Serv-U FTPD 2.x/3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested against Windows 2000 and XP en/cn.
165ec4a880bb84cadb7b7e5c666a355ePacket Storm new exploits for February, 2004.
5a6ec2112ecac27ef985e10b59d352b6Exploit for WFTPD server versions 3.1 through 3.21 and Pro server versions 3.2x that makes use of a stack based buffer overflow.
bc94e7e71e7b442584f9675f5e32d3dbInvision Power Board is susceptible to a SQL injection vulnerability in its search.php script.
4bf0e8ed50f64846844b14d3696ada14Serv-U FTPD 3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested on Windows 2000 and XP.
7903957bc2d05d99715a806c19f459b6Remote denial of service exploit that makes use of a command buffer overrun in Serv-U MDTM versions 5.0.0.4 and below.
0c41ebf259b8390d059a70d948948051Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91. This version support the following operating systems: Windows XP Home Edtion SP1, Windows XP Pro Edtion SP1, Win2k Pro Edtion.
4320054933d5ea571c771b6234c91d9fFlexWATCH-Webs versions 2.2 (NTSC) and below suffer from an authorization bypass via double slashes and also a cross site scripting attack.
6619638cf6bb4c0a7ea46a68935cd11cExtreme Messageboard aka XMB version 1.8 Partagium Final SP2 is vulnerable to multiple SQL injection and cross site scripting attacks.
5381c5e782a35b2bee530ecab38cd3d0PhpNewsManager version 1.46 allows for arbitrary file reading due to being susceptible to a directory traversal attack.
1c9dcfa245a6cbb280746ba1ea8a730aGateKeeper Pro 4.7 on the win32 platform has a buffer overflow vulnerability when processing GET requests. Full remote exploit included. Tested against Microsoft Windows 2000 Pro and Microsoft Windows XP.
836f01f1e1277e6d256d54485d8c881dProof of concept DoS exploit for 3Com OfficeConnect DSL Routers. Successful exploitation of the vulnerability should cause the router to reboot.
94069a9c5530f90d4d23aa6a0ef27899lbreakout2 versions 2.4beta-2 and below local exploit.
e96f9ecfd1f97869642ab94d72b864c9Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91.
e53c88be294dc587edb95c99e12d1794Remote exploit that makes use of a buffer overflow during GET requests in the PSOProxy server version 0.91.
c85dc711e0b38c316b08320377cb861diMail 8.05 LDAP service remote exploit.
35da4d13438508743c37c87b99f0105aExploit that tests for several vulnerabilities in one of Windows XP kernel's native API functions.
079419668499d82b300edc4f4676390aS-Quadra Advisory #2004-02-18 - WebCortex Webstores2000 version 6.0 has a SQL injection vulnerability that allows a remote attacker to add an administrative account and it also has a cross site scripting flaw.
09cc5ad6ab60c00eb917ba1e2d21b989OWLS version 1.0 allows for remote file retrieval via directory traversal attacks.
a983097b8815f2812d8606dccac9f316S-Quadra Advisory #2004-02-16 - EarlyImpact ProductCart shopping cart software incorrectly makes use of cryptography, is susceptible to a cross site scripting attack, and allows for SQL injection attacks as well.
90a560aa4703caff2202e2ae473c2775In the Online Store Kit 3.0 Products, problems exist where user-supplied data is not properly sanitized, allowing for a remote attacker to influence SQL queries and gain sensitive information.
a6f40a401ff90bfc811f2b99eb364f02Two security vulnerabilities in Broker FTP server version 6.1.0.0 cause the server to crash and utilize 100 percent of the systems CPU cycles.
45feef2ea56922c811759339ed7e8f3aShopCartCGI version 2.3 has multiple directory traversal vulnerabilities that allow for remote attackers to gain access to files outside of the webroot.
5407a211abd46c6d0fbaf61b1d4467c7Local exploit for rsync 2.5.7 and below. Note: This exploit only escalates privileges if rsync is setuid, which it is not by default.
2ca496c30d884f9a8056a7c610d79704A specifically crafted HTTP GET request which contains over 4096 bytes of data will cause the KarjaSoft Sami HTTP server to crash. Versions affected: 1.0.4, possibly earlier versions as well.
24ad3e59488c6e1c7b36852ccc7160d5
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed