exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 111 RSS Feed

Files

CA-99-03-FTP-Buffer-Overflows.txt
Posted Aug 17, 1999
Authored by CERT

Remote buffer overflows in various FTP servers leads to potential root compromise.

tags | exploit, remote, overflow, root
SHA-256 | 406172d824472d5015e41095546c5de3cb5a7445178fbf237678c37c792fe1b9
website.pro.txt
Posted Aug 17, 1999

Default configuration of Website Pro 2.0 opens security hole allowing remote attackers to upload new files and overwrite existing files. This is how www.idsoftware.com got hacked this week.

tags | exploit, remote
SHA-256 | d18ec1180e4e3473f3c9ca5cac2a12363f136ffa2ba64be78adf862f98a4d655
win98explorer.txt
Posted Aug 17, 1999

Buffer overflow in Windows Explorer can lead to Denial of Service attack, and possibly more.

tags | exploit, denial of service, overflow
systems | windows
SHA-256 | 4214293d27b33ba9bb4f154acf870baa5a5a54e9b95f0a50d46aeaa2d415d028
windows-FAT-recursion.txt
Posted Aug 17, 1999
Authored by xm

Windows FAT Filesystem Advisory: Recursive directory creation can be used as a Denial of Service attack against Windows* servers that allow anonymous FTP upload, and any that allow users to create directories and execute files.

tags | exploit, denial of service
systems | windows
SHA-256 | bab71ed1bea79436a1c61aa4bc40f4b35f976ddc2c6b334802cf7cc588f083dc
windows.backdoors.txt
Posted Aug 17, 1999

ISS X-Force advisory concerning Windows backdoors, specifically NetBus 2.0 Pro, Caligula, and Picture.exe. An excellent analysis of the new NetBus 2.0 Pro is included, making this a "must read" file.

tags | exploit
systems | windows
SHA-256 | 624e7b8b4d18038d8656b7fba7911d548aa1eda2ee3d28168fe14a14334e1a9b
windows.registry.keys.txt
Posted Aug 17, 1999

This is nothing new, but is nevertheless a good reminder that Windows registry keys are never deleted, unless you "hack" the registry yourself. For details on how to edit your Windows registry, and take care of many of the rest of those "Windows annoyances", check out Annoyances.org

tags | exploit, registry
systems | windows
SHA-256 | 297ac600a3126496ce6b9b4a8421b040319266ebf95e3414b8e8b914b9d8514f
windows98.bof.txt
Posted Aug 17, 1999

More Windows 98 buffer overflows detailed. The interesting thing about these is that it appears that Microsoft software developers define buffer values for each application without consulting one another. In other words, virtually every MS product allocates different amounts of space for buffers!

tags | exploit, overflow
systems | windows
SHA-256 | 3233d491cd03ed7a39f51a2995d07a4acbbe5a73c7e280ab229ed3665778cecc
windows98.pingflood.txt
Posted Aug 17, 1999

ISS X-Force advisory concerning Windows backdoors, specifically NetBus 2.0 Pro, Caligula, and Picture.exe. An excellent analysis of the new NetBus 2.0 Pro is included, making this a "must read" file.

tags | exploit
systems | windows
SHA-256 | cee3bc26d8ed5956ce96c31b7db8db96054271f17ea1d74781c5e958a82dc31f
word98.mac.txt
Posted Aug 17, 1999
Authored by eEye Digital Security

Macintosh version of Microsoft Word '98 includes sensitive material in document files. Specifically, document files created in Word '98 frequently include unrelated data taken from the hard-drive. This data can contain passwords, or other confidential information that is on the hard-drive. 9902-exploits/ws_ftp-DoS.txt WS_FTP Server Remote Denial of Service Attack. Exploit example included.

tags | exploit, remote, denial of service
SHA-256 | cfba308b0139e7c2f2d406029d0033be1c7b5c3e93df2d0bee8fc167bf33e9d2
xnec_lpc.c
Posted Aug 17, 1999

Linux /usr/bin/lpc (PLP Line Printer Control program) contains buffer overflow with local root compromise. Exploit code and patch fix included.

tags | exploit, overflow, local, root
systems | linux
SHA-256 | 02e319c65a5b19c0f7837742936e6eb9967bf34b351ce0d3493bd35d638e180a
xtvscreen.suse6.txt
Posted Aug 17, 1999

The Xtvscreen program can be used to overwrite any file on SuSE 6 (and probably other distros and OS's).

tags | exploit
systems | linux, suse
SHA-256 | 23e0ffc7351fb8f8db008369f1a1204d6fab32028c0e84e1bf09e2a3d2fb153b
install.iss.txt
Posted Aug 17, 1999

ISS Internet Security Scanner for Linux (version 5.3) install.iss security hole is vulnerable to the standard tmp-symlink attack. Not much exploit potential here, as noted by Fyodor, but this problem raises serious questions about the overall integrity of proprietary ISS software that is distributed in binary form only.

tags | exploit
systems | linux
SHA-256 | 2ac45dc970b2651ed7327d08c55bac3eb31bc66662b2e32df81476f4f18963be
interscan.viruswall.txt
Posted Aug 17, 1999
Authored by s10, unicorn

Trend Micro's InterScan VirusWall does not properly protect LANs from inbound traffic (any user can download binaries and virus infected files though the VirusWall). Exploit code included; no patch available from the vendor yet.

tags | exploit, virus
SHA-256 | c9dcc0e2e23227f93b25f0b63b208c428d5edecca2b432f333a2602c512d20ec
iss.brute.force.txt
Posted Aug 17, 1999

The ISS Internet Scanner lets you brute force by using username/password pairs specified in the file default.login.

tags | exploit
SHA-256 | 699af6caa49e79fc9dae77eebf6a0ad59b3ec4f49adf4332551300050354acee
iss.exploit.c
Posted Aug 17, 1999

Example generic tmp-symlink exploit code that can be used for Denial of Service attacks or root compromises.

tags | exploit, denial of service, root
SHA-256 | 4f1315210789e192210530124a20b14d285e161fee054f21662640351113c9c7
junk.tar.gz
Posted Aug 17, 1999
Authored by sw3

Example script that exploits the poc.mail.local.txt (mail.local) security hole.

tags | exploit, local
SHA-256 | da41d2dae164a4557d6998e2fca3ac80383e4ac5caaab5ac71b14ec02dce8aec
linux2.2.1-proc-smp-race-sniffer.txt
Posted Aug 17, 1999

Detailed descriptions of SMP /proc race conditions in Linux 2.2.1 kernel. Patches and Linux-2.2.1 /proc SMP race sniffer exploit code included.

tags | exploit, kernel
systems | linux
SHA-256 | 953fc16750d0e9aadc7149c2cf38c1a3e7ab36073ac96e3bd6af1cb473723eee
listerine.tar.gz
Posted Aug 17, 1999
Authored by sw3

Example script to test for the ncftpd.txt (NcFTPd) security exploit.

tags | exploit
SHA-256 | f662640f6c2994030cb4786d5747a8b803f7f8564ddd7f013919b672ce04cb9f
lsof-xploit.c
Posted Aug 17, 1999

Exploit code for buffer overflow in lsof versions 4.40 and earlier that enables any local user to obtain root privileges.

tags | exploit, overflow, local, root
SHA-256 | 2f337885cd4644411ec2cd6a2bdd6142da00b5fd1c44ff7e70bea39dc9fa6ebb
lsof.txt
Posted Aug 17, 1999
Authored by HERT

Buffer overflow in lsof v4.40 and earlier allows local root compromise. Suggested patch and fix information included.

tags | exploit, overflow, local, root
SHA-256 | 12c3c70a01727e082fd215742bed00bec82aa7abab22a03f28b5fa0cbfe47c52
lydia.passwd.txt
Posted Aug 17, 1999

The Lydia pop3 email utility produced by Kabsoftware uses a weak encryption algorithm, leaving user passwords locally vulnerable.

tags | exploit
SHA-256 | 0058b79f1038405d4d136dab9fc159fb719755d252212222dc920096bd1b9d32
lynxtmp.txt
Posted Aug 17, 1999

Lynx /tmp bug involving symlinks can lead to local root compromise.

tags | exploit, local, root
SHA-256 | a6b28927f7725cb5e7841faa2bb5111e32452c91664008bad5d0baa2ce7ea8df
mail.local.diff
Posted Aug 17, 1999

Diff for mail.local security hole.

tags | exploit, local
SHA-256 | 855504517b6b7256a212e93bbdf14bcac7895900deaf5939cec69b952003b2e0
mailfrm.tar.gz
Posted Aug 17, 1999
Authored by sw3

Example script that exploits the poc.mail.local.txt (mail.local) security hole.

tags | exploit, local
SHA-256 | 33008441bf71060f041ab7d57a1c8ed7eb2bf57f991fb1f98d2a75fe0f8b7cb4
mailmaxbof.c
Posted Aug 17, 1999
Authored by _mcp_

Mail-Max SMTP server for windows 95/98/NT contains remote buffer overflows that can result in root compromise. Exploit code (compiles on Linux x86) included.

tags | exploit, remote, overflow, x86, root
systems | linux, windows
SHA-256 | bd9e54b5e723020155b6c4d447526db08e8a38f0decba193319f9e366086f768
Page 1 of 5
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close