Motorola SBV5120 cable modem denial of service exploit v0.1.
1a7922a1f6ffe4d7b3111d60bce9c47e2193af1c21cb278603be57513444cf62This is a fast banner scanner which uses fork().
f9cad6028646d6c958dad77827e615731ca039bc41a4c12d536daeaf2d588b67Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
4fa1e262dff5b6a08f1e81a625e335d9a832f445116798c5350dc8f72694fdccTcpdump v3.8.x/3.9.1 remote infinite loop denial of service exploit which takes advantage of the isis_print() function by sending a GRE packet.
7715283f9e248b04a7f1186a37ab92696fba6aa192da993f47a8e4362a1c6bfaTcpdump v3.8.x and below remote denial of service exploit which causes tcpdump to go into an infinite loop when it processes an evil BGP packet. Works if TCP port 179 is not filtered.
ccc1ba68ec8e05ee151df0dc0455d51be29ffeac87519d101d1ec5c6ec4d29f6Tcpdump v3.8.3 and below remote denial of service exploit which causes tcpdump to go into an infinite loop when it processes an evil LDP packet.
5d2ae4babb02e4a4cdaf59c68d9c308c703d7d0c5ae0c27f8ef1aab1b8401184Tcpdump v3.9.1 and below and Ethereal v0.10.10 and below remote denial of service exploit which takes advantage of a bug in rsvp_print().
55e3698692b58c34879b5f8ed2655d6e63f7b4f6346ba705a052758b7d96a384Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
25b25b4c4028288945b968173d692ae2b72d811aaeea3715ae6a77945d9af2e9Many XML/RPC servers based on Python / Ruby seem to be vulnerable to a simple Denial of Service where transmitting a large amount of data (circa 4 MB) results in them utilizing 100% of the CPU and apparently never recovering.
01fddb7df596dbb647f71a14bc8ddf89eda494b127062d87e148e1adfd6216baAppleWebKit XMLHttpRequest arbitrary file disclosure - Apple Safari 1.2+, Apple RSS 2.0 pre-release, OmniGroup OmniWeb 5.1+, as well as other software based on a common engine, are vulnerable to malicious webservers attacking them and retrieving information (arbitrary files on disk).
0ea575297839fdac0e3654c2488db5abe193e71540f91deb28ffc4cd0bd4c886Gentoo Linux Security Advisory GLSA 200504-14 - Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discovered a Denial of Service vulnerability, a syntax error caused monkeyd to zero out unallocated memory should a zero byte file be requested. Versions less than 0.9.1 are affected.
7f4936472c31f89580293bf38a7962c48bf48a076c611dbcb39c244449785e17Musicmatch installs an ActiveX control which can then be called by other sites (totally unrelated to musicmatch). The ActiveX control allows for arbitrary files on the user's disk to be overwritten.
11fd920c5376d04b6b942e8d782b5ab5c9062b6024be9018a38a7f67cccad923Ophcrack version 2.0. Ophcrack is a cracker aimed at NT-style (LANMAN) password-hashes. It uses a large precomputed hash database to crack the majority of all passwords within a matter of seconds, rather than hours or days as would be the case if you search the entire likely keyspace each time you are looking for a specific password. This type of cracking is based on a technique referred to as "rainbow tables".
c04353d4e957dedbbe3f6682b4898c728601bba5dae0264812a71b51b2ca0824System's protected with libsafe my not be fully protected when multithreaded applications are running on them: a brief attack window may exist where an attack can execute malicious code without libsafe being called to verify things as safe.
36be85c239bf7eb36e43805fdd22ff28338c953972e31ec9cf067a21f1e92011GOCR (Gnu Optical Character Recognition) contains a heap overflow.
afb2abf973047003b3fcb5711eb81087f9f2a9e0c844a1fa64a790403e982cd1Debian Security Advisory DSA 709-1 - libexif remote buffer overflow. Sylvain Defresne discovered a buffer overflow in libexif, a library that parses EXIF files (such as JPEG files with extra tags).
c2a7812fbb6ff327e408302fc15ef6561ebdad0ebf7c737530c364cb58f717a9Dameware stores the username / password of the currently connected user in cleartext somewhere on its heap. (Note: a great number of other remote-access products probably do this as well).
2ba2eb9f10af09f46038b23b0d6cb684ed80a7a6a73113df3a867e99be5817fdThe log function in Perl's Net::Server module (used by postgrey, among other tools) is vulnerable to format string attacks. However, it is not clear what the exact impact of this is in a Perl environment.
778555738d428bd2a4087fa2b5c8d98b4df893c1bcdcc2f5c4e68e53bd7634faThe SIOCGIFCONF ioctl, used to request the kernel to produce a list of interfaces, can be exploited to reveal 12 bytes of memory. It is not at all guaranteed that this memory will contain anything interesting.
046e16080325dae021493dffedc9e3fe620cdd65df9f6250a4fd4ff3ce4aaef7Yager, an online air-combat simulation game, is vulnerable to several overflows as well as several Denial of Service attacks. This advisory details issues in versions up to 5.24.
3e9e1377c6d538e2c6ab12326ddfb1a9889cb7aee4dbb8d4f3c1fecd7afb77aaThe default POP3 server installed on iSeries boxes allows for username enumeration. This PDF contains a table converting POP3 login errorcodes to their actual meanings.
4d267c5719f82f3364c7ebc3a98ea3abbcbf5823e3324094c48771565765e12eThe InternetCreateUrlW function of wininet.dll, a core component of Internet Explorer, is vulnerable to a buffer overflow attack when the source buffer is copied into the destination buffer using WideCharToMultiByte. In practice this is probably only useful for Denial of Service attacks (if that) and still requires some social-engineering to actually exploit this.
ff53458ff1c02389c39168172c59ac6ab1cbb62bfdb0fc78469a4dc9190da6caOlder versions of MusicMatch (like a large number of other software packages, including core components of Windows) make an insecure call to CreateProcess. This is a local attack which requires that an attack can write files to the root of the C:\ drive, something that actually is possible with versions of Winows prior to XP.
9faba944c8b50a3f791d05142beaf4ad28418d0d8414df595ed593e83feed2eeUbuntu Security Notice USN-111-1 - A remote Denial of Service vulnerability has been discovered in Squid. Versions of ubunto up to 2.5.5-6ubuntu0.7 may contain vulnerable versions of squid.
5410ff64f8687a5559684c5a08918347a5be9390c3b89ed0c767095b795a22d2Sumus, a Internet-based cardgame program, is vulnerable to a stack-based buffer-overflow in the server component.
04b607c7c82dcc14b5382394ef565748a6ad092ebe29a4a4a2e157d6d8c1ab8d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed