exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 67 RSS Feed

Files

groupwise.web.txt
Posted Dec 20, 1999
Authored by Sacha Faust Bourque

Two remote issues were found with the Novell Groupwise web server. The help argument will reveal the full path of the server, and any .htm file on the system may be read with GWWEB.EXE.

tags | exploit, remote, web
SHA-256 | 6e8012dff3fa95418285c4ea3cae3829f2c00f863699c100e3f2cc66339f2aa3
nav2000.dos.txt
Posted Dec 18, 1999
Authored by Kyle

Remote DoS attack in Symantec's Email protection in NAV2000. The Protection program leaves a pop server running on the local workstation NAV2000 is installed on, which is vulnerable to a buffer overflow in a long user name.

tags | exploit, remote, overflow, local
SHA-256 | aaccfd8e405ec8b7ba562a2709ab7e65d5140e07269bdaa79017d2aff4dbcb5d
linux2038optionslength.c
Posted Dec 17, 1999
Authored by Andrea Arcangeli

A vulnerability in linux 2.0.X allows local users to crash the kernel. Exploits missing option length checks.

tags | exploit, kernel, local
systems | linux
SHA-256 | dd9f0fac7e12433fc0f3f39525e139a3db1e9cc38a3334c7305d23225438da86
bindview.syskey.txt
Posted Dec 17, 1999
Authored by Todd Sabin

BindView Security Advisory - Windows NT's SYSKEY feature. SYSKEY does not fully protect the SAM from off-line attacks. Specifically, dictionary and brute-force password cracking are still possible, even when SYSKEY is enabled and the attacker is not in possession of the SystemKey.

tags | exploit
systems | windows
SHA-256 | ed21462fc63b5f9e8702adc0dc85afa7134cb844786d5211b01a9c25a543ad2d
hhopen.txt
Posted Dec 16, 1999
Authored by DaCure

Vulnerability in HHOPEN.OCX that allows the execution of arbitrary code with IE5. Includes test exploit for IE5 5.00.2614.3500 on Win98.

tags | exploit, arbitrary
systems | windows
SHA-256 | db5b19bdf3c0cd8a9d6cb02b3858e54238509ca2b03ec61c2ca6bcd18c23352e
ultraseek.remote.txt
Posted Dec 16, 1999
Authored by Underground Security Systems Research

Infoseek Ultraseek 3.1 for NT contains an exploitable remote buffer overflow. Versions 2.1 through 3.1 are confirmed vulnerable. Patch available here.

tags | exploit, remote, overflow
SHA-256 | 42d3dd3af506ffa70f60f249dee703eed3fb14029aca516d36676438db7fae7e
ssh-1.2.27-exploit.txt
Posted Dec 16, 1999
Authored by Alberto Solino

Exploit for SSH-1.2.27 compiled with RSAREF2. It was tested against sshd running on Linux (Redhat 6.0) and OpenBSD 2.6, from a Linux Redhat 6.0 box. The exploit is more or less "script-kid-proof" since if it doesnt work a bit of debugging, coding and probably crypto skills are needed to make it work. More information available here.

tags | exploit, cryptography
systems | linux, redhat, openbsd
SHA-256 | f5d81f91644fc5cbc5d955dffdf2e9e49303cd9490296a806aef8229ac7c24a0
xsoldier.c
Posted Dec 16, 1999
Authored by Brock Tellier

A vulnerability in FreeBSD 3.3's xsoldier will allow any user to gain root access. This user does not have to have a valid $DISPLAY to exploit this.

tags | exploit, root
systems | freebsd
SHA-256 | 411e25fa4d0f8f1546ae437eca6b7cd89ef9c9556cec361f9418db59086b8ed4
warftp.dos.txt
Posted Dec 14, 1999
Authored by Underground Security Systems Research

UssrLabs found a Local/Remote DoS Attack in War FTP Daemon 1.70 the buffer overflow is caused by a Multiple connections at the same time.

tags | exploit, remote, overflow, local
SHA-256 | 4fe5c91f900a82f28a23b3518e64d52b7b78204ea047b6da7a1533bda5ab17be
sadmindex-x86.c
Posted Dec 14, 1999
Authored by Cheez Whiz

sadmindex - i386 Solaris remote root exploit for /usr/sbin/sadmind. Tested and confirmed under Solaris 2.6 and 7.0.

tags | exploit, remote, root
systems | solaris
SHA-256 | 919febf8476775414985f61514eacb43aa1821422016026451ad20f16fb62911
sadmindex-sparc-2.c
Posted Dec 14, 1999
Authored by Cheez Whiz

sadmindex - SPARC Solaris remote root exploit for /usr/sbin/sadmind. Tested and confirmed under Solaris 2.6 and 7.0.

tags | exploit, remote, root
systems | solaris
SHA-256 | 196eda0c3347ef56a67b27125b8b617bf684f8578d287869f81b8fc38d268331
sadmind.txt
Posted Dec 14, 1999

Certain versions of Solaris ship with a version of sadmind which is vulnerable to a remotely exploitable buffer overflow attack. Advisory by Alfred Huger

tags | exploit, overflow
systems | solaris
SHA-256 | b67b24a58f09ccb33c44515104ebe4f95d111c6a0fd71af7c651a4b4bf8ae19f
hhp-whois_adv0013.txt
Posted Dec 14, 1999
Authored by Loophole, hhp | Site hhp.perlx.com

Whois.CGI - ADVISORY (hhp) Hole in several known/unknown vulnerabilities in Whois CGI packages. Affected are Whois Internic Lookup version 1.0, CC Whois Version 1.0, and Matt's Whois Version 1. These versions allow execution of commands due to lack of shell escape character parsing.

tags | exploit, shell, cgi, vulnerability
SHA-256 | 2360cca9573c4bd4934cb2e44e71bf956a22efa26aedae17ea0768db32124048
unixware7.fundamental.txt
Posted Dec 10, 1999
Authored by Brock Tellier

A fundamental flaw in SCO UnixWare's security model will allow any user to gain root, read system files, etc. Any process that gets extra privledges from /etc/security/tcb/privs is vulnerable. Exploit included.

tags | exploit, root
systems | unixware
SHA-256 | e43f1d71568f42ead69639f27b46f790fcc45e7e0ab1b76a9ed368206e498a62
iis4.path.txt
Posted Dec 10, 1999
Site security.nnov.ru

IIS4 reveals full path name because it does not check for the existance of a local file before calling CGI.

tags | exploit, local, cgi
SHA-256 | 83151e7aab34f0807ad2152c87df75da00c744aeea468d27a95bca1c092ca040
solaris.snoop.c
Posted Dec 10, 1999
Authored by Shane A. Macaulay

[w00giving #8] Here's a new version of my snoop exploit, it seems that it will work on the new patched version of snoop aswell, and actually, the target host dose NOT have to be running with -v. Snoop is a program similar to tcpdump that allows one to watch network traffic. There is a buffer overflow in the snoop program that occurs when a domain name greater than 1024 bytes is logged, because it will overwrite a buffer in print_domain_name. This vulnerability allows remote access to the system with the privileges of the user who ran snoop (usually root, because it requires read privileges on special devices). Remote Solaris 2.7 x86 snoop exploit included.

tags | exploit, remote, overflow, x86, root
systems | solaris
SHA-256 | 99717fd62e6c6114deeea939793ba768fffa61af82db1312bc92a5d2d6438cf0
ex_vdolive.c
Posted Dec 10, 1999
Authored by Unyun | Site shadowpenguin.backsection.net

Remote exploit for VDO Live Player 3.02 for Windows95/98/NT. If VDO Live Player is installed on the system and the browser is configured default, .vdo file is downloaded and executed without confirmation. So, if the clients visit the webpage which is written the automatic download code of vdo file (such as META tag) that contains the attack code, the client machine will be cracked by the instructions which are written in vdo file.

tags | exploit, remote
SHA-256 | f15115d6af33eda19fe9ada84b2ba454b0f0ec8435fd4fa8e073faaf327c2680
ie.frameloop.txt
Posted Dec 9, 1999
Authored by Underground Security Systems Research

Microsoft Internet Explorer 4.x and 5.x - Frame Loop Vulnerability. By creating an endless loop of frames, it is possible to create a malicious webpage that when visited by an IE user all of their system resources are devoured and depending on the system its probable that the machine will crash and reboot itself. Exploit code included.

tags | exploit
SHA-256 | 24e2bf47adda735c3da3d4b2b7f11aae167e1d5a809fbef07252f7d4c711ce16
eLoL.txt
Posted Dec 8, 1999
Authored by Sixkiller

eLOL (electronic laugh out loud) is a windows daily joke program. It will listen to simple commands from anyone on a tcp port.

tags | exploit, tcp
systems | windows
SHA-256 | c5238b500873db434a696cebf1329b92d50199c70d662404dd6e9bece2587d7f
xsw.124.c
Posted Dec 8, 1999
Authored by Amanda Woodward

Xshipwars remote overflow - Xshipwars 1.24 and below are vulnerable.

tags | exploit, remote, overflow
SHA-256 | 570e24a8dbcd431683104d021788b7b6200baf92b06d7840b3ed5ec4190fb39b
ie5.vns.ms.radio.txt
Posted Dec 7, 1999
Authored by Jeremy Kothe

IE5 remote exploit - Evaluating "vnd.ms.radio:\\aaaaaaaaaaa...." causes an exploitable stack overrun in MSDXM.OCX. y providing an oversize (360 byte) URL using the vnd.ms.radio protocol, a malicious web site or e-mailer (or...) can cause arbitrary code to be executed on a client machine.

tags | exploit, remote, web, overflow, arbitrary, protocol
SHA-256 | dd2816d3ffe6c85607d9b93df9a0343ac9aaf0904875e3728263fe91333b13be
ftpd.dos.pl
Posted Dec 7, 1999
Authored by Darren Reed

Many ftp daemons are vulnerable to a DoS when muiltiple data connections are opened. Perl exploit included.

tags | exploit, perl
SHA-256 | 494698fc92b88b92340012fe5f75b91c533820b5dd2184d266290d4eecc25efb
dumpvmem.c
Posted Dec 7, 1999
Authored by Robert Horvick

Windows NT, SP4 and below, the logged in users password in plaintext is visable if logged in as administrator. Exploit program included.

tags | exploit
systems | windows
SHA-256 | ef393b1c31ee295c74d2bfb982a58283a0e01fb5d57528ad651e7b3a7835a665
wu25.c
Posted Dec 7, 1999
Authored by Mixter | Site members.tripod.com

Yet another wu-ftpd 2.5.0 exploit, which finds world writable directories automatically. Tested on Redhat5, Redhat6, and Debian linux.

tags | exploit
systems | linux, debian
SHA-256 | 070dcb17b0983c82941c323daaf00a487f9924adb8255f6edc18b6260baabac8
goodtech.telnet.dos.txt
Posted Dec 6, 1999
Authored by Underground Security Systems Research

UssrLabs found a Remote DoS Attack in GoodTech Telnet Server NT v2.2.1, the buffer overflow is caused by a long user name of 23870 characters.

tags | exploit, remote, overflow
SHA-256 | b4dcc58fec884a03dce61b82c3e2adf4c48d47d5a401906e01cde0d939a9be47
Page 2 of 3
Back123Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close