Two exploits for Winamp 5.05 and 5.08. They make use of the buffer overflow vulnerability discovered by NSFOCUS.
3b29a4995e0aaccc260541dbb627b87fbe7fb0efadc0a8f4304d08d688585a97authfail is a tool for adding IP addresses to an ACL when entities from those addresses attempt to log into a system, but cause authentication failures in auth.log. It reads data from auth.log in real time and adds the IP into netfilter with a DROP/REJECT policy.
1546758d05794a4a37d199eaef73b3963ef4c4aa0a65cfcc38c69e834caa9faeShellcode Crypter is a shellcode encryption utility.
7036e758f501a16d557e1a68a5eec6b841a643a579614547a2c9f51501624c06Secunia Security Advisory - Victor Ashik has reported a vulnerability in less in Red Hat Enterprise Linux 3, which potentially can be exploited by malicious people to compromise a user's system.
f094456e4d32799af64faf9d827b3a6e80912ab3d248970a16719ecdcf86f359Secunia Security Advisory - SmOk3 has reported some vulnerabilities in eCommerce, which can be exploited by malicious people to conduct cross-site scripting attacks.
254b72e5f5aa17e878bbd5b1667fc7937fa8afd093b034ed9d4b8a705108781cMultiple vulnerabilities were found in Magic Winmail's Webmail, IMAP, and FTP services. Arbitrary file upload/download, cross site scripting, and directory traversal flaws all exist, along with the ability to access other user's mail. It really IS magic.
6cdd0f75b8a65fb62d8a4639fd3d414b32de01bbd3ab23bb7757fb4fa79da5d6Secunia Security Advisory - A security issue has been reported in ginp, which can be exploited by malicious people to bypass certain security restrictions.
3ab1f6d3ca36d8d484f297215b97acd3eaf2a506466715db5d51cd406fc6417dSun Security Advisory - A system panic may occur on systems that open and close several UDP end points.
10bf6ec41a8db82f32295a3a660842226a8d9b1a7c158bf82b13c735d6252d8cDebian Security Advisory 661-1 - The Debian Security Audit project discovered that f2c and fc, which are both part of the f2c package, a fortran 77 to C/C++ translator, open temporary files insecurely and are hence vulnerable to a symlink attack.
c176048e4edf43fb9c44c5ce861ed0559b85a08070ccfed40adad603b717b990Multiple vulnerabilities in Uebimiau WebMail versions 2.7.2 and below allow for the hijacking of session files and other information.
834d17e463670f58d926bf262304f0e4f32dfaf0d2ef316c1799deb007620aecWhen a PPTP user is disabled in Ingate Firewall versions 4.1.3 and below, any tunnel created by them is not automatically disabled.
80f85f9fb08f0a173f235a0fae31f290489018416571bc16f578dcc2ccd5f2bdExploit for Outlook that can press a button to verify it is okay to access protected contact data. Tested against Windows XP SP1. This functionality may be utilized in future worm creation.
b7b894daaf5e749e2f7ec8cab19e398017e5a3a7694ac2d2bf74ebf782fb2f30NSFOCUS Security Advisory(SA2005-01) - NSFocus Security Team has found a buffer overflow vulnerability in the plug-in by which WinAMP plays CD. An attacker can construct a malicious playlist file that is embedded in a HTML page. If a user is persuaded to click it, then the attacker can gain complete control over the user's system. All versions below 5.08c are affected.
2f4c6c5035b872fd5a2b5de1569a4facb605684f573d63de5e8c86235f56c895An unnamed antivirus product can cause a denial of service on Microsoft Windows due to not closing open registry handles.
10e74a2c526a065ee0572cf3e0b04c2ade62abdeccdc6aa8429bc8da242910dbApple's OS X batch family of commands make poor use of setuid capabilities allowing for privilege escalation.
4b7f8222d4d52c294fcfe9d3930da745c276ff2c756307556f0b7f809f135083Secunia Security Advisory - A vulnerability has been reported in JUNOS, which can be exploited by malicious people to cause a DoS (Denial of Service).
bd7ae7cb6ff704e5dabca2abcceee84f052d0ae3ca70164a455461bc48a9cbcbSecunia Security Advisory - A security issue has been reported in Novell iChain, which potentially can be exploited by malicious people to bypass certain security restrictions.
a43a206d2e0759be7da880f6f1a67101b0d22d3bd6ac6a1b75038e36eb2554ab
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed