A remote exploitable vulnerability exists in clamav-milter when used with sendmail due to an insecure call to popen(). ClamAV versions prior to 0.91.2 are affected.
88430f439474ceb833877640e5ef738a4bb02bb470e976a6ef541d0b83c2d84cA remote exploitable format string vulnerability has been identified in the in the Sun Java Web Console. According to the Sun Security Coordination Team, Solaris 10 Operating System, Sun Java Web Console 2.2.2, Sun Java Web Console 2.2.3, Sun Java Web Console 2.2.4 and Sun Java Web Console 2.2.5 are affected.
e84f0182902982fef958571d637da96cc79aed6c17e01ebeaca169efc5ba049fPHProjekt version 5.2.0 suffers from a privilege escalation vulnerability.
d0eb6dcd238466f8bf02343caec6f02edb744728d2bc4c2e508a7480db337ddcPHProjekt version 5.2.0 suffers from a cross site request forgery vulnerability.
cf169ff516ecb37f27edb69c002fd063faf696d3add01baf063759d1e46d5b37PHProjekt version 5.2.0 suffers from cross site scripting and filter evasion vulnerabilities.
2aa0a61eb00ffdfcd305ae3b72f1e7744df2d56d283d55a0fa6bb630096ffbd8PHProjekt version 5.2.0 suffers from a SQL injection vulnerability.
a09402b443c16796539cd108dd61aedcdcd438ccc160783d39617bb171dd08f5Both the command line based and the web based management interface of the Aruba Mobility Controller are vulnerable to a heap based buffer overflow when overly long strings are passed as credentials. This can potentially lead to remote code execution, resulting in a system compromise.
2765a8733591e6cc8a10571d0eddc6946cf3800a1474c9f2a49ef8364eeb7b9eA flaw in an authorization component allows for unauthorized access to the Wireless LAN through a Captive Portal, VPN, and administrative access using either the web-based administration or the command line interface. This vulnerability affects all versions of the Aruba Controller beginning with version 2.3.
d9f59c55b587f3d9ff9b8404f4cfc3a3b9b30d8abd4bcf3ae2558f4dc03841d6NOD32 Antivirus software versions prior 1.1743 suffer from an arbitrary code execution flaw.
dcc3ac0483403c98b5780d90539d0fc3e3f9ac428aed9e62ae4ad4c049d3f440ESET NOD32 Antivirus suffers from a arbitrary code execution vulnerability. Versions prior to 1.1743 are affected.
68c8e00a070400f31b4f79d8fd1f5ed916dc36dd5153dcfabf13efd85383835aA remotely exploitable vulnerability has been found in the file parsing engine for BitDefender allowing for remote code execution.
a23052956835d2a738c754384152d85f6cfda66579f00459c5f92b64f88730c5The Grisoft Inc. AVG Antivirus system has had multiple vulnerabilities discovered in the file parsing engine that allow for arbitrary code execution. The vulnerabilities are present in AVG Antivirus software versions prior to 7.1.407.
2df1d6ba1168f33411d64216fc6207477b58415db787795da79aad12e7ebc9eaN-13 News remote SQL injection exploit that performs a PHP shell injection.
a3f4c73c38a1644429c5bff832149cfee9d0326230528a3ecb052e5ecddf52e9InternetExploiter.html is a remote exploit for the IE IFRAME html tag buffer overflow vulnerability which binds a shell to tcp port 28876. Tested against IE 6.0 on Win XP SP1 and IE 6.0 on Win2k.
0ecca01eb05bab171b33265b3ea3ac3e0cd2cac3fc0ae02350d422d833d55e3fN-du is a Unix backdoor which does not have any open ports. It waits for a special UDP or TCP packet, then opens a tcp port backdoor.
1d716fe2d428a1b091b2323219d12fa9adc4fb7bb83e3074c1b4ab462af6d467A remote exploit has been discovered in the Apache 2.0.49 HTTP server which allows an attacker to cause the server to allocate increasing amounts of memory until system memory is exhausted or until process limits are reached.
d52c9414d2197f648b3d31a6f01f66b36cd2811cf96502d02d2519eb5d7614b1Auxploiter is a remote exploitation tool for the c:\aux vulnerability and is able to completely lock a user mail client. Outlook and other mail clients read this message using Internet Explorer, which is touchy to this vulnerability.
379b4e6b32cfd722ac33ffd4b3b82493967efcf5b1256e6d26c1f5cd867ec2a2Php-nuke v6.6 and spaiz-nuke below v1.2beta remote exploit which allows you to take over the administrator account. In Spanish.
fea203fbdd282ac0f1ddebfc46fcc776162fbcc14818517c43a9ca33da3b0b37SGI Security Advisory 20030801-01-P - It is possible to create a Denial of Service attack on the IRIX nfsd through the use of carefully crafted packets which cause XDR decoding errors. This can lead to kernel panicing the system. No local account or access to an NFS mount point is required, so this could be constructed as a remote exploit.
c8555a9a5b384e2c2b2c17225b0c097f292cea81bae358a367064a71388393f1Rs_iis_xpl.pl is a remote exploit for rs_iis.c, a remote IIS exploit. Sets up a web server, and if rs_iis.c is used to attempt an exploit, a shell will be spawned on the attacking host. Tested against FreeBSD 4.7-RELEASE-p7.
53a1d6f18d614b512a0d0c1ca5a75101a70147c7534c005448527d40e2891a82Gentoo Linux security advisory - Versions of the pam_ldap module prior to 144 include a remote exploitable format string bug in the logging function. This affects Gentoo users that have installed the net-libs/pam_ldap-134-r1 package.
9d756befd92e1900fed84a3fd3fbaa84c844813dda28da5beeec1449d6d0c8dcCaldera security advisory CSSA-2002-041.0 - Versions of the pam_ldap module prior to 144 include a remote exploitable format string bug in the logging function. Caldera released fixed packages for OpenLinux 3.1.1 and 3.1 configurations.
c98cc4086624aa5d7ab9ed4caeeb7af1bae87e9ae7f7e2603f11c0243e0a66b1N-Stealth v3.5 is a vulnerability assessment tool for Windows which scans webservers for bugs that allow attackers to gain access. Uses a database of 19,000 vulnerabilities and exploits.
f3d9cfd5d8699e4a7fd25ae3862d5e286853c68aeb7b8551bf5331421a42ef0aGentoo Linux security advisory - A vulnerability found in certain nss_ldap configuration can result in a remote exploitable buffer overflow condition. This affects nss_ldap packages prior to version 199.
a2cdd71b5e0d272c696cfd16a1cd84c49133ce730b039733785789668ede43a3Null httpd 0.5.0, a small multi-threading HTTP server, contains a remote exploitable heap overflow. Exploit code for Null httpd servers running on Red Hat Linux 7.3 is included in the advisory and can be used to spawn a remote root shell. In Null httpd version 0.5.1 this vulnerability has been fixed.
95d76e6b92f65447e7530f675554f162ca32748533586a45c71c64acd89776187350fun is a remote exploit for mod_php v4.0.2rc1-v4.0.5 and v4.0.6-v4.0.7RC2. This exploit appears to be a revised version of the 73501867 exploit, which was written by the same author, contained less functionality and was not encrypted. Note: this exploit also causes PHP 4.1.2 versions to segfault. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107
8a1c0c6bcdd15226fa9559cd421b9ccc4eefd1e6864a6e563ecc6a07fb3258aa
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed