Secunia Security Advisory - A security issue has been reported in Sun Solaris, which can be exploited by malicious, local users to gain access to system information.
cdb3e78fdd145a9ecf275ba473c32606022be23cc5ff82b1df6e21ba5d11d481Secunia Security Advisory - A vulnerability has been reported in OpenBSD's systrace, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information, cause a DoS (Denial of Service) and gain escalated privileges.
17dcd3cbac943338a3f2352bf11125db86fa309e18d2e1cb94ab2a4e8e6a8981Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Secure Global Desktop Software, which can be exploited by malicious people to bypass certain security restrictions.
c988364c76a8ace76dd85f73734ef8b765a01bc95ea9659da40166bc68892230Secunia Security Advisory - A vulnerability has been reported in Linksys WRT54GXv2, which can be exploited by malicious people to bypass certain security restrictions.
aae1d189f5544c24dbd5db9fad498fd73e7c074c3e56ce1bf11e81395fedc1b8Secunia Security Advisory - OpenBSD has issued an update for OpenSSL. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
47d695bff09c0614c94de250826315eadb1877d83385169f3429aa5e74066dd9Wifitap is a proof of concept for communication over WiFi networks using traffic injection. It basically allows one to communicate over an open or WEP 802.11 network without being associated, thus bypassing any AP side restriction such as MAC address filtering or station isolation.
5029b4b80e66844e6109ee9840e70a90e453bd4e5169d9e903eaef599d15162eThis tool allows you to impersonate user credentials (with namedpipes) and execute a shell. One of the best features of this tool is that it includes some new attack vectors (payload generator with -t parameter) to force network users to connect to a remote host (desktop.ini, html code, lnk files, url files,pps,) so smbrelay can also be used.
9346dee563fb29b2b3df7d23637e8761553627b823a55102ab2f1771384d41cbThis tool is able to duplicate all Tokens stored in the system by calling NtQuerySystemInformation(). Duplicated Tokens allow users with local Administrator rights to execute code with credentials of every user that is logged on to the system locally or over network. Default mode only extracts tokens from the lsass process.
1a0435ffe70c05e1ac855b72e2791c48ef936b97e049469b6101088dd1cb7a06This tool enumerates all processes and threads running and shows their Token owner information. Users with SE_DEBUG_NAME privilege should be able to inject code on a local process and execute code with their privileges. This could be useful to obtain an interactive shell (at port 8080) when an user session is locked.
1ac149ac191a602c8eba43f12c04a137a7aacdf4f3d5eb3938a05335167236e8PHP Live! versions 3.1 and below suffer from a remote file inclusion vulnerability.
0732b452553cd8bc6ccb911f21c7170c0a9e296112f489ff2cb9bac72d6a5ab6Debian Security Advisory 1192-1 - Several security related problems have been discovered in Mozilla and derived products.
6693795a88195e5098e778b54549535c75e36dc792a805d3a854d8805ff0d5d6DNS brute forcing utility that can query 2000 domains in 9 seconds.
7cbacc7bdd8d516ad1652127af80f30f961a50e0f8812695af8d14d033224271Mandriva Linux Security Advisory MDKSA-2006-180 - An integer overflow was discovered in the PHP memory handling routines. If a script can cause memory allocation based on untrusted user data, a remote attacker sending a carefully crafted request could execute arbitrary code as the 'apache' user.
56a439b70277686da9d281f585573b7cc0c87c57558e12fe96f91523df7c3487A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates ARCserver Backup. Authentication is not required exploit this vulnerability and both the client and server are affected. The problem specifically exists within the handling of long messages received over the Mailslot named 'CheyenneDS'. As no explicit MaxMessageSize is supplied in the call to CreateMailslot, an attacker can cause an exploitable stack-based buffer overflow.
c63b9f680348a05a9c714b24b61cca1344e26cdd1b743becb2ce05d8cbabd78dA vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup, Enterprise Backup, Server Protection Suite and Business Protection Suite. Authentication is not required to exploit this vulnerability and both client and servers are affected. The problem specifically exists within DBASVR.exe, the Backup Agent RPC Server. This service exposes a number of vulnerable RPC routines through a TCP endpoint with ID 88435ee0-861a-11ce-b86b-00001b27f656 on port 6071. The most trivial of the exposed vulnerabilities results in an exploitable stack overflow.
6db0cdce65e6bfa48946db5e30be84d72faec9442b55e745fae38640005bc4f1A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup, Enterprise Backup, Server Protection Suite and Business Protection Suite. Authentication is not required to exploit this vulnerability. The problem specifically exists within ASCORE.dll, a DLL used by the Message Engine RPC server. This service exposes a heap overflow vulnerability through RPC opcode 43 (0x2b) and a stack overflow vulnerability through RPC opcode 45 (0x2d) on TCP port 6503 endpoint with ID dc246bf0-7a7a-11ce-9f88-00805fe43838. The flaws are exposed when passing long strings as the second parameter to either opcode.
ea191ab2469d6979936d4e1c4ede0baacc4f8cc992c6904ef215ec00b53759c7Local root exploit for cPanel versions 10.8.x and below.
676c7c242f8e6e79024b49f9a9c1e5874b1ffba6d53e8aafc1f2ddb5c0c39116Mac OS X versions 10.4.7 and below Mach Exception handling local exploit.
0b61b584f7131fa9bf13b6a2ffa8d69159c44addda8cc54bd4d2758903136439SHTTPD version 1.34 POST remote buffer overflow exploit.
ca1cf2510803a6946eae8037fbc3e637e666e569bf0bd96bf147f19c639d7dafThis metasploit module is a stack overflow exploit for McAfee ePolicy Orchestrator 3.5.0 and ProtectionPilot 1.1.0. Tested on Windows 2000 SP4 and Windows 2003 SP1.
c5d4374afb7d02fcb71a301406cf46a7b08856e8634b8c4b455323de754bcf69Infecting ELF binaries to gain local root.
ddbff7dec2b42a5c6f2a6392277bd7b695ef9ef374ad2f4856babe17083ef0d04images version 1.7.x remote SQL injection exploit that makes use of search.php.
6db99fcecfa73077e89efeb5cf3e0ff0757d23d69ed47abf1f66980a4175ab6fPHPMyNews versions 1.4 and below suffer from a remote file inclusion vulnerability in cfg_include_dir.
7799c3399905dd56feb864137a35dac46b37af89284e1e2c4ec94a7b5d982ceeCiamos CMS versions 0.9.6b and below remote file inclusion exploit that makes use of config.php.
43323c3e6e5aea4a011f064243a2cb40a423b9c2354b0b4212a3e2340c31f5e0Freenews versions 1.1 and below suffer from a remote file inclusion vulnerability in moteur.php.
92781bea197ef4aae3d543c8e3a9c3828675150edc851d89fb6cc33f9d59cb15
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed