Exploit code for Pine 4.xx that allows local attacker to gain elevated, possibly (clueless superuser) root, privileges.
6190f93c46da23859557dd1a9dd27dc274bccdc97c868e5d2d1079ef802c1300The Microsoft "favicon.ico" bug allows anybody to use search engines to find and access server logs, and subsequently glean information such as passwords included in cgi script URLs in the logs.
0342a81da35fea51199898d5435e68485778b6cf89b0acc11559f46684bece69fawx.c is an igmp-8+frag attack for linux, similar to ssping.c, that sends oversized fragmented IGMP packets to a box either making it freeze (WinNT/9x), or lagging it to hell and back. Since most Win32 firewalls dont support IGMP, the attack successfully penetrates most systems, making it much more effective than an ICMP attack which is likely to be filtered. It has successfully crashed NT4.0+sp1+2, Win95, Win95 with ConSeal PC firewall blocking icmp, Win95 with McAfee PC firewall. It also passed undetected through ipfwadm and ipchains (useful for flooding).
3bceefae0c99f8589c025cb707a2813f18fb5385a697fd53eb3a30be6fce1021Ffingerd bugs compromise user privacy. Exploit details, patches, and upgrade information included.
ac2cb9d5d70cc16b5cea6bc7e1d26472edf9489b488ec79023de3ad4d48c8567Security Holes In FileGuard 3.0.8 file protection software for the MacOS allows anyone with guest account access to gain administrator privileges and access to ALL files.
d30b0ace07c9127553b40b6f9b093814c9d1d6b26296018f0a52eb9ceca0e436FlowPoint ADSL routers have a universal default password that allows remote attacker to gain complete control of router if password is not changed.
5adc5414234a74fb3f9ea91e68b54190b85f2ae0d5ac6e94f96f04a21ccc5ebfFooling Foolproof Security: A very good description of how to bypass FoolProof PC/Internet security features.
d1d4abad86a8bdafe9151ab3f34fbd6a643c66a76d57b136e0f80bf2e4c6a43aWindows FrontPage 98 Server contains another simple Denial of Service attack. Exploit description included.
64ab70344e7db4801b243bd86c27d183be68a4feaf1e86c7815412b193d3529f'random seed' security vulnerability in FWTK and Gauntlet allows attacker with shell access to the authsrv host to gain access to any service that authenticates through the 'authsrv' service. Vendor solution included (upgrade to later release).
236dbdb0f446367394c19b9f4d96398bf1f3bb5274747e02c11336e9e67e28b4Several free form data mailer scripts allow attacker to steal Hotmail passwords with a simple javascript-based exploit.
a1c7e928499cfff2ee1f600e5c5080e5fe3b55c701ed9863acb8341ba1d8d96bSecurity Vulnerability with ftp on HP-UX 11.00 and with hpterm on HP-UX 10.20 permits users to gain increased privileges. Vendor patches available.
7e4bff979f49830800642c9aa2eea1aca314486cc168c87eb3261c4a59b221b3HP-UX (various versions of 10.x and 11.0) security vulnerabilities in MC/ServiceGuard, MC/LockManager, and Domain Enterprise Server Management System (DESMS) allow users to gain increased privileges. Vendor patch information included.
66cf03fd96d2ed93d30f4083ae82b267e1ef06343a297256e23baeaff1553cdaCold Fusion exploit template that allows remote attacker to upload, download, and delete files on vulnerable ColdFusion application servers.
a4313f1276f811245e01ebb7b4a81664ef7cb75c5a0c5eaf761d6fd92b0abfabSource code for a simple program that exploits a vulnerability in Wondows NT PE loader, causing a BSOD (Blue Screen Of Death). The program does not need any special privileges to run, and can be hidden easily. Windows NT4 and NT5betaX (any and all patches) vulnerable.
7b0435ce20971f9aa5af9f78ae7f511eaa4d3cf2dee91fb5d61bd8a6e724263dNovell Remote.NLM password decryption exploit program, with full source code included.
bb2f8b25e102ba27f111488a78118a8bdf72b8b9e38e2d7a5972bc9018c1743bRoot compromise exploit code for the Internet Security Systems Internet Scanner buffer overflow.
2f06a903cd863a88e4b287859507123fa73df24a416a88c5817843286f09b3f1SDI wu-ftpd exploit that allows attacker to execute commands remotely as root user if write access is enabled on the ftp server.
4a62025f90ef96afbb9315bd885e7302a57c733eb1fab8ec12db9baed9fc10e7Buffer overflow in Internet Security Systems Internet Scanner allows non-privileged local user to gain root access. Exploit code and temporary security recommendations included.
f9112bc87aa83e839215963a588e888c6721a945a072cc9d694fe203d13e61d1Exploit code for local XFree 3.3.3-symlink root compromise. Tested under FreeBSD 3.1, but should work on others too.
1e6853bc65155c6e73b43ac55a109df496be3b3a7ae8a1240d4a67d0467640c5"Features" in Xylan OmniSwitches can result in Denial of Service attacks and access by attacker to privileged information.
6e2037179bc9d49348f7c5804b4ec51e77877c4dee9fb3cd79ed0a7188a7880c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed