Exploit the possiblities
Showing 1 - 25 of 37 RSS Feed

Files

9910-exploits.tgz
Posted Nov 2, 1999
Authored by Todd J.

New exploits for October, 1999.

tags | exploit
MD5 | d04194be7592ed1b90a2d59772a1161b
ie50.cross-frame.txt
Posted Oct 29, 1999
Authored by Francis Favorini

IE 5.0 cross-frame vulnerabilities are back again. Test page here.

tags | exploit, vulnerability
MD5 | 33a2a19a177979c9c5c106e922223419
msn.messanger.weak.crypto.txt
Posted Oct 28, 1999
Authored by Underground Security Systems Research

Problem: The encryption algorithm used to save passwords to disk is weak and easily broken. Decryption program here.

tags | exploit
MD5 | 435ac9c136a4add65c37242bf55f61aa
axent.dos.c
Posted Oct 28, 1999
Authored by The MSG.Net Firewall Wrecking Crew

Axent Raptor 6.0 'IP Options DOS'. Tested on Intel/*BSD systems. Exercises the IP options bug reported in Raptor 6.0, this bug is fixed by an Axent official patch available here.

tags | exploit
systems | bsd
MD5 | 95f8793b98062cae4c3f22fb137ea463
wftpd.txt
Posted Oct 28, 1999
Authored by Underground Security Systems Research

The WFTPD v2.34,v2.40 Server and earlier a vulnerable to remotely exploitable buffer overflow. This can result in a denial of service and at worst in arbitrary code being executed on the system.

tags | exploit, denial of service, overflow, arbitrary
MD5 | 7c2340a64fb6e67abee4dc32fa4a4792
url.live-1.0.txt
Posted Oct 28, 1999
Authored by Unyun | Site shadowpenguin.backsection.net

URL Live! 1.0 WebServer for Windows95/98/NT which is released by Pacific Software Publishing, Inc. (http://www.urllive.com/) also has a "../" security problem, any users can download any files on the victim host.

tags | exploit, web
MD5 | a0e18ec3378b03dc8ad9123138dcd0db
RFP9905.zeus.remote.root.txt
Posted Oct 28, 1999
Authored by rain forest puppy

Zeus is a high-performance webserver available from Zeus Technologies (www.zeus.co.uk). There's a myriad of problems, that when combined together, could yield a remote root compromise.

tags | exploit, remote, root
MD5 | 5dd82eec946ea0745e4f088e0532b744
linux.forged.packets.txt
Posted Oct 26, 1999
Authored by Marc Schaefer

Forged packets can be send out from a Linux system, for example for NFS attacks or any other protocol relying on addresses for authentification, even when protected from the outside interfaces by firewalling rules. Most of the time, existing firewalling rules are bypassed. This requires at least a shell account on the system.

tags | exploit, shell, protocol
systems | linux
MD5 | 12badbea53522fa64750244666ef3362
webfolders.txt
Posted Oct 26, 1999
Authored by Sozni

If you have installed Microsoft Office 2000 or keep current on your Windows Updates, you may have noticed a new WebFolders namespace in Windows Explorer. The fun part is that WebFolders have some significant weaknesses (inherited from FrontPage) and are such a new concept that it turns out they make a great entry point into a remote server.

tags | exploit, remote
systems | windows
MD5 | 7012c360637b4eb80b05f0673dac5c78
dopewarez.c
Posted Oct 25, 1999
Authored by nuuB

Remote exploit for dopewars-1.4.4. Exploit works for servers as well as clients. Produces a shell.

tags | exploit, remote, shell
MD5 | fefcee343945911461e4b56d1b8ac1ab
ex_imagemap.c
Posted Oct 22, 1999
Authored by Unyun

imagemap CGI which is distributed with OmniHTTPd 1.01 and Pro2.04 has a buffer overflow bug, I coded an exploit which can execute any command on the victim host. The Shadow Penguin Security.

tags | exploit, overflow, cgi
MD5 | 6737cb80be42e1d6177bcde4aa45fc08
checkpoint.ldap.txt
Posted Oct 20, 1999
Authored by Olaf Selke

With FireWall-1 Version 4.0 Checkpoint introduced support for the Lightweight Directory Access Protocol (LDAP) for user authentication. It looks like there's a bug in Checkpoint's ldap code which under certain circumstances can lead to unauthorized access to protected systems behind the firewall.

tags | exploit, protocol
MD5 | c7df1ab4a7d569d8a74e4c5be325ea2d
xmonisdn.bug
Posted Oct 19, 1999
Authored by Ron van Daal

Red Hat 6.0 vulnerability in xmonisdn which allows reading of arbitrary files via core dumps. Exploit included.

tags | exploit, arbitrary
systems | linux, redhat
MD5 | 6776a78f63639244641bac9fd8d824f5
ie5.javascript.redirect.txt
Posted Oct 19, 1999
Authored by Georgi Guninski

Internet Explorer 5.0 under Windows 95 and WinNT 4.0 (suppose Win98 is vulnerable) allows reading local files and text/HTML files from any domain. Window spoofing is possible. It is also possible in some cases to read files behind fiewall. Example code here.

tags | exploit, local, spoof
systems | windows, 9x, nt
MD5 | fce07106d504acb64340ca6e505ad1b7
2.2.12.execve.txt
Posted Oct 18, 1999
Authored by Ben

There might be a really nasty stack smash bug in linux-2.2.12 and 2.0.38. If I am reading this correctly, the implications of this bug could be very dire. It may be possible to easily obtain root privilege on any box running this kernel. Includes comments by Alan Cox.

tags | exploit, kernel, root
systems | linux
MD5 | 8534bb400eb23d17b337a22bacec2ca8
openlink.3.2.txt
Posted Oct 18, 1999
Authored by Tymm Twillman

A serious security hole has been found in the web configuration utility that comes with OpenLink 3.2. This hole will allow remote users to execute arbitrary code as the user id under which the web configurator is run (inherited from the request broker, oplrqb). The hole is a run-of-the-mill buffer overflow, due to lack of parameter checking when strcpy() is used.

tags | exploit, remote, web, overflow, arbitrary
MD5 | 204070953c411939bdcda995b4e7af06
SCOUNIX_shadow_exploit.txt
Posted Oct 15, 1999
Authored by Brock Tellier

Any user may overwrite any file with group auth (i.e. /etc/shadow, /etc/passwd) using /etc/sysadm.d/bin/userOsa.

tags | exploit
MD5 | fd22dd9aa08277040a167ada67f23d7a
SCO_OpenServer_exploit.txt
Posted Oct 15, 1999
Authored by Brock Tellier

An overflow in /opt/K/SCO/Unix/5.0.5Eb/.softmgmt/var/usr/bin/cancel which will allow any user to gain lp privs.

tags | exploit, overflow
systems | unix
MD5 | 7dc967e1d728db87f92016be07013dc3
RDS_exploit.txt
Posted Oct 15, 1999
Authored by rain forest puppy

Windows 95 updated RDS exploit.

tags | exploit
systems | windows, 9x
MD5 | 2743a6c97d62affe1f681e637a5bd473
IE5_IFRAME_vuln.txt
Posted Oct 15, 1999
Authored by Georgi Guninski

IE 5.0 vulnerability - reading local (and from any domain, probably window spoofing is possible) files using IFRAME and document.execCommand. Includes exploit. Demonstration code Here.

tags | exploit, local, spoof
MD5 | 6a358ce39aaa0678eebadde767437215
Finjan_Exploit_Alert.txt
Posted Oct 15, 1999

WinNT.Infis is an executable file with .EXE extension that installs itself as a native Windows NT system driver. Alert from Finjan

tags | exploit
systems | windows, nt
MD5 | a18afa1efa3c535a8846191dba8ec359
Nashuatec_printer_vulns.txt
Posted Oct 15, 1999

The NASHUATEC D445 printer is vulnerable to many attacks

tags | exploit
MD5 | cbcbedd5410cf6ca14456d150d4be925
pepsi.txt
Posted Oct 13, 1999

Sil of AntiOffline has discovered a disturbing bug in cans of Pepsi and Diet Pepsi. Apparently he has notified the vendors of this problem, yet they steadfastly refuse to release a patch. All known versions are affected. With Coke and Pepsi having most of the market share in cola drinks, surely this is an another argument for more soft drink diversity!

tags | exploit
MD5 | 4c54d2aed4907dc5351ab1aa0722fa3a
oracle_intelligent_agent.txt
Posted Oct 12, 1999
Authored by mujahadin

Oracle installations with the 'Oracle Intelligent Agent' installed have a path related vulnerability. The problem lies in the dbsnmp program located in $ORACLE_HOME/bin . This setuid root program calls a tcl script (nmiconf.tcl) located by default in $ORACLE_HOME/network/agent/config. The problem is that the dbsnmp script relies on an environment variable (the path to nmiconf.tcl) which can be a set by a user. Therefore, intruders can force the script to execute a trojaned version of nmiconf.tcl which will run as root.

tags | exploit, root, trojan
MD5 | 447707fba9e8c029745736df594deb84
IE5_download_vuln.txt
Posted Oct 12, 1999

A vulnerability in Internet Explorer 5 that allows a malicious web site operator to read files on the computer of a person who visited the site.

tags | exploit, web
MD5 | 0ab38ed1592bc71af721580afaa1b401
Page 1 of 2
Back12Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
NYPD Cops Need A Warrant To Snoop On Your Phone
Posted Nov 17, 2017

tags | headline, government, privacy, usa, phone
Oracle Scrambles To Fix Security Flaws In Tuxedo
Posted Nov 17, 2017

tags | headline, database, flaw, oracle
Github To Devs: Now You'll Get Security Alerts On Flaws In Popular Software Libraries
Posted Nov 17, 2017

tags | headline, flaw
Keystone Pipeline Leaked 210,000 Gallons Of Oil In South Dakota
Posted Nov 17, 2017

tags | headline, flaw
Cash Converters Reveals Data Breach
Posted Nov 16, 2017

tags | headline, hacker, cybercrime, data loss, fraud, identity theft
Kaspersky Defends Its Role In NSA Breach
Posted Nov 16, 2017

tags | headline, government, malware, usa, russia, data loss, spyware, nsa
McAfee Anti-Hacking Service Exposed Users To Banking Malware
Posted Nov 16, 2017

tags | headline, malware, bank, cybercrime, fraud, flaw, identity theft, mcafee
DJI Bug Bounty NDA Is 'Not Signable', Say Irate Infosec Researchers
Posted Nov 16, 2017

tags | headline, hacker, flaw
Government Just Figures Out You Can Hack Planes Remotely Due To Poor Design
Posted Nov 15, 2017

tags | headline, government, usa, flaw, terror
UK Security Chief Blames Russia For Hacks
Posted Nov 15, 2017

tags | headline, hacker, government, britain, russia, cyberwar
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close