what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2004-05-04

0403-exploits.tgz
Posted May 4, 2004
Authored by Todd J. | Site packetstormsecurity.com

Packet Storm new exploits for March, 2004.

tags | exploit
SHA-256 | cfaceed6fb98501b73a6b3f8ffef33d4ba76ca8a5e534ed5c8ac151d426863f7
autoRST.c
Posted May 4, 2004
Authored by Matt Edman

autoRST is an automated TCP RST exploit. It uses the Winpcap libraries to sniff for TCP packets on a network and then sends out a forged RST packet after calculating the appropriate sequence number and forging the MAC address. Makes use of the recent vulnerable released by Paul A. Watson.

tags | exploit, tcp
advisories | CVE-2004-0230
SHA-256 | 42cb6ede12e9199900a5e6282342a4505e4a0df06f3b97e39afc1e2143e7b326
pcap201.msi
Posted May 4, 2004
Authored by Proxy Labs | Site proxylabs.netwu.com

ProxyCap enables users to tunnel Internet applications through HTTP, SOCKS v4, and SOCKS v5 Proxy Servers. It can be told which applications will connect to the Internet through a proxy and under what circumstances. This is done through a user friendly interface, without the need to reconfigure any clients. ProxyCap provides a flexible rule system and allows the end user to define their own tunneling rules. ProxyCap version 2.0 introduces support for UDP-based networking clients, optional remote name resolution, and more detailed Session Logs.

tags | remote, web, udp
SHA-256 | f3d219d793029162c4fa053ee2a58e4f4d70e87c733f0b822ac77c04ad1ccf0d
lha.txt
Posted May 4, 2004
Authored by Ulf Harnhammar

LHa versions 1.14d to 1.14i and 1.17 suffer from buffer overflows and directory traversal flaws.

tags | advisory, overflow
advisories | CVE-2004-0234, CVE-2004-0235
SHA-256 | 7ae3e4725ed69dd046198c050806c9823138937d3f1cdf941f31a097fd5ab9b4
Secunia Security Advisory 11525
Posted May 4, 2004
Authored by Alexander Antipov, Secunia | Site secunia.com

Alexander Antipov has reported some vulnerabilities in Web Wiz Forum, allowing malicious people to conduct SQL injection attacks and perform certain administrative functions.

tags | advisory, web, vulnerability, sql injection
SHA-256 | 024ed03e7937f3b0cf30e5a45a9ee9bce998f485ff34e66cf5910706d8b35241
sq-chpass-exp.c
Posted May 4, 2004
Authored by Michal Stys

Local root exploit for Squirrelmail's chpasswd utility. Tested on GNU/Debian with kernel 2.4.24 and on RH 9.0 shrike with kernel 2.4.20. Original bug found by Matias Neiff.

tags | exploit, kernel, local, root
systems | linux, debian
SHA-256 | 6157a4eb97ac74cc3337b905b33aa88c26ff87f621b2f36ac1cf440cdd4a4aad
xxchat-socks5.c
Posted May 4, 2004
Authored by vade79

X-Chat versions 2.0.8 through 1.8.0 remote exploit that makes use of a buffer overflow in the SOCKS-5 proxy code. Successful exploitation binds a shell to port 7979.

tags | exploit, remote, overflow, shell
SHA-256 | 2fee8170f90a051fd47c72f81150fec692e3bf4fac546c3cd394c69c90bc8001
servuLIST.txt
Posted May 4, 2004
Authored by storm

Serv-U ftpd versions older than 5.0.0.6 suffer from a flaw where a user issuing a long parameter as a value to a LIST command can cause the server to try and read a value that is outside the memory location causing a crash.

tags | exploit
SHA-256 | a65b66ef8af1cc9495cc9fd0ca5c58f21b69e261b6e0304aa32ec1022fd5e31b
aldosweb.txt
Posted May 4, 2004
Authored by Oliver Karow | Site oliverkarow.de

Aldo's web server version 1.5 on Windows is susceptible to path disclosure and pathetic directory traversal attack that allows for remote access to any file on the system.

tags | exploit, remote, web
systems | windows
SHA-256 | 639a5b9daeec5ce3fedb73bbc100d9733a8a0a3dfedccdc525198e2cf000b64e
waraxe-2004-SA026.txt
Posted May 4, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

Multiple vulnerabilities in Coppermine Photo Gallery version 1.2.2b for PhpNuke. These range from small flaws like path disclosure, cross site scripting, and arbitrary directory browsing, to remote command execution on the underlying server.

tags | advisory, remote, arbitrary, vulnerability, xss
SHA-256 | 7415e5415321c84c93f3ecfdfa2f75966b919e898dbdd4cc97a03587a1583d66
sass.snort.txt
Posted May 4, 2004
Authored by Martin Overton

Snort signatures that identify the new Sass worm that is propagating.

tags | tool, worm, sniffer
SHA-256 | b69ecb8046fb28e2ec5770410354925379943778ef8847ca1a3d9898bd74f9bc
eEye.quicktime.txt
Posted May 4, 2004
Authored by Karl Lynn | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in Apple's QuickTime Player. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code within the SYSTEM context. Versions affected are Apple QuickTime 6.5 and Apple iTunes 4.2.0.72.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2004-0431
SHA-256 | 23422f64bc4e7a74941faa7d950894e64994663ccbfd1bcf7dc0f7fbb51a6548
PaX26DoS.txt
Posted May 4, 2004
Authored by Chris | Site cr-secure.net

A denial of service condition exists in the PaX kernel patch for the 2.6 series that will put the kernel in an infinite loop when ASLR is enabled.

tags | advisory, denial of service, kernel
SHA-256 | 0adbded51cf9a6b8441fa58bccc91d76d1b646be40a1f40dae448219c15501cb
yabbperl.txt
Posted May 4, 2004
Authored by Dmitry Shurupov

YaBB 1 Gold SP 1.2 written in Perl suffers from a flaw where data put into the subject line isn't properly sanitized allowing an attacker to inject newlines, starting a new thread.

tags | advisory, perl
SHA-256 | d8eee29041423b23fd7deddccc13a610845fa02059cee014612d67f0e0fd6c58
imperva.crystal.txt
Posted May 4, 2004
Authored by Ofer Maor | Site imperva.com

Imperva's Application Defense Center has announced that several vulnerabilities exist in BusinessObject's Crystal Reports' Web Interface. These vulnerabilities allow a potential hacker to retrieve and delete any file from the file system of the server on which it runs, as well as causing a complete denial of service to the server.

tags | advisory, web, denial of service, vulnerability
SHA-256 | a06e1cc4e1bcef2ca1c33358c45ac5483715ad03340741bed12f00d3b9676eab
props061.txt
Posted May 4, 2004
Authored by Manuel Lopez

Props version 0.6.1 is susceptible to cross site scripting attack and allows an attacker the ability to see any file on the system due to flaws in glossary.php.

tags | advisory, php, xss
SHA-256 | f598b9ed8a7b6ff22759af3b10826567272decde5f2a0302648d6e96d89ddcee
moodle13.txt
Posted May 4, 2004
Authored by Bartek Nowotarski | Site silence.0.pl

Moodle versions 1.3 and below suffer from a cross site scripting flaw.

tags | advisory, xss
SHA-256 | 45a15dcab7c11c1a129cbac1523b23eb9598a1a5f970a5cbcdb0f4dabfeb645f
dwgenkey.c
Posted May 4, 2004
Authored by ax09001h

Dameware's Mini Remote Control System version 4.2 uses a weak key agreement scheme. The scheme consists of the sharing of pointers into a fixed key lookup table. Both the client and the server have access to a key lookup table (KLT) consisting of 1000 32-bit values.

tags | exploit, remote
SHA-256 | 2a0a8f9b0413c82fcc2ef7d6bb5e5aee1c479ab3b69d3d2982122a9159c3e2fe
iephish.txt
Posted May 4, 2004
Authored by E. Kellinis | Site cipher.org.uk

Internet Explorer version 6.0.2800 (and possibly others) suffers from a certificate theft bug that can be used against victims for phishing scams.

tags | advisory
SHA-256 | 9970cca3cc94d677df7bc9884a6f5b3bb7df08e8471168e67ed67445d4331d5f
cqurecitrix.txt
Posted May 4, 2004
Authored by Patrik Karlsson | Site cqure.net

MetaFrame XP Presentation Server and MetaFrame 1.8 have a flaw that allows an administrator account to mount any client drive available in any user's Citrix session.

tags | advisory
SHA-256 | 34f23f9738b94f17232372cad784b2bf785946c38d216b82724c99af44ef901a
rsync.html
Posted May 4, 2004
Site samba.anu.edu.au

A security problem exists in all versions of rsync prior to 2.6.1 that affects anyone running a read/write daemon without using a chrooted environment.

tags | advisory
SHA-256 | a3255b5967118be2f68ba9a3e9714d06eb078a92b26a2dc88d8b214621db6d18
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close