exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 67 of 67 RSS Feed

Files

multi-DoS.pl
Posted Dec 6, 1999
Authored by slackee | Site rewted.org

Multi-Dos is a perl script which exploits recent DoS overflows in about 14 different windows based servers.

tags | exploit, denial of service, overflow, perl
systems | windows
SHA-256 | a65037de1510ccc5626b3a9322e4061a818bffbb2f6cf59e1ba5aef2bfd14477
pak-DoS.pl
Posted Dec 6, 1999
Authored by slackee | Site rewted.org

Perl script which exploits the remote DoS vulnerabilities in PakMail v1.25.

tags | exploit, remote, denial of service, perl, vulnerability
SHA-256 | d5ec97d5eb66bdf12849693d9d7f4da2ca0fc3a2e83ef999d90b969b514a278c
rpc.autofsd-bsd.c
Posted Dec 6, 1999
Authored by Guidob | Site synnergy.net

rpc.autofsd remote root exploit for BSD. Attempts to put a root shell on tcp port 530.

tags | exploit, remote, shell, root, tcp
systems | bsd
SHA-256 | e490c2f957124325787c9c8f4f673ad539a7d8f7ebe5f0c7a051a9e4fc192557
pakmail.txt
Posted Dec 6, 1999
Authored by slackee | Site rewted.org

The PakMail v1.25 mail server for Windows95, 98, and NT contains remote DoS vulnerabilities for the SMTP and POP3 servers. Exploit example included.

tags | exploit, remote, vulnerability
SHA-256 | 977f2a2808caed8f81f0b3c711b216873b8d13384d701586e96d0cf60c908eed
unixware.pkg.exploits.txt
Posted Dec 6, 1999
Authored by Brock Tellier

Most of UnixWare's pkg commands can be exploited to print /etc/shadow, leading to a probable root compromise. Tested on Unixware 7.1. Contains exploits for pkgtrans, pkginfo, pkginstall, pkgcat, and pkgparam.

tags | exploit, root
systems | unixware
SHA-256 | 0bda77b4bfd4fb0d530fdbb0f125b2437e75b360b862295fcd5fbc49d7944cba
netscape.msredir.txt
Posted Dec 6, 1999
Authored by Georgi Guninski

Netscape under Windows 95 and NT 4.0 (suppose Win98 is vulnerable) allows reading local text and HTML files and files from any domain (probably reading files of other types of files is possible). Window spoofing is possible. It is also possible in some cases to read files behind fiewall. This vulnerability may be exploited using HTML email message or a newsgroup posting. Exploit code included. Demonstration here.

tags | exploit, local, spoof
systems | windows
SHA-256 | 0a3d13522f593106bbaa7d375f521ad98569d9818af2bc967ab41e16e25de2b6
unixware.pkg.txt
Posted Dec 6, 1999
Authored by Brock Tellier

The majority of the UnixWare "pkg" command, such as pkginfo, pkgcat, pkgparam, etc, are vulnerable to a bug which will allow any user to read any file on the system as a result of their additional "dacread" permission in the privs file.

tags | exploit
systems | unixware
SHA-256 | eed02a6b7a86a7d3af4ec8b75523b340d16c847a4c9f0c75df048402aa31a77e
unixware7.mail.txt
Posted Dec 6, 1999
Authored by Brock Tellier

/var/mail is mode 777 on unixware. As such, any user may create a file called /var/mail/ with a mode readable by him and trap all incoming mail. Afraid of getting caught? chown the file to (see my advisory on this subject), leaving it still world-readable.

tags | exploit
systems | unixware
SHA-256 | 46ae8ff88d8e772a92c9ba19350af2ed03967745531fb28c4fa5017049596f5c
unixware.auto.txt
Posted Dec 4, 1999
Authored by Brock Tellier

Although UnixWare's /usr/X/bin/xauto is NOT suid/sgid, we can still overflow a buffer within it and gain root privileges. Exploit included.

tags | exploit, overflow, root
systems | unixware
SHA-256 | 1c1b11b96493a0a6c636a63b841987b7379e3ca31f6adcf1fb5f261a46c6bd93
unixware.chown.txt
Posted Dec 4, 1999
Authored by Brock Tellier

Unixware allows regular users to use chown to give files away to other users. Tested on Unixware 7.1.

tags | exploit
systems | unixware
SHA-256 | 6a4b1a07cc91d4a9530defc0981f88a0f28de02c2709b9e4a672624b2b3113a4
ibm.websphere.txt
Posted Dec 2, 1999
Authored by Martin Peter

On solaris (maybe also AIX) the installation of WebSphere from IBM installs a deinstallation shell script in /usr/bin with mode 777. This gets run by root.

tags | exploit, shell, root
systems | solaris, aix
SHA-256 | ab14cab6e5574ea1cbe2c6ebaa65c3d72eab077850d8673140f0b2245ad67470
slackware7.login.txt
Posted Dec 2, 1999
Authored by Stewart Gebbie

This is regarding a logic but in the shadow suite that enables a brute force attack for finding and cracking login in accounts via telnet (and possibly some other nasty side affects). If the account is locked or does not exist, the telnet connection will drop immediately.

tags | exploit
SHA-256 | 361d517df27985b876da419da8f31aae37d0bb58446e06867cc90115923155ff
nt.ie5.scheduler.txt
Posted Dec 2, 1999
Authored by Arne Vidstrom, Svante Sennmark

A vulnerability has been found that the installation of Internet Explorer 5 introduces in Windows NT through the Task Scheduler service. This vulnerability makes it possible for a User to become a member of the Administrators group if he/she can do an interactive logon. The Task Scheduler service is an "improved" version of the usual Schedule service - they are not the same thing. The Schedule service is replaced by the Task Scheduler when Internet Explorer 5 is installed on Windows NT. Microsoft security bulletin 51 addresses this issue and is available here.

tags | exploit
systems | windows
SHA-256 | e586b63470a7536dfa7b26cc02b77cf27aea8efa4fc13b852d5f0a78a50e98c8
unixware7.gethostbyname.txt
Posted Dec 2, 1999
Authored by Brock Tellier

A serious bug exists in UnixWare 7.1's libc. A buffer overflow in gethostbyname() will allow any user to obtain elevated privileges. My demonstration exploit happened to be "arp", but any program calling this function will do.

tags | exploit, overflow
systems | unixware
SHA-256 | 33ff95b3f628171302cc481f7d84bd468b39f1cbee5eefe342b2237ec3c91cdd
unixware7.uidadmin.txt
Posted Dec 2, 1999
Authored by Brock Tellier

SCO UnixWare 7.1's sgid-sys /usr/bin/uidadmin will allow any user to gain root privileges as a result of it's ability to write *ANY* file, not just those traditionally writable by gid-sys. Exploit for 7.1 included, 7.0 is vulnerable as well.

tags | exploit, root
systems | unixware
SHA-256 | e3601c95a78b23bc230de20b8d8323da8152ce4edc6999c9572c383340376a25
serv-u.2.5.txt
Posted Dec 2, 1999
Authored by Dark Spyrit, USSR

There is a Local/Remote DoS Attack in Serv-U FTP-Server v2.5a. Source / Binary available here.

tags | exploit, remote, local
SHA-256 | d83888fc7f71eee75b5beae3a3c7641437bf142bd15113b4fdd74e42c083547c
ie50.frame-spoofing.txt
Posted Dec 2, 1999
Authored by Georgi Guninski

Internet Explorer 5.0 under Windows 95 (guess other versions are affected) with its default security settings allows frame spoofing. The problem is setting the location of a frame to an arbitrary URL without updating the address bar. This vulnerability allows misleading the user he is browsing a trusted site, while in fact he may be browsing a hostile site which might be stealing information. Exploit code included. Demonstration here.

tags | exploit, arbitrary, spoof
systems | windows
SHA-256 | 09497b7b50c16e58218c28a33279ed5882e86027db0bc70e9c6a2f753e1b716c
Page 3 of 3
Back123Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close