Rather dangerous bug is present in output processing after "command substitution" in bash 1.xx. It seems to be NOT present in bash 2.0.x.
5c8907ed9a89b1176ae7bdba5929b1581c4486d8dc5359db4efc86351c1b7210Remote exploit for squid-2.2-STABLE5 or below.
812fce62394bc0e251588aa9af7d50731d9621e19a0263b63dceba4d3492ccb0We found the overflow bug of Skyfull Mail Server 1.1.4. It overflows when that receives the long MAIL FROM: in SMTP handling.If the host recives the packet which contains the exploit code, the host has been cracked by any instructions which are coded in the exploit code. This example sends the exploit code that executes any command on the host which is running the Skyfull Mail Server 1.1.4. This exploit is coded for Windows98, but if you change some parameters written in the sample exploit program, it will may works on Windows95 and WindowsNT.
7b7022754837ef1e8ca7d71ecc76392c26517feaabdc614ac4155671941716faWe found the overflow bug of ZOM-MAIL 1.09. It overflows when that receives the long attachment file name. If ZOM-MAIL 1.09 recives the e-mail which contains the exploit code, the host has been cracked by any instructions which are coded in the exploit code. This program can send the e-mail to any e-mail address, which is contained an exploit code that removes a "c:\windows\test.txt" file on the host. This exploit is coded for Windows98, but if you change some parameters written in the sample exploit program, it will may works on Windows95 and WindowsNT.
07c753c59049fe7d66801fff3603cda1c34eb8c92c4971daaff04990e6c69ffaMidi-Plugin program "YAMAHA MidiPlug 1.10b" for Windows IE4/5 contains the buffer overflow bug. If the long "TEXT" variable is specified in EMBED tag, the buffer overflow occurs. If attacker sets the exploit on the webpage, visitor's host will be cracked by the any instructions written in the "TEXT" variable. here is a demo site which is generated by this exploit as demonstration. if this plugin is installed and the setting of ActiveX is default, "c:\windows\welcome.exe" will be executed(it's for Japanese Windows98 only).
a6cf3ee027eb2c8f278d2963fcdd2e0a73c63b1b3c2ff8487db82c7b3155e54cMSADC/RDS exploit script version 2.
a24edf16f5e5055b6474324b0bffe2534dbf1db3fd73eb604a0b5591fb1a750dExpressFS 2.x FTP Server and earlier are vulnerable to a remotely exploitable buffer overflow. This can result in a denial of service and at worst in arbitrary code being executed on the system. Tested in: Windows 98 / Windows NT.
ef670aff4721b61d33e9150439e69a075c8af72c662fd95f14923b787b313ee2CMail SMTP server version 2.4 has a remotely exploitable buffer overflow (long MAIL FROM:). This vulnerability may allow an attacker to execute arbitrary code on the target server.
e1cf9337c528bd59df7240024a25e3863f80758db15fd18bebe6c4423d289677The Amanda backup package has a several vulnerabilities which will allow any user to gain root privs. Includes exploit for FreeBSD. Other OS's that are probably vulnerable include RedHat ?.?, TurboLinux, PowerTools CD, and SuSE 6.2.
cd4b43d16583bbc925d634ec7e84deded1e5b3df2fcd67705805e29ebc0e2505Avirt mail server 3.3a remote exploit and 3.5 DoS. Win98 executable.
35081ed3ec7bf1a53dd6cec458c72d9dad3496f1f9a9e460fcccd4cfe18d0d6bWe found a remotely exploitable buffer overflow in the Avirt Mail Server 3.3a and a D.o.S in the version 3.5, that may allow an attacker to execute arbitrary code on the target server. Binary or source code for a 3.3a win98 remote exploit and a 3.5 DoS here.
51ca3fb5e60c5f9ee67bda26396df3358278daa98391e954cd3995be4dcd084dWindows NT remote denial of service and compromise (RFPoison). When sent a specific packet, it's possible to get srvsvc.dll to choke, and cause services.exe to reference a bad memory location. The impact is pretty severe. Services.exe handles named pipes for the system. Once this crashes, everything named-pipe-based goes with it. Combined with the AEDebug vulnerability, remote compromise is possible.
30fdab853650e808fbeaf377b9dc6694e8c922c4a560d2c7c3d2c1b33d0ec56a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed