exploit the possibilities
Showing 1 - 25 of 302 RSS Feed

Files Date: 2000-07-01 to 2000-07-31

Posted Jul 30, 2000
Authored by Toby Deshane | Site sourceforge.net

Cgichk is a web vulnerability scanner which automatically searches for a series of interesting directories and files on a given site. Instead of focusing on vulnerable CGI scripts, it looks for interesting and/or hidden directories such as logs, testing, secret, scripts, stats, restricted, code, robots.txt, etc.

Changes: Fixed a bug which caused it to scan Network Solutions instead, added some more directories to look for.
tags | web, cgi
systems | unix
MD5 | 2e8161bbe9a642054d7dead986f992b1
Posted Jul 30, 2000
Authored by Ben Woodard | Site fuzz.sourceforge.net

Fuzz searches for new security vulnerabilities by generating random garbage which can be passed in several ways to programs to see if they can be made to crash or hang.

tags | vulnerability
systems | unix
MD5 | e62b883a6de87efd11950e357a2aa0c6
Posted Jul 30, 2000
Authored by Saumil Shah | Site foundstone.com

Foundstone Security Advisory - Two show code vulnerabilities exist with BEA's WebLogic 5.1.0 allowing an attacker to view the source code of any file within the web document root of the web server. Depending on web application and directory structure attacker can access and view unauthorized files. Proof of concept URL's included.

tags | exploit, web, root, vulnerability, proof of concept
MD5 | eabfb1cb192fae14880ee2af89f74ca8
Posted Jul 30, 2000
Authored by Juan Toledo | Site etherape.sourceforge.net

Etherape is an etherman clone which displays network activity graphically. Active hosts are shown as circles of varying size, and traffic among them is shown as lines of varying width. It is GNOME and pcap based. Screenshot here.

Changes: Bug fixes and enhancments.
tags | tool, sniffer
MD5 | 250a12ac90a3ce63438ea83ebd45fd44
Posted Jul 30, 2000
Authored by Bjarni R. Einarsson | Site mailtools.anomy.net

The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.

Changes: A fix for a bug in the configuration file parser, which could cause problems with policy definitions.
tags | trojan, perl, javascript, virus
systems | unix
MD5 | 0379d85154c44be3be994eb4e91c7d03
Posted Jul 29, 2000
Authored by Tim Lawless

Saint Jude LKM is a Linux Kernel Module for the 2.2.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occuring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: Fixed bug which would prevent the setreuid syscal from being restored upon exit.
tags | remote, kernel, local, root
systems | linux
MD5 | 4bd7eeca77d479a36df73c38d7cff517
Posted Jul 29, 2000
Authored by Stealth_C

Jolt2mod sends a jolt2 attack without lagging the sending network connection nearly as much due to a rate limiting feature.

tags | denial of service
MD5 | f777ecf09b92fb7728f7ee0d703200be
Posted Jul 29, 2000
Authored by Jeff Capes | Site rendo.dekooi.nl

00[Sub]7 - The Ultimate SubSeven Logging Tool. Sets up a fake sub7 server on the default port which can send all sorts of false information to the client. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
MD5 | fb96e1948e584127321d4232bf10992f
Posted Jul 29, 2000
Authored by Riseman | Site sod-interactive.turincon.com

Atalaya notifies an administrator of incoming connections using /etc/hosts.allow. Includes support for Festival for speech.

tags | system logging
systems | unix
MD5 | 05bd6a826ce4549a1cf29c2f7998abfb
Posted Jul 29, 2000

Microsoft Security Bulletin (MS00-052) - Microsoft has released a patch for the "Relative Shell Path" vulnerability in Microsoft Windows NT 4.0 and Windows 2000. The vulnerability enables a malicious user to cause code of his choice to run when another user subsequently logged onto the same machine. Microsoft FAQ on this issue available here.

tags | shell
systems | windows
MD5 | 2fa31a91c9c32a49b1d4f795b333ce6b
Posted Jul 28, 2000
Authored by Covert Labs | Site nai.com

Network Associates COVERT Labs Security Advisory - The Microsoft Windows implementation of NetBIOS allows an unsolicited UDP datagram to remotely deny access to services offered by registered NetBIOS names. An attacker can remotely shut down all Domain Logins, the ability to access SMB shares, and NetBIOS name resolution services. Vulnerable systems include all versions of Microsoft Windows 95, 98, NT and 2000.

tags | udp
systems | windows
MD5 | a78582c296f1b1c6a467efce197c7b7e
Posted Jul 28, 2000
Authored by Tanaka Akira

CVS v1.10.8 allows users to execute any binary on the server using CVS/Checkin.prog or CVS/Update.prog.

tags | exploit
MD5 | f51d22de8758d323545e1452dac4d417
Posted Jul 28, 2000
Authored by Headflux | Site synnergy.net

Plusmail remote exploit - plusmail fails to check authenticity before creating new accounts.

tags | exploit, remote
MD5 | cb45bd9c9b86c81b068cef1ce3f8b5f9
Posted Jul 28, 2000
Authored by Flea

BitchX-75p3 local exploit, Redhat 6.2 x86.

tags | exploit, x86, local
systems | linux, redhat
MD5 | 3107c544958dc3c7abc51124de021bea
Posted Jul 28, 2000
Authored by Brant Hale

The D-Link DI-701 Residential Gateway has an open port which allows brute force password guessing, and has a factory set default password.

tags | exploit
MD5 | d96b5c738ace00b9ee7a62a0b8b478ed
Posted Jul 28, 2000
Site debian.org

Debian Security Advisory - The versions of the ISC DHCP client in Debian 2.1 are vulnerable to a root exploit. A previous Debian security advisory addressed this issue with package versions 2.0b1pl6-0.3 and 2.0-3potato1, but ISC has released a newer patch since the original advisory. You should install the latest packages even if you upgraded when the last advisory was released.

tags | root
systems | linux, debian
MD5 | 95e1ed9433a62ac57ffa2f3eef8a72ff
Posted Jul 28, 2000
Authored by Toby Deshane | Site sourceforge.net

Cgichk is a web vulnerability scanner which automatically searches for a series of interesting directories and files on a given site. Instead of focusing on vulnerable CGI scripts, it looks for interesting and/or hidden directories such as logs, testing, secret, scripts, stats, restricted, code, robots.txt, etc.

Changes: Tidied up the code.
tags | web, cgi
systems | unix
MD5 | e365ef587ce82a295fa0f6aaac3ef5f7
Posted Jul 28, 2000
Authored by M Adams | Site rawlogic.com

NetView Scanner is a suite of three security tools for the system administrator or home user. NetView scans IP addresses for available Windows File & Print Sharing resources, PortScan scans IP addresses for listening TCP ports, and WebBrute scans web directories that are protected with HTTP authentication, testing the strength of the users' passwords. This suite is freeware penetration analysis software that will run on your Windows workstation.

tags | web, tcp
systems | windows
MD5 | f6f6c15022d6554af17d53bf40a58e51
Posted Jul 28, 2000
Authored by Gael Roualland | Site ippersonality.sourceforge.net

The Linux IP Personality patch fools OS detection by changing some characteristics of the network traffic. Among the things that can be changed are the TCP Initial Sequence Number (ISN), TCP initial window size, TCP options (their types, but also their order in the packet), answers to some pathological TCP packets, and answers to some UDP packets.

tags | udp, tcp
systems | linux
MD5 | 00fe261a0a8609e014e586d7f22b77b0
Posted Jul 28, 2000

Microsoft Security Bulletin (MS00-047) - Patch Available for "NetBIOS Name Server Protocol Spoofing" vulnerability, which could be used to cause a machine to refuse to respond to requests for service via udp port 137. Windows NT and 2000 are affected. Microsoft FAQ on this issue available here.

tags | udp, spoof, protocol
systems | windows
MD5 | 6c88b1069076ac3174c25e25b58f2a2e
Posted Jul 27, 2000
Authored by Stealth_C

igmpofdeath.c is a modification of trash2.c which also sends out random type 2 igmp packets, as seen in pimp and pimp2.

tags | denial of service
MD5 | ca977915a063df11dd660e24f76d9663
Posted Jul 27, 2000
Authored by Pauli Ojanpera

Winamp contains a buffer overflow in its M3U playlist parser. It is possible to execute arbitrary code on a remote computer via a malicious playlist. Proof of concept playlist included.

tags | exploit, remote, overflow, arbitrary, proof of concept
MD5 | e4df2a791d526904b5ed2ac47c2e2cf7
Posted Jul 27, 2000
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

Shadowpenguin Security Advisory #39 - Adobe Acrobat Series PDF File buffer overflow. Many versions of Acrobat for Windows95/98/NT/2000 overflows when reading the PDF file which has long Registry or Ordering. The EIP can be controled and arbitrary code can be executed on the machine which views the PDF file. Patches available here.

tags | overflow, arbitrary, registry
MD5 | 4d24ea755d6dc347ec13d981db9ba98c
Posted Jul 27, 2000
Site redhat.com

Red Hat Security Advisory - gpm as shipped in Red Hat Linux 5.2 and 6.x contains a number of security problems. Additionally, a denial of service attack via /dev/gpmctl is possible. The newest gpm packages fix both these vulnerabilities.

tags | denial of service, vulnerability
systems | linux, redhat
MD5 | cfb4fc2862c05d26b5d4dceddce7220b
Posted Jul 27, 2000
Authored by Stealth_C

icmpstrike.c is a modified trash.c with spoofed source addresses. Trash.c sends ICMP packets with random error codes which lag or freeze Windows98/95/2000/NT machines.

tags | denial of service, spoof
MD5 | 6d364a10dd51aaf21e0dd177bde4b8a0
Page 1 of 13

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By