Creative Video Blaster Webcam stores passwords in plaintext in world readable directories.
739307820ad708e68a8462688e8b119986d434cc090aa046029d8858aa73fd2dWeaknesses in DNS label decoding leave Intrusion Detection Systems, sniffers, and many other security and network tools and software vulnerable to denial of service attacks.
371b9212bbae432bc7eedba5eada8bd430b25b2e4a3f56563e58a253b7e23eefE2-Zip 1.0 is an excellent whitepaper about EXT2-weaknesses in the Linux 2.0.x kernels. "File-hiding" exploit code included.
195b6e749733909e4b6086b91a1477e49534512097e41aa7e7a7d68b1f0f13d6Numerous security holes exist in the web interfaces of the CMail 2.3, FTGate 2,1,2,1, NTMail 4.20 server software (and probably many others) that allow remote attackers to read local files and exploit existing buffer overflows too.
9d30a0409fcac773432538c9ba7493b9c07e4be8a37244d200bea20f0bd0fbcbImproved exploit for the Solaris 2.6 and 7 admintool buffer overflow that results in local root compromise. This version now works on Solaris 2.6 and 7 (Sparc). No vendor fix available.
8d303f6aa9b85116be01167ef7bfda7e644ba663dbb1af085c009878c26ce06cAnother admintool local root exploit for Solaris Sparc machines.
5f7899bb5deca8e860c107ee478601ece0f3eec639c83fb48b01b6ca4ea84feaex_dtprintinfo.c exploits a stack buffer overflow present in x86 versions of Solaris 2.6 and 2.7. Local root compromise.
d20c16ba969da78f14929354c24b66534be61ee27bd7c5016b680d6183b40e6fUpdated version of the dtprintinfo exploit for a stack buffer overflow present in x86 versions of Solaris 2.6 and 2.7. Local root compromise.
0a126629e58953e738df87fb52fae2479e7385e7b8e4df08713e9830cd64b0a0Sparc port of the exploit code for the dtprintinfo stack buffer overflow present in Solaris 2.6 and 2.7 for Sparc. Local root compromise.
91942b965c81fd2dd50e8f406afc67f263dd8933de4e7b4590ecf0d88dfcf134Modified version of the exploit code for Solaris 2.6, 2.7 (sparc) libc/LC_MESSAGES buffer overflow that results in root compromise. This version fixes offset issue that made Solaris 2.7 exploitation difficult.
0789dbfad2ea2989e8ddeaf60dc0a246322c44c72ae3301e16a14620452947e5Exploit code for Solaris 2.6, 2.7 (sparc) libc/LC_MESSAGES buffer overflow that results in root compromise.
7834c650c1aee86bae61ec528b9b64d739e0cfb7d4b34c7217ceb9cb11a6222fUpdated version of the local root compromise exploit code for buffer overflow condition in lpset, for Solaris 2.6 and 2.7 x86 machines.
dcc9337cd406ecc8f22101df61bf9dccb5e8d48f756821114ef19e82651f2467Local root exploit code for buffer overflow in lpset, for Solaris x86 machines.
093022951f61d3e66e4ff27f648ef0ce493f6eae6de8b1efa1e192e61c212869Local root exploit for buffer overflow condition in sdtcm_convert, for Solaris Sparc machines.
fe609c3510ae259d42916b6e7e9db383db56b70e49de580105be5dd11bb6ae46Microsoft's Excel Macro Virus Protection patch is flawed, allowing malicious attacker to easily bypass the macro virus warning.
55b25375d86614dd3d03871667176bea330f0c75ebdcd063d347b0684d07a27eImproper permissions in ExLibris Aleph Web server software default configuration allow anybody to access any files on the server, including /etc/passwd.
688ac4e9265cac4f1b703d7cff79d34de91096dc3409b127f9455a8151b9ff57AppManager 2.0 by NetIQ for Windows NT, a product which enables an enterprise to monitor the performance and availability of Windows NT server services such as Exchange, SQL, etc, displays passwords in clear text, allowing malicious attackers to sniff Administrator userids and passwords.
25a66b04b169c0738eb46099fff3bd01500b7c0bdd7ae01adcc2b418f2712e85(spanish) Security vulnerability in sshd2 <= 2.0.11 allows remote attacker to make repeated brute force attempts on the login/passwd without being logged. Fixed in sshd2 >= 2.0.12.
b00d0657b08e92139e3138c0e718c59938d742ecaac0193975447e4d5075db76(english) Security vulnerability in sshd2 <= 2.0.11 allows remote attacker to make repeated brute force attempts on the login/passwd without being logged. Fixed in sshd2 >= 2.0.12.
db162d27acdda51744563dec6172c820f16099310d31eb4b1f8a84bb22de5e16xosview 1.5.1 buffer overrun root exploit.
b4b6cefeda37b7ceee7238056d5a8cdcd1bc920b277f48101b96b709feb1fdfcThree examples of exploit code for the weaknesses in DNS label decoding discovered by scut. zlip-1.c - endless, pointing to itself message decompression flaw, ethereal crashes linux; zlip-2.c - endless cross referencing at message decompression, ethereal crashes linux even faster; zlip-3.c - creating a very long domain through multiple decompression of the same hostname, again and again, overflows ethereal, exploitable.
93295e200333c49dab5b478a1cd74c348e837feacd7c4a2bdc67938cb921b9e2vibackup can be used to rm any file on the system on openbsd / freebsd / debian.
81f26965187bb7a2764123ea6a90d1c1e6a5893c006e6b6ab7b2574a37e6322a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed