exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 97 RSS Feed

Files

BEADMIN.ZIP
Posted Aug 17, 1999
Authored by Cybermedia Software

Exploit source code for Windows NT Screen Saver Vulnerability that allows any local user to add self to admin group.

tags | exploit, local
systems | windows
SHA-256 | 784009bd84c078234b1c0d1961535141f096d838aef7b41f6a8c2a4fb6b72c25
lotus.notes.crypto.txt
Posted Aug 17, 1999

Lotus security advisory concerning a bug in the Lotus Notes Client which causes encrypted email messages to be saved in the sender's mailbox in unencrypted form.

tags | exploit
SHA-256 | f55facb2814e8c6efc981731988e8356120483f0c6cc886d816a71a425a7d4aa
lotus.notes.mail.crypto.txt
Posted Aug 17, 1999

Encrypted mail sent from the Lotus Notes Client (v4.5, probably others) may traverse the network in the clear and may be stored on the mail server unencrypted. Advisory by Martin Bartosch

tags | exploit
SHA-256 | 1b6161d3911bb49bf15fb90759a629c9c13f944d44abc7795d2fcdc2c0a5943c
melissa.macro.virus.txt
Posted Aug 17, 1999

I am not going to make a habit of posting virus alerts, but this analysis of the fast spreading Melissa virus, including full source code, merits a posting. Excellent job by Nate Lawson of root.org

tags | exploit, root, virus
SHA-256 | cb7d0825035612cb98b7c930c8c715fc30ff98435aeb95176c899cfcbe606f67
ms.exchange.outlook.javascript.txt
Posted Aug 17, 1999

Vulnerabilities in Microsoft Exchange server allow remote attacker to delete user inbox and launch Denial of Service attack with embedded JavaScript.

tags | exploit, remote, denial of service, javascript, vulnerability
SHA-256 | 8240bd3653abc06d942529189480b510713dfb256e3917b711e918b1e977c20e
ms.office.ole.samples.txt
Posted Aug 17, 1999
Authored by MacInTouch

Micrsoft Office/OLE security holes: Does Microsoft know that they are themselves vulnerable though? "clueserver.microsoft.com" is a non-existent host???

tags | exploit
SHA-256 | eb5d4e2e79c9fa1378808210f19e43864dcfe945447331401fbe908e8c8936c4
ms.personal.webserver.txt
Posted Aug 17, 1999

Microsoft has released a patch for the File Access Vulnerability in Personal Web Server. All relevant details included in file.

tags | exploit, web
SHA-256 | 62be2fea91fac4e6a6260bc674edeffa01aa449c0d036d00b77909e2b3807d42
ms.smtp.DoS.txt
Posted Aug 17, 1999

Microsoft's SMTP service (v5.5.1877.977.9) launches Denial of Service attacks. No, this is not a joke, either. Read it. You can download consolation patches at Macroshaft

tags | exploit, denial of service
SHA-256 | afa8c84873e58b0ecc4bf80424693dc11975593de4616394a389bd2808e06d4d
ms.sql.enterprise.manager.txt
Posted Aug 17, 1999

Microsoft SQL Enterprise Manager stores usserid and passsword in plaintext.

tags | exploit
SHA-256 | a985144c673822d1da0ef7f91bcd874193dad8bee51a35a4b92438b40a2e829f
msie.5.0.cookies.txt
Posted Aug 17, 1999

Microsoft Internet Explorer 5.0 is susceptible to a very simple Denial of Service attack involving cookies. Default security settings open this hole, and there is currently no fix. Other problems with the way that MSIE 5 handles cookies are also discussed.

tags | exploit, denial of service
SHA-256 | 001ad23591344f3f96704123a800a5f37cda7ba2dc463b34b93763eb07bc7214
msie.5.0.javascript.txt
Posted Aug 17, 1999

Microsoft just released Internet Explorer 5.0, but apparently forgot to plug many of the JavaScript security holes documented by Georgi Guninski

tags | exploit, javascript
SHA-256 | 7052169274baaf79029a336db336379d20e50e8166700201cf664ced2ae14235
msie.5.0.paste.txt
Posted Aug 17, 1999

Microsoft Internet Explorer 5.0 contains the recently discovered clipboard vulnerability, but now ALL HTML <INPUT> boxes, along with DHTML, can be used to grab your clipboard contents. The default clipboard setting for IE5 is also slacker than before.

tags | exploit
SHA-256 | 93c208044a6cb3ff95fb176590f877b96349f76adbc46a0b2dd9424427eaf80a
msie.5.0.setup.wizard.txt
Posted Aug 17, 1999

The Microsoft Internet Explorer 5.0 installer (Setup Wizard) disables password protected screen savers and the Task Scheduler Service, effectively disabling whatever security you thought the screen saver afforded you, rendering your PC or workstation completely vulnerable to console-based (local-physical) compromises by anybody.

tags | exploit, local
SHA-256 | e2d60ffae603c41a937eb8a04d0b62126d769e044a5ad85789e64d689e5e0e20
msie.5.autocomplete.txt
Posted Aug 17, 1999

The "AutoComplete" feature? In Microsoft Internet Explorer 5.0 it's a big security risk.

tags | exploit
SHA-256 | 2a96a52ef3d6c2b9931b0045eca365c4d2c2ece16d8975fb6366ae30ccf5fb52
msie.5.dhtml.cuartango.txt
Posted Aug 17, 1999
Authored by Juan Carlos Garcia Cuartango

More Microsoft Internet Explorer 5 vulnerabilities! Microsoft Active X control called "DHTML Edit control Safe for Scripting for IE 5" contains security holes that allow public access to the clipboard and cross-frame access, among other things. Exploit code examples included.

tags | exploit, vulnerability, activex
SHA-256 | c2521e524f27af1a173959487b0052a7eba6c27e26cb67ddea1ef8b99b484082
msie.5.previous.inputs.txt
Posted Aug 17, 1999

Microsoft Internet Explorer 5 stores usernames, passwords, credit card, and other personal information unencrypted and insecure in dropdown box.

tags | exploit
SHA-256 | 92a7574d828417244b05834cf7fa0f332c1bd31f128ed811b21c21d8c4e33eaa
msie.zone.confusion.txt
Posted Aug 17, 1999

Microsoft Internet Explorer still does not properly distinguish between sites that belong in the "Internet Zone" and sites that belong in the "Local Intranet Zone".

tags | exploit, local
SHA-256 | 2072e3d20db4085ab597a2fd0a98b7c13527d74a46c242a6dea8e1468d92ef02
mutt.tempfile.race.txt
Posted Aug 17, 1999

tempfile race condition in latest releases of mutt can result in typical symlink attacks.

tags | exploit
SHA-256 | 2334efd01c3d7b49934bb148d67021b9f737f75d4d36e2dd4a52c29fb4938d88
my_login.c
Posted Aug 17, 1999
Authored by stealth

A "patched" login.c that gives user privileged access and logs other user's passwords.

tags | exploit
SHA-256 | ea37fbf067d58d158deffcbec5fc832d5a73cdb2fca3390da184adf460da0349
netbsd.noexec.txt
Posted Aug 17, 1999

Security vulnerability in NetBSD 1.3.3 and prior; NetBSD-current until 19990318 permits local users to execute arbitrary binaries on the system, because the noexec mount flag is not properly handled by non-root mount. Vendor solutions and patches available.

tags | exploit, arbitrary, local, root
systems | netbsd
SHA-256 | e7584bd2b2cc721e3b5528e6566d322c3220533106acffe11cb16edc9882f28e
netbsd.umapfs.txt
Posted Aug 17, 1999

NetBSD 1.3.3 and prior, and NetBSD-current until 19990312 contain a security hole in "umapfs"; Insufficient kernel checking in the umapfs virtual file system allows local users to remap their user id to any other user including the root user. Exploit details, and NetBSD solutions, patches and workarounds included.

tags | exploit, kernel, local, root
systems | netbsd
SHA-256 | bfa17b74f76d408e0b33e16d5db36a74003850d8986a937fcad1220ae2ef4cd4
netscape.4.5.talkback.txt
Posted Aug 17, 1999

Security hole in Netscape Communicator's 4.5 "talkback" function allows any local user to kill processes of any other users if their communicator crashes. Furthermore, a local malicious user can overwrite/create any file that any other user on the system has write access to. Potenial buffer overflow exists too. Vendor and third party solutions included.

tags | exploit, overflow, local
SHA-256 | 1a1224cb1d676b480c63eeee483fb2320031a50654412920be5859b754a3b126
netscape.4.51.javascript.txt
Posted Aug 17, 1999

Netscape just released Netscape Communicator v4.51, but apparently forgot to patch some serious security holes related to JavaScript and reading your files, cache, and more.

tags | exploit, javascript
SHA-256 | bcabfe76e8e79a2dc5097acce976613a25dfd06653cea9e5600481297f95d7b0
netscape.4.51.url.sniffing.txt
Posted Aug 17, 1999

Netscape Communicator 4.51 allows sniffing of URLs from another window. Exploit code and recommended solution included.

tags | exploit
SHA-256 | 483e97f93b2e85510a4ae20d4045db66785ddb11c9f6a4855de81fbf16b8143d
netscape.coredump.txt
Posted Aug 17, 1999
Authored by Echo8

Netscape Navigator 3.x and 4.x for Linux and UNIX contains security vulnerability in which sensitive user information is easily obtainable from core dumps.

tags | exploit
systems | linux, unix
SHA-256 | e2e6a60c543e5e2794580b05b6757d800904326df1b02762d71a126a7d538fb6
Page 1 of 4
Back1234Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close