exploit the possibilities
Showing 1 - 24 of 24 RSS Feed

Files Date: 1999-12-31

Posted Dec 31, 1999
Authored by s0ftpj, FuSyS | Site s0ftpj.org

Spjy2ksniff.c Network sniffer to operate passive attacks and find weaknesses in the protection of the traffic on your LAN. It uses the pcap(3) library to access to datalink level. Newbie (limited) version.

MD5 | 19f75dc1b51019435852a74dc7a79cfa
Posted Dec 31, 1999
Authored by Todd J.

All the exploits for 1999!

tags | exploit
MD5 | 5293c5d0b60fe0822637d0764a9ffece
Posted Dec 31, 1999
Authored by Todd J.

Exploits for December, 1999.

tags | exploit
MD5 | f63d8750208f8e92694f56bad811125a
Posted Dec 31, 1999
Authored by Luca Deri | Site www-serra.unipi.it

ntop is a tool that shows the network usage, similar to what the popular Unix command top does. ntop can be used in both interactive or web mode. In the first case, ntop displays the network status on the user's terminal whereas in web mode a web browser (e.g. netscape) can attach to ntop (that acts as a web server) and get a dump of the network status. In the latter case, ntop can be seen as a simple RMON-like agent with an embedded web interface.

Changes: A fix for a buffer overflow caused by long URL requests, and many new enhancements.
tags | tool, web, sniffer
systems | unix
MD5 | 1297d2751e170b9ea6bb6529e7690e00
Posted Dec 31, 1999
Authored by Rodrigo Alvaro Diaz Leven | Site sportal.sourceforge.net

Sportal is made for people that need to know what is going on in their systems. It monitors files that you select, for "hot words" that you also select, through a graphical interface. When a hot word is found in the file being watched, it will let you know. There is no restriction on the numbers of files or hot words.

Changes: A lot of bug fixes, a new pallete of colors, faster text scroll, and finished transparent background support.
tags | system logging
systems | unix
MD5 | ea47ca356e0b84edba051ce0d5471cb5
Posted Dec 31, 1999
Authored by Nadeem Riaz | Site nut.dhs.org

Psftp is an FTP client that uses ssh 1.x as its backend. It provides a command-line FTP interface on top of scp and ssh.

tags | tool
systems | unix
MD5 | b552b3105b7af078485e4bc4b3abcf91
Posted Dec 31, 1999
Authored by Mudge

initscripts-4.48-1 on RedHat Linux is vulnerable to a race condition. Contains the l0pht advisory on the subject and exploit.

tags | exploit
systems | linux, redhat
MD5 | d49eceb74c5c5b656bf226583a51060d
Posted Dec 31, 1999
Authored by Underground Security Systems Research

The Savant Web Server V2.0 Win9X / NT / 2K and possibly other versions has a buffer overflow caused by a NULL Character in the parsing Get Command routine.

tags | exploit, web, overflow
systems | windows
MD5 | 37c609c30feae7aea4e588a1b42dfc9f
Posted Dec 31, 1999
Authored by venomous

vnsl (vENOMOUS Scripting Language version 0.1b) can be used to script connections to daemons and backdoors.

tags | tool
systems | unix
MD5 | 4ec864439fa0f4caf49647cf716a405b
Posted Dec 31, 1999
Authored by Brock Tellier

A vulnerability in majordomo allows local users to gain elevated privileges.

tags | exploit, local
MD5 | 08313a7afc34d87f11df490205a30f93
Posted Dec 31, 1999

CERT Advisory CA-99-17 - Denial-of-Service Tools. Recently, new techniques for executing denial-of-service attacks have been made public. MacOS 9 can be abused by an intruder to generate a large volume of traffic directed at a victim in response to a small amount of traffic produced by an intruder. This allows an intruder to use MacOS 9 as a "traffic amplifier," and flood victims with traffic. A tool similar to Tribe FloodNet (TFN), called Tribe FloodNet 2K (TFN2K) was released.

MD5 | c2ba50110e62d6a677fa3253ee45344e
Posted Dec 31, 1999
Site intes.odessa.ua

VXE - Virtual eXecuting Environment protects Unix daemons from compromise in a manner similar to chroot. A main problem with UNIX security is that superuser can do with system anything he wants. There are programs (daemons) which work with superuser privilegies, for example popd, sendmail, and accessible from network (Internet/Intranet). There could be bugs in any program, so intruder connects to such programs via network, exploit existing bugs in it and get a control over all of the host. VXE (Virtual eXecuting Environment) protects UNIX servers from such intruders, hacker attacks from network and so on. It protects software subsystems, such as: SMTP, POP, HTTP and any other subsystem, already installed on the server. Free for non-commercial use.

tags | tool, web
systems | unix
MD5 | 4e47b5a8c547addd8c47dd570c0e6f38
Posted Dec 31, 1999
Authored by Steve Reid

Wmmon is a popular program for monitoring CPU load and other system utilization. It runs as a dockapp under WindowMaker. The FreeBSD version of this program has a feature that can be trivially exploited to gain group kmem in recent installs, or user root in really old installs. This affects the FreeBSD version because under FreeBSD the program must be installed setgid kmem or setuid root in order to access system load information through the memory devices. The Linux version should not be vulnerable because it reads information through procfs which requires no special privileges.

tags | exploit, root
systems | linux, freebsd
MD5 | b69d228fe8a197a8a47d4ebe009e3826
Posted Dec 31, 1999
Authored by Underground Security Systems Research

Local / Remote D.o.S Attack in CSM Mail Server for Windows 95/NT v.2000.08.A and other older versions. Possibly exploitable.

tags | exploit, remote, local
systems | windows, 9x
MD5 | 884e327248c64268b3d38a83f6df6395
Posted Dec 31, 1999
Authored by InET

InET Magazine #4 has been realeased with articles about the SS7 Telephony Protocol, IPv6 crypto and security,

tags | crypto, protocol, magazine
MD5 | 4b48bd5ac07b7b1cc4d0271f1ea8956e
Posted Dec 31, 1999
Authored by winsd

Windows NT Security Update - Reflections from 1999 and into 2000, Savant Web Server Denial of Service, Avirt Rover Buffer Overflow, Netscape Navigator 4.5 Runs Arbitrary Code, Live Webcast, How Secure is Your Exchange Server? Update, and Using Windows 2000's Run As Command. NTsecurity homepage here.

tags | web, denial of service, overflow, arbitrary, magazine
systems | windows, 2k, nt
MD5 | 2ddd2a5f45f14c8ec5c9fc5d3643380f
Posted Dec 31, 1999

Sun Microsystems Security Bulletin #192 - Vulnerabilities in CDE and openwindows. Vulnerable versions include SunOS 5.7, 5.7_x86, 5.6, 5.6_x86, 5.5.1, 5.5, 5.4, 5.3, 4.1.4, and 4.1.3_U1. Vulnerable programs include the ToolTalk messaging utility, ttsession, CDE dtspcd, CDE dtaction, and the CDE ToolTalk shared library.

tags | vulnerability
systems | solaris
MD5 | 8872bf3eace3fc478f608f87350e82c6
Posted Dec 31, 1999

Sun Security Bulletin #191 - The sadmind program is installed by default on SunOS 5.7, 5.6, 5.5.1, and 5.5. In SunOS 5.4 and 5.3. A buffer overflow vulnerability has been discovered in sadmind which is exploited by a remote attacker to execute arbitrary instructions and gain root access.

tags | remote, overflow, arbitrary, root
systems | solaris
MD5 | 02753042def1c0264f885699fa83b094
Posted Dec 31, 1999
Site afro-productions.com

This program remotely kills trino nodes on version 1.07b2+f3 and below.

tags | denial of service
MD5 | 99ad3fbf7d8800eac6a71a083da19cb8
Posted Dec 31, 1999
Authored by Gerald Combs | Site ethereal.zing.org

Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.

Changes: New features include loadable module support for decoders, many logfile formats, A command-line utility called "editcap" allows you to trim capture files and convert to different file formats, added configureability. Added the following protocols - TNS, ISIS, Gryphon, AppleTalk's NBP and RTMP, IRC. Updated the following protocols - NFS, RCP, GRE, BGP, SNMP, SMB, NetBIOS, IPX, ICQ, RADIUS, VLAN, TACACS+/XTACACS, LLC/SNAP, NTP, ISAKMP, HTTP.
tags | tool, sniffer, protocol
systems | unix
MD5 | 297ae32cc23a154497dad6a1f964bdb1
Posted Dec 31, 1999
Authored by scut | Site packetfactory.net

Zodiac is a portable, extensible and multithreaded DNS tool. It is meant to be used as a DNS packet monitor and DNS protocol test and debuging tool. It's basic features are: sniffing of DNS datagrams on an ethernet device, decoding of all types of DNS packets, including safe decompression (partly finished, SOA record are, for example, not decoded yet), nice display and gui, if you like ncurses and text based frontends, always interactive in all situations through built in command line, threaded and flexible design. Advanced features include: local DNS spoof handler, jizz DNS spoof, exploiting a weakness in old bind implementations, determines jizz-weakness, id-prediction and resolver type remotely, id spoofing, exploiting a weakness in the dns protocol itself, implements some advanced DNS denial of service attacks, including flood, label compression and unres attack, advanced DNS smurf.

tags | denial of service, local, spoof, protocol
systems | unix
MD5 | b4879fd854efa41ed52aef5bd8522b4c
Posted Dec 31, 1999
Authored by scut

ascend foo denial of service exploit - basically just another lame echo/echo link, but has nice results on ascend, the router needs to be rebooted.

tags | denial of service
MD5 | 044fe0025e8e7bd79c48be3fb90cac8c
Posted Dec 31, 1999
Authored by Mixter | Site 1337.tsx.org

Echelon for Dummies is a distributed sniffer which tries to show how the "echelon" network could be designed. It uses sniffer servers that can be installed and run on remote hosts, and will dig through local network traffic, useing custom pattern/keyword matching to find packets with interesting content, which are then forwarded to a central loghost on which the logging daemon is run that gathers and logs the data. For stealth purposes, Sniffers and the logger communicate via random protocols and encryption, and are compatible to many Unix systems and NT.

tags | remote, local, protocol
systems | unix
MD5 | 2835fc64211ae733e2c45f6cb98b23c7
Posted Dec 31, 1999
Authored by Underground Security Systems Research

CamShot is a Windows 95/98/NT web server that serves up web pages containing time stamped images captured from a video camera. The images can be viewed from anywhere on the network with a web browser. UssrLabs found a Local / Remote Buffer overflow, The code that handles GET commands has an unchecked buffer that will allow arbitrary code to be executed if it is overflowed.

tags | exploit, remote, web, overflow, arbitrary, local
systems | windows, 9x
MD5 | d69851af4fe78c129d5c6e50d73308cf
Page 1 of 1

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    18 Files
  • 18
    Jun 18th
    15 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2019 Packet Storm. All rights reserved.

Security Services
Hosting By