exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2000-08-09

word-access.txt
Posted Aug 9, 2000
Authored by Georgi Guninski | Site nat.bg

Georgi Guninski security advisory #17 - MS Word and MS Access 2000 (with or without Service Release 1a) allow executing arbitrary programs if a Word document is opened. This may be exploited also by visiting a web page with IE or opening/previewing HTML email message with Outlook. In order this to work, the user must be able to access a mdb file, which resides either on an UNC share or a local drive. This allows taking full control over user's computer. Demonstration exploit available here.

tags | exploit, web, arbitrary, local
SHA-256 | 89dfddff8833fb3dad88d40d972cfa0a68430d2b3ad384958e72e64fedda41e3
rhsa.2000-050-01.mopd
Posted Aug 9, 2000
Site redhat.com

Red Hat Security Advisory - A buffer overflow has been discovered in all releases of mopd-linux included in the 6.0, 6.1, and 6.2 releases of Powertools. This vulnerability allows long file names to be sent from the client to the server, allowing arbitrary code to be executed.

tags | overflow, arbitrary
systems | linux, redhat
SHA-256 | 420df459240f85b3543ea29e1fe11451697d08319af2026f24b5e6462ae314ce
netbsd.2000-011.netscape
Posted Aug 9, 2000
Site netbsd.org

NetBSD Security Advisory 2000-011 - Netscape's processing of JPEG comments trusted the length parameter for comment fields; by manipulating this value, it is possible to cause netscape to read in an excessive amount of data, overwriting memory. Specially designed data could allow a remote site to execute arbitrary code as the user of netscape. This vulnerability has been fixed in Netscape 4.74.

tags | remote, arbitrary
systems | netbsd
SHA-256 | ee621f140533c524890bdf720a8551ec93c8c64af2312f54c7cd2a1fa6820ed5
freevsd-1.4.3.tar.gz
Posted Aug 9, 2000
Authored by Nick Burrett | Site freevsd.org

FreeVSD facilitates true Linux Virtual Servers within a 'chroot' environment, allowing Web servers and other applications to be deployed and administered discretely, without compromise to security. Each Virtual Server has its own IP address(es), Apache webserver, and view of the process table. FreeVSD expands the Linux system by creating a pseudo-'super user' (admin) for each Virtual Server. The admin user has the ability to create extra POP3/FTP and Telnet users and also administrate vital services such as the webserver.

Changes: Many bug fixes, much easier to install. Additionally, the structure of the code itself has been improved.
tags | web
systems | linux, unix
SHA-256 | ecd3896581bb76d50cb4824cdb13dad537c14903b37e404c47eb7a98cd51f681
robpoll-cgi-problem.txt
Posted Aug 9, 2000
Authored by Alt3kx | Site hertmx.org

Robpoll.cgi is a free cgi based admin program for Unix and NT which has remote vulnerabilities allowing remote users to execute any command on the remote system with the priveleges of the web server. In addition, anyone can read any file on the remote system with the webserver UID.

tags | exploit, remote, web, cgi, vulnerability
systems | unix
SHA-256 | bc0607609836ddf0e5923a2902e5194cc19852cc1fd731afa6d4b7bc8745952a
fathoe.c
Posted Aug 9, 2000
Authored by Nijen Rode

fathoe.c is a fragment flooder which will lag and/or lock up windows machines on your local network.

Changes: This version works remotely, and uses so little bandwidth that I was able to freeze someone on a 56k with it.
tags | denial of service, local
systems | windows
SHA-256 | 5a8c4166ed3499a46261bcf0e4d74b05d50c8eaa9c097104e432a5c95e6c96c2
return-rst-1.0.tar.gz
Posted Aug 9, 2000
Authored by N. Bellamy | Site bellamy.co.nz

Return-RST is a firewalling tool for Linux 2.2.xx systems using IPCHAINS. It uses the netlink device to capture packets and sends TCP RST packets in response to TCP connection requests. Normal IPCHAINS only allows you to drop packets, or reject packets with an ICMP error message. With Return-RST, you can make it look like there is no server listening, rather than giving away that they're being filtered to the attacker.

tags | tool, tcp, firewall
systems | linux
SHA-256 | e9cfcfe8d93672144f679c95aaf3da4d34a5bd6d5f53cfd38275d884c03802ad
repeat.tar.gz
Posted Aug 9, 2000
Authored by The Grugq

The Reverse Engineer's Patcher is the first byte patcher for UNIX systems. It will compare two binaries and produce a patch in C.

systems | linux, unix
SHA-256 | 32184bfa34a3bb03ec189b479b49c03cc81c292b3a5be5081a2189e0f0180516
suidperlhack.pl
Posted Aug 9, 2000
Authored by Sebastian Krahmer | Site cs.uni-potsdam.de

suidperlhack.pl is a Suidperl v5.00503 and below local root exploit which hsa been ported to perl to increase portability. Tested against BSD.

tags | exploit, local, root, perl
systems | bsd
SHA-256 | e05392bbc9c59fbd159d56c51c1520fd954fc0cc8df635afbc6e183a39b0fe92
wakeonlan-0.40.tar.gz
Posted Aug 9, 2000
Authored by Jose Pedro Oliveira | Site gsd.di.uminho.pt

This perl script sends 'magic packets' to wake-on-lan enabled ethernet adapters, in order to remotely power up a PC. Features the ability to use broadcast IP addresses.

tags | perl
systems | unix
SHA-256 | fe9574d64254ea77b1edd3457deddd855a7365f2345af748d14d28b3e54bafda
debian.mailx-system.txt
Posted Aug 9, 2000
Site debian.org

Debian Security Advisory - mailx is a often used by other programs to send email. Unfortunately mailx as distributed in Debian GNU/Linux 2.1 has some features that made it possible to execute system commands if a user can trick a privileged program to send email using /usr/bin/mail.

systems | linux, debian
SHA-256 | de5324d8fb95ec279342629f079738a658876fb0b8c605afa1b92f0d6b4fb213
bohttpd.vulnerability.txt
Posted Aug 9, 2000
Authored by Hiromitsu Takagi | Site etl.go.jp

A vulnerability has been found in Dan Brumleve's Brown Orifice HTTPD (BOHTTPD) which is a web server and file sharing tool that runs as a Java Applet in Netscape Navigator.

tags | exploit, java, web
SHA-256 | 5bd5a93be1101366bfe29db0b460f4114ad5b04899e9671f365420621b49d9d5
rhsa.2000-048-02.mailx
Posted Aug 9, 2000
Site redhat.com

Red Hat Security Advisory - Under certain conditions, suidperl will attempt to send mail to the local superuser account using /bin/mail. A properly formatted exploit script can use this facility, along with mailx's tendency to inherit settings from the environment, to gain local root access.

tags | local, root
systems | linux, redhat
SHA-256 | cc92ea296e91763b4251446ba04b9581f3a16567afbb82bb3b3e67d7655958b3
rhsa.2000-047-03.txt
Posted Aug 9, 2000
Site redhat.com

Red Hat Security Advisory - The umb-scheme package included with Red Hat Linux 6.2 included two world-writable files. New packages are available.

systems | linux, redhat
SHA-256 | f14ddd3809449d94fcee3fc7d7511ec7983a8c79ef23847aeaee1b7ea6cdbf91
rhsa.2000-030-02.ntop
Posted Aug 9, 2000
Site redhat.com

Red Hat Security Advisory - The version of ntop which was included in Red Hat Powertools 6.2 has a remote exploit in which arbitrary files can be read on the host machine as root.

tags | remote, arbitrary, root
systems | linux, redhat
SHA-256 | 6bf66bc7d72b0e7c4a0cbee5777f2fa0ddd1a7e66defd6e878e4e03d69093b92
xperl.sh
Posted Aug 9, 2000
Authored by Michal Zalewski | Site lcamtuf.na.export.pl

Suidperl v5.00503 and below local root exploit which exploits an undocumented /bin/mail feature when perl wants to notify root on inode race conditions. Tested on Redhat 6.x/7.0.

tags | exploit, local, root, perl
systems | linux, redhat
SHA-256 | e046c5c1d324b9945abcef32f5756e05f4d6bf70782c8cc77d62546e05aa1ec2
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close