what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2003-04-01

SCSA015.txt
Posted Apr 1, 2003
Authored by Gregory Le Bras | Site Security-Corp.org

Security Corporation Security Advisory [SCSA-015]: PowerFTP has a denial of service vulnerability that allows a remote attackers to crash the server by executing a specific command with a buffer of 1994 or 1995 bytes in length or more.

tags | exploit, remote, denial of service
SHA-256 | bfa6c30c5f95e7b646e02d2837ad2d58e2390287f03a9c314437e68e033edfa9
3COMADSL.txt
Posted Apr 1, 2003
Authored by Michael Puchol

The 3Com 812 ADSL router will expose an internal computer's ports to an external computer once a connection between the two is established. Although 3Com denotes this as a feature, it inadvertently will leave a victim open to attack for up to 2 minutes.

tags | advisory
SHA-256 | a2090b18c0a9dfa47daaecc15e140a765d5af83ff73bec3f09c43087386c7f59
DDI1012.txt
Posted Apr 1, 2003
Authored by Digital Defense Inc. | Site digitaldefense.net

Digital Defense Inc. Security Advisory DDI-1012 - A malformed request used against HP Instant TopTools versions below 5.55 can cause a denial of service against a host by having it constantly it request itself.

tags | exploit, denial of service
SHA-256 | 7627cee904465d331ce5d25d50952fed0120096c80e38c11d338158b858a94ff
SCSA014.txt
Posted Apr 1, 2003
Authored by Gregory Le Bras | Site Security-Corp.org

Security Corporation Security Advisory [SCSA-014]: EZ Server, which provides both HTTP and FTP services, has a denial of service vulnerability in the FTP server that allows a remote attackers to crash the server by executing a specific command with a buffer of 1994 or 1995 bytes in length or more.

tags | exploit, remote, web, denial of service
SHA-256 | 79ea3b12b542e2eec2c723cd80d79e96bfa2538c08b7faa857cbdb2bf877fd47
mz.sendmail.txt
Posted Apr 1, 2003
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

There is a vulnerability in Sendmail versions 8.12.8 and prior. The address parser performs insufficient bounds checking in certain conditions due to a char to int conversion, making it possible for an attacker to take control of the application. This problem is not related to the recent ISS vulnerability announcement.

tags | advisory
SHA-256 | e56c207e41ff83acb9da15ebf18f6f1fbeb72d0a5ba1c4f489470c49b23fc690
0x333crypt-linux.c
Posted Apr 1, 2003
Authored by 0x333, nsn | Site 0x333.org

0x333crypt is a tool for linux which encrypts files with md5 and xor.

tags | encryption
systems | linux
SHA-256 | f26f5a9e714c612abf4060c34e20cf2c6546e6ce583af38d665f5b71626353ee
0x333crypt-freebsd.c
Posted Apr 1, 2003
Authored by 0x333, nsn | Site 0x333.org

0x333crypt is a tool for FreeBSD which encrypts files with md5 and xor.

tags | encryption
systems | freebsd
SHA-256 | 4d8eedb49b20c48428ba6a689f7ed94dd30444a3074103207cfe4da123d442f8
0x333hpl.c
Posted Apr 1, 2003
Authored by 0x333, nsn | Site 0x333.org

0x333hpl.c compares pids in /proc with ps aux output.

tags | tool, intrusion detection
systems | unix
SHA-256 | d369beb106b3a6ea47350ebd43ea968f579778ad25d46ee20e18ae1a05875333
iDEFENSE Security Advisory 2003-03-31.t
Posted Apr 1, 2003
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.31.03 - An exploitable buffer overflow has been found in Apple Computer's QuickTime Player v5.x and 6.0 which allows the remote execution of arbitrary code via long quicktime:// URL's or the -u command line switch. Any remote attacker can compromise a target system if he or she can convince a user to load a specially crafted exploit URL. Upon successful exploitation, arbitrary code can be executed under the privileges of the user who launched QuickTime.

tags | advisory, remote, overflow, arbitrary
systems | apple
SHA-256 | 63b4e5946d2c0800bdcb621548d55499d68e76124dd328d5ff058b472234203b
sa2003-03.txt
Posted Apr 1, 2003
Authored by NSFOCUS | Site nsfocus.com

NSFOCUS Security Advisory SA2003-03 - A local heap overflow was found in Sun Solaris's CDE manager dtsession which allows local users to execute code as root by setting a long HOME environment variable. Solaris 2.6, 2.7, 2.8, and 2.9 is affected.

tags | advisory, overflow, local, root
systems | solaris
SHA-256 | d906f6000cf9a6b6bcee5345838232d36117025f3b2186a0a45ac2f0045dbe5a
sa2003-02.txt
Posted Apr 1, 2003
Authored by NSFOCUS | Site nsfocus.com

NSFOCUS Security Advisory SA2003-02 - Sun Solaris LPQ has a stack overflow which allows local users to execute code as root. Solaris 2.5.1, 2.6, and 2.7 on SPARC and x86 is affected.

tags | advisory, overflow, x86, local, root
systems | solaris
advisories | CVE-2003-0091
SHA-256 | 9ae4c0aec7caa3fc454b9ce6300d39ef37e423e1197c93fd5b339ab5be319e9e
FreeBSD Security Advisory 2003.7
Posted Apr 1, 2003
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-03:07 - A second remotely exploitable overflow was found in Sendmail header parsing. Upgrade to 8.12.9 to fix the vulnerability. Patch available here.

tags | overflow
systems | freebsd
SHA-256 | 2020462d2c424be84d00d47dab2a8fee098fe1f39416fb76eb439652f8902a06
openssl-uzi.tar.gz
Posted Apr 1, 2003
Authored by Harden

OpenSSL-uzi is a semi-automatic mass rooter which uses the openssl-too-open exploit against multiple hosts.

tags | exploit
SHA-256 | c4db574327d2f1321e4c513c1cfb48c989b9d277b4b1761749396a56543638f6
rs_iis_xpl.pl
Posted Apr 1, 2003
Authored by Knud Erik Hojgaard

Rs_iis_xpl.pl is a remote exploit for rs_iis.c, a remote IIS exploit. Sets up a web server, and if rs_iis.c is used to attempt an exploit, a shell will be spawned on the attacking host. Tested against FreeBSD 4.7-RELEASE-p7.

tags | exploit, remote, web, shell
systems | freebsd
SHA-256 | 53a1d6f18d614b512a0d0c1ca5a75101a70147c7534c005448527d40e2891a82
lsof_4.67.tar.gz
Posted Apr 1, 2003
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port. FAQ available here.

Changes: Updated docs, changed ftp server host name to lsof.itap.purdue.edu, added the "+c w" option for specifying maximum COMMAND column characters, fixes several AIX issues, adds kqueue support for FreeBSD, NetBSD and OpenBSD, updates for FreeBSD 4.8, and corrects gcc build problems on HP-UX 11i.
tags | tool, intrusion detection
systems | unix
SHA-256 | 9782550d36fc7da6095734928676a2f581254dc7d79a72ae300ec569a6a6ab4c
CA-2003-12.sendmail
Posted Apr 1, 2003
Site cert.org

CERT Advisory CA-2003-12 - A remote stack overflow in Sendmail 8.12.8 and below was discovered by Michal Zalewski which allows remote code execution as root. This bug is in the prescan code and is different than the recent sendmail bug described in CA-2003-07. Patch available here.

tags | remote, overflow, root, code execution
SHA-256 | 3d21a9619dd79160009046d99d48567be339543825a6a4ca7d4af3174e7a1a0c
sendmail.8.12.9.tar.gz
Posted Apr 1, 2003
Site sendmail.org

Sendmail is a very popular unix Mail Transfer Agent, a program that moves mail from one machine to another.

Changes: A remote root vulnerability in the parsing of mail headers has been fixed. This bug is in the prescan code and is different than the vulnerability fixed in 8.12.8.
systems | unix
SHA-256 | c5cc51a78fdcc0f09cd21188af6187e32d31ef877baf23e4d88b3e32156b9b3a
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close