Twenty Year Anniversary
Showing 1 - 25 of 221 RSS Feed

Files Date: 2000-08-01 to 2000-08-31

Posted Aug 30, 2000
Authored by eth0 | Site

HWA-warpcrash - Systems Affected: OS/2 Warp 4.5 FTP server V4.0/4.2, OS/2 Warp 4.5 FTP server V4.3, Probably other versions of the software as well. Problem: The FTP server that comes with OS/2 Warp 4.5 TCP/IP can be brought down by a malicious connection attempt.

tags | exploit, tcp
MD5 | 18b76e61c2aea73422b522534b5da8e6
Posted Aug 30, 2000
Authored by wild andi | Site

Advanced Socket Bouncer (ASB) is another kind of network tool. It supports IPv6 (detects automatically IPv6 hostnames/addresses), SQUID (connect method and SQUID with SSL support but no SSL proxy), SOCKS4, SOCKS5, and WINGATE.

tags | tool
systems | unix
MD5 | 951365c2eb82a7176bc55f2b0b8d465f
Posted Aug 30, 2000
Authored by Neon-Lenz | Site

NT Blackhat paper is a beginner's document about NT-security. This document describes pretty well what malicious hackers exactly do when they attempt to hack your NT servers. Although it was meant for beginners, it is still suitable for novices, and maybe even experts who wants to read and maybe learn something that they didn't know.

tags | paper
MD5 | 2867800b1ee7110efa967e627ad864de
Posted Aug 30, 2000
Authored by r1tual | Site

This paper is the culmination of research that describes the DOCSIS standard and related information for the purpose of explaining exactly how cable networks (@home, RoadRunner, Mediaone) are implemented from the service provider to the home. This includes details on the cryptography used, the frequencies data is transmitted on, and hardware explanations. A recommended read for anyone interested in cable-modem networks.

tags | paper
MD5 | 83354456fa9671afa5117e23f0543865
Posted Aug 30, 2000
Authored by Neon | Site

CIMcheck.exe is an exploit for the Compaq Insight Manager root dot dot bug. The remote webserver must be running NT with port 2301 open. The exploit opens up the full vulnerable url and attempts to get the sam._ backup password file from the remote repa ir directory. You can specify which file you want to download, default is the /wi k nnt/repair/ directory and the sam._ backup password file. Perl2exe binary. Perl2exe binary available here here.

tags | exploit, remote, root
MD5 | 2e1c146eee2782048fd6ac93640d7272
Posted Aug 30, 2000
Authored by Larry W. Cashdollar | Site

PocketC program to dehash the admin password for FlowerFire's Sawmill 5.0.21 log analysis package. This has been written, compiled and tested on my palm IIIxe. Takes a few seconds since the hash is so weak.

MD5 | 98e6242c2dd9ed94e9992739771d78e1
Posted Aug 30, 2000
Authored by Neon | Site

CIMcheck.exe is an exploit for the Compaq Insight Manager root dot dot bug. The remote webserver must be running NT with port 2301 open. The exploit opens up the full vulnerable url and attempts to get the sam._ backup password file from the remote repa ir directory. You can specify which file you want to download, default is the /wi k nnt/repair/ directory and the sam._ backup password file. Perl2exe binary.

tags | exploit, remote, root
MD5 | 27e922640c7323b800d752e47458a7f4
Posted Aug 30, 2000

Debian Linux Security Advisories - The version of X-Chat that was distributed with Debian GNU/Linux 2.2 has a vulnerability in the URL handling code: when a user clicks on a URL X-Chat will start netscape to view its target. However it did not check the URL for shell metacharacters, and this could be abused to trick xchat into executing arbitraty commands. This has been fixed in version 1.4.3-0.1, and we recommend you upgrade your xchat package(s) immediately.

tags | shell
systems | linux, debian
MD5 | b218e3f1f14c5305850f41f6073e130b
Posted Aug 30, 2000
Authored by D-Krypt

-Web Application Security Survey- Results show that Microsoft Hotmail, Excite, Altavista, E-Bay, Lycos, Netscape WebMail, E-Trade, Infoseek/ and their users are all currently vulnerable to web based attack. The following report is the result of a two hour security survey of high profile webmail and auction services offered free over the internet. This survey is in no way extensive or thorough. It serves only as "proof of concept" that these types of services are vulnerable to attack on a wide scale. All the following vulnerabilities are currently active as of Aug. 25, 2000. The following webmail vulnerabilities all stem from the same problem. The attacker has the ability to pass unfiltered malicious HTML/JavaScript into the target users web environment.

tags | exploit, web, javascript, vulnerability, proof of concept
MD5 | 03aafc9115dd4b8baf4a413167bc2ea3
Posted Aug 30, 2000
Authored by Alex Hernandez | Site - Info based attacks DoS Front page. To exploit this vunerability you must have the extensions "/ _ vti_bin/shtml.exe in your server. This is a demonstration script to remotely overflow various server buffers, resulting in a denial of service, for TESTING purposes only. Runs on *nix & Windows with perl.

tags | denial of service, overflow, perl
systems | windows
MD5 | 4ef33313379701100a8e4dac1ecbb646
Posted Aug 30, 2000

Debian Security Advisory - Using ntop to distribute network traffic through the network, i.e. running ntop as webserver, it is possible to access arbitrary files on the local filesystem. Since ntop runs as root uid, guess what that means, even /etc/shadow got unsecured.

tags | arbitrary, local, root
systems | linux, debian
MD5 | 6ef19ccf964939d2ffcf1ea0c48ab0f5
Posted Aug 30, 2000

This decrypts the safe passwords of NcFtp

tags | cracker
MD5 | d9fede36cd7a53925199a0f20d3a5207
Posted Aug 30, 2000

This is an exploit that explores the vulnerability of the versions 2.4.4, 2.5.0 and 2.6.0 of Wu-ftpd. Written in Portugese.

tags | exploit
MD5 | e30e8c879f8071f9cc3b34371990388f
Posted Aug 30, 2000

This scanner scans to see if a certain host or IP is vulnerable to the Wu-ftpd 2.6.0 bug. Written in portuguese.

tags | tool, scanner
systems | unix
MD5 | 8be1e7af76cbf9357408b081cad35721
Posted Aug 30, 2000
Authored by Jeffrey W. Baker

A simple flaw in the web mail service offered by Critical Path ( allows an attacker to gain full access of any webmail account. The attack falls under the umbrella of cross-site scripting, which was addressed in detail by CERT in their advisory CA-2000-02, entitled "Malicious HTML Tags Embedded in Client Web Requests." The bug is aggravated by an defective session token scheme.

tags | exploit, web, xss
MD5 | ce67656bc39d3867917caa86196bff78
Posted Aug 29, 2000

Purge-it is a Windows utility that allows the end-user to take a look inside a system, see what programs are running, which ports are open. The user chooses what happens to the system, and can remove various malware such as backdoors, trojans and spyware.

tags | trojan
systems | windows
MD5 | 51f36d275d24e62e454109f7c6e5be3b
Posted Aug 29, 2000

Microsoft has released a patch for a security vulnerability in Microsoft Money. The vulnerability could allow a malicious user to obtain the password of a Money data file. Frequently asked questions regarding this vulnerability and the patch can be found here

MD5 | 9d57c54d6fa0b1dca158921c92e43094
Posted Aug 29, 2000
Authored by Kevin Finisterre

The Javaserver Webserver Development Kit (WDK) v1.0 contains a .. vulnerability allowing remote attackers to read any file on the system with the permissions of the webserver. The server typically resides on TCP port 8080 and instructions for identifying this server are given.

tags | exploit, remote, tcp
MD5 | 942419ad40c9d395eabf61da00278016
Posted Aug 29, 2000
Authored by nemesystm | Site

vqServer version 1.4.49 is vulnerable to a denial of service attack by sending a malformed URL request. Tested on Windows version. The latest edition of vqServer (1.9.47) is unaffected.

tags | exploit, denial of service
systems | windows
MD5 | 303c9106b865941caabe75045152da02
Posted Aug 29, 2000
Authored by venomous | Site

Secure Files 0.1b is a security tool that checks system integrity by comparing the MD5 checksums of flagged files against their earlier recorded checksums.

tags | tool, intrusion detection
systems | unix
MD5 | cae75ec5225047150b2055ad309208b8
Posted Aug 29, 2000
Authored by Max0r

ICMPSpewf is a simple tool that allows you to spoof the source of any of the ICMP packets listed in ip_icmp.h

tags | tool, spoof
systems | unix
MD5 | 32edb1f4049b27903bd7c0240ed00721
Posted Aug 28, 2000

Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: The FrontPage Server Extensions are vulnerable to a remote denial of service, a buffer overflow memory problem in the rpc module of the Pragma TelnetServer 2000, webserver Pro 2.3.7 vulnerability, Mandrake Linux Xchat update, problem that allows local users to obtain super user privilege, IIS Cross-Site Scripting patched, Microsoft Money password vulnerability patched, MGetty local compromise, and Kerberos password authentication issues.

tags | remote, denial of service, overflow, local, xss
systems | linux, mandrake
MD5 | 64b4d186a60c410baa52d02416cea880
FreeBSD Security Advisory 2000.43
Posted Aug 28, 2000
Authored by The FreeBSD Project | Site

FreeBSD Security Advisory FreeBSD-SA-00:43 - The brouted port is incorrectly installed setgid kmem, and contains several exploitable buffer overflows in command-line arguments. An attacker exploiting these to gain kmem privilege can easily upgrade to full root access by manipulating kernel memory

tags | overflow, kernel, root
systems | freebsd
MD5 | a3411e0d9a13f39f570aa9b03f3f8921
FreeBSD Security Advisory 2000.42
Posted Aug 28, 2000
Authored by The FreeBSD Project | Site

FreebSD Security Advisory FreeBSD-SA-00:42 - The linux binary-compatability module implements a "shadow" filesystem hierarchy rooted in /compat/linux, which is overlayed against the regular filesystem hierarchy so that Linux binaries "see" files in the shadow hierarchy which can mask the native files. Filenames in this shadow hierarchy are treated incorrectly by the linux kernel module under certain circumstances, and a kernel stack overflow leading to a system compromise by an unprivileged user may be possible when very long filenames are used. ~

tags | overflow, kernel, root
systems | linux, freebsd
MD5 | 95bd1c70fc53119659146bf82588b081
Posted Aug 28, 2000
Authored by Thomas Lundquist | Site

floppyfw is a router and simple firewall on one single floppy. It uses Linux basic firewall capabilities and have a very simple packaging system. It is perfect for masquerading and securing networks on ADSL and cable lines using both static IP and DHCP. It has a simple installation, mostly only needed to edit one file on the floppy.

Changes: Optimized libraries, LRP replaced with busybox, glibc 2.0.7 has been replaced with 2.1.3, All binaries updated to glibc 2.1.3 compiled versions.
tags | tool, firewall
systems | linux
MD5 | 6087294eb4ac6f49d252e5de8b11c442
Page 1 of 9

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    2 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By