exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2000-05-31

Posted May 31, 2000
Authored by Jonathan Leto | Site leto.net

Perlnecklace v0.3 is a wrapper for the perl v5.005 binary to increase site-wide security. It features the ability to set chroot the environment the script is running in, set resource limits, allow/disallow modules, and log to syslog. Tested on Redhat Linux 6.2 2.2.14 x86, FreeBSD 3.4-RELEASE x86, and OpenBSD 2.6 x86.

tags | x86, perl
systems | linux, redhat, unix, freebsd, openbsd
SHA-256 | 1c051c890c064343ee30f237038e272a152e8c9a63056c6be434d6c452663eb6
Posted May 31, 2000
Authored by Bjarni R. Einarsson | Site mailtools.anomy.net

The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.

tags | trojan, perl, javascript, virus
systems | unix
SHA-256 | b6a92fd989ad60d1c34c1f6c165ec70d5cbdb5b2ee278b47c562ee220a111307
Posted May 31, 2000
Authored by Tomas Junnonen | Site firestarter.sourceforge.net

The goal of FireStarter is to provide an easy to use, yet powerful, GUI tool for setting up, administrating and monitoring firewalls for Linux machines. FireStarter is made for the GNOME desktop. It can actively monitor your firewall and list any unauthorized connection attempts made to your machine in a readable table format. Screenshot available here.

tags | tool, firewall
systems | linux
SHA-256 | 7ccebdbacec58ad5b6e4b9adc0c3b030ce7a7e617f13bd6e7fa46ad2c35fe070
Posted May 31, 2000
Authored by Hypoclear

RFPickaxe2.pl is a windows port of RFP's RFPickaxe.pl demo exploit for the BlackICE IDS uses a management console.

tags | exploit
systems | windows
SHA-256 | 7115ec33efe3130c21b7bf3b9c61e2b5d24620f2951e8ae5fe98bbc2b6ea2f29
Posted May 31, 2000
Authored by TSS | Site search.iland.co.kr

TWWWscan v0.3 - Windows based www vulnerability scanner which looks for 186 www/cgi vulnerabilities . Displays http header, server info, and tries for accurate results. Now features anti-IDS url encoding. Tested on win95 osr2 win98,win98se,win nt4,win 2k.

Changes: Added passive mode, included Windows 2000 and NT patch information, scan interface changed.
tags | web, cgi, vulnerability
systems | windows, unix
SHA-256 | 1b22e13bcf68508b65896b00684805961b31aacc64bb2dbb8a86c2f3dec63c36
Posted May 31, 2000
Site net-security.org

Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: Yahoo glitch, pgp 5.0 security flaw, setting up portsentry, is PKI secure enough?, Kevin Mitnick speaking ban, UK privacy, Curador charged, WAP related defacment, running a BSD firewall, an interview with Frank Van Vliet, and more.

systems | bsd
SHA-256 | 41885a4d1b2c011a62b58376759aefcd6b5e129744649022130fbe5d7b4327dd
Posted May 31, 2000
Authored by vade79, realhalo | Site realhalo.org

Slirp v1.0.10(RELEASE) local buffer overflow exploit for Linux which gives you a SGID shell if /usr/local/bin/slirp is mode 2755. Tested against Slackware 3.6. Includes perl script to find the offset.

tags | exploit, overflow, shell, local, perl
systems | linux, slackware
SHA-256 | 12e61b047e8d24718f434c4d48b7b220b125ea133744046125a247842e78d76a
Posted May 31, 2000
Authored by vade79, realhalo | Site realhalo.org

One last elm v2.4 / v2.5 exploit - gives EGID 12. This version works against almost all vulnerable versions of elm.

tags | exploit
SHA-256 | 47fefa5230db61d38f353f0a5b82b73f911a8e966cb50c54a8092a788c5e4d9e
Posted May 31, 2000
Authored by Venglin | Site b0f.freebsd.lublin.pl

sms.c is a remote SMS 1.8.2 (mail2sms gateway) long subject line remote buffer overflow exploit. Send the mail generated by this program and a shell will be listening on port 2222. Offsets adjusted for redhat.

tags | exploit, remote, overflow, shell
systems | linux, redhat
SHA-256 | 5263a1384cd6d126f626841f9e172551ca855196cc1ef2d42713cc721e51647b
Posted May 31, 2000
Authored by Codex | Site phate.net

This document contains details on a proof-of-concept white paper on how to circumvent Cisco access-lists which rely on only permitting "established" TCP sessions by establishing communications between a client and server (included) which never uses the SYN bit. Works on any firewall that accepts all packets without the syn bit.

tags | tool, tcp, rootkit
systems | cisco, unix
SHA-256 | 79d26376604497500925b5b6543234d5413f0ad668b64b1784396b240628a49e
Posted May 31, 2000
Authored by teso, stealth | Site team-teso.net

TESO Security Advisory #10 - KDE KApplication {} configfile vulnerability. Due to insecure creation of configuration files via KApplication-class, local lusers can create arbitrary files when running setuid root KDE-programs. Tested with SuSE 6.4 standard installation under KDE 1.1.2.

tags | exploit, arbitrary, local, root
systems | linux, suse
SHA-256 | 004b3ec17b9d4970f5d766395aef75b5dbd5c2b046edf150e3773fa527b7f18b
Posted May 31, 2000
Authored by Arkth

BugzPL ADVISORY #1 - Bypassing restricted bash. bash-2 gives us the option to use a shell in restricted mode. Includes a patch to bash to eliminate most of the described attacks.

tags | exploit, shell, bash
SHA-256 | 47bb68c6308df5ed6fe19a7497f029c4b854f395cc92453841f8d72aa441b418
Posted May 31, 2000
Site cerberus-infosec.co.uk

Cerberus Information Security Advisory (CISADV000525) - The Cerberus Security Team has found a remotely exploitable buffer overrun in two executables that come with PDGSoft's Shopping Cart. Redirect.exe and changepw.exe are both accessable over the web to all users. If supplied an overly long query string both will overflow an internal buffer overwriting the saved return address.

tags | web, overflow
SHA-256 | 47c5ccd9102dac8b0ab89dab0a306e546e5bd7ae581a145be2b627262530e2ac
Posted May 31, 2000

NetBSD Security Advisory 2000-003 - Exploitable vulnerability in xlockmore. Xlock can be manipulated to print /etc/shadow.

systems | netbsd
SHA-256 | 287e6d1314b1ad1faffd919e3f691fe493e2b86f5526625e8e868eaa9d21974e
Posted May 31, 2000
Authored by Delphis Security Team | Site delphisplc.com

Delphis Consulting Plc Security Team Advisory DST2K0009 - Userlisting Bug in Ipswitch WS_FTP Server 1.05E allows remote users to confuse the server manager.

tags | exploit, remote
SHA-256 | c45c47e0f2f64311cef176002da746700559bf5930be62695ff30bd1c8a2b23b
Posted May 31, 2000
Authored by Sectorx | Site xorteam.cjb.net

Simple Web Server 0.5.1 stack overflow advisory. Allows eip to be overwritten.

tags | exploit, web, overflow
SHA-256 | 48d728d1a0369d0efc66c0322f42866aafd5c4801aa62aeb3619a6c8cd355af1
Posted May 31, 2000
Authored by S

shadyshell.c is a flexible, obfuscated, and lightweight UDP portshell. Takes client input via netcat -u.

tags | tool, udp, rootkit
systems | unix
SHA-256 | 16c3e56c91fe42a99758dc394e3c954f75985e353ac20556e6c3104449fdc5f9
Posted May 31, 2000

CERT Advisory CA-2000-09 - Flaw in PGP 5.0 Key Generation. UNIX systems having a /dev/random device running any version of PGP 5.0 are affected. When keys are generated non-interactively and without user-added randomness, on some systems PGP v5.0 generates keys that are not random enough, allowing an attacker to predict keys and therefore recover information encrypted with that key. Additionally, an attacker may be able to forge a digital signature corresponding to a vulnerable key. CERT homepage here.

systems | unix
SHA-256 | 666d2573e857d8eb04ebc9ba4aaf3ae4e08ea3110c54153867406d0110fb40d3
Posted May 31, 2000
Authored by Meliksah Ozoral | Site meliksah.net

ICQ Web Front Remote denial of service vulnerability - ICQ 2000a, 99b, and 99a contain a vulnerability in the personal web server. Guestbook.cgi, installed by default, crashes when sent a long name.

tags | exploit, remote, web, denial of service, cgi
SHA-256 | 05ba8a95f1072921afea8cf60d91a06e244658a30f3a4b75372c90226af4d779
Posted May 31, 2000

TurboLinux Security Announcement - xlockmore-4.16 and earlier contain a buffer overflow in -mode which allow an attacker to reveal arbitrary portions of xlock's address space including the shadow password file. TurboLinux security announcments here.

tags | overflow, arbitrary
SHA-256 | dbb836cef2dd10d05896becfe0cd419b6fa0fc409eccf4c77d736ed0a7ca2dfe
Page 1 of 1

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By