what you don't know can hurt you
Showing 1 - 25 of 428 RSS Feed

Files Date: 2005-01-01 to 2005-01-31

WC-ms05002-ani-expl-cb.c
Posted Jan 30, 2005
Authored by WhiskyCoders | Site bennupg.ath.cx

Microsoft Internet Explorer .ANI file handling exploit. Modified version of the houseofdabus exploit. Universal version of the exploit. Tested on: Windows Server 2003, Windows XP SP0/SP1, Windows 2000 SP2/SP3/SP4.

tags | exploit
systems | windows
SHA-256 | 7d28b6b89f96a1823cf6133c4dfbbf4eeebb9afb847e5f3ffc5da17e887c96b4
Gentoo Linux Security Advisory 200501-41
Posted Jan 30, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200501-41 - A bug in TikiWiki allows certain users to upload and execute malicious PHP scripts. Versions below 1.8.5 are affected.

tags | advisory, php
systems | linux, gentoo
SHA-256 | 7b3a3fe50c91b53f142a4fdbc5fc1426702ce95d77746d0e6afdb04e2b6f4e47
imd_advisory.txt
Posted Jan 30, 2005
Authored by Steven | Site lovebug.org

The webmail portion of Infinite Mobile Delivery 2.6 from Captaris, Inc. contains a Cross Site Scripting vulnerability. In addition to the XSS, an even smaller issue exists where a user can determine the installation path of the client and where e-mails are stored.

tags | exploit, xss
SHA-256 | ab16cccb8d5dac3bb83fa685da0c66ecaf107bea553a5bde32efb50a81721cbf
ocs.c
Posted Jan 30, 2005
Authored by OverIP | Site hacklab.tk

Compact mass scanner for Cisco routers with default telnet/enable passwords.

tags | tool, scanner
systems | cisco, unix
SHA-256 | abd2a9fc125008f980986f130c505798029e1a956f0d037ae9b643b908ece46d
squirrelInclusion.txt
Posted Jan 30, 2005
Authored by Jonathan Angliss | Site squirrelmail.org

SquirrelMail Security Advisory - SquirrelMail 1.4.4 has been released to resolve a number of security issues. Manoel Zaninetti reported an issue in src/webmail.php which would allow a crafted URL to include a remote web page. A possible cross site scripting issue exists in src/webmail.php that is only accessible when the PHP installation is running with register_globals set to On.

tags | advisory, remote, web, php, xss
advisories | CVE-2005-0104, CVE-2005-0103
SHA-256 | 5773619867fb37cf0ce9656875f5125f481bb03dec469652efec6634f72bd105
radmind-1.4.1.tgz
Posted Jan 29, 2005
Site rsug.itd.umich.edu

radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.

Changes: Build fix.
tags | tool, intrusion detection
systems | unix
SHA-256 | e9bb17e5004a4d17721d96c94f6f938f628eeab1776f4097de25699f57f91777
HexView Security Advisory 2601-20-05.03
Posted Jan 29, 2005
Authored by HexView, ShineShadow

Multiple versions of the Merak Mail Server with Icewarp Web Mail suffer from various flaws. Included are cross site scripting, path disclosure, arbitrary file manipulation/access, and weak password encryption vulnerabilities.

tags | exploit, web, arbitrary, vulnerability, xss
SHA-256 | 2f72998322fa1ea4c6c2c644becc01d4932c53fb305167832b92978f9a58c796
Gentoo Linux Security Advisory 200501-40
Posted Jan 29, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200501-40 - ngIRCd is vulnerable to a buffer overflow that can be used to crash the daemon and possibly execute arbitrary code. Versions below 0.8.2 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
SHA-256 | 9d2d8f54b4aaeed309eaf7cf77da5804c4ddb2197384ecfa2f424a8528311bc2
Secunia Security Advisory 14051
Posted Jan 29, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tem has reported a vulnerability in phpPgAds, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 40071bb3a882ca30daa1e126643d423fc279f6c4959c72d5dd3c4836e2c2a3a1
Secunia Security Advisory 13984
Posted Jan 29, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in PEiD, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 1b9b5869dcf0e988410613901202d078663d5ecde14311eabdcccae6c670c462
SCOSA-2005.8.txt
Posted Jan 29, 2005
Site sco.com

SCO Security Advisory - A vulnerability has been reported in UnixWare, which potentially can be exploited by malicious, local users to hijack local sockets.

tags | advisory, local
systems | unixware
SHA-256 | 31041ff5b45862c00e151b4e8be11d37a1e651ff64039f9ef1d718e496f98f69
Secunia Security Advisory 14063
Posted Jan 29, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - muts has reported a vulnerability in SnugServer, which can be exploited by malicious users to disclose sensitive information.

tags | advisory
SHA-256 | 016588243f4aa629cc6885382fd7dd50f95beea53f7abb9e28c635aa63e938fb
WebAdmin302.txt
Posted Jan 29, 2005
Authored by David Alonso Perez

Alt-N WebAdmin, the web application used to administer MDaemon and RelayFax, is susceptible to cross site scripting, html injection, and unauthenticated account modification vulnerabilities. Versions 3.0.2 and below are susceptible.

tags | exploit, web, vulnerability, xss
SHA-256 | 3248495f1d679d6e5e1767f9bda0c7cfd2ea42a402d286793af304c0def1cfd0
defeating-xpsp2-heap-protection.pdf
Posted Jan 29, 2005
Authored by Alexander Anisimov | Site ptsecurity.com

The MaxPatrol team has discovered that it is possible to defeat Microsoft Windows XP SP2 heap protection and data execution prevention mechanisms. Full analysis with code provided.

tags | paper
systems | windows
SHA-256 | c13c505bd994bd2235753bb15f5a5a562e7f3bccf6d96db1ffa0b5e9e67ca4ab
Secunia Security Advisory 14016
Posted Jan 29, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - benjilenoob has reported some vulnerabilities in CoolForum, which can be exploited by malicious users to conduct script insertion and SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | b204f5fc2496d2c446e51ce0633a857dfac401316ff5aafe74dbe5f2299ad7ea
WebWasherCONNECT.txt
Posted Jan 29, 2005
Authored by Oliver Karow | Site oliverkarow.de

WebWasher Classic has a design flaw weakness where the CONNECT method allows remote attackers to connect to any server listening on the localhost interface of the proxy server.

tags | exploit, remote
SHA-256 | 2a29f5edeac813ac66ecbdbee56a1015c23933d41ef1785125f74e1a02901cf6
Secunia Security Advisory 14057
Posted Jan 29, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in University of Washington IMAP server, which can be exploited by malicious people to bypass the user authentication.

tags | advisory, imap
SHA-256 | 5076f1631c337b3853afd5c8934a42884da91d0055a09398f94d0474d106ce64
Secunia Security Advisory 14054
Posted Jan 29, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MC.Iglo has discovered a vulnerability in War FTP Daemon, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | d935f35fe934218571f8fd9e546ef7c3523afbfbca4c799abeb0f46f676290a0
OpenPKG Security Advisory 2005.4
Posted Jan 29, 2005
Authored by The OpenPKG Project, OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory - A setuid and setgid application vulnerability was found in the Cyrus SASL library. At application startup, libsasl2 attempts to build a list of all available SASL plugins which are available on the system. To do so, the library searches for and attempts to load every shared library found within the plugin directory. This location can be set with the SASL_PATH environment variable.

tags | advisory
SHA-256 | 2b51683b908ec938cb13adb29012b0ee3eb294a7a742091ff113cd0c39e5a8c4
exploits-winamp.tgz
Posted Jan 28, 2005
Authored by Rojodos

Two exploits for Winamp 5.05 and 5.08. They make use of the buffer overflow vulnerability discovered by NSFOCUS.

tags | exploit, overflow
advisories | CVE-2004-1150
SHA-256 | 3b29a4995e0aaccc260541dbb627b87fbe7fb0efadc0a8f4304d08d688585a97
authfail-1.1.1.tgz
Posted Jan 28, 2005
Authored by Bartek Krajnik | Site bmk.bz

authfail is a tool for adding IP addresses to an ACL when entities from those addresses attempt to log into a system, but cause authentication failures in auth.log. It reads data from auth.log in real time and adds the IP into netfilter with a DROP/REJECT policy.

Changes: Bug fix release.
tags | tool, firewall
systems | linux
SHA-256 | 1546758d05794a4a37d199eaef73b3963ef4c4aa0a65cfcc38c69e834caa9fae
shellcodes_crypter_PV.c
Posted Jan 28, 2005
Authored by Shen139

Shellcode Crypter is a shellcode encryption utility.

tags | shellcode
SHA-256 | 7036e758f501a16d557e1a68a5eec6b841a643a579614547a2c9f51501624c06
Secunia Security Advisory 14029
Posted Jan 28, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Victor Ashik has reported a vulnerability in less in Red Hat Enterprise Linux 3, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, redhat
SHA-256 | f094456e4d32799af64faf9d827b3a6e80912ab3d248970a16719ecdcf86f359
Secunia Security Advisory 14035
Posted Jan 28, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SmOk3 has reported some vulnerabilities in eCommerce, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 254b72e5f5aa17e878bbd5b1667fc7937fa8afd093b034ed9d4b8a705108781c
magicwinmail40.txt
Posted Jan 28, 2005
Authored by Tan Chew Keong | Site security.org.sg

Multiple vulnerabilities were found in Magic Winmail's Webmail, IMAP, and FTP services. Arbitrary file upload/download, cross site scripting, and directory traversal flaws all exist, along with the ability to access other user's mail. It really IS magic.

tags | advisory, arbitrary, vulnerability, imap, xss, file upload
SHA-256 | 6cdd0f75b8a65fb62d8a4639fd3d414b32de01bbd3ab23bb7757fb4fa79da5d6
Page 1 of 18
Back12345Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close