what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2000-06-08

2.2.14-sendmail.tgz
Posted Jun 8, 2000
Authored by Florian Heinz

Linux 2.2.X local exploit - A new local bug in the 2.2 kernel has been discovered. Using the "capabilities" bug, it is possable to exec sendmail without the CAP_SETUID priv, which makes the setuid() call which drops privileges fail. Large chunks of code which were never meant to run as root do, exploiting this is trivial. Working exploit for sendmail + 2.2.16pre5 and below is included.

tags | exploit, kernel, local, root
systems | linux
SHA-256 | 965ce9baf1810f15a570d4dbd22d0f6ca892ee2315f31ff40c37fd8a322944c1
Raditz.cc
Posted Jun 8, 2000
Authored by Technion | Site coons.org

Raditz is a hacked replacement for the tripwire binary which never actually gets tripped. It attempts look and feel just like tripwire, allowing you to hopefully remain undetected on a rooted system just a little bit longer.

tags | tool, root, rootkit
systems | unix
SHA-256 | 8075caab5562e90e85f1c6b992a6dbc8e903553b2ef3998a11ad55a36cd30773
DST2K0012.txt
Posted Jun 8, 2000
Authored by Delphis Security Team | Site delphisplc.com

Delphis Consulting Plc Security Team Advisory DST2K0011 - Buffer Overflow in HP Openview Network Node Manager v6.1 for Microsoft Windows NT v4.0 Workstation (SP6). By using the Alarm service which runs on port 2345 and is installed by default with HP openview network node manager, it is possible to cause a buffer overrun in OVALARMSRV, causing the EIP to be overwritten and allowing the execution of arbitry code.

tags | exploit, overflow
systems | windows
SHA-256 | 53187d5cc8489d16517a4cf34b199ff2d209001ce4aa0b95b2f6e55c2e83c5b5
DST2K0011.txt
Posted Jun 8, 2000
Authored by Delphis Security Team | Site delphisplc.com

Delphis Consulting Plc Security Team Advisory DST2K0011 - The CMail Server v2.4.7 under Windows NT is vulnerable to a buffer overrun in NTDLL.DLL. By sending a long GET request to tcp port 8002, the EIP can be overwritten and arbitrary code execution is possible.

tags | exploit, overflow, arbitrary, tcp, code execution
systems | windows
SHA-256 | 946d10f4fc740a5dbde0d93d04f4f2215477442195f130719d2903cf58a842de
DST2K0010.txt
Posted Jun 8, 2000
Authored by Delphis Security Team | Site delphisplc.com

Delphis Consulting Plc Security Team Advisory DST2K0010 - Two vulnerabilities were found in Ceilidh v2.60a for Microsoft Windows NT v4.0 Workstation (SP6). The html code which is generated by ceilidh.exe (example URL below) contains a hidden form field by the name of "translated_path", revleaing the true path. By using a specially crafted POST statement it is possible to spawn multiple copies of ceilidh.exe each taking 1% of CPU and 700k of memory. This can be sent multiple times to cause resource depletion on the remote host.

tags | exploit, remote, vulnerability
systems | windows
SHA-256 | a6cda6dae6a389943157179ee378334ec7371c8e332286018cbcdb607a039b2e
sscan2k-pre3.b0f.tar.gz
Posted Jun 8, 2000
Authored by eth0 | Site b0f.freebsd.lublin.pl

sscan2k is a remote auditing/vulnerability scanner which determines remote OS, and scans the host for applicable vulnerabilities. Features updated vulnerability checks, a scripting language, support for plugins and addons, configureable OS fingerprints, dns zone and subnet scans. Based off sscan by jsbach.

Changes: Fixes by mixter.
tags | remote, vulnerability
SHA-256 | e2be5ced88ce06701e0d2a7db26865443180d8781bcf73eb59d9ca6eba9ccc71
linux-2.2.16-stealth1.diff
Posted Jun 8, 2000
Authored by Sean Trifero | Site innu.org

Patch for linux kernel 2.2.16 to discard packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags.

Changes: Now works with kernel v2.2.16.
tags | kernel, tcp
systems | linux
SHA-256 | 3afd597d33e4eae9f02c625121bd9900ba6799e9aec0af5a3c05a171a75ad302
ethereal-0.8.9.tar.gz
Posted Jun 8, 2000
Authored by Gerald Combs | Site ethereal.zing.org

Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.

Changes: Many protocol decoders updated (RTP, IP, ISAKMP, ICMP, SMB, SMB-PIPE, VTP, SNMPv3, Ethernet, GRE, EIGRP, DHCP, IPX, X.25, RSVP, and L2TP) new decoders for Mobile IP and COPS. A new API for the dissectors has been implemented which catches more compile time errors. Also added the ability to read compressed sniffer files and many small tweaks and bugfixes.
tags | tool, sniffer, protocol
systems | unix
SHA-256 | 7f9598b3b3eb386ced492751f9786fd40fe4771ba7d9639d5d96810865e8e97b
VeteScan-06-06-2000.tar.gz
Posted Jun 8, 2000
Authored by Vetesgirl | Site self-evident.com

VeteScan is a bulk vunerability scanner containing programs to scan Windows NT and UNIX systems for the latest trojans/remote exploits, a scanner for the vulnerabilities of single hosts (with or without host checking), a tool for scanning multiple hosts, a scanner for class A/B/C networks, and fixes for various vulnerablities.

Changes: fix/updated cgiscan 200+ cgi scans, added newest remote vuln to the scan, added ftp version checker, added sendmail checker, added more backdoor scans for win and nix, vetescan will now check to see if its win/nt and if it is win/nt it will automatically do winscan within vetescan. Updated nmap to the newest version nmap-2.54BETA1.
tags | tool, remote, scanner, trojan, vulnerability
systems | windows, unix
SHA-256 | 87fc8aecd2600f1a6069a61e59208d320a96ab149b9174c61edd19826796a0a6
winsd.060700.txt
Posted Jun 8, 2000
Authored by winsd | Site win2000mag.com

Windows Security Update June 7, 2000 - In this issue: Internet Explorer-Compiled HTML Might Run Unauthorized Code, Protected Store Key Length, Media Encoder dos, SQL Server 7.0 SP1 and SP2 Expose Admin Password, Imate WebMail Denial of Service, Buffer Overrun in ITHouse Mail Server, Buffer Overrun in Sambar Server, News: Microsoft's New Security Server, Tip: Event Log Security ID Descriptions, Windows 2000 Security: Creating a Custom Password-Reset MMC, Writing Secure Code: Bind Basics, and the Havenco data storage facility.

tags | denial of service, overflow, magazine
systems | windows
SHA-256 | b5c531d0dc96258b829de1f3f2f95e1a6a5b7ffa391ae32eba71c9dc81852acc
Internet Security Systems Security Advisory June 7, 2000
Posted Jun 8, 2000
Site xforce.iss.net

Internet Security Systems (ISS) X-Force has discovered a vulnerability in the i-drive Filo software. i-drive.com provides web storage services for over 1.5 million users. The browser-based tool, Filo, allows users to clip and save any web page to their i-drive account. Filo is designed for saving important pages found on the web such as investment research, travel confirmations, and e-commerce receipts. Affected Versions: Filo file version 1.0.0.1 for Windows NT (SP5) is affected.

tags | web, overflow, arbitrary
systems | windows
SHA-256 | 6c8a6f18158ddf0de0850c9afbdc8b697fb5d9987dd442cd7ad4ca1c9bedf826
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close