Exploit the possiblities
Showing 1 - 25 of 73 RSS Feed

Files

pm-exploit.c
Posted Jul 28, 2000
Authored by Headflux | Site synnergy.net

Plusmail remote exploit - plusmail fails to check authenticity before creating new accounts.

tags | exploit, remote
MD5 | cb45bd9c9b86c81b068cef1ce3f8b5f9
0001-exploits.tgz
Posted Feb 1, 2000
Authored by Todd J.

Packet Storm new exploits for January, 2000.

tags | exploit
MD5 | 38af88a541be851c1f2c5eb240a0e0e7
rightfax.txt
Posted Feb 1, 2000
Authored by Efrain Torres, lownoise

RightFax Web Client v5.2 allows anyone to hijack user's faxes.

tags | exploit, web
MD5 | 9bb7293d5c68e1a5c5585199bad613a5
fw1_script.tags.txt
Posted Feb 1, 2000
Authored by Arne Vidstrom | Site ntsecurity.nu

The "Strip Script Tags" feature in Firewall-1 can be circumvented by adding an extra less than sign before the SCRIPT tag. The code will still execute in both Navigator and Explorer.

tags | exploit
MD5 | f6ba91a8013bd49f0441d329466bf7ce
bruterh.sh
Posted Feb 1, 2000
Authored by Michal Zalewski

Recent PAM implementations allow you to use su to rapidly crack accounts without being logged. Tested on RH 6.1.

tags | exploit
MD5 | 10423e8f8ff63e2145b21fec615ece68
autobuse-angel.txt
Posted Feb 1, 2000
Authored by John Daniele

Autobuse.pl and angel.pl both use /tmp insecurely.

tags | exploit
MD5 | ff89f7c3c011f530b4c95ee396510a2b
bypass.viruscheck.txt
Posted Feb 1, 2000
Authored by Neil Bortnak | Site bortnak.com

Many virus checking software skips directories entitled \\recycled or similar. This allows viruses and trojans a safe haven on many Windows 95, 98, and NT systems. Exploit code included.

tags | exploit, trojan, virus
systems | windows, 9x
MD5 | 320a950d8efaa33854f465fdb9e7eca2
pmtu.htm
Posted Feb 1, 2000
Site oliver.efri.hr

An HP-UX 10.30/11.00 system can be used as an IP traffic amplifier. Small amounts of inbound traffic can result in larger amounts of outbound traffic, using ICMP MTU discovery packets.

tags | exploit
systems | hpux
MD5 | 4fd026baa15caea8a3d981d0abc1bf4d
procfs4.htm
Posted Feb 1, 2000
Site oliver.efri.hr

All flavors of BSD have local root procfs holes. Exploit included.

tags | exploit, local, root
systems | bsd
MD5 | ddefadee77bc2088a7a5b5b032ca3ff1
subseven.htm
Posted Feb 1, 2000
Site oliver.efri.hr

There is a buffer overflow in Subseven 2.1a causing it to quit quietly, crash, or overwrite variables.

tags | exploit, overflow
MD5 | a9ae10bc91758866af6d9e7695df2d28
sms.htm
Posted Feb 1, 2000
Site oliver.efri.hr

SMS 2.0 Remote Control (for Windows NT) introduces a security risk that will allow the attacker to run programs in system context, due to the fact that the executable used for the remote control service is copied to the workstation without any special permission settings to prevent a user from replacing the executable.

tags | exploit, remote
systems | windows, nt
MD5 | 939250f9f1bfa69849fd81cc78038d43
mix.htm
Posted Feb 1, 2000
Site oliver.efri.hr

Microimages X server for Windows allows anyone to kill your session and start an xterm on your machine if they know you are using the software.

tags | exploit
systems | windows
MD5 | 60bb7ab5ff38455203a8b08cd8d3ee0f
asp8.htm
Posted Feb 1, 2000
Site oliver.efri.hr

Windows NT webservers using ASP can under some circumstances reveal the path of the server. A variable holds information about the internal structure of the website.

tags | exploit, asp
systems | windows, nt
MD5 | f3c9c247dda71acf38aebe0cb4c5c241
iiscat.c
Posted Feb 1, 2000
Authored by Fredrik Widlund

IIScat exploits the recent Microsoft Index Server vulnerability to read any file on the server.

tags | exploit
MD5 | 6486fb070f99a76bcfc5dfc1a4b9f85d
raq2.admin.exploit.txt
Posted Jan 31, 2000
Authored by Skirkham

Exploit for Cobalt Raq2 Server. Requires Site Administrator access to one of the accounts on the server.

tags | exploit
MD5 | 3432696a228bd51795c33223d2d537b2
qpop-exploit-net.c
Posted Jan 28, 2000
Authored by Missinglnk | Site tribune.intranova.net

A modified version of the original qpopper 3.0beta29 exploit by Zhodiac, added network support (no need for netcat) and allowed the user to specify which command to execute.

tags | exploit
MD5 | 82ad9b1f522d4dae7383117047b5f5bc
iis4.webhits.txt
Posted Jan 28, 2000
Authored by David Litchfield | Site cerberus-infosec.co.uk

Cerberus Information Security Advisory (CISADV000126) - Internet Information Server 4.0 ships with an ISAPI application webhits.dll that provides hit-highlighting functionality for Index Server. A vulnerability exists in webhits that allows an attacker to break out of the web virtual root file system and gain unathorized access to other files on the same logical disk drive. This vulnerability can also be used to obtain the source of Active Server Pages or any other server side script file which often contain UserIDs and passwords as well as other sensitive information. Vulnerable systems include Microsoft Windows NT 4 running Internet Information Server 4, all service packs. Microsoft FAQ on this issue is here.

tags | exploit, web, root
systems | windows, nt
MD5 | 512cf5e159aee75a024d84adc45e0996
spank.txt
Posted Jan 27, 2000
Authored by Tim Yardley

Explanation of the 'spank' attack - a new breed stream/raped. Stream/Raped mearly flooded the host with ack's (or no flags) and came from random ips with random sequence numbers and/or ack numbers. The difference now is that this not only does the previous stuff, but also directly attacks from and to multicast addresses as well.

tags | exploit
MD5 | c9e46f542b311ed9d0f7c9dbc1204c03
ADMsximap.c
Posted Jan 27, 2000
Authored by ADM, Shane A. Macaulay

Solaris Solstice Internet Mail IMAP4 Server x86 exploit.

tags | exploit, x86
systems | solaris
MD5 | 821fc99233c6792e3a5d571544e02056
qpop-xploit.c
Posted Jan 27, 2000
Authored by Zhodiac | Site hispahack.ccc.de

Remote linux x86 exploit for Qpopper 3.0beta29 and below. (not 2.5.3) Overflows the LIST command and spawns a shell with the UID of the user who logged in (requires valid account), and GID mail.

tags | exploit, remote, overflow, shell, x86
systems | linux
MD5 | 089ae93a6c629d93a58194ac07cbb0b6
vpopmail.txt
Posted Jan 27, 2000
Authored by Shane A. Macaulay | Site w00w00.org

w00w00 Security Advisory - qmail-pop3d may pass an overly long command argument to it's password authentication service. When vpopmail is used to authenticate user information a remote attacker may compromise the privilege level that vpopmail is running, naturally root.

tags | exploit, remote, root
MD5 | 68b6d3a1b05e5e257c57d90c820d08c0
vmware.htm
Posted Jan 27, 2000
Authored by Harikiri | Site w00w00.org

w00w00 Security Advisory - Linux VMware 1.1.2 Symlink Vulnerability. VMware stores temporary log files within the /tmp directory. It does not check whether all of these files exist prior to creation, resulting in the potential for a symlink attack.

tags | exploit
systems | linux
MD5 | 4b31536039d42df62107f9f754799ae4
skey.htm
Posted Jan 27, 2000
Authored by Harikiri | Site w00w00.org

w00w00 Security Advisory - S/Key & OPIE Database Vulnerability affecting most Unixes (not NetBSD) running skey-2.2. (possibly earlier versions too) allowing offline password cracking.

tags | exploit
systems | netbsd
MD5 | 8f5d6179b615202fd4b8349769f9708e
qmail-pop3d-vchkpw.c
Posted Jan 27, 2000
Authored by Shane A. Macaulay | Site ktwo.ca

Remote exploit for the inter7 supported vchkpw/vpopmail package for (replacement for chkeckpasswd). Tested on Sol/x86,linux/x86,Fbsd/x86 against linux-2.2.1 and FreeBSD 3.[34]-RELEASE, running vpopmail-3.4.10a/vpopmail-3.4.11[b-e]. Unofficial patch here.

tags | exploit, remote, x86
systems | linux, freebsd
MD5 | 2d7dedcfe66b33095eeacda82febfcc6
iis53.htm
Posted Jan 26, 2000
Site oliver.efri.hr

MS IIS 5.0 has problems handling a specific form of URL ending with "ida". The extension ida has been taken from the Bugtraq posting "IIS revealing webdirectories" The problem causes 2 kind of results. The one result is that the server responds with a message like "URL String too long"; "Cannot find the specified path" The other error causes the server to terminate with an Access Violation. When the server "Access violates" it displays as last message.

tags | exploit
MD5 | 420df2c0f778194590d6ca0d2f538ccd
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close