3399b36afe64e5a3916f9b
nkvir-2129b.gz
Posted Dec 12, 2004
Authored by nikant | Site agriroot.aua.gr

YAVR, or Yet Another antiVirus Recipe, is a procmail recipe that helps filter out many of the common e-mail worms and viruses.

Changes: Added various virus signatures.
tags | worm
systems | unix
SHA-256 | 7e6984fccde306c2f649f0627392e68c07a024c68890ca592cab12d581e626a8
Secunia Security Advisory 13360
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Jakarta Lucene, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | eec561db753d6c2d9acf8ad2b39d00f8e8d21f9362d8d034b0f5f0ff5fa12ba6
airt-0.1.tar.bz2
Posted Dec 12, 2004
Authored by madsys, CoolQ

AIRT (Advanced incident response tool) is a set of incident response assistance tools for Linux. Tools allow you to look for hidden modules, processes, and ports. Additionally, two tools will dump and analyze hidden modules.

tags | tool, forensics
systems | linux
SHA-256 | ed1fa893e032cfcfddf136f0d364fd8b082fa2baf0a415d57f50997a57cfece6
dsa-604.txt
Posted Dec 12, 2004
Site debian.org

Debian Security Advisory 604-1 - infamous41md discovered a buffer overflow condition in hpsockd, the socks server written at Hewlett-Packard. An exploit could cause the program to crash or may have worse effect.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2004-0993
SHA-256 | 490c2704074528bfb746fdcbb2b9760154b1f983724b93ef34d05d8dfaec80c8
kreedexec.txt
Posted Dec 12, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Kreed versions 1.05 and below suffer from format string error, denial of service, and server freeze flaws.

tags | advisory, denial of service
SHA-256 | 6d87cdd229726295598ba1f4ef4eeeedf85338e5929e4c471be31f028aee14de
kreedexec.zip
Posted Dec 12, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Remote exploit for Kreed versions 1.05 and below that suffer from format string error, denial of service, and server freeze flaws.

tags | exploit, remote, denial of service
SHA-256 | 2c1ad57a838694f28a0578b571f486e9794175f13eab0b0421ad03831649f766
advanced231.txt
Posted Dec 12, 2004
Authored by Emile van Elen

A cross site scripting bug is in Advanced Guestbook 2.3.1.

tags | advisory, xss
SHA-256 | dce7d0ea6dd8de19f262940b639f0c5ae75e447674cc4343a08a0910123ede20
Cisco Security Advisory 20041202-cnr
Posted Dec 12, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco CNS Network Registrar Domain Name Service /Dynamic Host Configuration Protocol (DNS/DHCP) server for the Windows Server platforms is vulnerable to a Denial of Service attack when a certain crafted packet sequence is directed to the server.

tags | advisory, denial of service, protocol
systems | cisco, windows
SHA-256 | af3e6e4f9babe8629e6c98c73cac56bd6f3e68096111d92b416e44a984d29baa
blogtorrent.txt
Posted Dec 12, 2004
Authored by Debian

Blogtorrent, a collection of PHP scripts written to be used in conjunction with bittorrent, fails to properly sanitize input on a variable allowing for directory traversal attacks.

tags | exploit, php
SHA-256 | 017a5d79b29f33ef76f8e8cedacca83517d4d984176356c304f2dad74ce4e2e2
rsshscponly.txt
Posted Dec 12, 2004
Authored by Jason Wies

Although rssh and scponly were designed to limit the use of a shell on a remote host, various underlying programs that they are allowed to use may allow for arbitrary command execution.

tags | advisory, remote, arbitrary, shell
SHA-256 | 221d90a3802c19d25ff31131746e485e622f1afce6b8ffef9f1934ead0f4784b
Secunia Security Advisory 13358
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Big Medium, which potentially can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
SHA-256 | 9955ecec6f14e2354a1ab4159f6e3f4d524f4c24852fce0d1b7b3ca326b1161e
Secunia Security Advisory 13357
Posted Dec 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefan Esser has reported a vulnerability in Serendipity, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 2683c861d08a6a432958e3a04ddf5bf49287e97385703c0fab011d10cad6276a
FreeBSD Security Advisory 2004.17
Posted Dec 12, 2004
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:17.procfs - The implementation of the /proc/curproc/cmdline pseudofile in the procfs(5) file system on FreeBSD 4.x and 5.x, and of the /proc/self/cmdline pseudofile in the linprocfs(5) file system on FreeBSD 5.x reads a process' argument vector from the process address space. During this operation, a pointer was dereferenced directly without the necessary validation steps being performed.

tags | advisory
systems | freebsd
advisories | CVE-2004-1066
SHA-256 | 9172f91c6b027b6f7c743ba70a7c8f2026e861b105f1b6f5125ce2249481c20b
Page 3 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close