Packet Storm new exploits for March, 2004.
cfaceed6fb98501b73a6b3f8ffef33d4ba76ca8a5e534ed5c8ac151d426863f7autoRST is an automated TCP RST exploit. It uses the Winpcap libraries to sniff for TCP packets on a network and then sends out a forged RST packet after calculating the appropriate sequence number and forging the MAC address. Makes use of the recent vulnerable released by Paul A. Watson.
42cb6ede12e9199900a5e6282342a4505e4a0df06f3b97e39afc1e2143e7b326ProxyCap enables users to tunnel Internet applications through HTTP, SOCKS v4, and SOCKS v5 Proxy Servers. It can be told which applications will connect to the Internet through a proxy and under what circumstances. This is done through a user friendly interface, without the need to reconfigure any clients. ProxyCap provides a flexible rule system and allows the end user to define their own tunneling rules. ProxyCap version 2.0 introduces support for UDP-based networking clients, optional remote name resolution, and more detailed Session Logs.
f3d219d793029162c4fa053ee2a58e4f4d70e87c733f0b822ac77c04ad1ccf0dLHa versions 1.14d to 1.14i and 1.17 suffer from buffer overflows and directory traversal flaws.
7ae3e4725ed69dd046198c050806c9823138937d3f1cdf941f31a097fd5ab9b4Alexander Antipov has reported some vulnerabilities in Web Wiz Forum, allowing malicious people to conduct SQL injection attacks and perform certain administrative functions.
024ed03e7937f3b0cf30e5a45a9ee9bce998f485ff34e66cf5910706d8b35241Local root exploit for Squirrelmail's chpasswd utility. Tested on GNU/Debian with kernel 2.4.24 and on RH 9.0 shrike with kernel 2.4.20. Original bug found by Matias Neiff.
6157a4eb97ac74cc3337b905b33aa88c26ff87f621b2f36ac1cf440cdd4a4aadX-Chat versions 2.0.8 through 1.8.0 remote exploit that makes use of a buffer overflow in the SOCKS-5 proxy code. Successful exploitation binds a shell to port 7979.
2fee8170f90a051fd47c72f81150fec692e3bf4fac546c3cd394c69c90bc8001Serv-U ftpd versions older than 5.0.0.6 suffer from a flaw where a user issuing a long parameter as a value to a LIST command can cause the server to try and read a value that is outside the memory location causing a crash.
a65b66ef8af1cc9495cc9fd0ca5c58f21b69e261b6e0304aa32ec1022fd5e31bAldo's web server version 1.5 on Windows is susceptible to path disclosure and pathetic directory traversal attack that allows for remote access to any file on the system.
639a5b9daeec5ce3fedb73bbc100d9733a8a0a3dfedccdc525198e2cf000b64eMultiple vulnerabilities in Coppermine Photo Gallery version 1.2.2b for PhpNuke. These range from small flaws like path disclosure, cross site scripting, and arbitrary directory browsing, to remote command execution on the underlying server.
7415e5415321c84c93f3ecfdfa2f75966b919e898dbdd4cc97a03587a1583d66Snort signatures that identify the new Sass worm that is propagating.
b69ecb8046fb28e2ec5770410354925379943778ef8847ca1a3d9898bd74f9bceEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in Apple's QuickTime Player. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code within the SYSTEM context. Versions affected are Apple QuickTime 6.5 and Apple iTunes 4.2.0.72.
23422f64bc4e7a74941faa7d950894e64994663ccbfd1bcf7dc0f7fbb51a6548A denial of service condition exists in the PaX kernel patch for the 2.6 series that will put the kernel in an infinite loop when ASLR is enabled.
0adbded51cf9a6b8441fa58bccc91d76d1b646be40a1f40dae448219c15501cbYaBB 1 Gold SP 1.2 written in Perl suffers from a flaw where data put into the subject line isn't properly sanitized allowing an attacker to inject newlines, starting a new thread.
d8eee29041423b23fd7deddccc13a610845fa02059cee014612d67f0e0fd6c58Imperva's Application Defense Center has announced that several vulnerabilities exist in BusinessObject's Crystal Reports' Web Interface. These vulnerabilities allow a potential hacker to retrieve and delete any file from the file system of the server on which it runs, as well as causing a complete denial of service to the server.
a06e1cc4e1bcef2ca1c33358c45ac5483715ad03340741bed12f00d3b9676eabProps version 0.6.1 is susceptible to cross site scripting attack and allows an attacker the ability to see any file on the system due to flaws in glossary.php.
f598b9ed8a7b6ff22759af3b10826567272decde5f2a0302648d6e96d89ddceeMoodle versions 1.3 and below suffer from a cross site scripting flaw.
45a15dcab7c11c1a129cbac1523b23eb9598a1a5f970a5cbcdb0f4dabfeb645fDameware's Mini Remote Control System version 4.2 uses a weak key agreement scheme. The scheme consists of the sharing of pointers into a fixed key lookup table. Both the client and the server have access to a key lookup table (KLT) consisting of 1000 32-bit values.
2a0a8f9b0413c82fcc2ef7d6bb5e5aee1c479ab3b69d3d2982122a9159c3e2feInternet Explorer version 6.0.2800 (and possibly others) suffers from a certificate theft bug that can be used against victims for phishing scams.
9970cca3cc94d677df7bc9884a6f5b3bb7df08e8471168e67ed67445d4331d5fMetaFrame XP Presentation Server and MetaFrame 1.8 have a flaw that allows an administrator account to mount any client drive available in any user's Citrix session.
34f23f9738b94f17232372cad784b2bf785946c38d216b82724c99af44ef901aA security problem exists in all versions of rsync prior to 2.6.1 that affects anyone running a read/write daemon without using a chrooted environment.
a3255b5967118be2f68ba9a3e9714d06eb078a92b26a2dc88d8b214621db6d18
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed