Dell IT Assistant detectIESettingsForITA.ocx Active-X control readRegVal() remote registry dump exploit.
972fe47b27217c4fe43b9ab5056484e368ca06d298659a3290fa514440134e4eReceipt of IP packets with certain sequences of malformed IP options can cause an unaligned access in kernel mode (on many architectures), or data corruption, resulting in a panic or other problems.
f8cef208a1f568ebde931884c1fb940cb0522fa38fe3d9ecf2661a0913573333There is a security problem with shtml.exe that allows anyone to explore the local path of IIS web server.
a81fefb3352747deb54240fa5b25c5a5809579acbd6503684344b867038b8d8fSimple DOS attack against Cayman 3220-H DSL Router. Large username or password strings sent to the Cayman HTTP admin interface restart the router. Router log will show "restart not in response to admin command".
3ae878f8c7a9b943309036f7465bd350a17e5d03e16ce1406143f4bf73085af0Cerberus Information Security Advisory (CISADV000505) - The Cerberus Security Team has found a remotely exploitable buffer overrun in Netwin's (http://netwinsite.com) DNewsWeb (dnewsweb/dnewsweb.exe v5.3e1), CGI program designed to give access to NNTP services over the world wide web. By supplying a specially formed QUERY_STRING to the program a buffer is overflowed allowing execution of arbitrary code compromising the web server.
6f72b6f4d384bdcf7670e19301cef27ef2e199ac7ae94fecc8d11621cfa61f7bNetwork Associates, Inc. COVERT Labs Security Advisory - An implementation flaw in the InterScan VirusWall SMTP gateway allows a remote attacker to execute code with the privileges of the daemon.
9b36112a1cd5cd874728fcf15c819f8bfd56941ce60048b6bc3d056dd9fd35f2Cerberus Information Security Advisory (CISADV000504) - The Cerberus Security Team has found a remotely exploitable buffer overrun in Netwin's (http://netwinsite.com) DMailWeb (dmailweb/dmailweb.exe v2.5d), CGI program designed to give access to a user's SMTP and POP3 server over the world wide web. By supplying a specially formed QUERY_STRING to the program a buffer is overflowed allowing execution of arbitrary code compromising the web server.
47a0edd015b1f01cce3d508c12cc5b2cf7330ba998a12a9c7aaf7acfd187723dCerberus Information Security Advisory (CISADV000503) - The Cerberus Security Team has found a remotely exploitable buffer overrun in Lsoft's (www.lsoft.com) Listserv Web Archive component (wa/wa.exe v1.8d - this is the most recent version.
17136805bc3f264e963bf55df3a44d6c7550f0c96ca7a5a74efedb9e27ff8debIf root ever does "rm -rf /tmp/foo" for a directory structure not completely owned by root, a local user can delete all files that root can.
3ba1f58d2454e57c2aabb1552bf4229866c003b9fde29b9e8099400b1fef591cUsing the good old NullByte(\000) its possible to open "any" file on the webserver(with its permissions) running the "UltraBoard" forum-software.
cac53c20c8f003f1c433d4901d938d89d764d76df657e71ce2c13537f325a103There is a way to disable tcpdump running on a remote host. By sending a carefully crafted UDP packet on the network which tcpdump monitors, it is possible, under certain circonstances, to make tcpdump fall into an infinite loop.
762d8e63fbcb7f43d09fcb049e572dc985c7e6be26bd6c5efc3db1e022573ef8The precise details of how to exploit these holes is minimized to prevent compromising the integrity of all current Internet-accessible FileMaker Pro 5 databases and mail servers. However, details can be easily deduced by referencing the FileMaker Pro 5 documentation and by consulting the FileMaker XML Technology Overview white paper available via the FileMaker XML Central Web site.
266a2b3612f869f2b2ce836b82d96495dbb6d573fd9f243d85c88bce65c7fde5It seems that, even though a regular (non-"enabled") user should not be able to see the access-lists or other security-related information in the router, one can do just that. The online help systems doesn't list the commands as being available, but out of 75 extra "show" options that are available in "enable" mode (on a 12.0(5)3640), only 13 were actually restricted.
2c33ae7e113f98c67d0be4eb389aefb18fd47f1579f69e7636939aefb440a243When accepting luser console login, pam_console called by /bin/login tries to be user-friendly, doing several chowns on devices like login tty and corresponding vcs[a] device, as well as other interesting devices: fd*, audio devices (dsp*, mixer*, audio*, midi*, sequencer), cdrom, streamer/zip drive devices, frame buffer devices, kbd*, js*, video*, radio*, winradio*, vtx*, vbi* and so on. Probably it's designed to make console logins more comfortable, but has DEADLY effects on servers with console luser-login ability (and that's quite common).
1d635e59bee6725bcf7c4b9d3459f4bb45a1383179c65d540f6ca36f5edf6fe0Here is how to exploit the bug for cracking systems running Jana. I tested it with Jana 1.45 on Windows 98 and Windows 2000. 1. Open a browser window 2. Type i.e http://the.server.com/./.././.././.././windows/win.ini.
5619cda37bd593b8aa8636730088c1f2262151ba1f7ad4ec649f9de333df9d1aA DoS condition exists in the Linux kernel knfsd server. Remote, unauthenticated users (i.e. those with neither a directory mounted nor permission to mount one) can OOPS the host kernel. The OOPS does not bring down the target host, but it is possible to render the NFS service inoperable until a reboot.
7a554cf14acdc3fef95cadd5e0b687b47576cc0e8024390737cb14e3860d6e69Microsoft Linux box cover. Very chilling, frightening, and funny too.
1bc986e436715e6db9328f01347cc8326f0de23ce9447218dc4e65884d6302b2Getting r00t 2k. A hacking guide for newbies that is completely written in Spanish. This has been created as a knowledge base for an understanding of hacking in South America and Spain as knowledge of hacking has gained more importance in these areas.
1773578b04e321244b6e66f4d60c103506061359e9e02c2945bfe8b49ffb063aS.A.F.E.R. Security Bulletin 000317.EXP.1.5 - Remote user can obtain list of directories on Netscape. Netscape Enterprise Server with 'Web Publishing' enabled can be tricked into displaying the list of directories and subdirectories, if user supplies certain 'tags'.
28a1f7d9a52e29f7b6c7169a7703161db67a48f4e7b0b0a67e10192242dcf897Anyone who can execute CGIMailer (anyone who can use the forms that use CGIMailer) can specify what configuration file to use and this can be any file on the system CGIMailer is running on. This allows for the existance of private files to be detected. There are more dangerous implications though: this vulnerability could possibly be exploited to obtain private files from the target system. If there is an FTP server running on the target system on which an attacker has upload priviledges, he/she could upload a malicious configuration file, and then run it using CGIMailer. Configuration files can be used to send files to the attacker via e-mail (among other things).
93e43f717e47063b7aa4ac1264f4e1f4436a2587838dfecd4a1ffd48d2008703Two exploits are included in this. It is a dcc chat buffer overflow in seperate exploits for linux and mirc.
f3545aeb86c142cd44d2d9e66a6762114035037eafe2d84e99ae2888730f8e89The geographical tracerouter for unix. It combines the fastest tracerouter with the ability to locate where the intermediate machines are located in the world.
957f35ba6bc4b75bb8076c3128b95ecfa078b5d0d8f18661cc29bd277d65b82aThis is a very flexible, easy to use password cracker for the Linux/Unix platform. Just specify the dictionary file and the passwd file and your set. It attempts to crack each password in the passwd file using the words from the dictionary file.
aaa548be3dd9642b28de076a0c47d9219f6698481dd270e20087bb6b40e3c253Port scanner with a nice interface. Prompts for banner.
8bd800104043b93ad61675985333a24b5e4beecff4a27488c42726047481d2a1Fake PS. A ps trojan that hides multiple services of your choice.
3e09bcc70563d501bf7435df4fda3acaa09a7abdba7db06486c4dfa3bbb3af65vulnerability in wmcdplay (installed on Halloween 4 Linux) (advisory + exploit
6477942c86ee6dd52bac80bf956cbed6863e52d464ae92b66bef9d20f7902b03
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
