Very simple shell script exploit code for the recently discovered xfs security hole.
c1ce65f6a9e3979b3ea53e5ab6dbad1f85f51fe41e24929b7742303e909024f0Russ Cooper of NTBugtraq provides the most intriguing corporate trojan/conspiracy/coverup story of the month. This is really simply too far out to believe, but then again, do you trust Adobe and NAI? Whether this is true or not, it damn sure makes for interesting security news, and Russ has done an excellent job researching the whole wierd and unsettling saga.
5595a566adcdbef0b7765764a3a0f34412cba6762b9a74420e8574e16f2730b1Exploit code for local root compromise of AIX 3.2.x and 4.x via Infod vulnerability. Vendor patch information available.
f1a20104206d132b253a0d25c9d71cd9cc61181b2c645a18ab4fa2b88919ade9Serious security holes in all of the major anonymous Web surfing services allow web sites to obtain information about users that the anonymizing services are suppose to be hiding. Java, JavaScript, and ActiveX are the culprits. Many proxy and firewall services are vulnerable too. Exploit description and code included. Recommended solution: Disable Java, JavaScript, and ActiveX.
3fa14c1a52d3de99775fa1885e801d5e43be6bf22ec1ec4c6e35723d9d67954bAnyboard web forum contains vulnerablity that allows anybody to retrieve admin login and password.
ebfa418d01c32c313e86ab0bbd91c3c84a8b3509b739e42d2bcaa2550dd7b307URL Crash Bug in latest versions of AOL's Instant Messenger provides yet another way to launch Denial of Service attacks against AIM users.
b0d093f25cdfc5a5cf5093c931e96e78038a491983e30a01634c9d35c9777d2ePrompt parsing vulnerability in bash-1.x opens up numerous potential exploits. Suggested fix and patch included.
b7bab12f0ef967d41db381e5b7e6713516708340affc08bec9c55a5f8ab169bdSecurity vulnerability found in Big Brother v1.09b/c System and Network Monitor for UNIX, in which sensitive files can be read via web server. Upgrade to current release or install patch. Vendor information included in advisory.
f91b0ddcf832e53532927d85c362b6f00bcc31a853ea338b48f17017c20575a2BMC Software's PATROL Management software allows remote attacker to gain administrator access and execute Denial of Service attacks.
fc248b2b7a8b42d5db1859015792a1f79a2aa71877075d4c2a0c83cff38fa24bBSDI IMAP2BIS remote root exploit code.
9dabbb577528acf44ddc0c335c9ce313f861050c6a08575c61f990a97012f0c7All versions of COAS (Caldera Open Administration Tool) previous to coas-1.0-8 may make /etc/shadow world readable. Vendor solutions and upgrade information included.
fc34ff51f6f40b67054ae729042ed711e9cee7849b9b0be4cfc24c4c21f3fbd2Security vulnerability in Cold Fusion Application Servers allows remote attacker to download, delete and even upload executable files to a Cold Fusion server via the web interface. Access is not limited to files under the web root. Vendor patch available.
b44faf764c3b7bd0c132b9b88165e77477a775c0c3dfd50512b141aaa4f825a7CGI scanner v1.2 scans web servers for 35 common cgi security holes. 6k. Updated, modified, and recoded by su1d sh3ll.
28f9a07f62a4c384ee2af3780d3d294bbe70c69431321dc56b5c183248e77cdbLatest release of the CGI vulnerability scanner, now with checks for 41 common CGI vulnerabilities.
9aa2f1eb5c3a0c6db1f9a257c3180949c6ec3c99d903c9d998f3ed1a83a9542bcgichk2.c
27cd78001d49c92f5e9f24cd9d71695d9e4e496ef40b7673b2a5c64dd246552eUpdated CGI vulnerability scanner, now with checks for 43 different exploits.
0cac4a6f4646f0d128c55b2dc08478c58e61ddd4c3b8aa87df647cdca41ca18dCisco IOS Software Input Access List leakage with NAT creates vulnerability that may allow users to circumvent network security filters, and therefore security policies. Vendor patches and workarounds available.
5940933a631571bbc96c03b8eb7fd27268839d494c6c675df241f5766996160dCold Fusion Application Server vulnerability scanner; see Lopht Cold Fusion Application Server Advisory for details.
dc5e02abfd1948bec4222bb9aa38e5b76797524012fc5fa922f5b712ec2ab1e7crackpipe.c is a program that utilizes the linux Ethertap device to tunnel IP's over normal TCP/UDP connections. Being actively developed.
5e449f0dee5926d3ab0389a1c8a4b1e5f93bb61aef893f3d24d56dce4239fa17Exploit code for CSMMail Windows 95/98/NT SMTP Server remote buffer overflow condition. Root compromise. All versions of CSMMail affected; no fix provided or suggested.
ef690e898416db5771458f59f27326b1380ce979a1485c33c99dc60b643b2b5eBad month for e-commerce, eh? The Cybercash shopping cart software, by cybercash.com, exposes customer credit card info and admin passwd and config files in publicly accessible directories.
a3e9c8e348be7d73c256063664c2dcc041ac6f0e73e2e01793bf64aa607b2db4The Apache and Boa web server configurations shipped with Debian allows anybody to access web server cofiguration files and docs, and even permits local users to browse through other user's home directories.
edea4609d0d991c28f9e7cfcfab299b910020d4416fffb68fd13ade2afc516b2Digital Unix 4.x contains security hole in /var permissions allowing potential root compromise.
e0bcf4ae26d639e3ea0f0c7a4342cafb060d377a22072c9bdb1b8c85b823a347Security hole in EBay's on-line auction web site software allows attacker to completely hijack your account(s). Full exploit description and code included. EBay solution: None (they apparently don't give a damn). Viable solution: stop using EBay.
711fa7b8e70770619210378fc3f4155a21e8fba9a501f3213444feebebcc18deeGROUPS mailing list service vulnerability allows anybody to approve messages for moderated mailing lists. Detailed exploit description included.
31cc33d9f43200acd7ef535d1043464e39a46237facbaa1ddc648408ed20a346
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed