all things security
Showing 1 - 25 of 87 RSS Feed

Files

oracle8.exploit.txt
Posted Nov 22, 2001
Authored by Brock Tellier

A vulnerability exists in Oracle 8.1.5 for UN*X which may allow any user to obtain root privileges. Local root exploit shell script included.

tags | exploit, shell, local, root
MD5 | ad79f85a2f2462a71ce9a19c67e37d8e
RFPoison.exe
Posted Jan 24, 2000
Authored by rain forest puppy | Site wiretrip.net

Exploit for the new NT remote DOS and possible compromise. NT 4.0 server and workstation are vulnerable, even with SP level 1, 3, 5, or 6.

Changes: AVP no loger thinks this is a trojan, and it no longer reboots the machine it is running on.
tags | exploit, remote
MD5 | 0f740d5d2650f45cced8bb795dd24f8a
9911-exploits.tgz
Posted Dec 2, 1999
Authored by Todd J.

New exploits for November, 1999.

tags | exploit
MD5 | f629b0050c7ae079ed43a145aecd95d9
qpop-sk8.c
Posted Dec 2, 1999
Authored by sk8 | Site lucid-solutions.com

Qpopper 3.0b remote root exploit, tested on tested on BSDI 3.0/4.0.1, FreeBSD 2.2.8/3.3, and Linux.

tags | exploit, remote, root
systems | linux, freebsd
MD5 | d28963af593f0c187463198b444dc788
freebsd.seyon.txt
Posted Dec 2, 1999
Authored by Brock Tellier

Seyon, shipped with FreeBSD 3.3-RELEASE has several vulnerabilities. The problem is that seyon is still installed setgid dialer in FreeBSD, allowing a local user can grant himself priviliges which allow access to anything that requires group dialer, including modem devices.

tags | exploit, local, vulnerability
systems | freebsd
MD5 | 2f54629d95bd09a9dc0ca3cd68313e0f
solaris.chkperm+arp.txt
Posted Dec 2, 1999
Authored by Brock Tellier

/usr/vmsys/bin/chkperm and /usr/sbin/arp can be used to read bin-owned files. Tested on Solaris 2.6 and 2.7, sparc edition.

tags | exploit
systems | solaris
MD5 | daed3118565a7d11ce2f59ecc2d44bbf
q3smash.c
Posted Dec 2, 1999
Authored by Mixter

Qpopper 3.0b remote exploit for x86 Linux (tested on RedHat/2.0.38). Exploits pop_msg buffer overflow to spawn a remote root shell. Vulnerability exists on all platforms running Qpopper 3.0 through version 3.0b20.

tags | exploit, remote, overflow, shell, x86, root
systems | linux, redhat
MD5 | 03fcbaed1b873b876e1ce3c55727f9a2
xmindx.c
Posted Dec 1, 1999
Authored by Brock Tellier

The version of xmindpath shipped with FreeBSD 3.3 has a local buffer overflow. Exploit gives euid uucp.

tags | exploit, overflow, local
systems | freebsd
MD5 | e51b20f4ca162513b78b2e6e12b4366b
angband.c
Posted Dec 1, 1999
Authored by Brock Tellier

The version angband shipped with FreeBSD 3.3-RELEASE has a buffer overflow vulnerability. Exploit yields egid of group games.

tags | exploit, overflow
systems | freebsd
MD5 | b05fb48bc757f81e3d7d52d6e652c49d
delegate.c
Posted Dec 1, 1999
Authored by Dethy | Site synnergy.net

Delegate 5.9.0 remote exploit for FreeBSD 3.2.

tags | exploit, remote
systems | freebsd
MD5 | f40ac4536d9619d5c6fe23a432e81056
gdcx.c
Posted Dec 1, 1999
Authored by Brock Tellier

gdc exploit for gated-3.5.11 included on Freebsd-3.3 instalation CD yields euid=0(root). By default, only group wheel (or whatever your trusted gated group is) and root can run gdc.

tags | exploit, root
systems | freebsd
MD5 | d5e738cbc14458536092a4ecbf038004
netscape.4.x.java.txt
Posted Dec 1, 1999
Authored by Ahmed Ghandour

Netscape Communicator 4.x will allow javascript code in one netscape window to read data from another browser window, even if the two windows are pointed at different domains. Demonstration here.

tags | exploit, javascript
systems | windows
MD5 | fe188024ed8a0fd99a1daec34180a06c
oracle.web.listener.txt
Posted Dec 1, 1999
Authored by Mnemonix | Site infowar.co.uk

There is a vulnerability in Oracle Web Listener where a resource can be accessed when is shouldn't be able to be accessed.

tags | exploit, web
MD5 | 912d8d571296183ce54946db98af4bdc
smailx.sh
Posted Nov 30, 1999
Authored by Ben-z

remote root exploit for Smail-3.2 (rpmmail). A vulnerability exists in the rpmmail package distributed on the Red Hat 6.0 Extra Applications CD. The potential compromise for this bug could be remote or local root or simply remote command execution as "nobody" or similar, depending on your system configuration.

tags | exploit, remote, local, root
systems | linux, redhat
MD5 | 5b8f7adbe5154a3dfa2b60abdfdc829d
mailgear-1.0.txt
Posted Nov 29, 1999
Authored by Underground Security Systems Research

Symantec Mail-Gear 1.0 Web interface Server Directory Traversal Vulnerability. Example included.

tags | exploit, web
MD5 | eb91520100b44195cf2c486b42fae145
unixware.su.txt
Posted Nov 26, 1999
Authored by Shane A. Macaulay

The su command on SCO's UnixWare 7 has improper bounds checking on the username passed (via argv[1]), which can cause a buffer overflow when a lengthy username is passed.

tags | exploit, overflow
systems | unixware
MD5 | 7d654f8aa7afbbaa6837abbc7b25cf08
unixware.Xsco.txt
Posted Nov 26, 1999
Authored by Shane A. Macaulay

[w00giving '99 #6]: UnixWare 7's Xsco. Due to improper bounds checking, an overflow occurs when a lengthy argument (argv[1]) is passed. Because Xsco runs with superuser privileges, this can be exploited for elevated privileges.

tags | exploit, overflow
systems | unixware
MD5 | ee32bbd26c4442e9c04c96fc12fdbd60
unixware.xlock.txt
Posted Nov 26, 1999

[w00giving '99 #7]: UnixWare 7's xlock. The xlock command on SCO's UnixWare 7 has improper bounds checking on the username passed (via argv[1]), which can cause a buffer overflow when a lengthy username is passed. Exploit by K2

tags | exploit, overflow
systems | unixware
MD5 | cf50b9d6d44f9e3d0cea1fc39c18cec9
cabletron.ssr.dos.txt
Posted Nov 25, 1999
Site bindview.com

Bindview Security Advisory: Denial of Service Vulnerability in Cabletron's SmartSwitch Router (SSR). Remote users can flood the ARP table and stop the processing of packets.

tags | exploit, remote, denial of service
MD5 | 072c470a7177a9f055cb67eba1a91abd
bisonware.ftp.3.5.txt
Posted Nov 25, 1999
Authored by Underground Security Systems Research

UssrLabs found a Local/Remote DoS Attack in BisonWare FTP Server V3.5. The buffer overflow is caused by a long user name, 2000 characters. Source / Binary for DoS attack here.

tags | exploit, remote, overflow, local
MD5 | 8e7b88c4be31f6623cb5265d9376ee13
worldclient.2.0.0.0.dos.txt
Posted Nov 25, 1999
Authored by Underground Security Systems Research

UssrLabs found a buffer overflow in WorldClient Server v2.0.0.0 where they do not use proper bounds checking on WorldClient TCP Port 2000. Denial of service exploit available.

tags | exploit, denial of service, overflow, tcp
MD5 | e7cd861e30878a7551f4a0936bcc69a0
webboard-1199.html
Posted Nov 25, 1999
Authored by pho

O'Reilly's WebBoard software has some bugs with interesting possibilities. Vulnerabilities include unauthorized paging and arbitrary content insertion.

tags | exploit, arbitrary, vulnerability
MD5 | 57c214f414c3aa6b12f8e56bedb4ab97
oce9400.txt
Posted Nov 24, 1999
Authored by Larry W. Cashdollar

The Oce 9400 plotter can be used as a telnet proxy in its default configuration.

tags | exploit
MD5 | 2d6c33c066385626a16c508cefdc0c1d
mdaemon.2.8.5.0.txt
Posted Nov 24, 1999
Authored by Underground Security Systems Research

Multiple remote DoS vulnerabilities have been found in the MDaemon 2.8.5.0 server. Binary / Source for this MDaemon Server v2.8.5.0 Denial of Service here.

tags | exploit, remote, denial of service, vulnerability
MD5 | 6e5f9fa57f03d986e57c7fa7ec0f307d
netbeans.java.txt
Posted Nov 23, 1999
Authored by Halcyon Skinner

Sun Microsystems NetBeans (recently renamed to Forte') Java IDE includes an internal HTTP server to try Java code. When service is enabled for one machine, the HTTP server allows remote access to root and all subdirectories from any machine. Example included.

tags | exploit, java, remote, web, root
MD5 | 8f2240eb37f523f769dc94b0a1f1187f
Page 1 of 4
Back1234Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
Child Safety Smartwatches Easy To Hack, Watchdog Says
Posted Oct 18, 2017

tags | headline, privacy, flaw
Domino's Pizza Delivers User Details To Spammers
Posted Oct 18, 2017

tags | headline, privacy, email, spam, fraud
Microsoft Never Disclosed 2013 Hack Of Secret Vulnerability Database
Posted Oct 18, 2017

tags | headline, hacker, microsoft, data loss, flaw
Adobe Patches Zero-Day Used To Plant Gov't Spying Software
Posted Oct 17, 2017

tags | headline, hacker, government, usa, flaw, cyberwar, adobe, zero day, nsa
UK TV Drama About North Korea Hit By Hackers
Posted Oct 17, 2017

tags | headline, hacker, government, britain, cyberwar, korea
Russia Tweaks Telegram With Tiny Fine For Decryption Denial
Posted Oct 17, 2017

tags | headline, government, privacy, russia, cryptography
Never Mind The WPA2 Drama... Details Emerge Of TPM Key Fail
Posted Oct 17, 2017

tags | headline, wireless, flaw, cryptography
Millions Of High Security Crypto Keys Crippled By Newly Discovered Flaw
Posted Oct 16, 2017

tags | headline, flaw, cryptography
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close