exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2000-10-17

rfpolicy-2.0.txt
Posted Oct 17, 2000
Authored by rain forest puppy | Site wiretrip.net

RFPolicy 2.0 - rain forest puppy's policy on notifying vendors and releasing security vulnerabilities.

Changes: Less stringent on timeframes, more stringent on communication. Thanks to everyone who contributed. I also added some supporting notes (FAQ, etc) to help dispell some misconceptions on it.
tags | paper, vulnerability
SHA-256 | 292c943bdd96a7ec03da8dac3e27832c587f3bcc55001ecabfda4ad18b74786b
iis-unicode.txt
Posted Oct 17, 2000
Authored by rain forest puppy | Site wiretrip.net

rain forest puppy's investigation of the recent Microsoft IIS remote command execution vulnerability which was first mentioned in a ms00-078. UNICODE character translation on foreign IIS 4.0 and 5.0 servers allows additional ways of encoding '/' and '\', allowing commands to be executed under the IUSR_machine context.

tags | exploit, remote
SHA-256 | 2b1c446965eae66c719dc5275df8c83c036b0c35b914f77fa9b14f18472713f1
ms00-078
Posted Oct 17, 2000

Microsoft Security Bulletin (MS00-078) - Microsoft has released a patch that eliminates the "Web Server Folder Traversal" vulnerability in IIS 4.0 and 5.0 which allows malicious users to add and remove content or execute code remotely with a malformed URL. Microsoft FAQ on this issue available here.

tags | web
SHA-256 | 11cc0a48eeef7590a32423098792c800d48cc565af310381c27a64e069180302
phploit.c
Posted Oct 17, 2000
Authored by Portal, Tf8 | Site security.is

PHP/3.0.12, 3.0.15, and 3.0.16 with apache 1.3.12 remote format string exploit for FreeBSD 3.4, Slackware Linux 4.0, and 7.0.

tags | exploit, remote, php
systems | linux, freebsd, slackware
SHA-256 | 96da427c5e520f508d5095e2ae72b3ea84315600ce6f8c479d2b052c33f7f03f
drop-shell.c
Posted Oct 17, 2000

Linux/x86 shellcode which drops a shell in /tmp.

tags | shell, x86, shellcode
systems | linux
SHA-256 | 62b4013ad9350cd5bf5b3f480aa7e7674c85ceadd9e23838b494f49582604891
execve_binsh.netbsd.c
Posted Oct 17, 2000
Authored by Humble

NetBSD shellcode which execve's /bin/sh.

tags | shellcode
systems | netbsd
SHA-256 | 90e0b96c209e409e110992acd09eae3877c00d4709b7d658005a8897f07f9fb1
execve_binsh.c
Posted Oct 17, 2000
Authored by Duke

BSDI shellcode which execve's /bin/sh.

tags | shellcode
SHA-256 | 2908decf21e971872bc8468fa6585bdd6b015b57c7d36da41b12f90c56f46379
chroot_break.c
Posted Oct 17, 2000
Authored by Doable

SCO shellcode which breaks out of a chrooted environment.

tags | shellcode
SHA-256 | 2cfae4fea699795efc2dce0eb040c37c7f062cb9db79990b2b22adc82dc7c974
dz_w2knt.zip
Posted Oct 17, 2000

Windows NT/2k remote shellcode.

tags | remote, shellcode
systems | windows
SHA-256 | f6ef9514d5e478de3d6cb35966282d86e4d51f4628729a107cb6dd75be30ab3b
wwwhack.zip
Posted Oct 17, 2000
Site wwwhack.com

wwwhack - Automates the process of trying to crack logins/passwds for www sites that use basic HTTP authentication.

tags | web, cracker
SHA-256 | 089e84d894b907f3532b6d6eb1fbf56479f141961603a31e77c1ce461ce93131
netsec34.txt
Posted Oct 17, 2000
Site net-security.org

Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: PHP 3 and 4 remote format string vulnerabilities, Internet Explorer authentication data retrieval, IE cached web credentials vulerability, Master index directory transversal vulnerability, BOA vulnerabilities, tmpwatch local dos, Extropoa Webstore directory transversal vulnerability, Interactive's web shopper directory transversal vulnerability, Microsoft share level password vulnerability, Mandrake openssh/scp update, HP Jetdirect dos, WebTV dos, Apache mod_rewrite, Debian curl update, Winu 1.0-5.1 backdoor password, debian ypbind local vulnerability, and Netmeeting denial of service. Articles include SUID programs, getting to the root of the problem, Testing for Trojans, How to detect virus hoaxes, and more.

tags | remote, web, denial of service, local, root, trojan, php, vulnerability, virus
systems | linux, debian, mandrake
SHA-256 | 35a897d619152e6fc91c69586c9708eba9f0eea568921cf5160a50cdba159f94
suse.traceroute.txt
Posted Oct 17, 2000
Site suse.de

SuSE Security Advisory - SuSE's traceroute (nanog) has a completely different local root vulnerability than the one reported last week. A format string bug was discovered in a routine that can be used to terminate a line in traceroute's output to easily embed the program in cgi scripts.

tags | local, cgi, root
systems | linux, suse
SHA-256 | 96c1b99142636132b324379d6a844d895deaeb497136fb0856e8974c973cb5b2
suse.gnorpm.txt
Posted Oct 17, 2000
Site suse.de

SuSE Security Advisory - Gnorpm, a graphical user interface to the rpm subsystem for the gnome desktop, handles tempfiles insecurely and can overwrite arbitrary files on the system.

tags | arbitrary
systems | linux, suse
SHA-256 | e622695dd71e6bdb9d84ffae1dae2588103bfbaafea9c97d639d626fb1d6841a
11logger-0.1.3.tar.gz
Posted Oct 17, 2000
Authored by Antirez | Site kyuzz.org

11logger is a small kernel patch, a module and some userspace tools to add SIGSEGV logging and history capabilities to Linux 2.2.x. 11logger is very useful in security auditing and general debugging.

Changes: This release fixes a problem with the kernel patch which didn't unlock the spin lock in signal.c, and segvdump now reports more information on i386.
tags | kernel
systems | linux
SHA-256 | e374ca5391194d5bb5e96d4fafba1751d08411abc60584e65c0c4e7fa7ae14e2
wu-ftpd-2.6.1.tar.gz
Posted Oct 17, 2000
Site wu-ftpd.org

Wu-Ftpd is a portable FTP server.

Changes: Remote root bugs in 2.6.0 fixed.
systems | unix
SHA-256 | 469a37391346e29ae6abfe3615c03ff579cae5d698ff7611604190596e66d291
wgate41a.txt
Posted Oct 17, 2000
Authored by Blue Panda | Site bluepanda.box.sk

Wingate 4.1 Beta A and below allows users with access to read the logs to read any file on the filesystem by encoding the URL with escape codes, bypassing input validation. Includes wgate41a.c, proof of concept code. Fix available here.

tags | exploit, proof of concept
SHA-256 | d911de7376362eaa57534d66e1363dca6a222e4eac2a3b3c940f8173fb80d190
crypto-gram-0010.txt
Posted Oct 17, 2000
Authored by Bruce Schneier, crypto-gram | Site counterpane.com

Crypto-gram for October 15, 2000. In this issue: Semantic Attacks: The Third Wave of Network Attacks, News, Council of Europe Cybercrime Treaty -- Draft, The Doghouse: HSBC, NSA on Security, AES Announced, NSA on AES, and the Privacy Tools Handbook.

tags | crypto, magazine
SHA-256 | 7c3f8790fcf1093735c62ec84aa0c538c534313880ca411050db9d2325ac0c88
tcpdump-3.5.2.tar.gz
Posted Oct 17, 2000
Site tcpdump.org

Tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities. Requires Libpcap.

Changes: Remotely exploitable buffer overflows have been fixed! Incorporates Libpcap 0.5.2.
tags | tool, sniffer
SHA-256 | feea77e0e7734c56e23196e2fa8df8984bea08fe5cf699698ddbd514b9ebb51c
libpcap-0.5.2.tar.gz
Posted Oct 17, 2000
Site tcpdump.org

Libpcap is a portable packet capture library which is used in many packet sniffers, including Tcpdump.

tags | tool, sniffer
SHA-256 | dbc7ce2471a45a29dd2021db29a6b408bcb824055f027d542e1e778134e780a7
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close