This whitepaper focuses on discussing how to use the SQL XFS deviation to execute cross site scripting attacks.
e5b3bd5a2dbf34c616ea715c9dea8cc0Remote exploit for Sendmail versions below 8.9 that makes use of the buffer overflow in HELO to send completely spoofed emails.
42bd1b17150d2c64e0bedeeb617fb161Con Fusion is an extremely user-friendly Win32 program that exploits the security holes found in Cold Fusion web server software. [re:L0pht's Cold Fusion security advisory]
90db1fd5a520c2eb221ba3c11e72b535Security Vulnerability in MPEi/X debug for HP3000 systems allows any user to gain increased privileges. Vendor patches available.
8d5409ee4e0af1e939dbbffce0b095e8sendmail 8.8.6 for various HP platforms is vulnerable to simple Denial of Service attacks. Vendor solution/patch details included.
a39da0f39b32f55da0da299196125a0aSecurity vulnerabilities in the ICQ99a ICQ-Webserver allows remote attacker to execute Denial of Service attacks, hijack ICQ accounts, and even download any files from Hard Drive, including Registry and password files. Detailed step-by-step descriptions of all exploits included.
07404023e8ec48cf50b51e22248a25dcICQ stores passwords in plain text? And now you know where too. Find one of the millions of people utilizing the ICQ-Webserver and you can Hacking ICQ-Webservers for Dummies file if you have problems.
e4a196e72493163561185f0b4fdf1957Security vulnerability in ICQ99 WebServer allows anybody to access your entire hard drive, including password files and registry. Exploit described; no fix available. Mirabilis obviously does not consider security to be of any importance.
d1e3561b7a4846a2abb684e783414cceLinux insmod security vulnerabilities allow local attacker to potentially gain root compromise. Detailed descriptions of the various vulnerabilities and basic exploit description included.
68c50ede0ffe6206f2d958809d23f5b3Security vulnerability in IPFilter v3.2.10 and earlier versions allows local user to gain increased privileges and/or destroy arbitrary system files, due to improper handling of lockfiles by the ipfilter program. Download the new beta version, or apply patch included in advisory.
061545955e9bfee8fc8d7f3f0e918b0eBuffer overflow in CAC.Washington.EDU ipop3d 4.xx can be used by malicious local user to gain superuser access.
3eb5816a27bdbc66c1171e87bc46c8baLockfile vulnerability in CAC.Washington.EDU ipop3d 4.xx can be used to launch local Denial of Service attacks. Exploit code and recommended fix included.
e3d0eb51586a2a15a43fbb94fab43fedBug in Services for IRC Networks 4.2.2 allows any IRC user to launch a simple Denial of Service attack. Exploit description and software upgrade information included.
f7a3f179f2e8a76a7b86c50a2598c94cSecurity Hole in Java 2 (and JDK 1.1.x) allows an attacker to create a booby-trapped Web page, so that when a victim views the page, the attacker seizes control of the victim's machine and can do whatever he wants, including reading and deleting files, and snooping on any data and activities on the victim's machine. No vendor patch available yet.
821e47ce330d93d21b9c7044c98ec080KKIS.28041999.002.b Security Advisory describes a common vulnerability with a wide variety of software applications that utilize tcp connections and do not properly close connections within a reasonable, secure time frame. Exploit code included to test for "inactive connection" vulnerabilities. KKI Security Team
7d319afcaab55c8da83066a3d3c4b508Security vulnerabilities in several RPC implementations allow remote attacker to execute Denial of Service attacks. Exploit code included.
ac8aa18b30b37aca46d65c227323713fLinux 2.x IPC vulnerability permits local users to exhaust memory, launching effective Denial of Service attack. Exploit code and recommended fix included.
969d6cac2f705e83aedae9157100cd05Linux 2.x mmap vulnerability permits local users to exhaust memory, launching effective Denial of Service attack. Exploit code and recommended fix included.
fc2788d9269ee355a8a4ec4969567897This patch sets the tos field for IP headers to high priority and optimizes the IP connection for throughput, which has real effects on cisco routers.
251e541aa3744c41f8eb473fd2867285Exploit code for Pine 4.xx and CAC.Washington.EDU ipop3d 4.xx lockfile vulnerabilities, allowing local Denial of Service execution by non-privileged users.
05daddd7a9e8f3c3f7e49fa0196a8c63Lotus Notes handles time zones and system time improperly, resulting in missed meetings, luser time-space confusion, black holes, mass hysteria, disorientation, and, in extreme cases, impotence and the contraction of obscure fungal infections. Patch included. The real solution is for everybody to switch to GMT/UTC though. :-)
410b9ccd2eba5f08b4b20f0b7b95f372The popular Responder.cgi script for MacHTTP CGI Servers contains a buffer overflow that allows remote attacker to launch Denial of Service attack. Exploit description, program, source code included.
699aff261395abccc069d14a552930d7Yet another bug in Midnight Commander 4.xx - this security hole allows local user to potentially gain root privileges due to improper handling of negative file sizes by MC and resulting core dumps.
01cd086a2300c5ba3d074c8698cfbbc5An excellent report analyzing the Melissa macro virus by melissavirus.com for more detailed information.
0892b78355084014ea7d95d6ac4a50b9Microsoft releases virus infected MS Word documents on their own web site! If you have visited http://www.microsoft.com/uk/business_technology/dns/ecommerce/financial/case.htm recently to find out more about MS Exchange and E-commerce, then you should scan for the W97M/Marker.C virus on your network. This has happened numerous times!
2568cfb2105d39b878ec140ffa3e7cc0
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed