Remote buffer overflows in various FTP servers leads to potential root compromise.
dbea2205dda8ccac96f1c99e020cb168Default configuration of Website Pro 2.0 opens security hole allowing remote attackers to upload new files and overwrite existing files. This is how www.idsoftware.com got hacked this week.
26abac3db4e02e79064718c0c9ca5322Buffer overflow in Windows Explorer can lead to Denial of Service attack, and possibly more.
495780f39b879aa7dcfc4b0bf3cc5a2dWindows FAT Filesystem Advisory: Recursive directory creation can be used as a Denial of Service attack against Windows* servers that allow anonymous FTP upload, and any that allow users to create directories and execute files.
c65ab9fc785e6fbe9ed312de9b0db492ISS X-Force advisory concerning Windows backdoors, specifically NetBus 2.0 Pro, Caligula, and Picture.exe. An excellent analysis of the new NetBus 2.0 Pro is included, making this a "must read" file.
48b58baf8280bf485b79628937757fc0This is nothing new, but is nevertheless a good reminder that Windows registry keys are never deleted, unless you "hack" the registry yourself. For details on how to edit your Windows registry, and take care of many of the rest of those "Windows annoyances", check out Annoyances.org
59d7ca77dcf306587c75502b69c017cdMore Windows 98 buffer overflows detailed. The interesting thing about these is that it appears that Microsoft software developers define buffer values for each application without consulting one another. In other words, virtually every MS product allocates different amounts of space for buffers!
d9c92ebe1f9222ad00bcdde0586b6de1ISS X-Force advisory concerning Windows backdoors, specifically NetBus 2.0 Pro, Caligula, and Picture.exe. An excellent analysis of the new NetBus 2.0 Pro is included, making this a "must read" file.
0c50cbff0567fe9b3b0fb84078d9f496Macintosh version of Microsoft Word '98 includes sensitive material in document files. Specifically, document files created in Word '98 frequently include unrelated data taken from the hard-drive. This data can contain passwords, or other confidential information that is on the hard-drive. 9902-exploits/ws_ftp-DoS.txt WS_FTP Server Remote Denial of Service Attack. Exploit example included.
065dbafc4ae8140aef94bbfe2a92dab2Linux /usr/bin/lpc (PLP Line Printer Control program) contains buffer overflow with local root compromise. Exploit code and patch fix included.
aec9a0e09fe92f5cce168758e313fe9dThe Xtvscreen program can be used to overwrite any file on SuSE 6 (and probably other distros and OS's).
0b8c52ed13792a58ba16a07caa5f360bISS Internet Security Scanner for Linux (version 5.3) install.iss security hole is vulnerable to the standard tmp-symlink attack. Not much exploit potential here, as noted by Fyodor, but this problem raises serious questions about the overall integrity of proprietary ISS software that is distributed in binary form only.
e8599998de34f811628bf9405786aec2Trend Micro's InterScan VirusWall does not properly protect LANs from inbound traffic (any user can download binaries and virus infected files though the VirusWall). Exploit code included; no patch available from the vendor yet.
5b262315217f933c531b2d3408b823bdThe ISS Internet Scanner lets you brute force by using username/password pairs specified in the file default.login.
dc6d18282709f16988be856537aaadc4Example generic tmp-symlink exploit code that can be used for Denial of Service attacks or root compromises.
771cc2a2d53d324079c36552bafd3e62Example script that exploits the poc.mail.local.txt (mail.local) security hole.
bb54b64c3211442af77b5262adfc1b0eDetailed descriptions of SMP /proc race conditions in Linux 2.2.1 kernel. Patches and Linux-2.2.1 /proc SMP race sniffer exploit code included.
de9a3e3c3cad9d14621c7d3a34e8e869Example script to test for the ncftpd.txt (NcFTPd) security exploit.
de0425a0cf8ac4eff839d7f40d245a58Exploit code for buffer overflow in lsof versions 4.40 and earlier that enables any local user to obtain root privileges.
c29781c8c7cb0904a4c8e9f93e2b737dBuffer overflow in lsof v4.40 and earlier allows local root compromise. Suggested patch and fix information included.
c3f4c5a1f70c668088b171904a92b62dThe Lydia pop3 email utility produced by Kabsoftware uses a weak encryption algorithm, leaving user passwords locally vulnerable.
f232b4ef6fea443cdcae843bd2dbaf44Lynx /tmp bug involving symlinks can lead to local root compromise.
70cc0da358dc3e21589ce3cba3f73cf7Diff for mail.local security hole.
34b0b99a5caad2eb9a54ed28d42c5daaExample script that exploits the poc.mail.local.txt (mail.local) security hole.
13050863a413c950fa09286c786406c7Mail-Max SMTP server for windows 95/98/NT contains remote buffer overflows that can result in root compromise. Exploit code (compiles on Linux x86) included.
51fbd85cb953a231f73b2f56486701cd
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed