Georgi Guninski security advisory #17 - MS Word and MS Access 2000 (with or without Service Release 1a) allow executing arbitrary programs if a Word document is opened. This may be exploited also by visiting a web page with IE or opening/previewing HTML email message with Outlook. In order this to work, the user must be able to access a mdb file, which resides either on an UNC share or a local drive. This allows taking full control over user's computer. Demonstration exploit available here.
89dfddff8833fb3dad88d40d972cfa0a68430d2b3ad384958e72e64fedda41e3Red Hat Security Advisory - A buffer overflow has been discovered in all releases of mopd-linux included in the 6.0, 6.1, and 6.2 releases of Powertools. This vulnerability allows long file names to be sent from the client to the server, allowing arbitrary code to be executed.
420df459240f85b3543ea29e1fe11451697d08319af2026f24b5e6462ae314ceNetBSD Security Advisory 2000-011 - Netscape's processing of JPEG comments trusted the length parameter for comment fields; by manipulating this value, it is possible to cause netscape to read in an excessive amount of data, overwriting memory. Specially designed data could allow a remote site to execute arbitrary code as the user of netscape. This vulnerability has been fixed in Netscape 4.74.
ee621f140533c524890bdf720a8551ec93c8c64af2312f54c7cd2a1fa6820ed5FreeVSD facilitates true Linux Virtual Servers within a 'chroot' environment, allowing Web servers and other applications to be deployed and administered discretely, without compromise to security. Each Virtual Server has its own IP address(es), Apache webserver, and view of the process table. FreeVSD expands the Linux system by creating a pseudo-'super user' (admin) for each Virtual Server. The admin user has the ability to create extra POP3/FTP and Telnet users and also administrate vital services such as the webserver.
ecd3896581bb76d50cb4824cdb13dad537c14903b37e404c47eb7a98cd51f681Robpoll.cgi is a free cgi based admin program for Unix and NT which has remote vulnerabilities allowing remote users to execute any command on the remote system with the priveleges of the web server. In addition, anyone can read any file on the remote system with the webserver UID.
bc0607609836ddf0e5923a2902e5194cc19852cc1fd731afa6d4b7bc8745952afathoe.c is a fragment flooder which will lag and/or lock up windows machines on your local network.
5a8c4166ed3499a46261bcf0e4d74b05d50c8eaa9c097104e432a5c95e6c96c2Return-RST is a firewalling tool for Linux 2.2.xx systems using IPCHAINS. It uses the netlink device to capture packets and sends TCP RST packets in response to TCP connection requests. Normal IPCHAINS only allows you to drop packets, or reject packets with an ICMP error message. With Return-RST, you can make it look like there is no server listening, rather than giving away that they're being filtered to the attacker.
e9cfcfe8d93672144f679c95aaf3da4d34a5bd6d5f53cfd38275d884c03802adThe Reverse Engineer's Patcher is the first byte patcher for UNIX systems. It will compare two binaries and produce a patch in C.
32184bfa34a3bb03ec189b479b49c03cc81c292b3a5be5081a2189e0f0180516suidperlhack.pl is a Suidperl v5.00503 and below local root exploit which hsa been ported to perl to increase portability. Tested against BSD.
e05392bbc9c59fbd159d56c51c1520fd954fc0cc8df635afbc6e183a39b0fe92This perl script sends 'magic packets' to wake-on-lan enabled ethernet adapters, in order to remotely power up a PC. Features the ability to use broadcast IP addresses.
fe9574d64254ea77b1edd3457deddd855a7365f2345af748d14d28b3e54bafdaDebian Security Advisory - mailx is a often used by other programs to send email. Unfortunately mailx as distributed in Debian GNU/Linux 2.1 has some features that made it possible to execute system commands if a user can trick a privileged program to send email using /usr/bin/mail.
de5324d8fb95ec279342629f079738a658876fb0b8c605afa1b92f0d6b4fb213A vulnerability has been found in Dan Brumleve's Brown Orifice HTTPD (BOHTTPD) which is a web server and file sharing tool that runs as a Java Applet in Netscape Navigator.
5bd5a93be1101366bfe29db0b460f4114ad5b04899e9671f365420621b49d9d5Red Hat Security Advisory - Under certain conditions, suidperl will attempt to send mail to the local superuser account using /bin/mail. A properly formatted exploit script can use this facility, along with mailx's tendency to inherit settings from the environment, to gain local root access.
cc92ea296e91763b4251446ba04b9581f3a16567afbb82bb3b3e67d7655958b3Red Hat Security Advisory - The umb-scheme package included with Red Hat Linux 6.2 included two world-writable files. New packages are available.
f14ddd3809449d94fcee3fc7d7511ec7983a8c79ef23847aeaee1b7ea6cdbf91Red Hat Security Advisory - The version of ntop which was included in Red Hat Powertools 6.2 has a remote exploit in which arbitrary files can be read on the host machine as root.
6bf66bc7d72b0e7c4a0cbee5777f2fa0ddd1a7e66defd6e878e4e03d69093b92Suidperl v5.00503 and below local root exploit which exploits an undocumented /bin/mail feature when perl wants to notify root on inode race conditions. Tested on Redhat 6.x/7.0.
e046c5c1d324b9945abcef32f5756e05f4d6bf70782c8cc77d62546e05aa1ec2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed