what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files from Gobbles Security

First Active2001-12-26
Last Active2002-08-10
GOBBLES-own-ipppd.c
Posted Aug 10, 2002
Authored by gobbles, Gobbles Security | Site bugtraq.org

Gobbles exploit for ipppd which is part of the isdn4linux-utils package and is part of the default install of many linux distributions. Under Suse 8.0, ipppd is installed suid root but can only be run by users in the group "dialout". The exploit works on a syslog(3) format string problem: syslog(LOG_NOTICE,devstr). This code is normally only reached with a valid device string but if you feed ipppd a devicename that is >= 256 bytes it will merrily proceed to log this string using the faulty syslog(3) call. Subsequently handing over root access to the machine.

tags | exploit, root
systems | linux, suse
SHA-256 | e290a9d199b6083a44c4fb80139472fd60f466a8f4698bdd4662f2cdc26abbfd
xwall.s
Posted Jul 8, 2002
Authored by Gobbles Security | Site bugtraq.org

Remote root exploit for Solaris Sparc 6-8 rpc.walld.

tags | exploit, remote, root
systems | solaris
SHA-256 | c1e410fe5ab1b188ba6d26dea7078a80e8c12c1aca5f21472f6d5a56a4dc4455
sshutup-theo.tar.gz
Posted Jul 3, 2002
Authored by Gobbles Security | Site immunitysec.com

OpenSSH v2.9.9 to 3.1 remote root exploit for the default install of Openbsd 3.x. This tarball is a set of patches for the OpenSSH v3.4p1 client. Takes advantage of a bug in the challenge response handling code.

tags | exploit, remote, root
systems | openbsd
SHA-256 | 66673a2f309473738a39e0894fd315b3d7a3c3f6aaca9c1e1906fe2119ebf511
apache-nosejob.zip
Posted Jun 23, 2002
Authored by Gobbles Security

Third party Cygwin port of apache-nosejob.c, an Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched.

tags | exploit, remote
systems | netbsd, freebsd, openbsd
SHA-256 | 38a805dabdb402fd99b38a4ad893f01de6fd824eddaac965f0bc839fa1b5bbc0
apache-nosejob.c
Posted Jun 23, 2002
Authored by Gobbles Security | Site bugtraq.org

Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched.

tags | exploit, remote
systems | netbsd, freebsd, openbsd
SHA-256 | 5a75ae577a5a12c9bb55acb0331e7d91c88802723564bd02fc6f7ab9ad874070
apache-scalp.c
Posted Jun 20, 2002
Authored by Gobbles Security | Site bugtraq.org

Openbsd/x86 Apache remote exploit for the chunking vulnerability. Spawns a shell. Tested on OpenBSD 3.0 and 3.1 running Apache v1.3.20, 1.3.22, 1.3.23, and 1.3.24. Brute force mode can exploit other versions without targets, including some OpenBSD 2.8 versions.

tags | exploit, remote, shell, x86
systems | openbsd
SHA-256 | 27015d30e73adc35e03cd319117cbd02bd4650cb0af6169cf8ce03433990dc20
ircit-3.1.txt
Posted Jun 13, 2002
Authored by Gobbles Security | Site bugtraq.org

Gobbles Security Advisory - IrcIT v3.1 and below contains remotely exploitable buffer overflows.

tags | overflow
SHA-256 | 97ee352d2d7fd9fa4acd8cc8a695704a73bac3426eeff5e2abf032545734f145
talkd.format.txt
Posted May 22, 2002
Authored by Gobbles Security

A format string vulnerability exists in most talkd implementations. Talkd included with older linux netkits (like 0.9) and KDE 1-3 is vulnerable.

systems | linux
SHA-256 | 67132c71bf40f1f14f838751c0a29f131e04091274bdab696790d6a9c56fb48a
screen-stuff.tgz
Posted Apr 25, 2002
Authored by Gobbles Security

Screen v3.9.11 local root linux/x86 exploit for braille module bug.

tags | exploit, x86, local, root
systems | linux
SHA-256 | 90a3c9a09aff132ce76e2ff92bcfae748992637421e40057034ec7da4b1f6c8f
adstreamer.txt
Posted Dec 26, 2001
Authored by Gobbles Security | Site bugtraq.org

AdStreamer is a cgi package with several remote vulnerabilities, one of which allows remote command execution. Buggy open calls were found in addbanner.cgi, banner.cgi, bannereditor.cgi, and report2.cgi.

tags | exploit, remote, cgi, vulnerability
SHA-256 | b45aa093198822646a56eced2418259c61c1cd33a6793264a56045e50d87c79a
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close