Packet Storm new exploits for March, 2004.
4e97d41068bbd2b4d4ff013e93caa7d6Full detailed analysis and explanation of a systrace vulnerability that exists in various kernels. This problem was silently fixed in the Linux 2.4.24 kernel release without any real acknowledgment to the security community. Full exploit included.
3ee4b2c23da5f70220f4d222dfec56c8A testing tool for RogerWilco versions 1.4.1.6 and below and RogerWilco Base Station versions 0.30a that suffer from multiple bugs.
597c92720fd3a472c793309702812662Good write up discussing how Microsoft has yet again dropped the ball on patching another Internet Explorer vulnerability, where using forms can allow an attacker to spoof a fake destination to the user.
680d3103b8fc6fe4567af0e44af3bcffS-Quadra Advisory #2004-03-31 - CactuShop shopping cart versions 5.x suffer from a SQL injection attack that allows for remote code execution via the MS SQL xp_cmdshell function. They also have a cross site scripting vulnerability.
c25653ec903f60f19045dd7037a0d269A-CART Pro and A-CART 2.0 suffer from input validation holes that allow for SQL injection and cross site scripting attacks. Full exploitation demonstrated.
29824b591dd5a64c7391bc7c93eb6352Cloisterblog version 1.2.2 does not perform proper parameter auditing derived from user inputs allowing for multiple cross site scripting issues and also directory traversal attacks.
7d4a338db045679b418dfb1eaef9fe87RealSecure / BlackICE iss_pam1.dll remote overflow exploit.
0ddc8c39ea4432b2ec4fc6a8f5d6ea4dEthereal IGAP Dissector Message overflow remote root exploit that spawns a shell on port 31337. Makes use of the vulnerability that exists between versions 0.10.0 to 0.10.2. Tested under Gentoo and RedHat 8.
42e9f9dc28e6c773c9816a77b3bff6b0A SQL injection vulnerability in PHPBB versions 2.0.8 and below allows an attacker the ability to extract the administrator password hash.
c316b4db1e73a0dca9df33134cbd779eMultiple SQL injection and cross site scripting vulnerabilities lie in XMB 1.8 Partagium SP3 and 1.9 Nexus Beta. Full exploitation syntax given.
9d1f6f6943811ac0c1887925ea3d441cInvision NetSupport School Pro stores passwords in a manner that allows their encryption to be easily reversed. Exploit written in Pascal is included.
27c12a27a7f8864f85087da894f906ffInformation on how to bypass Password protection on Microsoft Word documents with step by step instructions given.
b9116e287760862aeda67726ea23b7d0Remote proof of concept exploit for Etherlords I versions 1.07 and below and Etherlords II versions 1.03 and below that causes a crash.
a9be70bea9c44b71fe18cb74a9439389Remote exploit for eSignal versions 7.6 and 7.5 that downloads and executes a file.
6f90cae56696ff993c33b9899191a47eHP Web JetAdmin Version 7.5.2546 has multiple vulnerables. They include denial of service, the ability to upload any file to the server, the ability to write to any file on the filesystem, and the ability to read any file via a directory traversal attack.
e6f0dc1235b0d0236d656ada61472d58Proof of concept exploit for PicoPhone versions 1.63 and below that makes use of a buffer overflow in the logging functionality.
7b97fc4e9b1b9d51052ae11b7a4d08a8TrendMicro Interscan Viruswall versions 3.5 and below suffer from a directory traversal vulnerability that allow a remote attacker to access any files outside of the web root.
ec8b6587245cb7d6b0ea630d03b0e0cdRemote proof of concept denial of service exploit for Terminator 3 that makes use of a broadcast client buffer overflow.
a0488bcfc89f8c89bb396b3c7e80cc10Remote denial of service exploit for The Rage game versions 1.01 and below.
4bf17b3df82c0f6ebc4c73592086592aIpswitch WS_FTP server version 4.0.2.EVAL allows for a local attacker with program execution privileges to run anything with SYSTEM privileges. Full step-by-step exploitation given.
04e6d24da1e0cdf233c5fa31d7cbe6b8Remote exploit for Ipswitch WS_FTP server version 4.0.2.EVAL that makes use of a buffer overflow in the STAT command.
757ff118a5513e54d7deee4651b08175News Manager Lite 2.5 and News Manager Lite administration suffer from cross site scripting, SQL injection, and cookie hijacking vulnerabilities.
8b8b4c8b0df0c8fea60819640c5c61a0Input validation holes in Member Management System version 2.1 allow for SQL injection and cross site scripting attacks.
57a9c2aab1a113f03144a493b0e3fd7axweb version 1.0 is susceptible to a directory traversal attack that allows viewing of files outside of the web root.
ce444d06c99e6df9b102954f96b37bc4
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed