NetBSD/i386 2.0, setreuid(0, 0); execve("/bin//sh", ..., NULL); shellcode. 29 Bytes.
2361c89276305bd09af3f19909dd5cda1173703a34b42ec8f14d0baaec5e090aNetBSD/i386 2.0, setreuid(0, 0); execve("/bin//sh", ..., NULL); shellcode. 30 Bytes.
117af4cd119203328bda7ac1a71cede1ce1eff0d09363550faf1f7a805060a54The Webmin miniserv.pl code suffers from a format string vulnerability.
97ebba960f457a58ad0e761322199ad5c6c0a070121c559a0100561ad97b67fcMicrosoft Internet Explorer denial of service metafile exploit. Raises CPU utilization up to 100%.
48fd7350f572c62e78b0b5618eba85ff145865f9260ae631a6875341622b4523A buffer overflow vulnerability in the utility phgrafx included in the QNX Neutrino Realtime Operating System can potentially be exploited by malicious users to escalate their privileges. Exploit included.
59ea4aa5c272f08159cf44506744ef6f78fd70d1feb59c535e77bf1afa84aea9It is possible to mount a denial of service attack against Windows 2000/2003 hosts where the SYN attack protection has been enabled.
5aff64df96ecc852c2daff2bb5ddea80c392c2a30780ca25b8aab68fefc3bfcbGuppy versions 4.5.9 and below suffer from remote code execution and arbitrary inclusion flaws. Full exploit provided.
968ffef02bac67138cf981ec650bc3a7d33b94c0c0c8eb860f158874ad6f9ca9WebCalendar 1.0.1 is susceptible to SQL injection attacks.
23e27c95c7836fb9ed4b91fc3f6d56dabd8ce00e2c70c418b4563aabab3e4fb9PHP Web Statistik version 1.4 suffers from injection vulnerabilities.
1254628e2da8b1b1b6f411da297d1ea9e16f19f55e843ac8d21250c14532a6efFreeWebStat version 1.0 rev37 is vulnerable to multiple cross site scripting flaws.
0020303ba5ebcc0da8d674752ec0c2c826555fce3288cdd245981ad3915983adCisco IOS exploit that demonstrates how unsanitized input from a user can be injected into dynamically generated web pages.
4d70c45a942ad697419897fb1a6037e8fa9a37acf43cbbe1c805f31581738d5bKadu, an opensource Gadu-Gadu instant messaging client, is susceptible to a denial of service condition.
09bf206aa9b5e425a10bdda36dbf29d831e765432536a018af9b045321bb7ecbRandshop is susceptible to SQL injection attacks.
1a59e41d524a0c0075464b3e6e4f4bd5df6198c644af1105c7c17ed7ce2102bdAPC PowerChute Network Shutdown's web interface only supports HTTP, forcing credentials to be passed in the clear.
8885c9bf6f4b2c0fa09d301f83d4ae9733e49fd941dbcba894109c631117a434Google Talk Beta Messenger stores all credentials in clear text in the process memory.
77351e323ebc2b62b46a2bc7cd97d4de54156ea418e6b6aeaadbc17bf1698b51Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.
b8ef27d4bdfa652884217592c1c17d31a78a1b97978a9d9e2b7dcdf6e969cd6bPort Scan Attack Detector (psad) is a collection of four lightweight daemons written in Perl and C that are designed to work with Linux firewalling code (iptables and ipchains) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate. Changelog available here.
623d26c4ef62dca439222272bc448db49a7551150f3fbb17951e9163d7ddbbd0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed