Unhide is a forensic tool to find hidden processes and TCP/UDP ports that are hidden via rootkits, LKMs, or other techniques.
21ef6128232d02bba981acdf20f92b92258189f0660c4dac9a8d2dfdcc83e6abSWFUpload version 2.5.0 Beta 3 suffers from an arbitrary shell upload vulnerability.
f863f473a9dccafc4f6a726b39aabb7e05973820593a670f48ab825ac05c69a9Zero Day Initiative Advisory 11-050 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Informix Database Server. SQL query execution privileges are required to exploit this vulnerability. The specific flaw exists within the oninit process bound to TCP port 9088 when processing the arguments to the USELASTCOMMITTED option in a SQL query. User-supplied data is copied into a stack-based buffer without proper bounds checking resulting in an exploitable overflow. Exploitation can result in arbitrary code execution under the context of the database server.
c93b3cc1ed68f2c7b1e808552b38bf3283f34bd5ad7779fd7bbae003dc87e56eZero Day Initiative Advisory 11-049 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SMTP service while processing a malformed e-mail. The process continually appends each argument within a filename parameter into a buffer in memory. By providing enough data this buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.
ebbcaa4bec81a1bbb394b6c38c7ac9e750d79863940b1731be2281fede698df9This Python script is a tool that can be used to check windows workstations and servers if they have accessible shared resources.
54537a2f3c86ad8f52de968df257b060a5829f88749fc6e25a04fdb2eccaf7beHanso Converter version 1.1.0 language file buffer overflow exploit that causes a denial of service condition.
576ec4679abab1f7bf25faf550436b83cfa1320d8a13addb6b17280e77f1de0aZero Day Initiative Advisory 11-048 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nrouter.exe service while processing a malformed calendar meeting request. The process copies the contents of the name parameter within the Content-Type header into a fixed size stack buffer. By providing enough data this buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.
9e6b48942aef107760324058e3ae367162c825c55a3df189d7b05a6b4a064e41Devilzc0de E-Zine Volume #2 - Code Reborn. Written in Indonesian.
bcbc9b3ff5672c2d1980d438fa226b53f536d504d0dc6adf7a5e126b9303b5ffJAKCMS version 2.0 PRO RC5 suffers from a stored cross site scripting vulnerability that is leveraged via user-agent HTTP header injection.
0fa14945da66a1025b90d7c2d83ae4c10d8911af357302c935b38825ea48f490Zero Day Initiative Advisory 11-047 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The flaw exists within the nLDAP.exe component which listens by default on TCP port 389. When handling the an LDAP Bind Request packet the process blindly copies user supplied data into an undersized shared memory buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.
41b863a920f2e077d4e8d4b985be52979de4aae9f297bd311177ea3850049f02Zero Day Initiative Advisory 11-046 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NRouter service while transporting malformed e-mails. The vulnerable code copies data from the ATTACH:CID and Content-ID headers within an e-mail into a fixed length stack buffer. By providing a large enough file name, this buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.
bdd4162ce5354caa85ddefb3baeb8113ed3c2ef0947470f6bc5a8bacece36c39Whitepaper called Exploit Writing Made Easier With !pvefindaddr.
66b7858c35b089481af0d5520aedb019d9b02b6f2f4d0285470d966ad1c5c0ddMyMarket version 1.71 suffers from a remote SQL injection vulnerability.
e3aa53300aed6e8c75213e460cc425f2cd16de34449e84a3f2f3225b3c630538FreeBSD versions 5.4-RELEASE and below ftpd version 6.00LS sendfile kernel mem-leak exploit.
eefed0dbbad6b3a33771d66d5982aa28599fb1b4cd1b98cee1510a3870d2da9aZero Day Initiative Advisory 11-045 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the POP3 and IMAP services while processing malformed e-mails. The vulnerable code expands specific non-printable characters within a "mail from" command without allocating adequate space. By providing enough of these characters, memory can be corrupted leading to arbitrary code execution under the context of the SYSTEM user.
2452239f3ac3458dd571744680a1b8ac260cc8c727681ae26b4e843899ce1e0aMandriva Linux Security Advisory 2011-022 - The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address. The updated packages have been patched to correct this issue.
0907e6c5d4173e25e259887f08f190600dc45ea47fe116dcd9c69bf869eece36Zero Day Initiative Advisory 11-044 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Powerpoint 2007. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with the way the application will parse external objects within an Office Art container. When parsing this object, the application will append an uninitialized object to a list. When destroying this object during document close (WM_DESTROY), the application will access a method that doesn't exist. This can lead to code execution under the context of the application.
0ea356c09b72a57afdde9c938bdf003ac0689a0483a1a28528a2b8f22bbde479QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.
dc87a58f04f0b475b53ccfc4234f13f78e8702769fabed12d980b08093c21c01Zero Day Initiative Advisory 11-043 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Excel 2007. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's support for the office drawing file format. When parsing shape data within a particular container, the application will add a reference to an object to a linked list. If an error occurs during parsing, the application will free each element yet fail to remove the reference. Afterward, the application will use this reference. This can lead to code execution under the context of the application.
cdce45fecc3bb177be0dab0963fd961d57b7d98a21dbed908dd8415374edf78bZero Day Initiative Advisory 11-040 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
89e75ed8eb6aa720b5030f67347313090098d12b25ec923d446e5723f9202db8PySpoof is a threaded packet spoofer / flooder for Linux. Written in Python.
0bdccc9c5f22ee57cd6eb1d6883a4ad869d7e9e730faaffc90228737eeda43a7Zero Day Initiative Advisory 11-042 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's usage of a specific field used for incrementing an index used in an array. Due to the application failing to verify the usage of the index into the array, the application will copy the contents of the specified element into a statically sized buffer on the stack. This can lead to code execution under the context of the application.
4cc8f1ede7810b3c469689b6849e9e246704b7c18ae0263e92c569bfc607cc6dZero Day Initiative Advisory 11-041 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the application parses an Office Art record within a Microsoft Excel Document. Specifically, when parsing an office art object record, if an error occurs, the application will add a stray reference to an element which is part of a linked list. When receiving a window message, the application will proceed to navigate this linked list. This will access a method from the malformed object which can lead to code execution under the context of the application.
6d762785aa20c3f9c41e04a636c4b36b5677eac5bd392a9891ea69f24a7df824Mandriva Linux Security Advisory 2011-021 - Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.
ae730be155787f04cc8e64b17e00deb20b930df75ebed07e700085d13b9802e2T-Content Management System suffers from multiple remote SQL injection vulnerabilities that can allow for authentication bypass.
ac312cef4d47130e440bb9326da596411b61800971717ecaa3ec60c20e2ac385
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed