what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 37 RSS Feed

Files

9910-exploits.tgz
Posted Nov 2, 1999
Authored by Todd J. | Site packetstormsecurity.com

New exploits for October, 1999.

tags | exploit
SHA-256 | f36c0681b3c2bb6aa5d6c5458d942f533cfcc1598e2275904cc28b03901f95c6
ie50.cross-frame.txt
Posted Oct 29, 1999
Authored by Francis Favorini

IE 5.0 cross-frame vulnerabilities are back again. Test page here.

tags | exploit, vulnerability
SHA-256 | 58513adbb0b9d1e19f086121a59e9d5025328e58bcdf654d047fb1f967cd60d9
msn.messanger.weak.crypto.txt
Posted Oct 28, 1999
Authored by Underground Security Systems Research

Problem: The encryption algorithm used to save passwords to disk is weak and easily broken. Decryption program here.

tags | exploit
SHA-256 | 1b3afabfd5ff939a69eb0863f8806b0965927000c94e385fd52ea151fcac902f
axent.dos.c
Posted Oct 28, 1999
Authored by The MSG.Net Firewall Wrecking Crew

Axent Raptor 6.0 'IP Options DOS'. Tested on Intel/*BSD systems. Exercises the IP options bug reported in Raptor 6.0, this bug is fixed by an Axent official patch available here.

tags | exploit
systems | bsd
SHA-256 | e50c15da4d68cb8bc5970d2a2c0384d6e488c7b916efa9e7038b05fb41efe598
wftpd.txt
Posted Oct 28, 1999
Authored by Underground Security Systems Research

The WFTPD v2.34,v2.40 Server and earlier a vulnerable to remotely exploitable buffer overflow. This can result in a denial of service and at worst in arbitrary code being executed on the system.

tags | exploit, denial of service, overflow, arbitrary
SHA-256 | 1da511ef5ea23df545a0b22c5a4538820e140e48715c156edb886c816c2c16b1
url.live-1.0.txt
Posted Oct 28, 1999
Authored by Unyun | Site shadowpenguin.backsection.net

URL Live! 1.0 WebServer for Windows95/98/NT which is released by Pacific Software Publishing, Inc. (http://www.urllive.com/) also has a "../" security problem, any users can download any files on the victim host.

tags | exploit, web
SHA-256 | c64939edba329091851ebb821f527ea204471836402e1d30c11570c20750b105
RFP9905.zeus.remote.root.txt
Posted Oct 28, 1999
Authored by rain forest puppy

Zeus is a high-performance webserver available from Zeus Technologies (www.zeus.co.uk). There's a myriad of problems, that when combined together, could yield a remote root compromise.

tags | exploit, remote, root
SHA-256 | 65d6f38cd31d99a0d42671ac5798e0b7297ec2bffefafb358fe4c9721a74e92b
linux.forged.packets.txt
Posted Oct 26, 1999
Authored by Marc Schaefer

Forged packets can be send out from a Linux system, for example for NFS attacks or any other protocol relying on addresses for authentification, even when protected from the outside interfaces by firewalling rules. Most of the time, existing firewalling rules are bypassed. This requires at least a shell account on the system.

tags | exploit, shell, protocol
systems | linux
SHA-256 | 8d159590c7c839774eb2f8a7c4dddf0737f16a6cf7e3d10393036232f45f5469
webfolders.txt
Posted Oct 26, 1999
Authored by Sozni

If you have installed Microsoft Office 2000 or keep current on your Windows Updates, you may have noticed a new WebFolders namespace in Windows Explorer. The fun part is that WebFolders have some significant weaknesses (inherited from FrontPage) and are such a new concept that it turns out they make a great entry point into a remote server.

tags | exploit, remote
systems | windows
SHA-256 | 01adda0b5af462be99d4d8071315e8516891937780a27b461c6b4e7ab4d80727
dopewarez.c
Posted Oct 25, 1999
Authored by nuuB

Remote exploit for dopewars-1.4.4. Exploit works for servers as well as clients. Produces a shell.

tags | exploit, remote, shell
SHA-256 | 6ba59e6009b05be123b6af5928e78b018f173818061ec3c4bfedafabca9b0987
ex_imagemap.c
Posted Oct 22, 1999
Authored by Unyun

imagemap CGI which is distributed with OmniHTTPd 1.01 and Pro2.04 has a buffer overflow bug, I coded an exploit which can execute any command on the victim host. The Shadow Penguin Security.

tags | exploit, overflow, cgi
SHA-256 | 934905f1f9f1cb9de1cc562db508da34d8ccefe4d46bd6355fecc4455384cec2
checkpoint.ldap.txt
Posted Oct 20, 1999
Authored by Olaf Selke

With FireWall-1 Version 4.0 Checkpoint introduced support for the Lightweight Directory Access Protocol (LDAP) for user authentication. It looks like there's a bug in Checkpoint's ldap code which under certain circumstances can lead to unauthorized access to protected systems behind the firewall.

tags | exploit, protocol
SHA-256 | 2f81200bc55676da2428f3831cedb8e4b15c6bd29aae46ce2333a5340e0d9e94
xmonisdn.bug
Posted Oct 19, 1999
Authored by Ron van Daal

Red Hat 6.0 vulnerability in xmonisdn which allows reading of arbitrary files via core dumps. Exploit included.

tags | exploit, arbitrary
systems | linux, redhat
SHA-256 | 93fa2b6b0baa727fccdfca70c6a58035f2f78a8ecd0bd5d33fb613043d0fd500
ie5.javascript.redirect.txt
Posted Oct 19, 1999
Authored by Georgi Guninski

Internet Explorer 5.0 under Windows 95 and WinNT 4.0 (suppose Win98 is vulnerable) allows reading local files and text/HTML files from any domain. Window spoofing is possible. It is also possible in some cases to read files behind fiewall. Example code here.

tags | exploit, local, spoof
systems | windows
SHA-256 | ae28152f3141ef6c3d473a077670277333c83e16b166924e3ecccd5099c6e352
2.2.12.execve.txt
Posted Oct 18, 1999
Authored by Ben

There might be a really nasty stack smash bug in linux-2.2.12 and 2.0.38. If I am reading this correctly, the implications of this bug could be very dire. It may be possible to easily obtain root privilege on any box running this kernel. Includes comments by Alan Cox.

tags | exploit, kernel, root
systems | linux
SHA-256 | 26882e3fac59928336c10c9962f8a3f5cce1846683fd03a227f0f61b771d35be
openlink.3.2.txt
Posted Oct 18, 1999
Authored by Tymm Twillman

A serious security hole has been found in the web configuration utility that comes with OpenLink 3.2. This hole will allow remote users to execute arbitrary code as the user id under which the web configurator is run (inherited from the request broker, oplrqb). The hole is a run-of-the-mill buffer overflow, due to lack of parameter checking when strcpy() is used.

tags | exploit, remote, web, overflow, arbitrary
SHA-256 | b36a8272ac716effd911a885be7e5ec3e74fe7e469278cc4955a647b5a86bbe3
SCOUNIX_shadow_exploit.txt
Posted Oct 15, 1999
Authored by Brock Tellier

Any user may overwrite any file with group auth (i.e. /etc/shadow, /etc/passwd) using /etc/sysadm.d/bin/userOsa.

tags | exploit
SHA-256 | efdff100c4986b360fdb21f715839b67fb3d8d0b39aa721df77706513060b1a7
SCO_OpenServer_exploit.txt
Posted Oct 15, 1999
Authored by Brock Tellier

An overflow in /opt/K/SCO/Unix/5.0.5Eb/.softmgmt/var/usr/bin/cancel which will allow any user to gain lp privs.

tags | exploit, overflow
systems | unix
SHA-256 | 9a4e597b84c8c1eb31bb630c9cc574cac8e99b62e17a606be42a39e44a6790f1
RDS_exploit.txt
Posted Oct 15, 1999
Authored by rain forest puppy

Windows 95 updated RDS exploit.

tags | exploit
systems | windows
SHA-256 | 149a610621db59471d4420731c09658ea691396164cc0d8d1ac34ce2e22ef793
IE5_IFRAME_vuln.txt
Posted Oct 15, 1999
Authored by Georgi Guninski

IE 5.0 vulnerability - reading local (and from any domain, probably window spoofing is possible) files using IFRAME and document.execCommand. Includes exploit. Demonstration code Here.

tags | exploit, local, spoof
SHA-256 | 9675de24df2217c21e2f6231a2c519019a809807235ded9783257956a7c2f796
Finjan_Exploit_Alert.txt
Posted Oct 15, 1999

WinNT.Infis is an executable file with .EXE extension that installs itself as a native Windows NT system driver. Alert from Finjan

tags | exploit
systems | windows
SHA-256 | 23e7fbdac27458b692f699f8b02855358119285d3d4e180ca6f8cd287273b70a
Nashuatec_printer_vulns.txt
Posted Oct 15, 1999

The NASHUATEC D445 printer is vulnerable to many attacks

tags | exploit
SHA-256 | 394d23effdf942f93c8f35952664715426d28a4501b41528f8f01ed69afed5fc
pepsi.txt
Posted Oct 13, 1999

Sil of AntiOffline has discovered a disturbing bug in cans of Pepsi and Diet Pepsi. Apparently he has notified the vendors of this problem, yet they steadfastly refuse to release a patch. All known versions are affected. With Coke and Pepsi having most of the market share in cola drinks, surely this is an another argument for more soft drink diversity!

tags | exploit
SHA-256 | d269a0eb52cf0d0eab565a5afb0264fff9a992aef99a2ba9e47ea522849a6eee
oracle_intelligent_agent.txt
Posted Oct 12, 1999
Authored by mujahadin

Oracle installations with the 'Oracle Intelligent Agent' installed have a path related vulnerability. The problem lies in the dbsnmp program located in $ORACLE_HOME/bin . This setuid root program calls a tcl script (nmiconf.tcl) located by default in $ORACLE_HOME/network/agent/config. The problem is that the dbsnmp script relies on an environment variable (the path to nmiconf.tcl) which can be a set by a user. Therefore, intruders can force the script to execute a trojaned version of nmiconf.tcl which will run as root.

tags | exploit, root, trojan
SHA-256 | 0f333e0cee58f483618cb5b045cda5dd5f3845e5f50149416ee043fd7957d53a
IE5_download_vuln.txt
Posted Oct 12, 1999

A vulnerability in Internet Explorer 5 that allows a malicious web site operator to read files on the computer of a person who visited the site.

tags | exploit, web
SHA-256 | b74388296f34727128150446873f6059bf6a0fdc3c669e2df6b4c0cde7827891
Page 1 of 2
Back12Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Sam Bankman-Fried's Sentencing Hearing Over FTX Fraud Begins Today
Posted Mar 28, 2024

tags | headline, fraud, cryptography
Sellafield To Be Prosecuted For IT Security Offenses
Posted Mar 28, 2024

tags | headline, government, britain, flaw
These 17,000 Microsoft Exchange Servers Are A Ticking Time Bomb
Posted Mar 28, 2024

tags | headline, microsoft, email, flaw
Analyse, Hunt, And Classify Malware Using .NET Metadata
Posted Mar 27, 2024

tags | headline, hacker, malware, microsoft
VPN Apps On Google Play Turn Android Devices Into Proxies
Posted Mar 27, 2024

tags | headline, privacy, phone, flaw, google
Fortinet FortiClient EMS SQL Injection Flaw Exploited In The Wild
Posted Mar 27, 2024

tags | headline, hacker, flaw
Google Reveals 0-Day Exploits In Enterprise Tech Surged 64% Last Year
Posted Mar 27, 2024

tags | headline, flaw, google, zero day
Ray AI Framework Vulnerability Exploited To Hack Hundreds Of Clusters
Posted Mar 27, 2024

tags | headline, hacker, flaw
Justice Dept Indicts 7 Accused In 14 Year Long Hack Campaign By Chinese Government
Posted Mar 26, 2024

tags | headline, hacker, government, usa, china, cyberwar, spyware, backdoor
Ransomware Can Mean Life Or Death At Hospital, But DEF CON Hackers Have A Plan
Posted Mar 26, 2024

tags | headline, hacker, malware, conference, cryptography
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close