Cerberus Information Security Advisory (CISADV000718) - A buffer overflow has been discovered in webfind.exe which comes with O'Reilly's WebSite Pro. This overflow can be exploited by an attacker to execute arbitrary code. If webfind.exe receives a search string of over 1024 bytes the stack is overwritten. A proof of concept exploit is included.
19a4dc5304b2ca436be1de0669e46a62Cerberus Information Security Advisory (CISADV000717) - A buffer overflow has been found in O'Reilly's Website Pro 2.4. This overflow can be exploited by an attacker to execute arbitrary code.
34eba0d41251cbd0139a27e53b3449abCerberus Information Security Advisory (CISADV000525) - The Cerberus Security Team has found a remotely exploitable buffer overrun in two executables that come with PDGSoft's Shopping Cart. Redirect.exe and changepw.exe are both accessable over the web to all users. If supplied an overly long query string both will overflow an internal buffer overwriting the saved return address.
9a4fd0b4f096036bede530683ddaacf3Cerberus Information Security Advisory CISADV000327 - Windows NT systems running IIS allows attackers to obtain contents of files users should not be able to access via ISM.DLL. For example text based files (eg .txt,.log and .ini) in the /scripts directory are not normally accessible due to the virtual directory have only script and execute access. Using this vulnerability it is possible to gain access to these files' contents.
13293e6a5745ffdd2021e13182459c62Cerberus Information Security Advisory CISADV000427 - Cart32 secret password Backdoor. he Cerberus Security Team has discovered a serious security hole in Cart32 (http://www.cart32.com/) that can only be described as a blatant backdoor. Within cart32.exe, the main file that provides the cart's functionality, there is a secret hidden password that can be used to gain vital information such as other passwords and using these an attacker can modify the shopping cart's properties so that arbitary commands may be run on the server as well as gain access to customers' credit card details, shipping addresses and other highly sensitive information.
aaafc304f4c732e5e8a33ca3531727cfCerberus Information Security Advisory CISADV000420 - Windows NT/2000 cmd.exe overflow. Web servers that will execute batch files as CGI scripts on behalf of a client are therefore opened up to a Denial of Service attack. By providing an overly long string as an argument to a CGI based batch file it is possible to crash the command interpreter in the "clean up" stages.
e20f0e68a3ea4d2c3da0f3c7d70fe6cbCerberus Information Security Advisory (CISADV000330) - The Cerberus Security Team has found a third issue with Microsoft's Index Server that affects any web site running Internet Information Server 4 or 5 with Index Server even if the recent Index Server patch has been installed and even if no .htw files exist. These systems are at risk from having the source of ASP pages or other files such as the global.asa being revealed.
7a4ac57bf631e0125eea9d6f98ec4ea7Cerberus Information Security Advisory - Windows NT systems running Frontpage Server Extentions reveals the name of the anonyous Internet account and leaks physical paths on system.
4e159099e293aa31fe311bf39cf94bba
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed