Exploit the possiblities
Showing 1 - 6 of 6 RSS Feed

Files

def-2001-30.txt
Posted Oct 25, 2001
Authored by Defcom Labs | Site defcom.com

Defcom Labs Advisory def-2001-30 - Release 2.0.0.1.0 and below of Oracle9iAS Web Cache contains buffer overflow allowing remote code execution or denial of service. Four tcp ports are affected - 1100, 4000, 4001, and 4002.

tags | remote, web, denial of service, overflow, tcp, code execution
MD5 | 18e7a790a063759516d550cd3aaa50cb
defcom.cyberscheduler.txt
Posted Apr 19, 2001
Authored by Enrique A. Sanchez Montellano | Site defcom.com

Defcom Labs Advisory def-2001-18 - Cyberscheduler for Linux, Windows, and Solaris lacks bounds checking on the timezone variable, allowing remote root compromise. Patch available here. Includes proof of concept exploit x-cybershcehd.c and a shell script to brute force the offset. Vulnerable systems include Mandrake, RedHat, Slackware, Caldera, Suse, Debian, Windows NT, 2000 (IIS 4.0 and 5.0), and Solaris 2.5, 2.6, 7, and 8.

tags | remote, shell, root, proof of concept
systems | linux, redhat, windows, nt, solaris, suse, slackware, debian, mandrake
MD5 | 5254eb4ea3dff1b9ea37088cde68f2e3
defcom.innfeed.txt
Posted Apr 19, 2001
Authored by Alex Hernandez, Enrique A. Sanchez Montellano | Site defcom.com

Defcom Labs Advisory def-2001-19 - Innfeed has local stack overflow vulnerabilities in the logOrPrint() function which can be exploited to give uid=news. Tested on Slackware 7.1, Mandrake 7.0, and RedHat 7.2. Includes a patch, proof of concept exploit x-startinnfeed.c, and a shell script to brute force the offset.

tags | overflow, shell, local, vulnerability, proof of concept
systems | linux, redhat, slackware, mandrake
MD5 | 2eaa69329d2485b2cb87080a96b37137
defcom.bea-weblogic.txt
Posted Dec 22, 2000
Authored by Defcom Labs | Site defcom.com

Defcom Labs Advisory def-2000-04 - Bea WebLogic Server for Windows NT prior to V5.1.0 (sp7) has a remotely exploitable buffer overflow in the handling of URL's which start with two dots. Arbitrary code can be executed as LocalSystem. Fix available here.

tags | overflow, arbitrary
systems | windows, nt
MD5 | 072e09acb4bddddac2dbf12224b823ba
defcom.mdaemon.txt
Posted Dec 22, 2000
Authored by Defcom Labs | Site defcom.com

Defcom Labs Advisory def-2000-03 - MDaemon 3.5.0 for Windows NT and 2000 contains a remote denial of service vulnerability due to some problems handling buffers within the IMAP and webconfig services.

tags | remote, denial of service, imap
systems | windows, nt
MD5 | a26fc859cc07ddc92b80700d8640b113
defcom.catalyst.txt
Posted Nov 16, 2000
Authored by Defcom Labs | Site defcom.com

Defcom Labs Advisory def-2000-02 - The Cisco Catalyst 2900XL and 3500XL series switches web configuration interface lets any user execute any command on the system without supplying any authentication credentials if no enable password is set.

tags | web
systems | cisco
MD5 | a9345e789f8598a0e4ea92d9333c8082
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Voting Box Makers Try To Get Gear Stripped From eBay And Out Of Hackers' Hands
Posted Jan 23, 2018

tags | headline, hacker, government, usa, fraud, flaw, conference
Kim Dotcom Sues New Zealand Government For Damages
Posted Jan 22, 2018

tags | headline, government, fraud, mpaa, new zealand
Hacker Jailed For DDoS Attacks Against Skype And Google
Posted Jan 22, 2018

tags | headline, hacker, microsoft, denial of service, google
Smut Site Fingered As Source Of A Million US Net Neutrality Comments
Posted Jan 22, 2018

tags | headline, government, usa, fraud
Twitter Begins Emailing The 677,775 Americans Who Took The Russian Election Bait
Posted Jan 22, 2018

tags | headline, government, usa, russia, fraud, cyberwar, twitter
Zyklon Password Stealer Exploits Microsoft Vulnerabilities
Posted Jan 20, 2018

tags | headline, malware, microsoft, flaw, password
EFF, Look Out Uncover Dark Caracal Spy Group
Posted Jan 20, 2018

tags | headline, privacy, spyware
OnePlus Confirms Hack Exposed Credit Cards Of Phone Buyers
Posted Jan 20, 2018

tags | headline, hacker, privacy, phone, data loss
Congress Demanded NSA Spying Reform. Instead, They Let You Down
Posted Jan 20, 2018

tags | headline, government, privacy, usa, fraud, spyware, nsa
Lebanese Government Hackers Hit Thousands Of Victims With Incredibly Simple Campaign
Posted Jan 19, 2018

tags | headline, government, malware, fraud, cyberwar, phish
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close