|
|
Colapse all |
Post message
Router ZyXEL Prestige 650 HW http remote admin. 2004-11-21 Francisco José Canela (darkydelphi gmail com) Hi, I found a bug in ZyXEL Prestige 650 HW Routers with Http Remote Administration active. Exploting this bug, the attacker can reset the router configurantion. The "/rpFWUpload.html" is not password protected. To exploit this bug you only need write that: http://[Router ip]/rpFWUpload.h [ more ] [ reply ] GFHost PHP GMail remote command execution exploit that achieves webserver id privileges 2004-11-21 Jerome ATHIAS (jerome athias fr) ############################################## # GFHost explo # Spawn bash style Shell with webserver uid # Greetz SPAX, foxtwo, Zone-H # This Script is currently under development ############################################## use strict; use IO::Socket; my $host; my $port; my $co [ more ] [ reply ] Changes to the filesystem while find is running - comments? 2004-11-22 James Youngman (bugtraq excession spiral-arm org) Hello, GNU find does a sanity check before and after calling chdir(). It stats the directory it's about to move into, and stats "." after chdir() succeeds. It then compares the device numbers and inode numbers returned by he two stat() calls. This is done in a function called wd_sanity_check(). [ more ] [ reply ] CoffeeCup FTP Clients Buffer Overflow Vulnerability 2004-11-22 Komrade (unsecure altervista org) AUTHOR Komrade unsecure (at) altervista (dot) org [email concealed] http://unsecure.altervista.org DATE 22/11/2004 PRODUCTS CoffeCup Direct FTP - FTP client for Windows. CoffeeCup Free FTP - free FTP client for Windows. AFFECTED VERSION Versions verified to be vulnerable: CoffeeCup Direct FTP 6.2.0.62 (latest version) Coffee [ more ] [ reply ] WeOnlyDo! COM Ftp DELUXE ActiveX Control Buffer Overflow Vulnerability 2004-11-22 Komrade (unsecure altervista org) AUTHOR Komrade unsecure (at) altervista (dot) org [email concealed] http://unsecure.altervista.org DATE 22/11/2004 PRODUCT WodFtpDLX is an ActiveX component that supports encrypted and non-encrypted FTP access to the servers for transferring files. It can be used in various programs, scripts, web applications to connect to FT [ more ] [ reply ] [ECL] WCI TC-IDE embedded linux vulnerabilities 2004-11-20 ECL team (team eclipse org il) [ ECL Security R&D ] Privilege escalation vulnerabilities in W-Channel embedded linux +----------------------------------------------------------------+ Type: Local Impact: Critical Affected versions: all versions below v1.54 Product description: -------------------+ Read http://www.tc-ide.c [ more ] [ reply ] IpbProArace 2.5.x SQL injection. 2004-11-20 axl daivy (axlownz gmail com) i have found an sql injection in the popular ipbproarcade mod for ipb systems (1.x and 2.x) the vuln exists in the "category" field. buy using this field it is possible to inject any sql query and compemise the entire forum system p.o.c for ipb 1.x http://site.com/index.php?act=Arcade [ more ] [ reply ] Re: SLMail 5.x POP3 Remote Pass Buffer Overflow Exploit 2004-11-21 Jerome ATHIAS (jerome athias fr) In-Reply-To: <Pine.LNX.4.58.0411201323040.11076 (at) forced.attrition (dot) org [email concealed]> >On Thu, 18 Nov 2004, [iso-8859-1] J=E9r=F4me ATHIAS wrote: > >: SLMail 5.x POP3 Remote Pass Buffer Overflow Exploit >: >: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2004-0942 > >CAN-2004-0942 (under review) > [ more ] [ reply ] TWiki exploit (search.pm / CAN-2004-1037) 2004-11-19 Roman Medina-Heigl Hernandez (roman rs-labs com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Bugtraqers, I discovered the recently published vulnerability in TWiki (read more about it on [1]) and coded a simple working exploit some time ago. It is attached here or you can download it from [2]. The exploit is written in Perl and has been t [ more ] [ reply ] [ GLSA 200411-29 ] unarj: Long filenames buffer overflow and a path traversal vulnerability 2004-11-19 Thierry Carrez (koon gentoo org) Microsoft Internet Explorer 6 SP2 Vulnerabilities / Full disclosure Vs. Security by Obscurity... 2004-11-20 K-OTiK Security (Special-Alerts k-otik com) Let's play, On Wednesday 17, Nov - Secunia released the advisory "Microsoft Internet Explorer Two Vulnerabilities", related to a vulnerability discovered by "cyber flash". This unpatched "file download security warning bypass" flaw could be exploited to download a malicious executable file mas [ more ] [ reply ] [ GLSA 200411-28 ] X.Org, XFree86: libXpm vulnerabilities 2004-11-19 Thierry Carrez (koon gentoo org) Addendum, recent Linux <= 2.4.27 vulnerabilities 2004-11-19 Paul Starzetz (ihaquer isec pl) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, while looking at the changelog for 2.4.28, I've found, that a bug I independently came over some days ago has been fixed in that release: David S. Miller: o [AF_UNIX]: Serialize dgram read using semaphore just like stream That fixes missing s [ more ] [ reply ] Corsaire Security Advisory - Netopia Timbuktu remote buffer overflow issue 2004-11-19 advisories (advisories corsaire com) -- Corsaire Security Advisory -- Title: Netopia Timbuktu remote buffer overflow issue Date: 20.07.04 Application: Timbuktu v7.0.3 Environment: Mac OS X (10.1, 10.2, 10.3) Author: Stephen de Vries [stephen.de.vries (at) corsaire (dot) com [email concealed]] Audience: General release Reference: c040720-001 -- Scope -- The ai [ more ] [ reply ] MDKSA-2004:136 - Updated samba packages fix remote vulnerability 2004-11-18 Mandrake Linux Security Team (security linux-mandrake com) Privilege escalation flaw in AClient Service for Windows (Version 5.6.181). 2004-11-19 Reed Arvin (reedarvin gmail com) Summary: A privilege escalation flaw exists in the AClient Service for Windows (Version 5.6.181) (http://www.altiris.com/). Details: A privilege escalation technique can be used to gain SYSTEM level access while interacting with the AClient Service for Windows tray icon. Vulnerable Versio [ more ] [ reply ] EXEC exploit in phpBB - new release 2004-11-18 Paul S. Owen (paul0x01 starstreak net) With reference to the exec exploit in phpBB. A new release, phpBB 2.0.11 is now available (in all usual forms) from our site, www.phpbb.com. For those users not wishing to upgrade we strongly urge (again) you at least implement the fix posted previously to bugtraq (see http://www.phpbb.com/phpBB/vie [ more ] [ reply ] Zone Labs Security Advisory: Ad-Blocking Instability 2004-11-18 Zone Labs Product Security (Product-Security zonelabs com) Zone Labs Ad-Blocking Instability 2004-11-18 Nicolas Robillard (nicolas robillard snclavalin com) FYI Zone Labs Ad-Blocking Instability Overview: ZoneAlarm® Security Suite and ZoneAlarm® Pro have been updated to address a vulnerability in their ad-blocking functions. Specially crafted JavaScript may cause a user's system to become unstable or lock Date Published: November 18, 2004 Da [ more ] [ reply ] Corsaire Security Advisory - Danware NetOp Host multiple information disclosure issues 2004-11-19 advisories (advisories corsaire com) -- Corsaire Security Advisory -- Title: Danware NetOp Host multiple information disclosure issues Date: 19.06.04 Application: Danware NetOp prior to 7.65 build 2004278 Environment: Windows NT/2000/2003/XP/98 Author: Martin O'Neal [martin.oneal (at) corsaire (dot) com [email concealed]] Audience: General release Reference: c04 [ more ] [ reply ] Java Vulnerabilities in Opera 7.54 2004-11-19 Marc Schoenefeld (schonef uni-muenster de) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Illegalaccess.org Advisory: Opera 7.54 Java vulnerabilities Author: Marc Schönefeld, www.illegalaccess.org Summary Opera 7.54 is vulnerable to leakage of the java sandbox, allowing malicious applets to gain unacceptable privileges. This allows them to b [ more ] [ reply ] SLMail 5.x POP3 Remote Pass Buffer Overflow Exploit 2004-11-18 Jérôme ATHIAS (jerome athias free fr) (1 replies) SLMail 5.x POP3 Remote Pass Buffer Overflow Exploit http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942 INTRO: SLMail Pro is web-based POP3 and SMTP email server software for MicrosoftT Windows 2000 that includes advanced features usually found in enterprise-level systems. Seattlela [ more ] [ reply ] Re: SLMail 5.x POP3 Remote Pass Buffer Overflow Exploit 2004-11-20 security curmudgeon (jericho attrition org) Privilege escalation in Mailtraq Version 2.6.1.1677. 2004-11-18 Reed Arvin (reedarvin gmail com) Summary: A privilege escalation flaw exists in Mailtraq Version 2.6.1.1677 (http://www.mailtraq.com/). Details: A privilege escalation technique can be used to gain SYSTEM level access while using the Mailtraq administration console. Vulnerable Versions: Mailtraq Version 2.6.1.1677. So [ more ] [ reply ] Inofficial updates to 758884/NISCC/DNS 2004-11-18 Roy Arends (roy dnss ec) The list of implementations in NISCC Vulnerability Advisory 758884/NISCC/DNS is not complete. A somewhat more comprehensive list can be found below. Roy Arends - roy at dnss.ec Jakob Schlyter - jakob at rfc.se ** REFERENCE http://www.uniras.gov.uk/vuls/2004/758884/ http://www.rfc.se/fpdns/ [ more ] [ reply ] |
|
Privacy Statement |
#######################################################################
Luigi Auriemma
Application: Halo: Combat Evolved
http://www.microsoft.com/games/pc/halo.aspx
Versions: <= 1.05
Platforms: Windows and MacOS
Bug: crash
Exploitation:
[ more ] [ reply ]