372 byte socket-proxy shellcode for Linux on x86.
433765238af6b29c9039efca01cdbde5d458010e03af10626c35d6b7f3e86c9190 byte connect back shellcode for Linux on x86.
34677ae2cc62c081beeb6ed4432ef2371fd2e9b8491caa7d9d91e10a202353a1Linux kernel 2.6.11 and below CPL 0 local exploit. Third version/variant of this exploit.
1ca572d08790256ea24ef02a696eaf5397c0fc2f20cbdaf34cbe38b22906afe9Remote command execution exploit for CubeCart versions 3.0.6 and below that makes use of an input sanitization flaw in orderSuccess.inc.php.
00fbd0c7206790a27b12b5ae24f9fbea2296507f3b1dcffb6d9667818b0c41b4This Metasploit module exploits a vulnerability in the Windows Picture and Fax Viewer found in Windows XP and 2003. This vulnerability uses a corrupt Windows Metafile to execute arbitrary code.
32b10151bef51975d7d381bd4a6c2f01253e1bd6cd421060244006781845ee54Webknock is a program that continuously scans Apache's access logfile and executes a configurable command when a certain URL sequence is detected. The IP address of the client can be passed to the command to be executed, allowing one to use iptables to open certain ports (usually, SSH) to certain hosts as soon as the correct URL sequence is activated. No changes to the Web server configuration are necessary.
54b59c18820c91951fcdb4d7ccf60d3c3ec4ddecf2f016a44e58a9451a9a3774Bluediving is a Bluetooth penetration testing suite. It implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack, and has features such as Bluetooth address spoofing.
3afb2f086bd459b8a854856dbdff2e4b49a9ce4cea307d1d4e195f91d267845eSony's Instant Video Everywhere Service is susceptible to a replay attack due to passing credentials over an insecure connection.
e411ec2ce0ca7bfaff8b07af72e19f12795d3e954c3ab8a63ed6f90810b8e1d0Mandriva Linux Security Advisory - newbug discovered a local root vulnerability in the mtink binary, which has a buffer overflow in its handling of the HOME environment variable, allowing the possibility for a local user to gain root privileges.
63337b10e654694bdf95adae6bbbc6d53c122f70a7b8bc340fb5146e29276a61Electric Sheep version 2.6.3 suffers from a stack overflow in the windows-id parameter. Note that it is not setuid by default.
637e767deb9f57a0e6465433adc14495207554e9f117a7669575c6eaa7b3f610Electric Sheep version 2.6.3 suffers from network related vulnerabilities due to libcurl issues.
5ddfb3f618c3702bf4ddd8b34b5e16e3b176e0879d1427707009924438082225MAC changing utility that can be used on Windows from the command line.
90c5fbc6757814acbd1f1a07456780bb3a9a61b9ef64a246eb092af41bd2f1e8Max Vozeler reported a flaw in the design of rssh_chroot_helper whereby it can be exploited to chroot to arbitrary directories and thereby gain root access. If rssh is installed on a system, and non-trusted users on that system have access which is not protected by rssh (i.e. they have full shell access), then they can use rssh_chroot_helper to chroot to arbitrary locations in the file system, and thereby gain root access. Versions of rssh below 2.3.0 are affected.
e0400de36fd827a4ed316391ce7f793e1db1e6ed15f917f0dbbe692281d94f10Secunia Research has discovered a vulnerability in TUGZip, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when handling an ARJ archive containing a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow. Successful exploitation allows arbitrary code execution when a malicious ARJ file is opened. The vulnerability has been confirmed in version 3.4.0.0. Other versions may also be affected.
90fe454dcc4e972332b2273b3e29b2723f41e8dc0a3162a8d3b8c341ab5f210fLotus Notes uses the same vulnerable shimgvw.dll graphics rendering engine file implicated in the Microsoft WMF file handling vulnerability.
29b636686315c58735d0610c7bca6c8b5cc3272d4a75f859ecf334370e5f21e7Gentoo Linux Security Advisory GLSA 200512-18 - Krzysiek Pawlik of Gentoo Linux discovered that the XnView package for IA32 used the DT_RPATH field insecurely, causing the dynamic loader to search for shared libraries in potentially untrusted directories. Versions less than 1.70-r1 are affected.
5419778abf1281f4d52f3a5a7ad6287dc73c3a659653c6a61a9bc863212e11e0KAPDA Advisory #18 - Various WebWiz scripts suffer from SQL injection vulnerabilities due to a lack of input sanitization in check_user.asp. Details on exploitation provided.
47d9f7e6f77dbf6c77a9d24bd85c5239b1dae742ef993af3a16cb86904a1d76eHardened-PHP Project Security Advisory - TinyMCE Compressor versions 1.0.5 and below suffer from an unchecked user input vulnerability that can allow for cross site scripting and disclosure of arbitrary files.
5ba9a1a6b5a7b435020260334850fe74a866e04070aad02a7a81f636e1114fd9Internet Explorer Version 6.0.2900.2180.xpsp_sp2 mshtml.dll <div> denial of service exploit.
b08d821fdf031251580d1f273add92d5d9909edc141c9787b63358afb96f8656Remote command execution exploit for phpDocumentor versions 1.3.0 rc4 and below.
c85a0ee4f7dca42e17c196cd5e48e3e132fc76fefe04312f063338e3d92850caGoogle's GMailSite script is susceptible to cross site scripting attacks. Details provided. Versions 1.0.4 and below are affected.
80412f5ef921ebe774f0f42ee55259a8ea6dab306befcacfa67e350729d833b3Gentoo Linux Security Advisory GLSA 200512-17 - Max Vozeler discovered that the scponlyc command allows users to chroot into arbitrary directories. Furthermore, Pekka Pessi reported that scponly insufficiently validates command-line parameters to a scp or rsync command. Versions less than 4.2 are affected.
7d3b8b8e673a150ac59bf9f575a2aa0f0761ff52bc5581fff2170616a3a2b959Debian Security Advisory DSA 927-2 - The last update of tkdiff contained a programming error which is fixed by this version. The Debian Security Audit project discovered that tkdiff, a graphical side by side "diff" utility, creates temporary files in an insecure fashion.
04ddb92216231252d15a068f89a4eb20ca1ed709cdfa916c563a4426b39cca12Technical Cyber Security Alert TA05-362A - Microsoft Windows is vulnerable to remote code execution via an error in handling files using the Windows Metafile image format. Exploit code has been publicly posted and used to successfully attack fully-patched Windows XP SP2 systems. However, other versions of the the Windows operating system may be at risk as well.
f6f83f4c62f88b1b8f28ccf5bd55c11ca01db6be417a1c42f07ba65cd3f93cf3Call for papers for the IT Underground 2006 conference to be held February 23 - 24, 2006.
1cd8eba24c0aa9b81f9ec07b3756967f56953e292b60d8fee3511b4d13e1cede
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed