Perl module which exploits the WMF SetAbortProc in the Windows Picture and Fax Viewer found in Windows XP and 2003. This vulnerability uses a corrupt Windows Metafile to execute arbitrary code and was reported to the Bugtraq mailing list after being discovered in the wild at the following URL: http://unionseek[DOT]com/d/t1/wmf_exp.htm. Unofficial patch here.
5bce51d9c67bc4ff25072cff79bdbc9d236fe8bb95c51f54208ac06e31d1bddbMicrosoft Windows Metafile (WMF) SetAbortProc remote code execution exploit which takes advantage of a vulnerability in the GDI library by using the 'Escape' metafile function to execute arbitrary code through the SetAbortProc procedure. Tested against Windows XP and 2003.
bdfd116bc6a03d8c1124c067854578e4ef5e1ef88b7c3bd05c6e6f83179f797cUnofficial temporary fix for the critical Windows WMF vulnerability which Microsoft will patch on 1/10/06. Tested on Windows 2000, Windows XP, and Windows XP Professional 64 Bit. The author recommends switching to the official MS patch when it becomes available. Includes c++ source.
f039f0f7f62089f15c1b4bf49fa2d85fe6818e5786570d0b9566cd1d8f4db23bThis program (coded in C using PF_PACKET sockets) allows full manipulation of ARP packets, including specification of Source MAC/IP Addresses and Destination MAC/IP Addresses. This can be useful when diagnosing networking problems including host/switch ARP Poisoning testing, and router testing.
50748f0725fa029beb9a4e11d1937341055e0728a916213b63585a0a0478fd3fGentoo Linux Security Advisory GLSA 200601-01 - Tavis Ormandy of the Gentoo Linux Security Audit Team has discovered that the pinentry ebuild incorrectly sets the permissions of the pinentry binaries upon installation, so that the sgid bit is set making them execute with the privileges of group ID 0. Versions less than 0.7.2-r2 are affected.
da48dc6bfa273f7efdcc50d291a1b86fe159146c8a052da9797cbe4ca7813752arpcheck checks /proc/net/arp for MAC/IP combinations and compares them to a static list (shorewall style) or a dynamically learned MAC list. If a rogue MAC/IP is found, arpcheck alerts you.
2caa6c45611ad683fec1883dba1f83832576d66a8b5f3ed763e5e353af837300Bash script that allows you to switch your network configuration very fast with a random MAC, random IP, automatically have it provide constant changes, and more.
29db4b65cd701eab7cbda0092d8f728c2c2cf26dc39dc5eb3c7ac7fff7133ebfWinRAR version 3.30 suffers from a buffer overflow vulnerability when processing a long file name. Proof of concept exploit provided.
15e8264363d5f7bd7a12704f3585a6269bf2946347c178acf4a069b9e9a7ae1dWhitepaper discussing the exploitation of uninitialized data.
5b32aaa1da6b6a140a3868b87037e57e1d53cf28b0cdd59d2d8a8d7d38210a0dValdersoft Shopping Cart versions 3.0 and below remote command execution exploit.
e527deb3eb987e4baffbf7c1b7aac78abf9f89afd9bfeee77d9319631e61a158SCO Openserver 5.0.7 termsh local privilege escalation exploit.
f7a3d4a66d5029784ec01e7c244577689ed677bf1011df6147694236519b212bScozBook version BETA 1.1 is susceptible to SQL injection attacks. Exploitation details provided.
da4d1cc5a46c5dff385f4e303beef21af5adba50bd95bfe1a007467af6052325B-net Software version 1.0 is susceptible to cross site scripting attacks. Exploitation details provided.
6d7eb3dceb4488c5b449d29c7e3abe86b8194505b213bda8b02274f513dd2b1bNicoFTP version 3.0.1.19 suffers from a stack overflow vulnerability in the population of a new user account.
ca53cccf092e878bd55c323db068281845524e5d636cc13eb0e47a819a869ac1PHPjournaler version 1.0 is susceptible to SQL injection attacks via index.php. Exploitation details provided.
2cccf720985f175be9d2914db2d99db3e3b524cd8ab172a0e627b8c53853893cinTouch 0.5.1 Alpha is susceptible to SQL injection attacks via the login page. Exploitation details provided.
00a20dd1ba146e1a3514736c9781175d9171f70e743290e75fb31387999227a3Chimera Web Portal System version 0.2 is susceptible to SQL injection and cross site scripting attacks. Exploitation details provided.
bd7eda5945d7337e9d512eede3391f5de72d052a3c66eb165a201bb6fb6ee70ephpBook versions 1.3.2 and below suffer from a php code execution flaw due to an unsanitized variable. Exploitation details provided.
1daf972e33787535cdb4cd688f01d75a897c28e9d064ad6dc6bd2bc284106bd2PHPenpals version 310704 suffers from a SQL injection flaw in profile.php. Exploitation details provided.
537f9cb86f0fdfc27350b8cea6da3791eb77f39ca43febcd407c5798f822d1c2Chipmunk Guestbook versions 1.4 and below suffer from a cross site scripting flaw. Exploitation details provided.
df1fb75ea09fcfe123b2e20ad27cacbde8acf91d34785e81b4cb815bf44d485coaBoard version 1.0 suffers from a remote php include and execution flaw. Exploitation details provided.
adb49a9de157c962f76fe440f041a5268ee0df6741b8aefd596fb22959bdd783VEGO Links Builder version 2.0 suffers from a SQL injection flaw. Exploitation details provided.
6ba6134b1307646b465d0a01f89747770e5f21a64aef0084dcfdda1b0e0d78ecVEGO Web Forum versions 1.26 and below suffer from SQL injection flaws. Exploitation details provided.
4ff42f1f57c683632b22d501eb2be23d79358de1e85ac32dffcd471ee42b6a76KAPDA Advisory #19 - vBulletin version 3.5.2 is susceptible to HTML injection attacks that can allow for cross site scripting.
bc66ce268e7da45f3992c87d2f61cfe5e1c09fdac7f6c022aa1aaef7df6341a2Secunia Security Advisory - ovt has reported a vulnerability in Cisco Secure ACS (Access Control Server), which potentially can be exploited by malicious people to bypass certain security restrictions.
cd55ba9b2f8a72c4b4f4d13405098623a0a2008a90dbb35e049524b2d96e96d9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed