Windows FTP Server remote DoS exploit.
09f7d64247dd629ee0c3ef325046fa7070e1dca518a3fe1d8522fe57b31418f1Local lame root exploit for exim version 4.42 and below.
ec28e8d69b8b86c44fad479d0693408bfb48bc65e3408120c89f1ea7d95c22a5mimic-ftpd remote DoS exploit.
889acafb8d0bd7ec59b468ad5e0304c227eca219ff2b54505ede73fa88ce1b69GNU less local exploit.
58a7a9a42bea20075104c3381ea5615bb56bb62a0b6c2d5e9eb359d26ba79dc6Spider game local buffer overflow exploit.
e3cc4d7d111162ecb945ae14b0176162973648ebee57c23965c8b7c11d36145fSuS local root exploit.
3da4ab0d6149a4ab235794752844be10fea1ee9025046d1e74fcfcf4c206074dUnreal tournament 2004 DoS checking tool.
51f811fb7cfa07eb5ae025a22aa0760feaa2f1db96fb71b1dce6650aee331c63MyWebServer 1.0.3 Remote DoS Exploit.
6acc8684762cfb946734f53d2729329e0f5edc5922f0802aa8a6be99a49f045bOpenSC consists of a SmartCard library that uses any common transport API (e.g. PC/SC, CT-API, OpenCT) as its backend and applications that use the library. It has been tested extensively on Finnish Electronic Identity (FINEID) cards, but a number of other PKCS #15 and ISO 7816 compatible cards work too. Also implemented are a PKCS #11 module (e.g. for Mozilla Web/email usage), a PAM module, somewhat working OpenSSH support, an OpenSSL engine, a few basic tools, and a PKCS #15 structure generation tool for supported cards.
9435f99ec870df6a5d233515042679e40d1a2ca4c473df92e0d106071cbe40adVisualRoute is a traceroute tool which displays a map of the path to the destination server by looking up the geographical location of each traceroute hop. The network service provider is identified for each hop, and instant domain and network whois information enable quick problem or abuse reporting.
2db0fc895cb8f4652f3daf2ecf8d693cff12eb3130f327c005064fa6daf44441Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
c3847b96379983d0f3f4c0a1a649e54a5d96e8ea9930b2222a45f39f34176b70News2Net, a newspaper, magazine and newsletter publication manager, is susceptible to SQL injection attacks.
30ebe8bbd9726e841bf34724ba07a952af46fcee79d00465ed4f75837ee8d164Mandriva Linux Security Advisory - Hugo Vazquez Carames discovered a race condition when writing output files in wget. After wget determined the output file name, but before the file was actually opened, a local attacker with write permissions to the download directory could create a symbolic link with the name of the output file. This could be exploited to overwrite arbitrary files with the permissions of the user invoking wget. The time window of opportunity for the attacker is determined solely by the delay of the first received data packet.
7e115d8991a9797e2f3f2b6ed79b0f1a7de2b16574020b5d6b227f051ca1ef71Mandriva Linux Security Advisory - Steve Kemp discovered two format string vulnerabilities in libgda2, the GNOME Data Access library for GNOME2, which may lead to the execution of arbitrary code in programs that use this library.
378a3bb3bd65b6721236614552678331e4f6568a1c96bb31004ec88b67f61a0bMandriva Linux Security Advisory - A vulnerability in the way that SquirrelMail handled the $_POST variables was discovered. If a user was tricked into visiting a malicious URL, the user's SquirrelMail preferences could be read or modified. This vulnerability is corrected in SquirrelMail 1.4.5 and the updated packages provide the latest stable version.
38d012159f550540052a190c03297e4e408b45ee6e6df8daba89f25aa918e87eCisco Security Advisory - An issue exists in one of the components of the Cisco Management Center for IPS Sensors (IPS MC) version 2.1 during the generation of the Cisco IOS IPS (Intrusion Prevention System) configuration file that may result in some signatures belonging to certain classes being disabled during the configuration deployment process.
3f0895320db32100d30cddd028ec47aa58e5305ef4e40c498066c7db9d565ee0The web management interface for the Gateway 7001 A/B/G AP contains an input validation vulnerability that allows anyone authenticated with the device's built-in web server to configure the device to use channels not regulated for 802.11a/b/g use in their geographic region. The potential impact is that a user could configure the device to operate outside the allocated bandwidth for 802.11 within their country, thus causing interference to other radio systems. In addition, the device will not be visible to other 802.11 devices operating in the area.
181891375992f06bb1441c99dbb5f6f4f49782f5fa61e8b0268d391aef28bbacMultispoof is an application, which exploits weak, address based authentication very frequently implemented by ISPs in Ethernet networks. In such networks customers are identified with IP-MAC address pairs, and only those paying the ISP are granted access to the Internet. Multispoof uses IP and MAC spoofing to impersonate legitimate customers. The idea is not new, but multispoof does it in a smart way. As it impersonates only inactive customers, there are no address conflicts.
45cf382c348417b1bedd99c56a86d8d25b93467dbac49fffaef1d19870c966ebVUBB Alpha RC1 is susceptible to cross site scripting and path disclosure flaws. Details provided.
04077c920bd3d7027c8c2bbac8d73904b1e94fbad3a94c8ad700e51e0c2d7da2Remote Snort Back Orifice preprocessor overflow Metasploit exploit for Win32 targets. Exploits Snort versions 2.4.0 through 2.4.2. Tested against Snort 2.4.2 Binary with Windows XP Professional SP1/SP2, Windows Server 2003 SP1, Windows Server 2000 SP0, and Windows 2000 Professional SP0.
eae99138b91426ab5eb58667181b07b717710bab0115262472624f15edd0aba7Elite Forum version 1.0.0.0 is susceptible to a cross site scripting vulnerability.
509afb7afe2ee9e99903007f4cca3e53552a6b54178d4a52c16a3fa39cb4e99dThe POSIX readdir_r function is susceptible to a race condition which could possibly be exploited to cause a buffer overflow.
8daf6f642a27b44e7da7cc61cef3e19e955fb8486d282daa2d7daa96ece5bc53Secunia Security Advisory - Ryan McGeehan has discovered a vulnerability and a security issue in eyeOS, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to disclose sensitive information.
b96fd5854fc5409a5aed7dabb962abc53605d17f38a54eec8958f44fd4767570Secunia Security Advisory - Gladiator.KHF has reported a vulnerability in Elite Forum, which can be exploited by malicious people to conduct script insertion attacks.
bcf4733c23bb00165c64ab08a08b1123c2d05ddc2bb3f7397a00b7104cd92154Secunia Security Advisory - Apple has issued an update for Mac OS X. This fixes some vulnerabilities and a security issue, which can be exploited by malicious, local users to bypass certain security restrictions or to gain knowledge of potentially sensitive information.
846809a76370ca38b8a920cc055e9e0482b6e7953a0c39246c66d21f2ef39cf0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed