Microsoft Windows Metafile (WMF) remote exploit which takes advantage of the bug known as ms05-053. This program creates a special .wmf file which crashes IE by overflowing the "mtNoObjects" header.
8a69e2857d794a4dbba1f6eb8fe50a28af6da1e116e413522bef8d7a68279195Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It is useful for pinpointing which process is using each network socket. FAQ available here.
97215e607493ebd9099310ddda79908364edf011332636b2e1d87cc663e838d2Counter Strike 2D denial of service exploit that affects versions 0.1.0.1 and below.
cb1001e86d9a7f9bccd81b9253e0b87ff9acbce3407259d4304e537114d3c854This Metasploit module exploits an arbitrary command execution vulnerability in the HP OpenView connectedNodes.ovpl CGI application. The results of the command will not be displayed to the screen.
d646fce74ad83e7e6272baf588f3dee72965b9ac4d3228c55902d45feeb20878This Metasploit module exploits a stack overflow in the authorization code of the Oracle 9i HTTP XDB service.
4f4b1da5eb055a4a7fb509da7b708e276fbf6eb7e21f623f4d5f462f7c6375a2Proof of concept exploit for Firefox 1.0.4 for the InstallVersion.compareTo() vulnerability. Needs functional shellcode to work.
1ee1c947181c895864e1192cc8eba3c0c8fee83ced31bcb342f003342522e9b7Technical Cyber Security Alert TA05-347A - Microsoft has released updates that address critical vulnerabilities in Internet Explorer (IE). A remote, unauthenticated attacker could exploit these vulnerabilities to execute arbitrary code or cause a denial of service on an affected system.
a14e4fd409749b1dcb627c71f7d1b18af314e447dde07afe0d11e981090d7f79ADP Forum versions 2.0 through 2.0.3 suffers from a direct download flaw that discloses users' password hashes.
994153cca5049cdb9d666d542a704146567edfd41e3d7d5c0530e89ca29a65afSecunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to trick users into downloading and executing arbitrary programs on a user's system. A design error in the processing of mouse clicks in new browser windows and the predictability of the position of the File Download dialog box can be exploited to trick the user into clicking on the Run button of the dialog box.
add1b79fbba766c7c37cc6c8189b9162030b5a7c8c030db19bb507a324aed2cbSecunia Research has discovered a vulnerability in Microsoft Internet Explorer 6.0, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to a design error in the processing of keyboard shortcuts for certain security dialogs.
8cbe12f30ecdf09218a3ea3684d7b349517dd89e19fcae3c26d49df76d3c246eeEye Security Advisory - eEye Digital Security has discovered a local privilege escalation vulnerability in the Windows kernel that could allow any code executing on a Windows NT 4.0 or Windows 2000 system to elevate itself to the highest possible local privilege level (kernel).
833bb985f7ebc68cacbf3f7fb0eeed820e4e83d92d17cfe255f77d5fe1397c4fCALL FOR PARTICIPATION for the 2nd International Conference on Distributed Computing (ICDCIT 2005).
f8b0d602567a0ecb2d226e5041da9fa401eaa0a1f0ed39c2eab9e4992bdf98c2Universal BIOS password dumping utility.
b1f6af1f82f09f8af28f41e9091033accee545c731eb71c50a2422055333be56BIOS password physical memory reading utility that displays to the screen.
eb06f2fd16b017c08eec4ae6bf10740c88c828cdd6354841179d634f9a6c0d0bBIOS password physical memory reading utility that writes to a file.
eda2018befaa92c06c565bfe52b36eb3c4b46699bc8d31f3df94cb7e532159c1Whitepaper discussing information leakage and password extraction from a BIOS.
11c0d68db3008a8f6d96bdaa51cd4f9d4990d59b038ddbb12e9e044505537b96PhpCOIN version 1.2.2 blind SQL injection and remote code execution exploit.
e6491b9115632445f1126b4ada53cf24b74da78938376be7c8910c4a2dd5712aPhpCOIN version 1.2.2 remote code execution exploit.
530d3b16ddc3460e10120364301c0eaa44d6ac142a89ea0f60a8aebd1f7a7f58PhpCOIN version 1.2.2 is susceptible to arbitrary file inclusion, blind SQL injection, and path disclosure attacks.
ccf829e31e902456ba3a368066bf407b79e58fa4c14c4e4c4b37ec709e45bd34iDEFENSE Security Advisory 12.12.05 - Local exploitation of a buffer overflow vulnerability in the uidadmin binary included in multiple versions of The SCO Group Inc.'s Unixware allows attackers to gain root privileges. iDefense has confirmed the existence of this vulnerability in SCO Unixware versions 7.1.3 and 7.1.4. All previous versions of SCO Unixware are suspected to be vulnerable.
81d6f5c861aa58608e968aa8e634230e92cf48aa302927c34830e5e2ebeef582Gentoo Linux Security Advisory GLSA 200512-04 - The Oulu University Secure Programming Group (OUSPG) discovered that various ISAKMP implementations, including Openswan and racoon (included in the IPsec-Tools package), behave in an anomalous way when they receive and handle ISAKMP Phase 1 packets with invalid or abnormal contents. Versions less than 2.4.4 are affected.
9c819d190048fd3776fca9e1c83737151debd1ba69a9ced95413474895b0e1bcThe BTGrup Admin WebController script is susceptible to a SQL injection attack.
b719868fda75ccd00a066f7b0e6d235e7c927652ad88980c526e0c0fdd2c7e0aDirect download access of the setting.php file in IMOEL CMS allows for disclosure of the SQL password.
5a036ecf1cada1215eb1d1841f9db1825d1b5e76ddb379b1d75ba669e51bbb2bMarc Ruef found an old fashioned denial of service flaw in the NetGear RP114 device.
167e8da4ecc7e712ceaf1c5d26f4e4a95a24545fe23726e64b3d9b463f6f6364SEC-CONSULT Security Advisory 20051212-0 - Due to insufficient input validation within the Nortel SSL VPN appliance's web interface, it is possible for an attacker to supply his victim with a malicious link that results in code execution on the victim's client. The problem has been reproduced with version 4.2.1.6, however other versions might be vulnerable as well.
e737b6c4b673f2f6f1dbf7cd8019450391400b84e288a3d5d30d3947f18fc0a2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed