what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 29 RSS Feed

Files Date: 2004-11-12

Technical Cyber Security Alert 2004-316A
Posted Nov 12, 2004
Authored by US-CERT | Site cert.org

Technical Cyber Security Alert TA04-316A - There is a vulnerability in the way Cisco IOS processes DHCP packets. Exploitation of this vulnerability may lead to a denial of service. The processing of DHCP packets is enabled by default.

tags | advisory, denial of service
systems | cisco
SHA-256 | 6d7e0df60be9abbc7bb549866d6dd8df85bbe76ad2cdc57356c933aab7f8eb8e
Gentoo Linux Security Advisory 200411-22
Posted Nov 12, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-22 - Davfs2 and the lvmcreate_initrd script (included in the lvm-user package) are both vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running them.

tags | advisory, arbitrary, local
systems | linux, gentoo
SHA-256 | 2e4ad81859058f5f403a9fbc0e0f71e82875af13830ea244ece4a6e1088b855c
Gentoo Linux Security Advisory 200411-21
Posted Nov 12, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-21 - An input validation flaw in Samba may allow a remote attacker to cause a Denial of Service by excessive consumption of CPU cycles.

tags | advisory, remote, denial of service
systems | linux, gentoo
SHA-256 | aa86bb696a8a65c378c83c31a6f74c86cb050a8eb76172d735a65943c42081b1
zonelabsFilter.txt
Posted Nov 12, 2004
Authored by Paul Kurczaba

By using hex encoded characters, it is possible to bypass the Zone Labs IMsecure and IMsecure Pro Active Link filters in versions prior to 1.5.

tags | exploit
SHA-256 | 9ad480fc1508982f331ebe96771a14724dd47832f298d852b8a5ffb68d6e8b94
phpwebsite.txt
Posted Nov 12, 2004
Authored by Maestro

phpWebSite 0.9.3-4 is susceptible to an HTTP response splitting vulnerability.

tags | exploit, web
SHA-256 | dccaec73a8efd8950f8ae5d5e5c5a5c3551434628a5919356513dad14e1260c1
cyberguard.txt
Posted Nov 12, 2004
Authored by jericho | Site attrition.org

Additional information about recent discussion various entities have have with CyberGuard regarding their firewall.

tags | advisory
SHA-256 | 19a8fdfc846e0b21cb2afdc9ab53f7ffe3fc6bccf1b0ccea948f74b104c2a750
technote.pl
Posted Nov 12, 2004
Authored by SPABAM

Technote remote command execution that spawns bash style shell with the webserver uid.

tags | exploit, remote, shell, bash
SHA-256 | cf7c847a221079fefe6e5f2151df78d97bdcebfe14ada1a2da7e7178466d56db
waraxe-2004-SA037.txt
Posted Nov 12, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

A SQL injection bug exists in Phorum versions 5.0.12 and below. Exploitation example given.

tags | exploit, sql injection
SHA-256 | 273145d61ee5d47316156922e22a25efedd2e1f51e7919932c33fb24ac3b2ffe
Cisco Security Advisory 20041111-csa
Posted Nov 12, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Security Agent (CSA) provides threat protection for server and desktop computing systems, also known as endpoints. It identifies and prevents malicious behavior, thereby eliminating known and unknown security risks. A vulnerability exists in which a properly timed buffer overflow attack may evade the protections offered by CSA. The system under attack must contain an unpatched underlying vulnerability in system software that CSA is configured to protect. Another prerequisite for the attack is that a user must be interactively logged in during the attack.

tags | advisory, overflow
systems | cisco
SHA-256 | 0fc1660d805f9db93b2f86459e3c50bd8ddc7a115b82343390d08c79b10a1348
ezipupdate.txt
Posted Nov 12, 2004
Authored by Ulf Harnhammar

ez-ipupdate is susceptible to a format string bug. It, at the very least, affect versions 3.0.11b8, 3.0.11b7, 3.0.11b6, 3.0.11b5 and 3.0.10. It does not affect 2.9.6.

tags | advisory
SHA-256 | c6b17bb453d52744e3c14270258284ead1e82fe3fff997919a781b5809c62d15
HOD-kerio-firewall-DoS-expl.c
Posted Nov 12, 2004
Authored by houseofdabus

Denial of service exploit for Kerio Personal Firewall version 4.1.1 and below. The vulnerability allows a remote attacker to reliably render a system inoperative with one single packet.

tags | exploit, remote, denial of service
SHA-256 | 2322c9ec4c631f18cfd73bf2a92082547345dcbf8b87c4dea72b485d9fc23ee3
vbul30x.txt
Posted Nov 12, 2004
Authored by Dr. Death

Another SQL injection has been discovered in VBulletin Forums 3.0.x.

tags | exploit, sql injection
SHA-256 | 145e0d535e94017af9326e14595bea3ae597663ec9c333b27519f2e31525e6bd
Gentoo Linux Security Advisory 200411-19
Posted Nov 12, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-19 - Pavuk contains multiple buffer overflows that can allow a remote attacker to run arbitrary code.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
SHA-256 | e7acf02ff8eb1af9a153c34492eccda803936a7a3d40d828a15ce24ecd5470a4
Secunia Security Advisory 13160
Posted Nov 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in MIMEsweeper for SMTP, which potentially can be exploited by malware to bypass the scanning functionality.

tags | advisory
SHA-256 | d60932cf5dc14f91a5a02f20b8b6b66c3a01d611a496ea82382dac1711383470
Scan6.zip
Posted Nov 12, 2004
Authored by Marco Del Percio

Port scanner for Windows 2k/XP that is functional for both IPv4 and IPv6 networks. Binary, source code, and more information included in the archive.

systems | windows
SHA-256 | a5bb3c8af652db7efbafd7ed702fd2112f87069ce86f720b9a5ce564f052c16d
THCSSLProxy.zip
Posted Nov 12, 2004
Authored by thc, Johnny Cyberpunk | Site thc.org

THCSSLProxy is a small command-line SSL proxy for Window that is useful for penetration testing SSL services like HTTPS, SMTPS, LDAPS, POP3S, and more.

tags | web
SHA-256 | 459707e52373c4c4554abf4a7c9af27ea3bb65cac657dfaa9466661d1f32da37
Technical Cyber Security Alert 2004-315A
Posted Nov 12, 2004
Authored by US-CERT | Site cert.org

Technical Cyber Security Alert TA04-315A - Microsoft Internet Explorer (IE) contains a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code with the privileges of the user running IE. A buffer overflow vulnerability exists in the way IE handles the SRC and NAME attributes of various elements, including FRAME, IFRAME, and EMBED. Because IE fails to properly check the size of the NAME and SRC attributes, a specially crafted HTML document can cause a buffer overflow in heap memory. Due to the dynamic nature of the heap, it is usually difficult for attackers to execute arbitrary code using this type of vulnerability.

tags | advisory, remote, overflow, arbitrary
SHA-256 | dde5a26a7a4fb4dc3e79f0d5ca018fa7314b3d9e764f02c135b67d484a8eea60
Secunia Security Advisory 13085
Posted Nov 12, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Isno has reported a vulnerability in CCProxy, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the handling of HTTP requests. This can be exploited to cause a buffer overflow by sending an overly long HTTP GET request. Successful exploitation may allow execution of arbitrary code. The vulnerability has been reported in version 6.0. Other versions may also be affected.

tags | advisory, web, overflow, arbitrary
SHA-256 | e1d743bac1a3fd1ee60d4d2392726e763433e4e7f3fbd44e532a0f825b31099b
04WebServer.txt
Posted Nov 12, 2004
Authored by Tan Chew Keong | Site security.org.sg

Documentation on three vulnerabilities that were found in version 1.42 of 04WebServer. It includes a XSS vulnerability, lack of character filtering when writing to log file, and potential server restart problems after requesting a DOS device in the URL.

tags | exploit, vulnerability
SHA-256 | 9e30e3662081d2b140cfec3c5c3ba0d3fb33894ffdf8a8d49135d7fe6b9219ca
Gentoo Linux Security Advisory 200411-18
Posted Nov 12, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-18 - Chintan Trivedi discovered a vulnerability in Apache httpd 2.0 that is caused by improper enforcing of the field length limit in the header-parsing code. Versions below 2.0.52 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 76d1d2898fb7705175f98e96ff30e6079808022a4cae65af6ca975adad7473fa
Cisco Security Advisory 20041110-dhcp
Posted Nov 12, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS devices running branches of Cisco IOS version 12.2S that have Dynamic Host Configuration Protocol (DHCP) server or relay agent enabled, even if not configured, are vulnerable to a denial of service where the input queue becomes blocked when receiving specifically crafted DHCP packets.

tags | advisory, denial of service, protocol
systems | cisco
SHA-256 | 89807afc17f23328aab35d1069b6eb558975a974913e0b9e6ca6b7d05ac7da8f
hotfoon.txt
Posted Nov 12, 2004
Authored by Saudi Linux

Hotfoon, an Internet telephony utility, is susceptible to automatically opening up malicious links.

tags | advisory
SHA-256 | ddc1e8ae83b7a0c9f1ed84cc9287c94d6a5020c9168bb9b740df9b2a9018e98c
101_slim.cpp
Posted Nov 12, 2004
Authored by class101

Remote buffer overflow exploit for SlimFTPd versions 3.15 and below. Binds a shell to port 101.

tags | exploit, remote, overflow, shell
SHA-256 | 72f616af4023fdd34e495c1bf2a94ae7cdbc6f584edcc17bfc9bb7541143cabd
LSS-2004-11-3.txt
Posted Nov 12, 2004
Authored by Leon Juranic | Site security.lss.hr

LSS Security Advisory #LSS-2004-11-3 - There is a buffer overflow vulnerability in getnickuserhost() function that is called when BNC 2.8.9 is processing responses from an IRC server.

tags | advisory, overflow
SHA-256 | 02fa0c273544d6c6d6ca526d37deda64a325e297648c1b5d576c8fe3f8f09317
binfmt_elf.txt
Posted Nov 12, 2004
Authored by Paul Starzetz

Five different flaws have been identified in the Linux ELF binary loader. Exploit included core dumps a non-readable but executable ELF file.

tags | exploit
systems | linux
SHA-256 | 6d1a1dcc2d1f40d16e7881000db74eeb1ea2358c6b174e5ef41c1033b6596cf8
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close