PHP Security Advisory - PHP 4.3.0 contains a bug that allows direct access to the PHP binary via the CGI SAPI which allows remote attackers to trick the server into executing arbitrary PHP code. PHP 4.3.1 fixes the vulnerability.
21cbf19fe4a85a2248c6ff1bd76047da3c8253975dfcee6e5099cbb61651d08aBisonFTP v4r2 is a FTP daemon used on Microsoft Windows 9x/NT systems which has a remote denial of service vulnerability if sent long FTP commands, and can be tricked into revealing information about files outside the ftp root. It's not possible to get in contact with the people at http://www.bisonftp.com anymore. I guess a new version will never be released.
4787f651afaf0dc5c002b1ae7fb801b816220ee83fcb6ed6d91fbd0895b33bf9Parameter validation bugs exist in Emumail v5.x which allow remote denial of service and allow remote users to view any account history.
cec95ac394f94a6a107b3b73afcbbd0745d9caee836bd489e7c7cee5e292d689Gobbler is a tool designed to audit various aspects of DHCP networks, from detecting if DHCP is running on a network to performing a denial of service attack. Gobbler also exploits DHCP and ethernet, to allow distributed spoofed port scanning with the added bonus of being able to sniff the reply from a spoofed host. This tool is based on proof of concept code "DHCP Gobbler" available from networkpenetration.com and the DHCP flaws paper.
e67b7b0aaba893b9e0f5b0ff284ff00dc90a09e9061ead2c895a3ad085d770d8BisonFTP v4.r2 remote denial of service exploit in perl. Tested against Windows 98.
97d8de62192a0625ac18734043ac9b63b6773448e623ae0e3bef47baf8a7cf53Efstool Local root exploit for redhat. Requires efstool to be +s for root exploitation. Useful for breaking out from restricted shells. Tested on Redhat 7.1, 7.2, and 7.3.
56fbeadf6c3197a29e31b79d12722accbedb224cb521f2116eb46f376cf8854dChat Local root exploit for redhat. Requires chat to be +s for root exploitation. Useful for breaking out from restricted Shells. Tested on Redhat 7.1, 7.2, and 7.3.
a38709858c17621a4940bea65d88f2f573fdcbf9e2cf26ccd0d9873946196a70/usr/sbin/pwck local root exploit for linux. Affects only +s pwck, remember though its a good way to break free from restricted shells - even to the same UID. Tested on Red Hat 7.1, 7.2, and 7.3.
b75ad70961e03feeb4b123acf7bf9b70259f02d79f6d5b5aa604e838ec59e647BinD: Virtual World Resolver, an IRC Bot. This is linux version for the VW Converter.
20ab2006de5594e3acbc4496a139bd8f7cbb3b84688566b6398bfda0071f2b6bAtstake Security Advisory A021403-1 - Mac OS X v10.2.3 contains a local root vulnerability in the TruBlueEnvironment portion of the MacOS Classic Emulator, which is suid root and installed by default.
922979add04dd03a99e8b8cf1546f75144cba14cd5ed8c57ec889932256bc0dbSpew_spy.c sends spoofed UDP packets to a Gamespy-enabled game server, causing it to spew packets at a target of the user's choice.
7e4eec1e353c39d1438682695bca9c0100dcc993d6a7c20899a1f81a6fa6ca8eRed Hat Security Advisory RHSA-2003:015-05 - The rm and mv commands from Fileutils 4.1 and below contain race vulnerabilities which allow local users to delete files and directories as the user running mv or cp if the recursive option is used and the user has write access to any part of the directory tree being moved or deleted.
a80cb8fb856398925323c191a299ae9f327213094487b8f51517f9561ce60f3fRed Hat Security Advisory RHSA-2003:035-10 - The pam_xauth module included with the pam package v.75 and below contains a local root vulnerability which can be exploited if root is tricked into su'ing to the attackers account.
ad170f1655423e3feed8d627960d9d2c57d5460e7c4204797296bdff5b821a3cThe Abyss Web Server v1.1.2 and below allow unlimited brute force password guessing on the remote admin management port, tcp 9999 with no logging or delay.
aa3c944b4f85c34c5806f7acbe78d1eaa9f59c0ca2c7249a2f2fc55a1464e328Red Hat Security Advisory RHSA-2003:029-06 - Lynx v2.8.4 contains a CR/LF injection vulnerability which can lead to faked headers being sent to a web server.
e05f3d9f7bdecf8e6fedd79d93868275c3e8c747da2c0507685a694de001e360IBM Security Advisory - IBM AIX v4.3, 5.1, and 5.2 has a local root vulnerability in setuid applications linked with libIM.a. Fix available here.
8d53c13846ee5f97fc58ab0627a476ae048a8340d08ce8b33f3c38ffdbe77412
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed