Linpha versions 1.0 and below arbitrary local inclusion exploit.
a99d935091920b99bba35e23a5978d65aeeaa1c675c9f449008c5f536ec46d29iDEFENSE Security Advisory 02.10.06 - Remote exploitation of a denial of service vulnerability in IBM Corp.'s Lotus Domino LDAP server allows attackers to crash the service, thereby preventing legitimate access. iDEFENSE is currently unaware of exploits for this vulnerability other than those maintained by iDEFENSE Labs. iDEFENSE has confirmed the existence of this vulnerability in Lotus Domino Server version 6.5.4. It is suspected that earlier versions of Lotus Domino Server are also affected.
c45653cf3886d3f477b01cb3a76974e40c800c7765026772b1b9d2302717805fThis is a simple implementation of Port Knocking techniques. It sniffs network packets looking for predetermined keys and executes commands to open and close ports on the firewall. In the client mode it injects packets with the key to server.
d30525b8efab91320506330f1c33d3a020d84c71556204537afb77e47a42439eFarsiNews versions 2.5 and below suffer from various local file inclusion and direct file access flaws.
b7aad0c8649aa284cee3be6cf8470a1dcae12846a409aea7e3a1ab8f077f4dd5Secunia Research has discovered a vulnerability in Lotus Notes, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in kvarcve.dll when constructing the full pathname of a compressed file to check for its existence before extracting it from a ZIP archive. This can be exploited to cause a stack-based buffer overflow. Successful exploitation allows execution of arbitrary code when the user extracts a compressed file with a long filename from within the Notes attachment viewer. Affected versions is Lotus Notes 6.5.4.
29ad1e0fb254d307e5c210c27de6309dbcbeec3d980b62f37a53ae596b9a9d23Secunia Research has discovered a vulnerability in Lotus Notes, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in uudrdr.dll when handling an UUE file containing an encoded file with an overly long filename. This can be exploited to cause a stack-based buffer overflow. Successful exploitation allows execution of arbitrary code when a malicious UUE file is opened in the Notes attachment viewer. Affected versions are Lotus Notes 6.5.4 and Lotus Notes 7.0.
a512a74bf2eb5426a6ef1b0505c9c30d26592de02c1368592f882f68346bf269Secunia Research has discovered a vulnerability in Lotus Notes, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the TAR reader (tarrdr.dll) when extracting files from a TAR archive. This can be exploited to cause a stack-based buffer overflow via a TAR archive containing a file with a long filename. Successful exploitation allows execution of arbitrary code, but requires that the user views a malicious TAR archive and chooses to extracts a compressed file to a directory with a very long path (more than 220 bytes). Affected versions are Lotus Notes 6.5.4 and Lotus Notes 7.0.
6005828ac70516cca59ccdd67b173d13de808ad823e9db5ee755b74356259601Secunia Research has discovered two boundary condition vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a user's system. Affected versions are Lotus Notes 6.5.4 and Lotus Notes 7.0.
29f10a8be4d832d76d5eb82cfe358a7b3f93f0c6b5d02a8a2ab7c319b4d1c85bSecunia Research has discovered a vulnerability in Lotus Notes, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to directory traversal errors in kvarcve.dll when generating the preview of a compressed file from ZIP, UUE and TAR archives. This can be exploited to delete arbitrary files that are accessible to the Notes user. Affected versions are Lotus Notes 6.5.4 and Lotus Notes 7.0.
a9bc2a3a0141f79688e6b766ca98f395753401a2d0e8795deb887ac34da40f1fSecunia Research has discovered some vulnerabilities in Lotus Domino iNotes Client, which can be exploited by malicious people to conduct script insertion attacks. Affected versions include IBM Lotus Domino Web Access 7.x, IBM Lotus Domino Web Access (iNotes) 6.x, IBM Lotus Domino 6.x, and IBM Lotus Domino 7.x.
b55a4f37f4611abd8cbe649bb902701992e861abc861f2023115d74fa75039f7HP Security Bulletin - A potential security vulnerability has been identified in the SSL v2 implementation used in HP HTTP Server v5.9.6 that may allow a remote attacker to force the use of a weaker security protocol via a man-in-the-middle attack.
f69e23aeee57b0c6e0d5713e0ba20ff5ad36eff854b594867f538e19d3734ce9Debian Security Advisory DSA 967-1 - Several security problems have been found in elog, an electonic logbook to manage notes. These include, but are not limited to, code executions flaws, directory traversal attacks, and format string vulnerabilities.
c0f916f0bb78e6690cc7694abcb33897e7643e564f3bf7ee68e7da06ff8d32a1CPAINT versions 2.0.2 and below suffer from a cross site scripting flaw.
f3fc785fe63cf9e9bb47ba40e732137e215239fa11233117ee26c4e8becbd90dShell upload exploit for FCKEditor 2.0 versions 2.2 and below.
5e7078355d4f67d731b3a9361c3352265bec637ada59895ca8fe256bf1bc459aRunCMS versions 1.2 and below arbitrary remote inclusion exploit. Also allows for code execution on RunCMS versions 1.3a2 and below by making use of an upload flaw via FCKEditor.
947fb99ab2cc74c894480dbaf61007c4bce5d48c605fba87e6c86d16bbf2b0c4GuestBookHost version 2005.04.25 is susceptible to an authentication bypass flaw.
a62334c73fb17b2b98a13aa2a8a9996e29eddda44ae685468b31d76fb93a3ef8Unknown Domain Shoutbox version 2005.07.21 is susceptible to multiple SQL injection and cross site scripting vulnerabilities.
0b74193bedf56cbe07b50e411f725e91b591547c34613c0070209420ca51e721
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed