Exploit for wu-ftpd that makes use of the globbing denial of service flaw.
77b446fb929c57c3b6eb8452ee7f7f4034c86535094cd0eb6f01b548f2c92aeaAwstats remote exploit that allows for remote command execution on the host with privileges of the httpd process. Versions 5.7 through 6.2 are affected.
e0d6aacf97481633bcc02f886a5337792a2211c0e98331682b0c4276982738aeTrillian Basic 3.0 PNG image processing buffer overflow exploit.
0d9a068f2b0a271b2df57c4326763f0cf3aa4f856d5d81c504e510b3c6b4206cSecunia Security Advisory - A vulnerability has been reported in Burning Board and Burning Board Lite, which can be exploited by malicious people to conduct SQL injection attacks.
8b9df74bda168c0e8ed93ae86c92d47ef4a7b26960f0c2739ad091b56fa1a204Secunia Security Advisory - benjilenoob has reported a vulnerability in D-Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.
28c1b87add96dedadfd3053d5851b094bb52be0f059af7407d36c36f4629895aSecunia Security Advisory - Tavis Ormandy has reported a vulnerability in Xloadimage, which potentially can be exploited by malicious people to compromise a user's system.
92b3dec816734412430c81903822f3bc1d9ed64ffe828af7c1b6ce44140c2cafSecunia Security Advisory - A security issue has been reported in Squid, which may disclose sensitive information to malicious people.
3cb7e4e96647594c0e336eac43de4125889643d83169ccc9a6d0425e9a10e6daBuilt on top of the IDA Function Analyzer, pGRAPH (Pedram's Grapher), provides an interface to generate more detailed and user defined control-flow graphs using the bundled Wingraph package. Extended features include: support for chunked functions, instruction level coloring, edge customization (manhattan vs splines), layout algorithm and more.
e884794cd3dfa8188c3837653c79596619bda49502f9fe0b4395d9e6fd15a5b0Written as a C++ class, Function Analyzer was originally developed to provide an abstracted layer over chunked functions frequently found in Microsoft optimize compiled binaries. As of IDA version 4.7 much of this functionality is built into the SDK. However, Function Analyzer can be used to construct plug-ins compatible across older versions and provides abstracted next_ea()/prev_ea() routines for stepping through an internal unchunked instruction list. The abstraction layer also exposes the following function-level information: basic block enumeration (nodes, edges), call count, MD5 hash, CRC and customizable GDL (Wingraph) generation.
e45937cff22b0b58d2d2f6281711df2324ba077e1b6057559639aaee26a72207IDA Sync was written to allow multiple analysts to synchronize their reverse engineering efforts with IDA Pro in real time. Users connect to a central server through the ida_sync plugin. Once connected, all comments and name changes made with the registered hot keys are immediately transmitted to all other users working on the same project. The central server stores a copy of all changes as well, allowing new analysts to jump on the project and immediately receive up to date information. Included in the source release is a C++ class providing IDA Pro plugin developers with an abstracted asynchronous I/O interface.
a8ace8b8c3a60a7793256dfbcfd40b4789f253acf72167fdee3968a049b8502ceEye Security Advisory - eEye Digital Security has discovered multiple stack-based vulnerabilities within the licensing component that processes incoming network requests in the Computer Associates License Management software.
5797432c9b96dca5b15d0492af228f5700c812e44f776bf9de0dc187869c5343HP Security Bulletin - A potential security vulnerability has been identified with HP OpenVMS VAX version 7.x and 6.x and OpenVMS Alpha Version 7.x or 6.x that may allow a local authorized user to gain unauthorized privileged access to data and system resources.
e283f4530ed6c29bc71d9222276c349099fe3ce03e49783411729c4b5ee35948KSB26, Kernel Socks Bouncer for 2.6.x, is a Linux 2.6.x-kernel patch that redirects full tcp connections through a socks5 proxy. KSB26 uses a character device to pass socks5 and the target IPs the the Linux kernel. This is obviously quite useful if you want to transparently tunnel certain things through a given proxy to remain anonymous, or if you want to transparently be able to sniff certain network traffic.
6e77a4eefdcf7a4ffe8778d62bb3ea5a419a26bb287f59e4098593cb0dc2e714iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GCR requests. Exploitation allows remote attackers to execute arbitrary code under the privileges of Local System.
3ed8db083fbddded4122d2db0cd334c7599112b3c46d0ccaef1dc9ab0e5deb0eiDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GCR requests.
571fd92ea5c1f9ef9b16940e571fdaee9943fa6dd6db5d5d980657782898d14eiDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GETCONFIG requests.
9211269875c1cbd81361a79ae27cd7a41120c3167d87b09ffbbce8fcf8003b14iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a directory traversal vulnerability in Computer Associates International Inc. License Client can allow attackers create files in arbitrary locations. The vulnerability specifically exists in the handling of the filename used in PUTOLF requests.
91475277c8d64cb526f375cd267e3a59760b6b528b6b0b3e126b4fea519944a6iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates International Inc. License Server can allow attackers to execute arbitrary code. The vulnerability specifically exists in the handling of the filename used in PUTOLF requests.
d4a15d53bb20b276509b0955bd2cf55df0ef8988e6f2aee00122c68bed36686aiDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates International Inc. License Server and License Client can allow attackers to execute arbitrary code. iDEFENSE has confirmed that CA License Server 0.1.0.15 and CA License Client 0.1.0.15 are vulnerable. It is suspected that most CA products are running vulnerable versions of the client and/or server.
e0658a00eaab03b8c22bd160e7374593472c52c0576efd78f3408ab8e94cba54Computalynx CProxy versions 3.3.x and 3.4.x are susceptible to denial of service and directory traversal attacks. Detailed exploitation provided.
b59285890b0fe1711b6b600c33215928b7523920cb4f2953589670170c16e8aeGolden FTP server version 1.92 suffers from a buffer overflow when more than 284 characters is entered in the Username field at logon. As EIP can be overwritten, it is possible to execute arbitrary code in systems running this version of the daemon.
fb180903ad4f40525a0bd52a26b62cfbed17d7b32acbc0a71a31803bce43357bSecunia Security Advisory - Multiple vulnerabilities have been reported in the CA License software, which can be exploited by malicious people to compromise a vulnerable system.
cf79713a6a36ec63c6ab81b386e68182ce44209b2fb7698bd3657992f627fd5eGentoo Linux Security Advisory GLSA 200503-05 - Tavis Ormandy of the Gentoo Linux Security Audit Team has reported that xli and xloadimage contain a flaw in the handling of compressed images, where shell meta-characters are not adequately escaped. Rob Holland of the Gentoo Linux Security Audit Team has reported that an xloadimage vulnerability in the handling of Faces Project images discovered by zen-parse in 2001 remained unpatched in xli. Additionally, it has been reported that insufficient validation of image properties in xli could potentially result in buffer management errors. Versions less than 4.1-r2 are affected.
8e3ec8f40b0fa45953e55fa9394ff35a9ebfa317cd56f3360a74d8f41b36ab01Secunia Security Advisory - Doctor Grim has reported two vulnerabilities in MercuryBoard, which can be exploited by malicious people to conduct script insertion and SQL injection attacks.
1c3fa07d1abbadda1a3e6c240e19764126338fd3f134321b8bc7edd8defafcd8Secunia Security Advisory - FraMe has reported a vulnerability in CuteNews, which can be exploited by malicious people to conduct script insertion attacks.
82f70aaed32df0aadd45f5641e71f066a91a179a09b6b89847dea5ac2cfe6c48
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed