A vulnerability exists in the /usr/lib/merge/dos7utils program (suid root by default) which allows any user to execute any command as root. The dos7utils program gets its localeset.sh exec path from the environment variable STATICMERGE. When setting this to a directory writable by us and setting the -f switch, we can have dos7utils run anything we like.
523e17bd4c242e330451f3ece72c0bf4c05ae388526ac066671686623e39f2d4The nfs daemon (nfsd.exe) used by Omni-NFS/X will jump to 100% cpu usage if you scan it using nmap with ether the -O (OS detect ) or the -sS ( TCP SYN (half open)).
f571fadeb86f687031222c0868e94f400ac5c983834a352a42a5f98a3f441bedvetescan, a bulk vulnerability scanner. Includes, according to the documentation: WINSCAN (scans win/nt systems for latest trojans/remote exploits), VETE (single vuln/host scanner), VETES (single vuln/host w/o host checking), VETEMASS (mass vuln/host scanner), CMSD mass (a b c scanner and getter), AMD (mass a b c scanner and getter), MOUNTD (mass a b c scanners/getter), many exploits, Fixes, and utils included. vscan.tcl wscan.tcl nmap.tcl. Changes in this version: Everything goes a lot faster and is more accurate, scans for rpmmail vuln, fixed the OS detection, removed nlockmgr scan as the exploit was a hoax, added vscan.tcl wscan.tcl and nmap.tcl (just pico nmap.tcl change the paths and load nmap.tcl in your egg.config).
927a18ff5e44862790c3abc7db00d12c67ec273fa17eef2a8e0db009d6f1b34cvetetcl: TCL version of vetescan, for use with eggdrop.
7978e321996e5ad9137f11deb4fcc218f68ec5e26286ccd766b28c3a382a53c7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed