what you don't know can hurt you
Showing 1 - 24 of 24 RSS Feed

Files Date: 2000-02-01

Posted Feb 1, 2000


MD5 | 9dbd269d7d090576f2b93be11a5c97ac
Posted Feb 1, 2000
Site xforce.iss.net

ISS Security Advisory - Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications. X-Force has identified eleven shopping cart applications that are vulnerable to price changing using form tampering. It is possible for an attacker to take advantage of the form tampering vulnerabilities and order items at a reduced price on an e-commerce site.

tags | web, vulnerability
MD5 | 2ca852b5ce6c7ec75a71b10ccc1f7988
Posted Feb 1, 2000

Microsoft has released a patch for a security hole Windows NT 4.0. A malicious user can create, delete or modify files in the Recycle Bin of another user who shared the machine. Microsoft FAQ on this issue available here.

systems | windows, nt
MD5 | bbc853b16329b40c68021620956ee00f
Posted Feb 1, 2000
Authored by Hiromitsu Takagi

Another security hole in Microsoft Virtual Machine for Java has been discovered that allows a java applet to read any file on the system. This vulnerability is quite dangerous and immediate de-activation of the IE Java function provided by Microsoft is highly recommended.

tags | exploit, java
MD5 | c1b9ebcc8306eb8d2e2890f8e119816c
Posted Feb 1, 2000
Authored by Todd J.

Packet Storm new exploits for January, 2000.

tags | exploit
MD5 | 38af88a541be851c1f2c5eb240a0e0e7
Posted Feb 1, 2000
Authored by Falcon Open Group | Site falcon.naw.de

The Falcon Project (Free Application-Level CONnection kit) is an open firewall project with the intention of developing a free, secure and OS-independent firewall system. Falcon consists of three major modules: Falcons's own proxies (written in Perl); 3rd-party proxies (squid / qmail / BIND8), each modified for chroot environment; and general concepts for OS hardening, chrooting etc.

Changes: Comfortable start-/stop-scripts, and a fix for the download problem.
tags | tool, perl, firewall
systems | unix
MD5 | 90c68c0c2119a00bbc6f476c654292ab
Posted Feb 1, 2000
Authored by Unyun | Site shadowpenguin.backsection.net

Tiny FTPd 0.52 beta3 (Windows FTP Server) has remotely exploitable buffer overflow vulnerabilities. Even anonymous users can execute code. Exploit tested on Windows98(+IE5.01).

tags | exploit, overflow, vulnerability
systems | windows
MD5 | 216eb9a4a0a113773584ea377084cef9
Posted Feb 1, 2000

Bill Gates is Hitler.

systems | unix
MD5 | 2bb2af773c76e6604d63ee46c1813dfd
Posted Feb 1, 2000
Authored by Mob Boss

The Lost Art Of BBSing - Believe it or not, here in the year 2000 BBSing is not dead. Of course its not what it used to be, but its something for us who missed those days can look at and enjoy.

tags | paper
MD5 | e39babc826ced4592c4964b51165b991
Posted Feb 1, 2000
Authored by Neeko

Sometimes administrators put directories in robots.txt that they want to hide from the search engines, without securing the directory. Sometimes the directories in robots.txt have interesting things in them.

tags | paper
MD5 | 7520e86dcadf201901bde9dcb985dc2e
Posted Feb 1, 2000

Cobalt Security Advisory 01.31.2000 - For RaQ 1 and RaQ 2, through improper permissions checking in /.cobalt/siteUserMod/siteUserMod.cgi, any Site Administrator can change the password of the admin (root) account on the system. For RaQ 3, Through improper permissions checking in /.cobalt/siteUserMod/siteUserMod.cgi, any Site Administrator can change the password of any regular user or Site Administrator on the system, but not admin(root). Bug and exploit by Chuck Pitre

tags | cgi, root
MD5 | 050f81b8e706258d2b719c1b9fa00c77
Posted Feb 1, 2000
Authored by Efrain Torres, lownoise

RightFax Web Client v5.2 allows anyone to hijack user's faxes.

tags | exploit, web
MD5 | 9bb7293d5c68e1a5c5585199bad613a5
Posted Feb 1, 2000
Authored by Arne Vidstrom | Site ntsecurity.nu

The "Strip Script Tags" feature in Firewall-1 can be circumvented by adding an extra less than sign before the SCRIPT tag. The code will still execute in both Navigator and Explorer.

tags | exploit
MD5 | f6ba91a8013bd49f0441d329466bf7ce
Posted Feb 1, 2000
Authored by Michal Zalewski

Recent PAM implementations allow you to use su to rapidly crack accounts without being logged. Tested on RH 6.1.

tags | exploit
MD5 | 10423e8f8ff63e2145b21fec615ece68
Posted Feb 1, 2000
Authored by John Daniele

Autobuse.pl and angel.pl both use /tmp insecurely.

tags | exploit
MD5 | ff89f7c3c011f530b4c95ee396510a2b
Posted Feb 1, 2000
Authored by Neil Bortnak | Site bortnak.com

Many virus checking software skips directories entitled \\recycled or similar. This allows viruses and trojans a safe haven on many Windows 95, 98, and NT systems. Exploit code included.

tags | exploit, trojan, virus
systems | windows, 9x
MD5 | 320a950d8efaa33854f465fdb9e7eca2
Posted Feb 1, 2000
Site oliver.efri.hr

An HP-UX 10.30/11.00 system can be used as an IP traffic amplifier. Small amounts of inbound traffic can result in larger amounts of outbound traffic, using ICMP MTU discovery packets.

tags | exploit
systems | hpux
MD5 | 4fd026baa15caea8a3d981d0abc1bf4d
Posted Feb 1, 2000
Site oliver.efri.hr

All flavors of BSD have local root procfs holes. Exploit included.

tags | exploit, local, root
systems | bsd
MD5 | ddefadee77bc2088a7a5b5b032ca3ff1
Posted Feb 1, 2000
Site oliver.efri.hr

There is a buffer overflow in Subseven 2.1a causing it to quit quietly, crash, or overwrite variables.

tags | exploit, overflow
MD5 | a9ae10bc91758866af6d9e7695df2d28
Posted Feb 1, 2000
Site oliver.efri.hr

SMS 2.0 Remote Control (for Windows NT) introduces a security risk that will allow the attacker to run programs in system context, due to the fact that the executable used for the remote control service is copied to the workstation without any special permission settings to prevent a user from replacing the executable.

tags | exploit, remote
systems | windows, nt
MD5 | 939250f9f1bfa69849fd81cc78038d43
Posted Feb 1, 2000
Site oliver.efri.hr

Microimages X server for Windows allows anyone to kill your session and start an xterm on your machine if they know you are using the software.

tags | exploit
systems | windows
MD5 | 60bb7ab5ff38455203a8b08cd8d3ee0f
Posted Feb 1, 2000
Site oliver.efri.hr

Windows NT webservers using ASP can under some circumstances reveal the path of the server. A variable holds information about the internal structure of the website.

tags | exploit, asp
systems | windows, nt
MD5 | f3c9c247dda71acf38aebe0cb4c5c241
Posted Feb 1, 2000
Authored by Fredrik Widlund

IIScat exploits the recent Microsoft Index Server vulnerability to read any file on the server.

tags | exploit
MD5 | 6486fb070f99a76bcfc5dfc1a4b9f85d
Posted Feb 1, 2000
Authored by Nick Burrett | Site freevsd.org

FreeVSD facilitates true Linux Virtual Servers within a 'chroot' environment, allowing Web servers and other applications to be deployed and administered discretely, without compromise to security. Each Virtual Server has its own IP address(es), Apache webserver, and view of the process table. FreeVSD expands the Linux system by creating a pseudo-'super user' (admin) for each Virtual Server. The admin user has the ability to create extra POP3/FTP and Telnet users and also administrate vital services such as the webserver.

Changes: Inclusion of a Web-based control center, installation script reworkings, and minor bugfixes.
tags | web
systems | linux, unix
MD5 | 43ada1a6a2a4adc566b9b7cec020caeb
Page 1 of 1

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    0 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By