Showing 1 - 8 of 8

Files Date: 2002-04-17

ms02-019: Posted Apr 17, 2002; Microsoft Security Advisory MS02-019 - A serious buffer overflow has been found in IE 5.1 and Office v. X for Macintosh. The vulnerability can be exploited via HTML email or web pages. In addition, a a vulnerability that can allow local AppleScripts to be invoked by a web page without first calling the Helper application has been patched. Microsoft FAQ on this issue available here.; tags | web, overflow, local; SHA-256 | 0df4eea8b519da3c639afe8b40d901041deccb1026f17bf145c7034c68d0de6e; Download | Favorite | View

microsoft.ftp.glob.txt: Posted Apr 17, 2002; Authored by H D Moore | Site digitaloffense.net; The Microsoft FTP service is vulnerable to a Denial of Service attack in the STAT command. This condition can be triggered by a remote attacker using either a valid user account or anonymous, which is enabled by default. Once exploited, all services running under the inetinfo.exe process will terminate. MS02-018 addresses this problem. Example crash string included.; tags | remote, denial of service; SHA-256 | 2d287a384101b42f3989cffb8032594adeaccdae10b2f64870116030bbe24157; Download | Favorite | View

FreeBSD Security Advisory 2002.20: Posted Apr 17, 2002; Authored by The FreeBSD Project | Site freebsd.org; FreeBSD Security Advisory FreeBSD-SA-02:20 - Two denial of service vulnerabilities were found in the syn cookie implementation in FreeBSD. When a SYN was accepted via a syncookie, it used an uninitialized pointer to find the TCP options for the new socket. This pointer may be a null pointer, which will cause the machine to crash. In addition, restarting applications using syn cookie protected sockets can cause a reference to an old inpcb pointer, crashing the system.; tags | denial of service, tcp, vulnerability; systems | freebsd; SHA-256 | 8b6f4a7fd0cea3fb0298753657a3d2e32a940bde4640bc28a17a99e80f3479b2; Download | Favorite | View

oracle.html.txt: Posted Apr 17, 2002; Authored by David Reign; Oracle databases contain a security hole which allows HTML and SQL injection.; tags | sql injection; SHA-256 | 9b235a8d11d035da4f272f10984b3a10b1a7578387b1c59fcaab207c87ef8184; Download | Favorite | View

centurion.tar.gz: Posted Apr 17, 2002; Authored by LByte | Site lbyte.void.ru; Centurion checks any cgi script on remote server for vulnerabilities like directory traversal bugs, null byte, and incorrect filtering of meta characters. Tested on CGI, PL, PHP, and SHTML.; tags | tool, remote, cgi, scanner, php, vulnerability; systems | unix; SHA-256 | d198a0549f10a92ccbdc7f00b7981ac82849918ead0e30d588de869414cafcfb; Download | Favorite | View

w00w00.office.txt: Posted Apr 17, 2002; Authored by w00w00, Matt Conover | Site w00w00.org; Multiple Microsoft Products for Mac OS contain serious remote vulnerabilities. Affected software includes IE 5.1, Outlook Express 5.0.2, Microsoft Entourage, Powerpoint 98, 2001, and X, Excel 2001 and X, and Microsoft Word 2001. The problem lies in the handling of a lengthy subdirectory in the file:// directive.; tags | remote, vulnerability; SHA-256 | 0d1685a0d3bfbd5389152c55e3cb7bd952d9225c2961bbf6c7cd577e029199b4; Download | Favorite | View

linspy2beta2.tgz: Posted Apr 17, 2002; Authored by Xian; Linspy is keystroke logger for linux kernels v2.2 and 2.4 which records TTY activity. Based on Halflife's article from Phrack 50.; tags | tool, kernel, rootkit; systems | linux, unix; SHA-256 | a9e4cd35b9e7429a92963387223b4ee11f8682e2191061851aa0bc4329c20904; Download | Favorite | View

webalizer.dns.txt: Posted Apr 17, 2002; Authored by Spybreak; Webalizer v2.01-09 contains a remote buffer overflow if DNS lookups are turned on. A compromised DNS server can be used to return hostnames that are too long, executing code as root.; tags | remote, overflow, root; SHA-256 | 7055a3e82518d1a2f7545979aec64c7bdca857a417b4fd51475fe18fab55e87c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days