Packet Storm exploits added in the year 2003.
e09c986a8810c204430dbbdef3f0cd81Packet Storm new exploits for December, 2003.
fd96104b52452635a55566e5bde24485It is possible to cause a denial of service attack against the SecurityServer daemon in MacOS X, MacOS X Server, and Darwin by unlocking a locked keychain and specifying a very long password.
d81f8b6a87bdb09dcd8e8e493388372eLocal buffer overflow exploit for Winamp version 5.1.
54ff3ee95d8a7f6802122f4362e72352NetObserve versions 2.0 and below suffer from a severe security bypass flaw that will enable remote attackers to gain administrative privileges and execute arbitrary code on the server.
2bd139ff34e8256e5aee6cfc5963c5e9Exploit code that makes use of the showHelp() vulnerability found in Microsoft Explorer versions 5.x-6.0. This file must be renamed with a .html extension to work.
e99fb54eb1ced09dc1fd2e3187b715cbGallery versions 1.3.3 and below suffer from a cross-site scripting vulnerability in its searching functionality.
bd8fa7a52e93df322ab5dc54d4b6faf3php-ping improperly filters user inputs, allowing for a malicious remote attacker to execute arbitrary commands as the webserver uid.
450d6884bb82ab689b9ced960891973eAlt-N Technologies MDaemon Mail Server versions 6.52 to 6.85 suffer from a remote buffer overflow in its raw message handler. Sending more than 153 bytes in the From field to FROM2Raw.exe creates a raw file, that when processed by mdaemon, will cause a stack buffer overflow.
74de9bd4c75e8a57e115b87b3aff2516The QuikStore Shopping Cart suffers from directory traversal vulnerabilities that allow a remote attacker to gain access to files outside of the webroot and also discloses installation path information on error pages.
4953833c7c0fe6962bd8a66fecb9aa0aIMSPd v1.7 and below remote root buffer overflow exploit which takes advantage of a bug in abook_dbname(). Tested against IMSPd 1.7 and 1.6a3 under RedHat 8.0. Fix available here.
5162fefc17a2d96ad76b83a84c36f570Exp_unix2tcp.c is a local exploit for unix2tcp below v0.8.0 which gives root access if unix2tcp is setuid, which it is usually not. Tested on Redhat Linux 9.
17f3b5fb7f646a6cb8647a775b53c63eDCAM webcam versions 8.2.5 and below suffer from a directory traversal attack that allow a remote attacker to access any file available to the webserver uid.
5f7b85639545d288c78372f4006ccd66CesarFTP version 0.99g and below has a security hold in the command CWD that allows a remote attacker the ability to cause a denial of service by raising the CPU utilization up to 100%.
90b7691cee7a770103bf922c3069fb0cA fault lies in ProjectForum versions 8.4.2.1 and below that allow an attacker the ability to cause the server application 'projectforum.exe' to crash and stop responding to requests from clients. This can be triggered by sending an overly long 'find' request string to the server in question.
d343ce102b631366e79d2489a662a593Remote exploit for eZnetwork versions 3.3 to 3.5 that sends a shell back to the host that the attack spawns from.
1c79c869e872b376278eb4416b3b6625Remote exploit for the Microsoft Messenger service buffer overflow described in ms03-043. Tested against Windows 2000 FR SP0.
7923cdcc15237bb37be9249d97ee337eOpera for Windows v7.x prior to v7.23 build 3227 remote exploit which sets up a web server and feeds Opera a URL that will create and execute a batch file on the clients computer.
85a437cea2b1f6be1b26143e87f00b60Apache 1.3.*-2.0.48 remote users disclosure exploit - Checks Apache webservers for a wrong default configuration of mod_userdir which allows account name guessing and then attempts to login to the found accounts with ftp. Effective against Linux and *BSD boxes.
01464a2fa047af3a15831c455b89f9c9ThunderstormWks is a mass exploiter / scanner for the windows workstation vulnerability discussed in ms03-049. Can scan random IP ranges quickly and contains a ftp download payload.
3b686e6d08c2b7c6cb1d2d11ca3cbc62Linux kernel do_brk local root exploit for kernel v2.4 prior to 2.4.23.
15831ce915376b30d4db0512a3ad10f1Microsoft Workstation Service WKSSVC Remote Exploit for the bug discussed in MS03-049. This version does not crash services.exe until the shell exits.
cd0ae50e67851a9a724ad3f6a064b09cEznet v3.5.0 and below remote stack overflow exploit which includes shell code that downloads and runs an executable from a web server.
55be4f3bf8bcb93395dae0be528a718aX_hp-ux11i_nls_ct.c is a local root format string exploit for /usr/bin/ct tested on HP-UX B11.11. Uses the NLSPATH vulnerability described here.
837f5eb9c39c2662a7b97b20d7b5a6bcMvdsv Quake Server v0.171 and below remote exploit. Tested against Debian GNU/Linux 3.0 and Slackware 9.0. Includes a patched Quake source which includes shellcode in cl_main.c which binds a shell to port 30464.
dc1c49288d1bc3fa76cc72ffdb03b3e7
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed