Tony Zeoli, Tony Hayes Security Vulnerabilities
-0.2AI Score
Microsoft Windows domain controller denial of service in Kerberos message handling
Overview Microsoft Windows domain controllers do not properly handle some Kerberos messages, potentially allowing a remote, authenticated attacker to cause a denial-of-service condition. Description Microsoft Windows domain controllers running Windows 2000 Server and Server 2003 use the Kerberos...
1AI Score
0.003EPSS
Microsoft Security Bulletin MS05-042 Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587) Issued: August 9, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Denial of Service,...
1.4AI Score
0.003EPSS
Invision Power Board <= 2.0.3 Login.PHP SQL Injection (tutorial)
Exploit for unknown platform in category web...
7.1AI Score
Invision Power Board 1.* and 2.* Exploit (BID 13529)
!/usr/bin/perl -w This one actually works :) Just paste the outputted cookie into your request header using livehttpheaders or something and you will probably be logged in as that user. No need to decrypt it! Exploit coded by "Tony Little Lately" and "Petey Beege" use LWP::UserAgent; $ua = new...
AI Score
-0.2AI Score
Invision Power Board <= 2.0.3 Login.PHP SQL Injection Exploit
Exploit for unknown platform in category web...
7.1AI Score
7.4AI Score
EPSS
Invision Power Board 2.0.3 - login.php SQL Injection
Invision Power Board 2.0.3 - login.php SQL...
0.3AI Score
7.1AI Score
Exim 4.41 - dns_build_reverse Local Read Emails
Exim 4.41 - dns_build_reverse Local Read...
0.1AI Score
7.1AI Score
6.8AI Score
7.4AI Score
EPSS
6.4AI Score
EPSS
AOL Instant Messenger AIM ""Away"" Message Remote Exploit
No description provided by...
0.4AI Score
0.919EPSS
AOL Instant Messenger AIM - Away Message Remote (2)
AOL Instant Messenger AIM - Away Message Remote...
0.2AI Score
0.919EPSS
AOL Instant Messenger AIM "Away" Message Remote Exploit
Exploit for unknown platform in category remote...
7.1AI Score
Cisco Security Advisory: TCP Vulnerabilities in Multiple IOS Based Cisco Products
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: TCP Vulnerabilities in Multiple IOS-Based Cisco Products Revision 1.0 For Public Release 2004 April 20 21:00 UTC (GMT) Summary A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been...
-0.3AI Score
Cisco Security Advisory: TCP Vulnerabilities in Multiple Non-IOS-Based Cisco Products
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: TCP Vulnerabilities in Multiple Non-IOS Cisco Products Revision 1.0 For Public Release 2004 April 20 21:00 UTC (GMT) Summary A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered.....
AI Score
PHP Mail Function Header Spoofing
The remote host is running a version of PHP prior or equal to 4.2.2. The mail() function does not properly sanitize user input. This allows users to forge email to make it look like it is coming from a different source other than the server. Users can exploit this even if SAFE_MODE is...
-0.7AI Score
0.028EPSS
It is possible to get the source code of the remote ASP scripts which are hosted on a mapped network share by appending '%5c' to the end of the request. ASP source code usually contains sensitive information such as logins and...
-0.4AI Score
0.959EPSS
Foundstone Research Labs Advisory - Exploitable Windows XP Media Files (fwd)
Foundstone Research Labs Advisory - FS2002-11 Advisory Name: Exploitable Windows XP Media Files Release Date: December 18, 2002 Application: Windows Explorer Platforms: Windows XP Severity: Remote code execution Vendors: Microsoft (http://www.microsoft.com) Authors: ...
-0.3AI Score
0.1EPSS
Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd)
Foundstone Research Labs Advisory - FS2002-10 Advisory Name: Multiple Exploitable Buffer Overflows in Winamp Release Date: December 18, 2002 Application: Winamp 3.0 and Winamp 2.81 Platforms: Windows NT/2000/XP Severity: Remote code execution Vendors: Nullsoft...
-0.1AI Score
0.024EPSS
CERT Advisory CA-2002-32 Backdoor in Alcatel OmniSwitch AOS
-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2002-32 Backdoor in Alcatel OmniSwitch AOS Original release date: November 21, 2002 Last revised: -- Source: CERT/CC, Alcatel A complete revision history can be found at the end of this file. Systems Affected * Alcatel OmniSwitch ...
AI Score
0.009EPSS
Alcatel Operating System (AOS) does not require a password for accessing the telnet server
Overview The OmniSwitch 7700/7800 running Alcatel Operating System (AOS) version 5.1.1 has TCP port 6778 listening as a telnet server. This gives anyone access to the OmniSwitch's Vx-Works operating system without requiring a password. Description During an NMAP audit of the AOS 5.1.1 code that...
0.1AI Score
0.009EPSS
HP Procurve 4000M Stacked Switch HTTP Reset Vulnerability
Techserve, Inc. www.tech-serve.com Security Advisory Advisory Name: HP Procurve 4000M Stacked Switch HTTP Reset Vulnerability Release Date: 09/23/2002 Platform: HP Procurve 4000M Switch (J4121A) Application: Firmware revision C.09.13 (Current) Severity:...
AI Score
Foundstone Research Labs Advisory - Remotely Exploitable Buffer Overflow in ISS Scanner
Foundstone Research Labs Advisory - 091802-ISSC Advisory Name: Remotely Exploitable Buffer Overflow in ISS Scanner Release Date: September 18, 2002 Application: ISS Scanner 6.2.1 Platforms: Windows NT/2000/XP Severity: Remote code execution Vendors: Internet Security...
0.6AI Score
0.035EPSS
Foundstone Labs Advisory - Remotely Exploitable Buffer Overflow in PGP
Foundstone Labs Advisory - 090502-PCRO Advisory Name: Remotely Exploitable Buffer Overflow in PGP Release Date: September 5, 2002 Application: PGP Corporate Desktop 7.1.1 Platforms: Windows 2000/XP Severity: Remote code execution and plaintext passphrase disclosure Vendors: ...
0.1AI Score
0.048EPSS
Geeklog XSS and CRLF Injection
Geeklog XSS and CRLF Injection PROGRAM: Geeklog VENDOR: Tony Bibbs et al. <[email protected]> HOMEPAGE: http://geeklog.sourceforge.net/ VULNERABLE VERSIONS: 1.3.5sr1, possibly earlier versions as well NOT VULNERABLE VERSIONS: 1.3.5sr2 LOGIN REQUIRED: no SEVERITY: high...
-0.2AI Score
Windows 2000 system partition weak default permissions
Title: Windows 2000 system partition weak default permissions Affected: Windows 2000 Vendor: Microsoft Author: ZARAZA [email protected] Date: August, 03 2002 Risk: High...
-0.6AI Score
Remote Root Hole in FreeBSD Ports
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+++++++++++++++++ ALERT! ALERT! MULTIPLATFORM REMOTE ROOT! ALERT! ALERT! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ include...
-0.8AI Score
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+++++++++++++++++ ALERT! ALERT! FREEBSD LOCAL ROOT VULNERABILITY! ALERT! ALERT! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ...
-0.4AI Score
Security Advisory FreeBSD-SA-01:56.tcp_wrappers
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:56 Security Advisory FreeBSD, Inc. Topic: tcp_wrappers...
-0.3AI Score
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:56 Security Advisory FreeBSD, Inc. Topic: tcp_wrappers PARANOID hostname checking does not work Category: core Module: tcp_wrappers Announced: 2001-08-23 Credits: Tony...
-0.1AI Score
-0.1AI Score
WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD...
7.2AI Score
0.06EPSS
-0.4AI Score
CRYPTOAdmin 4.1 server with PalmPilot PT-1 token 1.04 PIN Extract ion
@Stake Inc. L0pht Research Labs www.atstake.com www.L0pht.com Security Advisory Advisory Name: CRYPTOCard PalmToken PIN Extraction Release Date: April 10, 2000 Application: CRYPTOAdmin 4.1 server with CRYPTOCard PT-1...
-0.3AI Score
7.4AI Score
EPSS
Tony Greenwood WebWho+ 1.1 - Remote Command Execution
Tony Greenwood WebWho+ 1.1 - Remote Command...
0.3AI Score
-0.2AI Score
-0.3AI Score
-0.2AI Score