Remote Windows exploit for the RPC DCOM long filename heap overflow discovered by NSFOCUS. Upon success, the target will have a user added as the letter e with a password of asd#321.
8deeb2c01d158751b1bf4ee8adcd15343d9a1beaeded00158eb8c71a0eb8577aTexonet Security Advisory 20030902 - SCO OpenServer / Internet Manager (mana) versions 5.0.5 to 5.0.7 are susceptible to escalating a local attacker's privileges due to being tricked into executing the environment variable REMOTE_ADDR when it is set.
5046fb8c6f2157de1eeef06f1ff7086a72da814debcc822a30e046b466d87a8dDomino Hunter 0.92 is a Lotus Domino web server scanner, written in Perl. It attempts to access default NSF databases, as well as crawl user-defined bases. It tries to enumerate the database structure, enumerate available views, available documents, and ACLs set on documents. It also tries to retrieve documents from available views in order to check if ACLs are correctly set to restrict documents and not views. The scanner works in both anonymous mode or privileged mode if user supplied credentials are supplied to then be passed to the default names.nsf/?Login form.
bfcba564a665d5e5f128c1528b9c6a1d48fcabdf83356083541e4206cad0ecc6Atstake Security Advisory A091503-1 - The Nokia Electronic Documentation product has three vulnerabilities. A cross-site scripting vulnerability allows an attacker to run malicious code if javascript is enabled. A directory listing of the web root is available by supplying the underlying webserver with a period. NED can also be inadvertently used as an HTTP proxy server.
4924ba9b5946a4e3970ccd2e0126327f9de57382c0d428f532349345aa409bd4Remote exploit for Mysql 3.x versions 3.23.56 and Mysql 4.x versions below 4.0.15. More information available here.
031cb79c22ead773279128cdcad002a6b7cea61a3829c158c874f16857a8ab9eTiny SHell is an open-source UNIX backdoor that compiles on all variants, has full pty support, and uses strong crypto for communication.
6cb0bc541e848ecd40a2623b75688255e001fe3476c765acd037f1906f171a14Remote Pine exploit for versions 4.56 and below. Makes use of a vulnerability discussed here.Binds a shell to port 6682. Written for Slackware 8.0, 8.1, and 9.0 and works for RedHat as well.
e851c723d21209a6b26900e885356e35a071b04eb77c23187facc15b5835af99iDEFENSE Security Advisory 09.16.03: An exploit has surfaced that allows remote attackers to execute arbitrary commands with super-user privileges against Solaris hosts running the default RPC authentication scheme in Solstice AdminSuite, sadmind. CVE Related Number: CVE-2003-0722.
927d8400a78249ccc1f470ef0d7fa5b3ce3bc5fe19fbd3027a63dae9bae28365Minihttpserver 1.x Host Engine is susceptible to a directory traversal attack and has a login parsing flaw that allows a remote attacker to gain administrative privileges.
c3811137432dca7f6b3480030b9e97885c8de1ef80de534902b0ea664f882952Easy File Sharing Web Server 1.2 is vulnerable to directory traversal bugs, cross site scripting, HTML injection, and password snatching due to them being left in the clear.
f44612ef4731652eedc76c34971ccef6fbab01c107847e6496e2fa6d924e38f8OpenSSH Security Advisory - All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error which results in a remote root vulnerability.
64c4c6ec67379208e69b635d6afb17251d748b0a37bf85006230d6525d2a55db
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed