Proof of concept exploit for a buffer overflow in HP printers version 2.4.5.
69f9673d5776cf059960d159011db90e25de5744eec07788625ef0371546d631Proof of concept exploit for a buffer overflow in HP printers version 2.4.
878780372ce18dd4260343d191ceacba34ff580b3d2b0ce26ea978001aec6871Both versions 2.4 and 2.4.5 of HP printers suffer from a buffer overflow in the LIST and NLST commands.
c0555302454477845e84832de73ceee3aeb92620f0510868fafbf487aed0ddabMultiple cross site scripting and SQL injection vulnerabilities were found in Inetmedia's web services cityinfo.pl and cityaz.de, which my be exploited by attackers to gain confidential information and/or modify the database.
75f8727ef771eee315605520f22f5035089f32572f68229450267bfd4ae19a0dWebCalendar version 1.0 suffers from a cross site scripting flaw.
863a1b3f6f497af73a21ad920a18a305d2ac98959cfa77f7fd67a50abe569230The call for papers for the upcoming Hack in The Box Security Conference 2007 in Dubai is now open.
4e6e6ed3ae246ad38b0eea8478241652bdc4a5a99afb6d806df03a08169ba057Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
ca8bf1b1aa2fe23c9e8f8cb23482da123aac4b5842950b3cc2a40ba13da96b51WGet version 1.10.2 and below suffer from an unchecked boundary condition. Proof of concept included.
0b8cd699959612ccb566a5227b9e6bd38d4243e7bc9fe86ad24ee53ca26f80a3Gentoo Linux Security Advisory GLSA 200612-18 - Hendrik Weimer discovered that ClamAV fails to properly handle deeply nested MIME multipart/mixed content. Versions less than 0.88.7 are affected.
f16acdeacd3949cc05351d077a73abb211ec4ecebd0f227b7b1a1784534e2417Secunia Research has discovered a vulnerability in MailEnable, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the POP service when handling arguments passed to the "PASS" command. This can be exploited to cause a stack-based buffer overflow by passing an overly long, specially crafted string as argument to the affected command. Affected are MailEnable Enterprise Edition 2.35 and MailEnable Professional Edition 2.35.
e8625d784bfeef332c2b470a923daaf64ce418b2839b641827f4db08690d4e60Symantec Vulnerability Research SYMSA-2006-013 - Multiple vulnerabilities exist in Mandiant First Response version 1.1.
1b15551b478c8a11794be2021b1e6153fa39670b2ed6268a139fd9884aefa13dAll versions of RateMe suffer from a remote file inclusion vulnerability.
5fd0b1eb6e69f394227a39535ab4bd6b2e9569b4efa94935d925dc7e73685d46HyperVM suffers from a cross site scripting flaw.
f4d64a82678f1e1d3cae469eeb0972495ea7cecd7ff01c60bad253834ddf2714The Intel 2200BG card suffers from a race condition vulnerability. Proof of concept code included.
52fece9a4bfaaa83265054f29f2318eb916e0cfd1bd0d159da6c9810cca9d699The Allied Telesis AT-9000/24 ethernet switch management has a flaw where it can be accessed from all VLANs.
3791ed7cbd38a884cf82aac7b846aed79ba2a5ea4354ec2a8ecfd524a961988bTcpip_lib is a library for Windows 2000 which allows constructing custom packets, IP spoofing, attacks, and more.
7b7d28e20ce44df14654770a6d3f6f32a8a6f339e181759cd463f36a347cc8dfSiteCatalyst Web Login suffers from a cross site scripting vulnerability.
b68439465f459d877475fca3dcfae504ab97ef806f993b557a4dc66764527594Contra Haber Sistemi version 1.0 suffers from a SQL injection vulnerability.
70a57e138a9e7bd20ea033594c126e40d5850f840553e204bce54c11ee0c5663Google G-Mail is susceptible to a cross site scripting issue.
9107c5c69f9ee356156461a6e9cc89465ff08a69bbf2f1be6cecec0e1b432459A remotely exploitable vulnerability has been found in the file parsing engine for BitDefender allowing for remote code execution.
a23052956835d2a738c754384152d85f6cfda66579f00459c5f92b64f88730c5Microsoft Project Server 2003 suffers from a credential disclosure flaw.
fa2f2f3f3bb5a0c92a34f512db769d4e413bbac140300aea7fa40b9cc9ff0ddcFTP server (GNU inetutils 1.4.2) remote root exploit.
81d267bd998486271614f006dda20ed2e6cc01138b7d623d0680a0b57fcb857cSecunia Security Advisory - Two vulnerabilities have been reported in Soumu Workflow, which can be exploited by malicious users to conduct SQL injection attacks or by malicious people to bypass certain security restrictions.
462dd39701ff9f81273a9ea4efba44753facbe8655bb3aacbbfca60b7111c86dSecunia Security Advisory - Some vulnerabilities have been reported in Hitachi Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
b280ab9da9dd873565ecc62362cca0c5a7acdf5ad7953d482235a2b44f0e1d2dSecunia Security Advisory - A vulnerability has been reported in Sugar Open Source, which can be exploited by malicious people to conduct cross-site scripting attacks.
1765e65e65989ac36d54a34077d6f845e3abed1881c6c4a764c29deb9f1947d4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed