Remote exploit for Windows that makes use of the buffer overflow vulnerability in NIPrint discussed here.
b8e789a710d11c4ae816a47e4c3c5dc916c7e08b994a2904c440325f1d28ff37Secure Network Operations, Inc. Advisory SRT2003-11-02-0115 - The NIPRint LPD-LPR Print Server versions 4.10 and below on the Win32 platform are susceptible to a buffer overflow that can allow a remote user to gain SYSTEM privileges. http://www.secnetops.com.
fb70af3656c58520746abf065985b71d5adb36f13e3adc0125088d0ea0640f8cSecure Network Operations, Inc. Advisory SRT2003-11-02-0218 - The NIPrint LPD-LPR Print Server versions 4.10 and below on the Win32 platform are susceptible to a vulnerability that allows a local user to escalate to SYSTEM privileges. http://www.secnetops.com.
fc2a664387e4787a695b2af87bd843a7baf71489667b12addea670ac90cb1175OpenSSL Security Advisory 20031104 - A bug in OpenSSL 0.9.6 would cause certain ASN.1 sequences to trigger a large recursion. On platforms such as Windows this large recursion cannot be handled correctly and so the bug causes OpenSSL to crash. A remote attacker could exploit this flaw if they can send arbitrary ASN.1 sequences which would cause OpenSSL to crash. This could be performed for example by sending a client certificate to a SSL/TLS enabled server which is configured to accept them.
409756506e14f27eaed3fa2e17e064358dee057651432c52488fd3436c6babf8Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
37dab561ed1a38bbd2eb0b94e2c077d1e34d0d7c73bddd60b3e50aebf82f38a2isakmpd, OpenBSD's IKE daemon, contains severe flaws in payload handling that allow for the unauthorized deletion of IKE and IPsec SAs. It allows this due to a lack of encryption being applied in Quick Mode and a lack of validation for the origin of delete message payloads, among other issues.
3988c2d5ef9fcbecf1cf09989991d959569afb820df8646367b19b0ca3c9b78eKpopup version 0.9.1 is susceptible to allowing privilege escalation due to format string bugs and an unsafe system() call. Local root exploit included.
c0f171d6124dd12b9f168e61bf36b1d35c6ab28f61c96e716bb04b751f4dc120Remote denial of service exploit for wzdftpd FTP server version 0.1rc5 that sends a single CRLF sequence at login causing an Unhandled exception.
f2896721af926160d8173493b6d6e99ed3ec897555ba5231b65e528c5b8cfbbeWU-FTPD 2.6.2 Freezer exploit that causes a denial of service condition when a valid login can be supplied.
d57268686dfb20a4d79703d2f4cddddcc0beb590b3039fcef7b38a2089a03dadLocal root exploit utilizing the overflow in XLOCALEDIR under XFree86 Version 4.2.x using xterm. Tested against Slackware 8.1 with kernel version 2.2.25.
5fd8f78f2af0410dd41eacb2da05936e9ffd1dfde65f9fc1f23fe0893668246cIA WebMail Server versions 3.1 and below from True North Software are vulnerable to a stack-based buffer overflow via its HTTP GET request header. This overflow can lead to a denial of service and remote code execution.
4ee7d2ce7cd21185e891a868872e9582aff0036983de46858eed8983a8b50341Scanner for ms03-043, the Microsoft Messenger Service vulnerability.
8c31beb139dbb7a4b26697ac16407003f2aa8462d7112b9cf3fb306b361d4578Bugzilla Security Advisory - Five security related bugs have been discovered in this web-based bug tracking system. Two relate to SQL injection attacks via privileged user accounts. A third allows ex-members of a deleted group to get inserted into a new group if it is created reusing the same name. Two other issues allow extraction of bug information for any known email address and for a user to obtain descriptions for a product they do not have access to.
39b258a4c1f61e7a04f61190675f88517211c8525b062d55c9f258be69b46223Ethereal Security Advisory Enpa-sa-00011 - The GTP, ISAKMP, MEGACO, and SOCKS protocol dissectors in Ethereal 0.9.15 contain remotely exploitable vulnerabilities.
d7bc0fcca6c99026c224ae9aaece5efe0f4949c630b3354a6113560049da4a5fShatter attack exploit against CommCtrl 6.0 Buttons. This write up and exploit demonstrates that any privileged application, which makes use of the Microsoft XP visual styles and creates a window on the interactive desktop, can be used by an attacker to gain elevated privileges.
2ada871c4f61bc2e3dbd23e602fbfcd731e15e34995ee4d6d33837e5bdfc0eebEthereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here. Also added a toolbar and the ability to force the data link type of captured frames. Service response time and general I/O statistics have been enhanced. RTP analysis was improved.
cad25ac6cc72d238fe10805506409491e4fc09b4307848e6285d3a3fffce730amah-jong version 1.4 server/client remote buffer overflow exploit that makes use of the SetPlayerOption command in the server and the PlayerOptionSet command in the client.
2c5316b7a73fc23d5b9bab68c119ac185f5a3e2a52e425974ec2b03002c51448SCO Security Advisory CSSA-2003-SCO.27 - OpenServer 5.0.5 insecurely creates files in /tmp which can lead to a system compromise.
725b4ca1608142e558c4a0f6e0af7773a4026376e70cfc6b6c4619a5460d1ad4MyClassifieds SQL Versions below 2.13 are vulnerable to a SQL injection attack. The problem is due to improper sanitization of user input for the email variable. A remote attacker could insert arbitrary SQL code in the email variable. The passwords of the users can be written into a file and made world readable.
04c3f8142c6f5e430a1e163f919eff03fe8721fc45a531812584a2ec6b4a31caSecurity Code Review Guidelines
187abefd2333cdc9281a85c2b342ca0969f512e1c3675ee036f6c28f8da35071More Diebold Electronic Voting System Flaws - These mailing list archives contain information and discussion on flaws in the Diebold electronic voting machines. Diebold has been attempting to use the DMCA to suppress this knowledge, even though this sort of information exchange is essential to the proper functioning of a democracy.
1a54cdda1a5e15cfa16d7c3659a2edd6203af43fee853a56a244a23d42fc842a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed