Plusmail remote exploit - plusmail fails to check authenticity before creating new accounts.
d135ccf5f8a6a9533ff037f70b405c3d3242fbe73307d53c2851b300624a774dPacket Storm new exploits for January, 2000.
cf20a80116f44e359c36f1310d2c241720193d078bd1fd5fe61f8611ffb51f6eRightFax Web Client v5.2 allows anyone to hijack user's faxes.
b1cf8e924a8955fbca00ac2f800a2f581144ff0653bec1c93bfc51551e925f07The "Strip Script Tags" feature in Firewall-1 can be circumvented by adding an extra less than sign before the SCRIPT tag. The code will still execute in both Navigator and Explorer.
63dba9e4776e49be0b9d685899d424e7c95359cd0499b13e8116377966747f78Recent PAM implementations allow you to use su to rapidly crack accounts without being logged. Tested on RH 6.1.
4e4445f9726601745b246b699479483fc7dc3fcd4f33a94228ee97377938b11aAutobuse.pl and angel.pl both use /tmp insecurely.
e96bc5a5d6a58a6d99fdf4f2b48f5919198db48c8383ae0c341ec5531f114accMany virus checking software skips directories entitled \\recycled or similar. This allows viruses and trojans a safe haven on many Windows 95, 98, and NT systems. Exploit code included.
9af5bd16d81c2440188d7267390a604c3a9aeef78af9be14823271983235e84eAn HP-UX 10.30/11.00 system can be used as an IP traffic amplifier. Small amounts of inbound traffic can result in larger amounts of outbound traffic, using ICMP MTU discovery packets.
b3dffec06406efee5100394c7eea5048622424f48ab11e19e3b911f471aaa935All flavors of BSD have local root procfs holes. Exploit included.
e80e268b12d42082937d820c1735685b1ec66dfb9078018b2f08715860ebe7c5There is a buffer overflow in Subseven 2.1a causing it to quit quietly, crash, or overwrite variables.
2f07ff322bd1707e1b2be738ea6088e6ee158ab41f6b739e2469343c59791e72SMS 2.0 Remote Control (for Windows NT) introduces a security risk that will allow the attacker to run programs in system context, due to the fact that the executable used for the remote control service is copied to the workstation without any special permission settings to prevent a user from replacing the executable.
ecf9194e228fffca1536075875597aa164caa88678a47c7b00c8b7811224195dMicroimages X server for Windows allows anyone to kill your session and start an xterm on your machine if they know you are using the software.
10a6a6ff142ffc7403a9e257d610ba412944eefa8619914e8a9757e90c52692aWindows NT webservers using ASP can under some circumstances reveal the path of the server. A variable holds information about the internal structure of the website.
aba865749f3c5363d49501aae179dd49f09d90b3beee7aa18d9c77e0e0529287IIScat exploits the recent Microsoft Index Server vulnerability to read any file on the server.
b7c4b6e010dfdef10ec42ca86fdf3e1f5edf403060a1d669be6df35af0740e79Exploit for Cobalt Raq2 Server. Requires Site Administrator access to one of the accounts on the server.
e125d4926d4f95927681ebfd618602f7d7ff8df1317317b37a9790482e85b21cA modified version of the original qpopper 3.0beta29 exploit by Zhodiac, added network support (no need for netcat) and allowed the user to specify which command to execute.
bcdd1859b2a33b6f0bdced21cd68b20e314cb4ff2fe1dafccab9dfb8f9a3be82Cerberus Information Security Advisory (CISADV000126) - Internet Information Server 4.0 ships with an ISAPI application webhits.dll that provides hit-highlighting functionality for Index Server. A vulnerability exists in webhits that allows an attacker to break out of the web virtual root file system and gain unathorized access to other files on the same logical disk drive. This vulnerability can also be used to obtain the source of Active Server Pages or any other server side script file which often contain UserIDs and passwords as well as other sensitive information. Vulnerable systems include Microsoft Windows NT 4 running Internet Information Server 4, all service packs. Microsoft FAQ on this issue is here.
49cac6cfcd5dbdffc3c21f57d7db9112fa25f16289c0f6dd92362fc2b81eef32Explanation of the 'spank' attack - a new breed stream/raped. Stream/Raped mearly flooded the host with ack's (or no flags) and came from random ips with random sequence numbers and/or ack numbers. The difference now is that this not only does the previous stuff, but also directly attacks from and to multicast addresses as well.
25a37bfece0acbe778ee130601ca1fda0d9188d98eebaee75e1352130f531bbbSolaris Solstice Internet Mail IMAP4 Server x86 exploit.
adcc570a64ad515dee55499942b44fc76607894ebc9c473d4d7a8654c863de59Remote linux x86 exploit for Qpopper 3.0beta29 and below. (not 2.5.3) Overflows the LIST command and spawns a shell with the UID of the user who logged in (requires valid account), and GID mail.
6e03060d06070addc039c651e773cc7edd7dfdbf64902dcb1d4ab4b12b4e97dfw00w00 Security Advisory - qmail-pop3d may pass an overly long command argument to it's password authentication service. When vpopmail is used to authenticate user information a remote attacker may compromise the privilege level that vpopmail is running, naturally root.
3bd0074f38eb47b414a84c38444aed7fa25ca801a4f14f89d10b39ad7380dd2dw00w00 Security Advisory - Linux VMware 1.1.2 Symlink Vulnerability. VMware stores temporary log files within the /tmp directory. It does not check whether all of these files exist prior to creation, resulting in the potential for a symlink attack.
da520fa5a7804353f424ed408de54dc3b46708d2f49b82447d0645507cc3049ew00w00 Security Advisory - S/Key & OPIE Database Vulnerability affecting most Unixes (not NetBSD) running skey-2.2. (possibly earlier versions too) allowing offline password cracking.
3ae33764fe45486317d0735a5c5fbdb38edd2d5553c4c986a29216ee7e9b8124Remote exploit for the inter7 supported vchkpw/vpopmail package for (replacement for chkeckpasswd). Tested on Sol/x86,linux/x86,Fbsd/x86 against linux-2.2.1 and FreeBSD 3.[34]-RELEASE, running vpopmail-3.4.10a/vpopmail-3.4.11[b-e]. Unofficial patch here.
96783f06acb089b526184c758e946ec901db1b61ec472cbee7dc24a2094b6765MS IIS 5.0 has problems handling a specific form of URL ending with "ida". The extension ida has been taken from the Bugtraq posting "IIS revealing webdirectories" The problem causes 2 kind of results. The one result is that the server responds with a message like "URL String too long"; "Cannot find the specified path" The other error causes the server to terminate with an Access Violation. When the server "Access violates" it displays as last message.
c6301bd7666cad9967d8dafc5ad77f1302a8469ac918b24e757bf1d26a8ed0d1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed