Local buffer overflow exploit that makes use of five vulnerabilities in the gv postscript viewer. Spawns a shell on port 7000.
44962067ebaac38a04a075b79a4c05cd40a1b6072e4b584506cb80e800edfd4fWith Service Pack 2, Microsoft introduces a new security feature which warns users before executing files that originate from an untrusted location (zone) such as the Internet. There are two flaws in the implementation of this feature: a cmd issue and the caching of ZoneIDs in Windows Explorer. The Windows command shell cmd ignores zone information and starts executables without warnings. Virus authors could use this to spread viruses despite the new security features of SP2.
3cdb81a215c43759d6a855b9532ac2312dc51fbdc391b844971c7d3464f75905Whitepaper written on MD5 collisions that have been discovered.
0513838a8a73686d1626fe59ec75db5be286d44a7cc977a9826318662ea3a27dApparently SHA-0 has been broken. This is information obtained from a French mailing-list that shows a collision. This data is to be presented at CRYPTO '04.
b3607c58b2f78efd56d6386e19b19d049cf31d307272923c94635ef49cbdaf5cDigital Network Bind Chrooter is a simple bash script that puts a BIND server in a chroot jail. Install BIND, launch the script, and restart named.
35e2896d950725f5223db9fd277c220ed53d29c85cf8fef8c61a2ec38d0ed57dEthereal is one of those packages that many network managers would love to be able to use, but they are often prevented from getting what they would like from Ethereal because of the lack of documentation. This document is part of an effort on the part of the Ethereal team to improve the accessibility of Ethereal.
ebc1a58a068ea49bb414e8923bc030bc9f2104ee95e9670e6edab9077bc0dc7fOpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
6954b53c5533f2bbcd1430594223d437edf739a08e572c6ed370fca5fe17f538Utility that automates the DNS spoofing vulnerability in Microsoft Windows XP SP1 as described in the Phrack 62 linenoise chapter. It generates a script file that launches the netwox application with correct parameters. It works with Windows and Linux. Binary files are included.
85bdd1f07f2ad093ca6f2d51d289fbb5d912c199a4d830314571f23051a130faSecunia Security Advisory - A vulnerability has been reported in rxvt-unicode, which potentially can be exploited by malicious, local users to manipulate or access sensitive information. The problem is that rxvt-unicode keeps open file handlers to other terminal windows when spawning children. This may potentially allow access to arbitrary terminal windows. This vulnerability affects versions prior to 3.6.
11fe8ed0197e6b37e12cfda5377985d5bb7431937edd785645f974bb957c3104rsync versions 2.6.2 and below have a flaw that allows malicious users to read or write arbitrary files on a vulnerable system. In order to exploit this vulnerability, the rsync daemon cannot be running in a chroot.
c1db552a349b4582ecc14879891615a1226530a7b6645bcf16da893b2cb72992Xephyrus Libraries Security Advisory JST-001 - JST versions 3.0 and below are susceptible to a directory traversal vulnerability in the Xephyrus Java Simple Template Engine.
cad20b5f1ffc56b8e4e3a7821bedd76503c1a61293311e7d4b0221f8b8703172Secunia Security Advisory - A vulnerability has been reported in Simple Form, which can be exploited by malicious people to use it as an open mail relay. Versions below 2.2 are affected.
cb56ff226ce716649193468abf714ecfb37452ac5bb707ded5252319d93775ffSecunia Security Advisory - Debasis Mohanty has reported a vulnerability in CuteNews, which can be exploited by malicious people to conduct cross-site scripting attacks.
270d7f16a20bd7bb7d42df8afce6a34643901124159bc0a4b51413420fa5f8ee
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed