L0pht Security Advisory - Microsoft Office 2000 UA Control Scripting is categorized as being "safe for scripting", allowing malicious active content to execute regardless of macro virus protection settings. Scripts can be executed without users consent from any HTML page viewed with active scripting enabled, including both Internet Explorer and Outlook e-mail in their default configurations. Online demonstration of this vulnerability in action here.
0f6b61dc993c3fee2f57006f1e3e085bBUTTSniff v0.9.2: Standalone packet sniffer for Windows or back oriface sniffer plugin.
67c56227bd51a06ef8a35a0e3d7af82bL0pht Research Labs Advisory - Microsoft ClipArt Gallery Overflow. An attacker can seize control of a Windows 95, 98, NT, or 2000 machine via any HTML source, including Microsoft Outlook e-mail. Proof of conccept exploit included.
336e2570c5f3709b523659a692be727bQIB - Remote access through Linux LPD. Binds a shell to port 26092.
bb17d77a99ff64b3f73a032248cfec79L0pht Advisory - A remote user can execute arbitrary code on a properly configured Linux LPD server.
a0df4a0b1fdf8e6852ec294c2926baffpamslam - vulnerability in Redhat Linux 6.1 and PAM pam_start. both 'pam' and 'userhelper' (a setuid binary that comes with the 'usermode-1.15' rpm) follow .. paths. Since pam_start calls down to _pam_add_handler(), we can get it to dlopen any file on disk. 'userhelper' being setuid means we can get root.
98d2a741b9a926031818596f5b6161e1EliteSys Entry v2.05 - Entry is a remote brute-force security auditing utility, designed to crack passwords for FTP sites, WWW sites, and POP3 email boxes. [read: get passwds for 0-day pr0n sites].
232bd707302c6f893c0f50d5c405a97d
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed