Linux/x86 shellcode that performs a chmod of 4777.
21f2087e480420ecfc1a29131d4e4f7d9ae013c5ba5f9bf03b7b9ca6cdcf21feEPIC4 remote exploit that acts as an IRC server and makes use of a stack-based overflow in EPIC4 versions later than pre2.003. Upon success, this exploit yields a shell with the privileges of the user id connecting into the server.
273d77c8e43b800a86bb9732a9c1177bb69c666f29a6a87155e45205edc257b2S-Quadra Advisory #2003-11-26 - FreeRADIUS version 0.9.3 and below suffers from a stack overflow in the rlm_smb module. Successful exploitation of the vulnerability leads to code execution abilities as root.
986f4ddf02645e0675d8de23c83f5150b4fe80517b2215a3c1ec52ab1b89b1b1My_eGallery versions below 3.1.1.g has PHP files which do not filter all parameters fed to functions, allowing a malicious attacker the ability to execute any command as the user id the webserver is running under. Vendor supplied patch available here.
83bc5a715a3f8b447cc27c88355d9454d43230e49474dacf297362b2f0d3486fUtilizing the MHTML parsing vulnerability in conjunction with the BackToFramedJpu vulnerability, a malicious attacker can obtain full MYCOMPUTER security zone access to a victim machine.
8fc2fdff885ad4c4d244ca251097a58a30fe147f299629978d607b790d85fb22A flaw exists in the way Microsoft Internet Explorer performs MHTML redirection that can lead to a victim having executables downloaded and run. Link to a demonstration included.
5c306ddeb0aa01ef9333f01161239c18011c97126963ca69abcbbe7de0d0f94fBy combining the Microsoft Internet Explorer cache file disclosure vulnerability with several other unpatched vulnerabilities, a malicious INTERNET page can reach the MYCOMPUTER zone. Link to two demonstrations included.
cc43c3bb8c3472af6421059b2f7d473dcbcc23680fa944324c5fc42c247a1411Microsoft Internet Explorer v6.SP1 and below has a vulnerable download function that can be exploited by a malicious attacker to gain access to a user's cache directory. Link to two demonstrations included.
dcaee30b8ef3a1cceeae51d751d897cc6278c21e1025eac9cf682ea1ae4fd7abA cross-zone scripting vulnerability has been found in Internet Explorer. If a web page contains some sub-frame, its security zone may be compromised. Link to a demonstration included.
a7c936db9ccb610dafbe96908b866aeba03e8da8fc499b043cc313c4e16d79efAfter applying the patch for MS03-048, Windows is still susceptible to the Hijack Click attack when performed in conjunction with the method caching attack which can make the window.move accessible again. Link to a demonstration included.
a06ff9d109e90948b1621c8cc5f4399cd3f2acd4266b9a925067a1f7cac1a306Rapid7 Security Advisory - Sybase Adaptive Server Enterprise (ASE) 12.5 is susceptible to a denial of service attack when a login is made with an invalid remote password array. A valid login is required to exploit this vulnerability. Version 11.0.3.3 for Linux is not vulnerable.
ce1334b583816398c0865c95b48954c24802309142977d252ef92a816628f0f9Simple patch for OpenSSL 0.9.7c that adds a PKCS#12 brute-forcing option which takes in a wordlist.
8170148232fabc75b87d0be52449824c96cb3a6c7db0847f9bcec6dade28b327CERT Quarterly Summary CS-2003-04 - There have been documented vulnerabilities in the Microsoft Windows Workstation Service, RPCSS Service, and Exchange, various SSL/TLS implementations, a buffer overflow in Sendmail, and a buffer management error in OpenSSH. There have also been reports of W32/Swen.A, W32/Mimail variants, and exploitation of an Internet Explorer vulnerability reported in August of 2003.
111a7f74273b65a5b0d1626916be4f03e2691e306b91abf17827c06c747319c8S-Quadra Advisory #2003-11-24 - Monit version 4.1 is susceptible to a denial of service via a negative Content-length field and is also vulnerable to a stack overflow when accepting long HTTP requests.
640b7a1304c873c6888f2e239b9dd442a50d1a7bfc300a638ff7e843e49e4c1dike-scan is a utility that discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern.
ef4da0b8fb8c43faed743d094966384c7c9a1e8041a8e811b657bc9863951839Os-sim attempts to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, Acid, MRTG, NTOP, OpenNMS, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security. Supported platform is Linux.
90843c85e212f5b0efbb5171be7c6a6927a98ac94bb7fc14caa2ebabfd1196e6CommerceSQL shopping cart allows remote file reading via a directory traversal vulnerability in its index.cgi.
6f4df4b2df394eb3256053752a246944664140cbf21550acf95750c5516627ceThe embedded webserver for the Thomson TCM315 cable modem is vulnerable to a buffer overflow during a typical GET method HTTP request.
9fe3659ee27d616cce7a519a8bdc569a333a69876d8490c3875cba0299d02fe9Vapid Labs Security Note - The PrimeBase SQL Database Server 4.2 stores passwords in clear text. Depending on the installation user's umask settings, it may be readable by all local users.
43002c694b892879a9fefb2c4763eaa0435c8018f79e132da7c50c1395f81a57Two vulnerabilities were found in the Opera web browser versions up to 7.22. Both are related to skin files, with one being a directory traversal attack that allows an attacker to upload a file to a victim's machine while the other is a buffer overflow in the skin file handling.
1fe7a3b278a5f299a11bc53c79e45f6df58c6100dbd0c6ca31456d8ee6312569Brief research paper that audits and discusses the true scope of how many hosts on the Internet actually have TCP port 139 listening and are susceptible to attack.
244293ebdd2a973beb2961f77348e04047e69687a1efabdac4ab45d5af3cf75bSecurity Corporation Security Advisory [SCSA-021]: vBPortal versions 2.0 alpha 8.1 and below allow a remote attacker the ability to send mail anonymously via a vulnerability in its friend.php script.
c4d06783f91cb24e63610106d750abfba594dd5975bdd6cc9027faca6c37e247webfs 1.7.x remote root exploit that binds a shell to port 26112 and makes use of a User-Agent buffer overflow.
b99a529cd0c9633b8757d0805ef4ef7815dc5ea637c2438a987d2ca956da300bA bug exists in MSN's Messenger client that allows a user's IP address to be exposed due to improper parsing of the Ip-Address field when parsing requests.
11b8007718efec8768261dc195d3d80f9c2678aab4655d151fba650b133b883dXitami's LiteServe webserver versions 2.5 and below suffer from a denial of service vulnerability that stems from a logic error during the processing of a POST request.
cd786a6a7908e740a47fa4b504d54c3c4bf44e73bbf892f5c3f1f6a1c40cab1a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed