exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2004-06-14

Trustix Secure Linux Security Advisory 2004.6
Posted Jun 14, 2004
Authored by stian | Site gcc.gnu.org

A very simple bug in the Linux kernel allows a small program to cause a denial of service. This flaw affects both the 2.4.2x and 2.6.x kernels on the x86 architecture.

tags | exploit, denial of service, x86, kernel
systems | linux
SHA-256 | 4401c12e6329f60078d093537d2085227726b4bd70f20f9a1556884d34432d5d
IEreg.zip
Posted Jun 14, 2004
Authored by http-equiv, Christopher V. Calderon

Registry updates for Microsoft Windows that help to prevent priorly unknown IE flaws from compromising a machine due to cross zone access flaws.

tags | registry
systems | windows
SHA-256 | 2f293c62bd440abbe96a5f65a8445da6596e29c7816ed0aeae41bf382143ae6d
weplab-0.0.2b-alpha.tar.gz
Posted Jun 14, 2004
Authored by topolb

Weplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. Several attacks are available to help measure the effectiveness and minimum requirements necessary to succeed.

Changes: The following features are available in this second alpha version: Capture unique IV WEP encrypted packets from the wireless lan interface, Bruteforce 64 bits or 128 bits keys, Ascii bruteforce 64 bits or 128 bits keys, Full weak keys attack (FMS) to both first and second bytes for 64 bits or 128 bits keys.
tags | tool, wireless
SHA-256 | 410089345b57bdd3b6476c59d33d94b77eac8f73f4213fb39879a9e62059349a
Secunia Security Advisory 11799
Posted Jun 14, 2004
Authored by Secunia

Microsoft has issued Service Pack 2 for ISA Server 2000. This includes patches for all previously reported vulnerabilities as well as older hot fixes, where some address potential security issues.

tags | advisory, vulnerability
SHA-256 | cde0a6316c61f476997a2b12d1eb5ba5efc7734e090b2a60a4e961c5b135579d
WinAgentsTFTP.txt
Posted Jun 14, 2004
Authored by Ziv Kamir

When an overly long filename is requested via the WinAgents TFTP server, a denial of service occurs due to an error in the handling of the request. Tested against version 3.0, other versions may be susceptible. Exploitation included.

tags | exploit, denial of service
SHA-256 | 37edc8387891774a869861d51b12bf0f6942164a32c1c8e0af19bfa75a3d0c01
Secunia Security Advisory 11824
Posted Jun 14, 2004
Authored by Secunia, Keith Gable | Site ignition-project.com

A vulnerability has been discovered in ignitionServer versions 0.1.2 through 0.3.1, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to missing password verification when linking servers.

tags | advisory
SHA-256 | a2424139487a4dea84b44192623c5978ce663be7e2f00ee01d02e198048e68cf
Secunia Security Advisory 11807
Posted Jun 14, 2004
Authored by Secunia, Michael Castleman

A vulnerability has been discovered in MoinMoin that can be exploited by malicious users to gain escalated privileges. The problem is that a user can gain the same privileges as an administrative group by creating a user with the same name. The vulnerability has been reported in versions 1.1, 1.2, and 1.2.1.

tags | advisory
SHA-256 | 45a321ae4b91a6a821b0a72632c38aabc18c47b6a701c04a78584d8a3468d948
Secunia Security Advisory 11846
Posted Jun 14, 2004
Authored by Secunia

VP-ASP Shopping Cart 5.x has a vulnerability which can potentially be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss, asp
SHA-256 | 39e70e14d5aaca15d049fefd2cf2605dd17105c01c09ccaa33fcafe0ff6552e5
swapctlNetBSD.txt
Posted Jun 14, 2004
Authored by Evgeny Demidov

An integer handling error within the swapctl() system call of NetBSD 1.x can allow a local user the ability to cause a denial of service attack.

tags | advisory, denial of service, local
systems | netbsd
SHA-256 | 0b04f2d0bae3375ec84b5c4112c85c28ed5adf7a137c5cae027ebc0d6c7b7189
billionFW.txt
Posted Jun 14, 2004
Authored by Tommy A. Olsen

A vulnerability in the Billion BIPAC-640 AE Broadband Firewall Gateway can be exploited by malicious people to bypass user authentication on the administrative web interface.

tags | advisory, web
SHA-256 | 8f7a686d9df9d69ea856244b34bb4a7ae567e7e1692f015c199a0b92a90df698
modproxy1.html
Posted Jun 14, 2004
Authored by Georgi Guninski | Site guninski.com

The version of mod_proxy shipped with Apache 1.3.31 and possibly earlier versions are susceptible to a buffer overflow via the Content-Length: header. This can lead to a denial of service and possible compromise of a vulnerable system.

tags | advisory, denial of service, overflow
SHA-256 | 4fd4a3dc2ff2887823678f53b78e0b6b9f804c4881d7f2160ca9ed11a8f808d5
Technical Cyber Security Alert 2004-163A
Posted Jun 14, 2004
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA04-163A - There is a cross-domain vulnerability in the way Microsoft Internet Explorer determines the security zone of a browser frame that is opened in one domain then redirected by a web server to a different domain.

tags | advisory, web
advisories | CVE-2004-0549
SHA-256 | e5fe41adfe15146f3fc5105718e0bfa3890d7a0fee8aa704345909e52c657e10
waraxe-2004-SA032.txt
Posted Jun 14, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

PHP-Nuke versions 6.x - 7.3 suffer from multiple cross site scripting flaws and one SQL injection attack.

tags | exploit, php, xss, sql injection
SHA-256 | 91617b0086be744417da762ae75a78ca3a9666abf5c6dfe2b7512cbada4af510
realra.txt
Posted Jun 14, 2004
Authored by John Heasman | Site nextgenss.com

NGSSoftware Insight Security Research Advisory #NISR11062004 - By crafting a malformed .RA, .RM, .RV or .RMJ file it possible to cause heap corruption that can lead to execution of arbitrary code. By forcing a browser or enticing a user to a website containing such a file, arbitrary attacker supplied code could be executed on the target machine. This code will run in the security context of the logged on user. Another attacker vector is via an e-mail attachment. NGSResearchers have created reliable exploits to take advantage of these issues. Versions affected are: RealOne Player (English), RealOne Player v2 (all languages), RealPlayer 10 (English, German and Japanese), RealPlayer 8 (all languages), RealPlayer Enterprise (all versions, standalone and as-configured by the RealPlayer Enterprise Manager).

tags | advisory, arbitrary
SHA-256 | 9386d33a1646cab5f7eba3a0866f4a1fc55d21938426f75fe5d480922d5d3f5b
snsadv074.txt
Posted Jun 14, 2004
Authored by Keigo Yamazaki

Webmin version 1.140, a web-based system administration tool for Unix, has a vulnerability that allow users to gain read access to the configuration of a module without authentication.

tags | advisory, web
systems | unix
SHA-256 | 832e4e216b40d2258786e8d36c494b2dff9a4983cb87e9a3c826f970fdbdccea
eEye.realHeap.txt
Posted Jun 14, 2004
Authored by Karl Lynn | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in RealPlayer. The vulnerability allows a remote attacker to reliably overwrite heap memory with arbitrary data and execute arbitrary code in the context of the user who executed the player or application hosting the RealMedia plug-in. This specific flaw exists within the embd3260.dll file used by RealPlayer. By specially crafting a malformed movie file along with an HTML file, a direct heap overwrite is triggered, and reliable code execution is then possible. Systems Affected: RealOne Player, RealOne Player v2, RealPlayer 10, RealPlayer 8, RealPlayer Enterprise.

tags | advisory, remote, arbitrary, code execution
SHA-256 | 7947dd5f305ea9cdbbffb6a947c20d36de581d05306a574cdfa1fe8b8b697c67
sbd-1.27.tar.gz
Posted Jun 14, 2004
Authored by Michel Blomgren | Site cycom.se

sbd is a Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. sbd features AES-128-CBC + HMAC-SHA1 encryption (by Christophe Devine), program execution (-e option), choosing source port, continuous reconnection with delay, and some other nice features. Only TCP/IP communication is supported. Source code and binaries are distributed under the GNU General Public License.

Changes: Bugfixes, implemented Christophe Devine's optimized AES-CBC-128 code, added the -n and -m options.
tags | tcp
systems | windows, unix
SHA-256 | f56e71ecee6830fe2b0bc39d1d30c30dd3a96041a625884446a2f2faaf7f6367
tinyca-0.6.2.tar.gz
Posted Jun 14, 2004
Authored by Stephan Martin | Site tinyca.sm-zone.net

TinyCA is a simple GUI written in Perl-Gtk to manage a small certification authority. It works as a frontend to OpenSSL. TinyCA lets you manage x509 certificates. It is possible to export data in PEM or DER format for use with servers, as PKCS#12 for use with clients, or as S/MIME certificates for use with email programs. It is also possible to import your own PKCS#10 requests and generate certificates from them. It also lets you create and manage SubCAs for more complex setups. The most important certificate extensions can be configured with the graphical frontend. English and German translations are included.

Changes: Added new look for some functions. Key, request and certificate can be generated in one step. Code cleanup.
tags | perl, encryption
SHA-256 | 1e22fb07353814b1d9b1dcb33ccc5ba150b8ff968f2a79e6d8d164ab57368a02
pidentd-3.0.18.tar.gz
Posted Jun 14, 2004
Authored by Peter Eriksson | Site lysator.liu.se

Pidentd v3 is a much improved version of the original Ident daemon both in terms of speed, code quality and features. Features include multithreading, a "configure" script, startup autodetection, much clearer/rewritten C code, doesn't run as root after startup, has a configuration file and can be started from /etc/inittab (on systems using a SysV init).

Changes: Added support for Gcc in 64bit-mode and Solaris 10. Fixed a file descriptor leak in request.c.
tags | root
systems | unix
SHA-256 | 2bcd37859efbb8b664c4d4aeb825c013047261918e8f16c83505da18f5b1d62d
hping3-alpha-1.tar.gz
Posted Jun 14, 2004
Authored by Antirez | Site hping.org

hping is a network tool designed to send custom ICMP/UDP/TCP packets and to display target replies like ping. It handles fragmentation and arbitrary packet body and size, and can be used to transfer files under all supported protocols. Using hping, you can test firewall rules, perform spoofed port scanning, test net performance using different protocols, packet size, TOS (type of service), and fragmentation, do path MTU discovery, transfer files (even with really Fascist firewall rules), perform traceroute-like actions under different protocols, fingerprint remote OSs, and audit a TCP/IP stack. hping is very useful for learning TCP/IP.

Changes: Implements scripting capabilities that prior versions did not have. A new packet generation core that is much more powerful than the previous is available to the scripting capabilities.
tags | tool, remote, arbitrary, udp, scanner, spoof, tcp, protocol
systems | unix
SHA-256 | ad6af673780731623fa0bcf536b099380ab85aeb87330027f543332620370be7
blackboardLS.txt
Posted Jun 14, 2004
Authored by killer | Site mostly-harmless.nl

A bug in Blackboard Learning System release 6 allows users to steal documents out of the digital dropbox of other users. Remote perl exploit included.

tags | exploit, remote, perl
SHA-256 | 25e6d7fa0bcf5322d784aae69a7d723c7a2a77c7d734ecd26ddce28269d237a8
SSRT3456.txt
Posted Jun 14, 2004
Site hp.com

A potential security vulnerability has been identified with HP-UX running ftp where the vulnerability could be exploited remotely to allow unauthorized access. Impacted versions: HP-UX B.11.00, B.11.11, B.11.22.

tags | advisory
systems | hpux
SHA-256 | ab12a0e7ff3eb0a9bb5ed915071dfbd16a49a23454a83568e6ff1ae48eb57ce7
edimaxBackdoor.txt
Posted Jun 14, 2004
Authored by msl

Edimax 7205APL with a firmware of 2.40a-00 has a huge flaw where a guest account is hard-coded into the firmware allowing anyone to perform a backup with the same privileges of the administrator.

tags | exploit
SHA-256 | 819184677465c2c8b615fa02029e918e3a745193ddc406e52a03e02353079da1
0xbadc0ded-04.txt
Posted Jun 14, 2004
Authored by Joel Eriksson

A remotely exploitable format string vulnerability exists in smtp.proxy up to and including version 1.1.3. The bug is present and exploitable regardless of any compile time and runtime configuration options and can be exploited by sending a message with an embedded format string in either the client hostname or the message-id.

tags | advisory
SHA-256 | 650e059f4660964948bab6dd542c9c7d67dea329505d29c355d351dea912ff5d
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close