what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 29 RSS Feed

Files Date: 2004-09-29 to 2004-09-30

SP Research Labs Advisory 14
Posted Sep 29, 2004
Authored by Badpack3t, SP Research Labs | Site security-protocols.com

MyServer 0.7.1 crashes causing a denial of service upon receiving an excess of 512 bytes when a POST request is processed.

tags | advisory, denial of service
SHA-256 | 3970118156662026bd49f6e6a61e51bf925a2866ed8da13d136b86a489a5707a
aspWebCalendar.txt
Posted Sep 29, 2004
Authored by cybercide

Both aspWebCalendar and aspWebAlbum are susceptible to SQL injection attacks.

tags | exploit, sql injection
SHA-256 | cbcdae728a34d30d596efd851faa6388885c4df0b771d740a69f3bbb6f577ee3
actpboom.zip
Posted Sep 29, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Proof of concept exploit ActivePost Standard versions 3.1 and below that makes use of a denial of service flaw.

tags | exploit, denial of service, proof of concept
SHA-256 | bbb17d24cb628e3c1334d55dbe2e4753e2e988da7fdef7ec2ee6a29831cb6c23
activePost.txt
Posted Sep 29, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

ActivePost Standard versions 3.1 and below suffer from a denial of service flaw, a directory traversal attack, and conference password and path disclosure vulnerabilities.

tags | advisory, denial of service, vulnerability
SHA-256 | 1432731b3eb7446a8ac35202a9125cafb6659efb65593ba0e763e81fea42951f
os-sim-0.9.7rc1.tar.gz
Posted Sep 29, 2004
Authored by Dominique Karg, David Gil, Fabio Ospitia Trujillo, Julio Casal, Jesus D. Munoz | Site sourceforge.net

Os-sim attempts to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, Acid, MRTG, NTOP, OpenNMS, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security. Supported platform is Linux.

Changes: Various bug fixes.
tags | system logging
systems | linux, unix
SHA-256 | 67176979034f6c3674d2dae6ae08e5a293a318b04472a798193d4d172f0628f2
raddump-0.2.1.tar.gz
Posted Sep 29, 2004
Authored by Jon Moore | Site sourceforge.net

raddump interprets captured RADIUS packets to print a timestamp, packet length, RADIUS packet type, source and destination hosts and ports, and included attribute names and values for each packet.

Changes: Finished port to Linux.
tags | tool, sniffer
SHA-256 | ef61496fe3ec089978c461bd9761c207ea52f137e54e6af37680701e0fd2da3a
s4g-0.8.1.tgz
Posted Sep 29, 2004
Authored by Tangui Morlier | Site lri.fr

Sandbox for Grids (s4g) is a Linux user-mode sandbox. It offers a secure execution environment for suspicious applications. Written in C, it tries to solve some typical problems of quarantine applications: efficiency and security.

Changes: Correction of specific distribution bugs: s4g should now compile fine on RedHat and Slackware.
systems | linux
SHA-256 | a0b907e179bf3667087bd35eb6544487da098af910ae525ea71b65698a3011b3
Secunia Security Advisory 12633
Posted Sep 29, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Apache, which may allow malicious people to bypass configured access controls. The problem is reportedly caused due to an error within the merging of the Satisfy directive. The issue only affects version 2.0.51.

tags | advisory
SHA-256 | eaa5628461f9e9070a795e0e68747d06d36db7e5fc346ebf6f7fd8df93cf63b8
RHSA-2004-434.txt
Posted Sep 29, 2004
Authored by John Buswell | Site rhn.redhat.com

Red Hat Security Advisory RHSA-2004:434 - A security issue in redhat-config-nfs allows users access to more resources than should normally be allowed.

tags | advisory
systems | linux, redhat
SHA-256 | a216fbb70192426543801e3c4ee267bdb2045ebcec96889a88c7c5a311a684bc
x_hpux_11_swinstall.c
Posted Sep 29, 2004
Authored by Watercloud | Site xfocus.org

Local root exploit that makes use of a buffer overflow in the Software Distributor utilities for HP-UX.

tags | exploit, overflow, local, root
systems | hpux
SHA-256 | 82d65b407a37a3ab39bc7d992bea154fb467c37350dce76f824a999dd2d53d19
x_hpux_11i_nls_ping.c
Posted Sep 29, 2004
Authored by Watercloud | Site xfocus.org

Local format string exploit for /usr/sbin/ping under HP-UX.

tags | exploit, local
systems | hpux
SHA-256 | 61a2363dd060c8177bf52b47dc06b4540cf1587f6845ea99052c44d06cb31e22
x_hpux_11i_nls_cu.c
Posted Sep 29, 2004
Authored by Watercloud | Site xfocus.org

Local format string exploit for /usr/bin/cu under HP-UX.

tags | exploit, local
systems | hpux
SHA-256 | 57206e7293d7bca0cb7d8d4291c67d84cf2cb6040f246ba4f663fc0056f390d1
WR850G.txt
Posted Sep 29, 2004
Authored by Daniel Fabian | Site sec-consult.com

The firmware of Motorola's wireless WR850G router has a flaw that enables an attacker to log into the router's web interface without knowing username or password and the ability to gain knowledge of the router's username and password after logging in.

tags | advisory, web
SHA-256 | 53a21852c0242beeb54ba7eefa07e509f4a3ca8e3fb4efdc7230f7b036ceeeb4
Rigel Kent Security Advisory 2004.1
Posted Sep 29, 2004
Authored by Mike Sues, Rigel Kent | Site rigelksecurity.com

Three high-risk vulnerabilities have been identified in the Symantec Enterprise Firewall products and two in the Gateway products. All are remotely exploitable and allow an attacker to perform a denial of service attack against the firewall, identify active services in the WAN interface and exploit one of these services to collect and alter the firewall or gateway's configuration.

tags | advisory, denial of service, vulnerability
SHA-256 | 48b3960d1be3e73919fc5e9e3fa627af4ba13039020e803d57e3dc2958cfdd93
JpegOfDeathAll.c
Posted Sep 29, 2004
Authored by M4Z3R

GDI+ JPEG remote exploit that is a modified version of the FoToZ exploit that has reverse connect-back functionality as well as a bind feature that will work with all NT based OSes. This even-moreso enhanced version also has the ability add a user to the administrative group and can perform a file download.

tags | exploit, remote
advisories | CVE-2004-0200
SHA-256 | 20c93c78772b0990144751c09236f2b8c235714fcc01bac6f35dc0c88f2dc37a
JpgDownloader.c
Posted Sep 29, 2004
Authored by ATmaCA | Site prohack.net

Microsoft Windows JPEG GDI+ Overflow Download Shellcoded exploit.

tags | exploit, overflow, shellcode
systems | windows
advisories | CVE-2004-0200
SHA-256 | ee65d8dd1061332d648503cf739eedf5b2c3f57d9cb1c8df57fffbc1fef368b6
JpegOfDeath.c
Posted Sep 29, 2004
Authored by John Bissell A.K.A. HighT1mes

GDI+ JPEG remote exploit that is a modified version of the FoToZ exploit that has reverse connect-back functionality as well as a bind feature that will work with all NT based OSes.

tags | exploit, remote
advisories | CVE-2004-0200
SHA-256 | d8355ee0ee39e0020db08761e80e8dc97cb432c9a970c1cd4a0d88cdb50b417c
ms04-028-cmd.c
Posted Sep 29, 2004
Authored by FoToZ

Microsoft Windows proof of concept JPEG GDI+ overflow shellcoded exploit that launches a local cmd.exe.

tags | exploit, overflow, local, shellcode, proof of concept
systems | windows
advisories | CVE-2004-0200
SHA-256 | 68ec3cf6594190766b5c1153c0e82bb34d0d0cf6f04eb6a95d05d317b7e06753
chunky.html
Posted Sep 29, 2004
Authored by Uncle Chunky | Site lhqi.com

Amusing yet obnoxious play on terminology in the industry and how it is or could be used to make references to drug and sexual instances. If you are easily offended, do not bother reading this.

systems | unix
SHA-256 | 55800c95af5e0cadc9ac9ea6fb1d5f41a213fbf01ad6b95eba8fc1320cd4c8ca
iDEFENSE Security Advisory 2004-09-22.t
Posted Sep 29, 2004
Authored by Kurt Seifried, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 09.22.04 - Remote exploitation of a design vulnerability in version 1.00 of Sophos Plc.'s Small Business Suite allows malicious code to evade detection.

tags | advisory, remote
advisories | CVE-2004-0552
SHA-256 | 1492e0bde6d3a8289918a6dcd69214b9d08f83ccb4e5d288c26fd1d43ed88c74
dsa-552.txt
Posted Sep 29, 2004
Authored by Debian, Marcus Meissner | Site debian.org

Debian Security Advisory DSA 552-1 - A heap overflow in imlib2 can be utilized by an attacker to execute arbitrary code on the victims machine.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2004-0802
SHA-256 | ea5e41386bc1bc155b689ea6a09f084de69efe715343e3db8c31092ff03fcb2c
NISR-WP-Phishing.pdf
Posted Sep 29, 2004
Authored by Gunter Ollmann | Site ngssoftware.com

White paper from NGS Software that covers the technologies and security flaws Phishers exploit to conduct their attacks, and provides detailed vendor-neutral advice on what organizations can do to prevent future attacks. Security professionals and customers can use this comprehensive analysis to arm themselves against the next phishing scam to reach their in-tray.

tags | paper
SHA-256 | 6a8bb1037838fd20da9753a4b17817d78de7a39a7eb9c8bab70ab301084599f3
sharexploit.c
Posted Sep 29, 2004
Authored by n4rk0tix

GNU sharutils versions 4.2.1 and below local format string vulnerability proof of concept exploit.

tags | exploit, local, proof of concept
SHA-256 | 77348517a311c4d33a71d136d2a86f87228102b1b0790917f34f7f55a44d78b2
Secunia Security Advisory 12611
Posted Sep 29, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VP-ASP, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service, asp
SHA-256 | 11ad83172f449a7a8e71d3840387c8b8b8cc3d188dbffe6f5ed1819e5d62e589
popmsgboom.zip
Posted Sep 29, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Denial of service exploit for PopMessenger versions 1.60 that makes use of a flaw when handling dialog boxes in relation to illegal characters.

tags | exploit, denial of service
SHA-256 | ffa5592f64a45d81de279146b0206c3db5db1d01f749e11b7ca335bdb9de2e7d
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close