exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files from Gobbles Security

First Active2001-12-26
Last Active2002-08-10
GOBBLES-own-ipppd.c
Posted Aug 10, 2002
Authored by gobbles, Gobbles Security | Site bugtraq.org

Gobbles exploit for ipppd which is part of the isdn4linux-utils package and is part of the default install of many linux distributions. Under Suse 8.0, ipppd is installed suid root but can only be run by users in the group "dialout". The exploit works on a syslog(3) format string problem: syslog(LOG_NOTICE,devstr). This code is normally only reached with a valid device string but if you feed ipppd a devicename that is >= 256 bytes it will merrily proceed to log this string using the faulty syslog(3) call. Subsequently handing over root access to the machine.

tags | exploit, root
systems | linux, suse
SHA-256 | e290a9d199b6083a44c4fb80139472fd60f466a8f4698bdd4662f2cdc26abbfd
xwall.s
Posted Jul 8, 2002
Authored by Gobbles Security | Site bugtraq.org

Remote root exploit for Solaris Sparc 6-8 rpc.walld.

tags | exploit, remote, root
systems | solaris
SHA-256 | c1e410fe5ab1b188ba6d26dea7078a80e8c12c1aca5f21472f6d5a56a4dc4455
sshutup-theo.tar.gz
Posted Jul 3, 2002
Authored by Gobbles Security | Site immunitysec.com

OpenSSH v2.9.9 to 3.1 remote root exploit for the default install of Openbsd 3.x. This tarball is a set of patches for the OpenSSH v3.4p1 client. Takes advantage of a bug in the challenge response handling code.

tags | exploit, remote, root
systems | openbsd
SHA-256 | 66673a2f309473738a39e0894fd315b3d7a3c3f6aaca9c1e1906fe2119ebf511
apache-nosejob.zip
Posted Jun 23, 2002
Authored by Gobbles Security

Third party Cygwin port of apache-nosejob.c, an Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched.

tags | exploit, remote
systems | netbsd, freebsd, openbsd
SHA-256 | 38a805dabdb402fd99b38a4ad893f01de6fd824eddaac965f0bc839fa1b5bbc0
apache-nosejob.c
Posted Jun 23, 2002
Authored by Gobbles Security | Site bugtraq.org

Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched.

tags | exploit, remote
systems | netbsd, freebsd, openbsd
SHA-256 | 5a75ae577a5a12c9bb55acb0331e7d91c88802723564bd02fc6f7ab9ad874070
apache-scalp.c
Posted Jun 20, 2002
Authored by Gobbles Security | Site bugtraq.org

Openbsd/x86 Apache remote exploit for the chunking vulnerability. Spawns a shell. Tested on OpenBSD 3.0 and 3.1 running Apache v1.3.20, 1.3.22, 1.3.23, and 1.3.24. Brute force mode can exploit other versions without targets, including some OpenBSD 2.8 versions.

tags | exploit, remote, shell, x86
systems | openbsd
SHA-256 | 27015d30e73adc35e03cd319117cbd02bd4650cb0af6169cf8ce03433990dc20
ircit-3.1.txt
Posted Jun 13, 2002
Authored by Gobbles Security | Site bugtraq.org

Gobbles Security Advisory - IrcIT v3.1 and below contains remotely exploitable buffer overflows.

tags | overflow
SHA-256 | 97ee352d2d7fd9fa4acd8cc8a695704a73bac3426eeff5e2abf032545734f145
talkd.format.txt
Posted May 22, 2002
Authored by Gobbles Security

A format string vulnerability exists in most talkd implementations. Talkd included with older linux netkits (like 0.9) and KDE 1-3 is vulnerable.

systems | linux
SHA-256 | 67132c71bf40f1f14f838751c0a29f131e04091274bdab696790d6a9c56fb48a
screen-stuff.tgz
Posted Apr 25, 2002
Authored by Gobbles Security

Screen v3.9.11 local root linux/x86 exploit for braille module bug.

tags | exploit, x86, local, root
systems | linux
SHA-256 | 90a3c9a09aff132ce76e2ff92bcfae748992637421e40057034ec7da4b1f6c8f
adstreamer.txt
Posted Dec 26, 2001
Authored by Gobbles Security | Site bugtraq.org

AdStreamer is a cgi package with several remote vulnerabilities, one of which allows remote command execution. Buggy open calls were found in addbanner.cgi, banner.cgi, bannereditor.cgi, and report2.cgi.

tags | exploit, remote, cgi, vulnerability
SHA-256 | b45aa093198822646a56eced2418259c61c1cd33a6793264a56045e50d87c79a
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close