Plusmail remote exploit - plusmail fails to check authenticity before creating new accounts.
cb45bd9c9b86c81b068cef1ce3f8b5f9Packet Storm new exploits for January, 2000.
38af88a541be851c1f2c5eb240a0e0e7RightFax Web Client v5.2 allows anyone to hijack user's faxes.
9bb7293d5c68e1a5c5585199bad613a5The "Strip Script Tags" feature in Firewall-1 can be circumvented by adding an extra less than sign before the SCRIPT tag. The code will still execute in both Navigator and Explorer.
f6ba91a8013bd49f0441d329466bf7ceRecent PAM implementations allow you to use su to rapidly crack accounts without being logged. Tested on RH 6.1.
10423e8f8ff63e2145b21fec615ece68Autobuse.pl and angel.pl both use /tmp insecurely.
ff89f7c3c011f530b4c95ee396510a2bMany virus checking software skips directories entitled \\recycled or similar. This allows viruses and trojans a safe haven on many Windows 95, 98, and NT systems. Exploit code included.
320a950d8efaa33854f465fdb9e7eca2An HP-UX 10.30/11.00 system can be used as an IP traffic amplifier. Small amounts of inbound traffic can result in larger amounts of outbound traffic, using ICMP MTU discovery packets.
4fd026baa15caea8a3d981d0abc1bf4dAll flavors of BSD have local root procfs holes. Exploit included.
ddefadee77bc2088a7a5b5b032ca3ff1There is a buffer overflow in Subseven 2.1a causing it to quit quietly, crash, or overwrite variables.
a9ae10bc91758866af6d9e7695df2d28SMS 2.0 Remote Control (for Windows NT) introduces a security risk that will allow the attacker to run programs in system context, due to the fact that the executable used for the remote control service is copied to the workstation without any special permission settings to prevent a user from replacing the executable.
939250f9f1bfa69849fd81cc78038d43Microimages X server for Windows allows anyone to kill your session and start an xterm on your machine if they know you are using the software.
60bb7ab5ff38455203a8b08cd8d3ee0fWindows NT webservers using ASP can under some circumstances reveal the path of the server. A variable holds information about the internal structure of the website.
f3c9c247dda71acf38aebe0cb4c5c241IIScat exploits the recent Microsoft Index Server vulnerability to read any file on the server.
6486fb070f99a76bcfc5dfc1a4b9f85dExploit for Cobalt Raq2 Server. Requires Site Administrator access to one of the accounts on the server.
3432696a228bd51795c33223d2d537b2A modified version of the original qpopper 3.0beta29 exploit by Zhodiac, added network support (no need for netcat) and allowed the user to specify which command to execute.
82ad9b1f522d4dae7383117047b5f5bcCerberus Information Security Advisory (CISADV000126) - Internet Information Server 4.0 ships with an ISAPI application webhits.dll that provides hit-highlighting functionality for Index Server. A vulnerability exists in webhits that allows an attacker to break out of the web virtual root file system and gain unathorized access to other files on the same logical disk drive. This vulnerability can also be used to obtain the source of Active Server Pages or any other server side script file which often contain UserIDs and passwords as well as other sensitive information. Vulnerable systems include Microsoft Windows NT 4 running Internet Information Server 4, all service packs. Microsoft FAQ on this issue is here.
512cf5e159aee75a024d84adc45e0996Explanation of the 'spank' attack - a new breed stream/raped. Stream/Raped mearly flooded the host with ack's (or no flags) and came from random ips with random sequence numbers and/or ack numbers. The difference now is that this not only does the previous stuff, but also directly attacks from and to multicast addresses as well.
c9e46f542b311ed9d0f7c9dbc1204c03Solaris Solstice Internet Mail IMAP4 Server x86 exploit.
821fc99233c6792e3a5d571544e02056Remote linux x86 exploit for Qpopper 3.0beta29 and below. (not 2.5.3) Overflows the LIST command and spawns a shell with the UID of the user who logged in (requires valid account), and GID mail.
089ae93a6c629d93a58194ac07cbb0b6w00w00 Security Advisory - qmail-pop3d may pass an overly long command argument to it's password authentication service. When vpopmail is used to authenticate user information a remote attacker may compromise the privilege level that vpopmail is running, naturally root.
68b6d3a1b05e5e257c57d90c820d08c0w00w00 Security Advisory - Linux VMware 1.1.2 Symlink Vulnerability. VMware stores temporary log files within the /tmp directory. It does not check whether all of these files exist prior to creation, resulting in the potential for a symlink attack.
4b31536039d42df62107f9f754799ae4w00w00 Security Advisory - S/Key & OPIE Database Vulnerability affecting most Unixes (not NetBSD) running skey-2.2. (possibly earlier versions too) allowing offline password cracking.
8f5d6179b615202fd4b8349769f9708eRemote exploit for the inter7 supported vchkpw/vpopmail package for (replacement for chkeckpasswd). Tested on Sol/x86,linux/x86,Fbsd/x86 against linux-2.2.1 and FreeBSD 3.[34]-RELEASE, running vpopmail-3.4.10a/vpopmail-3.4.11[b-e]. Unofficial patch here.
2d7dedcfe66b33095eeacda82febfcc6MS IIS 5.0 has problems handling a specific form of URL ending with "ida". The extension ida has been taken from the Bugtraq posting "IIS revealing webdirectories" The problem causes 2 kind of results. The one result is that the server responds with a message like "URL String too long"; "Cannot find the specified path" The other error causes the server to terminate with an Access Violation. When the server "Access violates" it displays as last message.
420df2c0f778194590d6ca0d2f538ccd
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed