|
|
Colapse all |
Post message
IE: CHM Attacks are still alive (CHM attack without showHelp()) 2003-09-02 Arman Nayyeri (arman-n Phreaker net) MDKSA-2003:088 - Updated pam_ldap packages fix vulnerability with pam filtering 2003-09-03 Mandrake Linux Security Team (security linux-mandrake com) Apache Evasive Maneuvers Module v1.8 2003-09-01 Jonathan A. Zdziarski (jonathan nuclearelephant com) Date: 9/01/2003 @ 19:15 Version: 1.8 URLs: Website URL: http://www.nuclearelephant.com/projects/dosevasive/ Download URL: http://www.nuclearelephant.com/projects/dosevasive/mod_dosevasive.1.8.ta r.gz CVS Root: :pserver:cvs (at) cvs.nuclearelephant (dot) com [email concealed]:/usr/local/cvsroot Description: mod_dosevasive is [ more ] [ reply ] Go2Call Cash Calling vulnerable 2003-09-01 Dima (megapolus hotbox ru) Hi, sorry fo my english. I found some bug in programm Go2Call Cash Calling It's dialer for talking from Internet Pc2Phone If you send a little UDP packets with size 1500 bytes for example 1472 chars 'A' on 5000 port then this prog will doesn't work The exploit is very easy a part of code [ more ] [ reply ] ZoneAlarm remote Denial Of Service exploit 2003-09-02 _6mO_HaCk (hackologyteam yahoo com) # Overview : # # ZoneAlarm is a firewall software # package designed for Microsoft Windows # operating systems that blocks intrusion # attempts, trusted by millions, and has # advanced privacy features like worms, # Trojan horses, and spyware protection. # ZoneAlarm is distributed an [ more ] [ reply ] ZH2003-26SA (security advisory): TSguestbook Ver. 2.1 Cross-Site Scripting Vulnerability 2003-09-01 Jim Pangalos (dpangalos linuxmail org) IRM 007: The IP addresses of Check Point Firewall-1 internal interfaces may be enumerated using SecuRemote 2003-09-02 IRM Advisories (advisories irmplc com) ------------------------------------------------------------------------ ---- --------------------- IRM Security Advisory No. 007 The IP addresses of Check Point Firewall-1 internal interfaces may be enumerated using SecuRemote Vulnerability Type / Importance: Information Leakage / High Problem d [ more ] [ reply ] SMC7004VB sensitive information leak 2003-08-31 Alexander Müller (alexander mueller electronic-security de) :: Advisory Vulnerable: SMC7004VB sensitive information leak Found: July 25th 2003 Vendor: SMC Vendor notified: August 15th 2003 Vendor response: Answered but is on vacation. Public release: August 31th 2003 Vulnerability: An incorrect configuration in the SMC7004VB router allows you [ more ] [ reply ] Whitepaper - Blindfolded SQL Injection 2003-09-01 WebCohort Research (research webcohort com) WebCohort Presents "Blindfolded SQL Injection" - a white paper describing how SQL Injection can be performed without deatiled error messages: Description: ----------- Until today, exploiting SQL Injection attacks depended on having the Web Server return detailed error messages or having any other s [ more ] [ reply ] exim remote heap overflow, probably not exploitable 2003-09-01 Nick Cleaton (nick cleaton net) Exim (www.exim.org) is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. There's a heap overflow in all versions of exim3 and exim4 prior to version 4.21. It can be exercised by anyone who can make an SMTP connection to the [ more ] [ reply ] Stack Buffer Overflow in MPlayer 2003-08-31 CoKi (coki interlap com ar) ------------------------------------------------- No System Group - Advisory #2 - 01/09/03 ------------------------------------------------- Program: MPlayer - The Movie Player for Linux Homepage: http://www.mplayerhq.hu Vulnerable Versions: Mplayer v0.91 and prior Risk: Low / Medium Imp [ more ] [ reply ] Security Vulnerability in Tellurian TftpdNT (Long Filename) 2003-09-01 Aviram Jenik (aviram beyondsecurity com) Security Vulnerability in Tellurian TftpdNT (Long Filename) ------------------------------------------------------------------------ Article reference: http://www.securiteam.com/windowsntfocus/5RP0M1PAUM.html SUMMARY Tellurian TftpdNT (http://www.tellurian.com.au/) is a TFTP server for Wind [ more ] [ reply ] Directory Traversal in SITEBUILDER - v1.4 2003-08-31 Zero_X www.lobnan.de Team (zero-x linuxmail org) Directory Traversal in SITEBUILDER - v1.4 With this Code you can view the /etc/passwd You need a Account. ################################################################### <html><body><p><center> <b>Mein 31337 Exploit :-P</b><br> <form action="http://targethost.com/cgi-bin/sbcgi/ [ more ] [ reply ] OpenBSD 3.2 Kthread Madness 2003-08-31 ned (nd felinemenace org) (1 replies) OPENBSD 3.2 - \3.2\sys\kern\kern_kthread.c Ohk, here is the function: int kthread_create(void (*func)(void *), void *arg, struct proc **newpp, const char *fmt, ...) <---- where the data is { struct proc *p2; <--------- New proc struct register_t rv[2]; int error; va_list ap; /* * Firs [ more ] [ reply ] SAP Internet Transaction Server 2003-08-30 Martin Eiszner (martin websec org) To the List, ************************************************************************ ******************* ************************************************************************ ******************* ************************************************************************ ******************* ====== [ more ] [ reply ] |
|
Privacy Statement |
!! R/\/\an#0001 !!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
CHM Attacks are still alive
===========================
Title: CHM Attacks are still alive
Date: Tuesday, September 02, 2003
Software: IE (What a nice program
[ more ] [ reply ]