what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 145 RSS Feed

Files Date: 2004-12-30 to 2004-12-31

asp2php.txt
Posted Dec 30, 2004
Authored by Qiao Zhang | Site tigger.uic.edu

Two vulnerabilities in asp2php version 0.76.23 allow for system compromise.

tags | advisory, vulnerability
SHA-256 | 46a5728834ab38f1cd22da982c5a43d9cd3178f4c31aa6d150c36333980af20d
abctab2ps.txt
Posted Dec 30, 2004
Authored by Limin Wang | Site tigger.uic.edu

Two vulnerabilities in abctab2ps allow for local compromise of a system. Version 1.6.3 is affected.

tags | advisory, local, vulnerability
SHA-256 | 3c6a2450bcd6bf47b0ba6017b7d3609e2faf35f2d2a83ba2131f303923bbaed6
afick-2.6-0.tgz
Posted Dec 30, 2004
Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Minor improvements.
tags | tool, integrity
systems | windows, unix
SHA-256 | 05b618247a27c7071e7d53454352fd885d4de91b85d7693c9fbf0648e34ef4d1
Samhain File Integrity Checker
Posted Dec 30, 2004
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Multiple bug fixes.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 76013b7c0e5ae358bbde74231193fb850030b29bf464eda3acdcbca7fc50b9e0
abc2mtex.txt
Posted Dec 30, 2004
Authored by Limin Wang | Site tigger.uic.edu

abc2mtex version 1.6.1 has a boundary error condition in the process_abc() function that allows for arbitrary code execution.

tags | advisory, arbitrary, code execution
SHA-256 | fc42d655e4733a5beb382f1ef651dda08a502434dcee745e73f3388d4b7a33ba
Secunia Security Advisory 13492
Posted Dec 30, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Windows XP SP2, which erroneously causes the firewall to allow connections from the Internet. The problem is caused by the way certain dialers configure the routing table and how local subnets are interpreted when the 'My network (subnet) only' option is used in the Microsoft Windows Firewall. This issue only affects Windows XP with Service Pack 2 in combination with a dial-up network connection.

tags | advisory, local
systems | windows
SHA-256 | 9f2a42f33cf3ef3b9cbc69be862687892b20ffa30435a96bb191145f1116d324
abcm2ps.txt
Posted Dec 30, 2004
Authored by Limin Wang | Site tigger.uic.edu

A boundary error condition in the put_words() function of abcm2ps version 3.7.20 allows for arbitrary code execution.

tags | advisory, arbitrary, code execution
SHA-256 | e8a457f9a0af305b7e255512bb838eee972b1b51d254dd8f67af089df979750e
nasm.txt
Posted Dec 30, 2004
Authored by Jonathan Rockway | Site tigger.uic.edu

A boundary error condition in NASM version 0.98.38 allows for local system compromise.

tags | advisory, local
SHA-256 | 017ca1a0b9cfdb05cbbab2f1e5d40409b86c485126a703e5b6bb880437588cac
cups2.txt
Posted Dec 30, 2004
Authored by Bartlomiej Sieka | Site tigger.uic.edu

Various errors in lppasswd under CUPS 1.x allows for /usr/local/etc/cups/passwd file manipulation/truncation.

tags | advisory, local
SHA-256 | 893abe4a2a94991599e26f0950ae097514ca0b6924a48b2dd1e28274ab5fb1a3
cups.txt
Posted Dec 30, 2004
Authored by Ariel Berkman | Site tigger.uic.edu

A boundary error in the ParseCommand() function of CUPS version 1.x allows for a buffer overflow attack.

tags | advisory, overflow
SHA-256 | 9ccc61dd6cf89fb1b7ef2aaa8f5dfe79a4ba5c2dd48a1000eff91a3631981c4c
tnftp.txt
Posted Dec 30, 2004
Authored by Yosef Klein | Site tigger.uic.edu

A flaw in tnftp exists where it fails to properly validate file names provided by the server. Successful exploitation allows overwriting local files, but requires that a user connects to a malicious ftp server and downloads files.

tags | advisory, local
SHA-256 | dff05585de9e9d4b5e8f328f1cf7e188ee8c4a393bf6e1515fd472aea30727e7
gameport.txt
Posted Dec 30, 2004
Authored by AmoXi, Dr. VaXin

GamePort versions 3.0, 3.1, and 4.0 suffer from multiple vulnerabilities including reversal of the admin password.

tags | advisory, vulnerability
SHA-256 | 8560b266038986797f729ae1b1d83fb1dd17eb008c38ad6e9cbd4259851f2096
xine-lib.txt
Posted Dec 30, 2004
Authored by Ariel Berkman | Site tigger.uic.edu

A boundary error condition in xine-lib versions 1-rc5 and 1-rc7 allows for arbitrary code execution.

tags | advisory, arbitrary, code execution
SHA-256 | 16d1652200dbbf84c39bd07bfd776f45e532758e649d978d1e7bc23cbbbd270f
2fax-djb.txt
Posted Dec 30, 2004
Authored by Ariel Berkman | Site tigger.uic.edu

A boundary error condition in ArBas 2fax allow for arbitrary code execution. Version 3.04 was found susceptible.

tags | advisory, arbitrary, code execution
SHA-256 | 356e87e258b9ac8d5fb03c4ec8826e44b8b471af4e4c8bba86981353f2aa2447
mpg123.txt
Posted Dec 30, 2004
Authored by Bartlomiej Sieka | Site tigger.uic.edu

A boundary error condition in mpg123 version 0.59r allows for remote compromise.

tags | advisory, remote
SHA-256 | 36e5f420010b7ec3f07c25f3fb25b69ec231d8b95a523e1b4eeac6aef5702688
gadugadu.txt
Posted Dec 30, 2004
Authored by Blazej Miga, Jaroslaw Sajko

Gadu-Gadu is susceptible to script execution in the local zone and remote denial of service flaws.

tags | advisory, remote, denial of service, local
SHA-256 | 5386f74cbe61ff9ffc4f747313bfd6cde7a9d8e72d42a1c6967862ea16da4313
cscopesym.c
Posted Dec 30, 2004
Authored by Psirac

Local symlink exploit for cscope versions 15.5 and below.

tags | exploit, local
SHA-256 | b302970f46d35eff2bbf98e7fc2d5d0aa36d3e5cf760d7ed26dfdd89b25abb31
winrar341.txt
Posted Dec 30, 2004
Authored by Vafa Khoshaein

WinRAR proof of concept buffer overflow exploit for version 3.41 and below.

tags | exploit, overflow, proof of concept
SHA-256 | 7ec65fbd45117f3acb635f6d0cda142fb755fdac4f9f386371a85da96f21c9e8
NetBSD Security Advisory 2004.10
Posted Dec 30, 2004
Authored by Evgeny Demidov, The NetBSD Project | Site netbsd.org

NetBSD Security Advisory 2004-010 - Some of the functions in /usr/src/sys/compat/ which implement execution of foreign binaries (such as Linux, FreeBSD, IRIX, OSF1, SVR4, HPUX, and ULTRIX) use argument data in unsafe ways prior to calling the kernel syscall.

tags | advisory, kernel
systems | linux, netbsd, freebsd, irix, hpux
SHA-256 | 05546d49f053bc61209d8c580436a808dbef16beb496554eb15265e595aea34f
singapore0910.txt
Posted Dec 30, 2004
Authored by Tan Chew Keong | Site security.org.sg

Multiple vulnerabilies have been found in the Singapore Image Gallery Web Application version 0.9.10 including arbitrary file download, directory deletion, and cross site scripting flaws.

tags | advisory, web, arbitrary, xss
SHA-256 | 22cccd84c8257bb8aec34a71801c52d8b3d7958998bb930ff8723bb8f663f436
iDEFENSE Security Advisory 2004-12-16.5
Posted Dec 30, 2004
Authored by Patrik Karlsson, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 12.16.2004-5 - Remote exploitation of a stack-based buffer overflow vulnerability in Veritas Backup Exec allows attackers to execute arbitrary code. The vulnerability specifically exists within the function responsible for receiving and parsing registration requests. The registration request packet contains the hostname and connecting TCP port of the client which is stored in an array on the stack. An attacker can send a registration request with an overly long hostname value to overflow the array and take control of the saved return address to execute arbitrary code.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2004-1172
SHA-256 | a924ddb439be900e0f1e0eb48321e5e919eec5354788d3a7cc611c97a744d51f
iDEFENSE Security Advisory 2004-12-16.4
Posted Dec 30, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 12.16.2004-4 - Remote exploitation of a heap overflow vulnerability in Unix MPlayer could allow attackers to gain access to the computer. The vulnerability specifically exists due to a lack of bounds checking within the demux_open_bmp() routine defined in /libmpdemux/demux_bmp.c. If a specially crafted file specifies a large value for the biClrUsed field, an overflow is triggered in stream_read().

tags | advisory, remote, overflow
systems | unix
SHA-256 | fdc03192c0a1ecf884fc1bc875280c5f1ab907dd2f77b6e1723d5de70614c3ea
iDEFENSE Security Advisory 2004-12-16.2
Posted Dec 30, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 12.16.2004-2 - Remote exploitation of a heap overflow vulnerability in Unix MPlayer could allow attackers to gain access to the computer. The vulnerability specifically exists due to a lack of bounds checking within the demux_open_bmp() routine defined in /libmpdemux/demux_bmp.c. If a specially crafted file specifies a large value for the biClrUsed field, an overflow is triggered in stream_read().

tags | advisory, remote, overflow
systems | unix
SHA-256 | 4ce3ca3ffea1075ab634cf94c8d80c832289ed863d7e00056519004400164457
iDEFENSE Security Advisory 2004-12-16.3
Posted Dec 30, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 12.16.2004-3 - Remote exploitation of a stack overflow vulnerability in MPlayer could allow remote users to gain access to the computer. The vulnerability specifically exists due to a lack of bounds checking in /libmpdemux/asf_mmst_straming.c. If a specially crafted file specifies a large value for the length field, the overflow is triggered in get_data().

tags | advisory, remote, overflow
SHA-256 | 61a1bc2e1f1d4e070d5390511e1bfe4e2498543007277c129cf397b50ada0eab
ikonboard.txt
Posted Dec 30, 2004
Site maxpatrol.com

Ikonboard 3.1.x is susceptible to multiple SQL injection attacks.

tags | advisory, sql injection
SHA-256 | e94e91aca906b092324c1a5ed76921f3f1ad22ad0375919b453ddacf2bfd5a21
Page 3 of 6
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close