what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files Date: 2000-10-17

rfpolicy-2.0.txt
Posted Oct 17, 2000
Authored by rain forest puppy | Site wiretrip.net

RFPolicy 2.0 - rain forest puppy's policy on notifying vendors and releasing security vulnerabilities.

Changes: Less stringent on timeframes, more stringent on communication. Thanks to everyone who contributed. I also added some supporting notes (FAQ, etc) to help dispell some misconceptions on it.
tags | paper, vulnerability
MD5 | 4bb04bf50ab00e365ec966deb62c2a7a
iis-unicode.txt
Posted Oct 17, 2000
Authored by rain forest puppy | Site wiretrip.net

rain forest puppy's investigation of the recent Microsoft IIS remote command execution vulnerability which was first mentioned in a ms00-078. UNICODE character translation on foreign IIS 4.0 and 5.0 servers allows additional ways of encoding '/' and '\', allowing commands to be executed under the IUSR_machine context.

tags | exploit, remote
MD5 | 0747c7e7a7c3fccad5338bc0d6e7aed9
ms00-078
Posted Oct 17, 2000

Microsoft Security Bulletin (MS00-078) - Microsoft has released a patch that eliminates the "Web Server Folder Traversal" vulnerability in IIS 4.0 and 5.0 which allows malicious users to add and remove content or execute code remotely with a malformed URL. Microsoft FAQ on this issue available here.

tags | web
MD5 | 78d8cdbc5e4477b278b3e2f3367cd85e
phploit.c
Posted Oct 17, 2000
Authored by Portal, Tf8 | Site security.is

PHP/3.0.12, 3.0.15, and 3.0.16 with apache 1.3.12 remote format string exploit for FreeBSD 3.4, Slackware Linux 4.0, and 7.0.

tags | exploit, remote, php
systems | linux, freebsd, slackware
MD5 | 1c345b9d81102fcc769ab43be0d147af
drop-shell.c
Posted Oct 17, 2000

Linux/x86 shellcode which drops a shell in /tmp.

tags | shell, x86, shellcode
systems | linux
MD5 | 791875bd1c36228ebd31934baf24f27e
execve_binsh.netbsd.c
Posted Oct 17, 2000
Authored by Humble

NetBSD shellcode which execve's /bin/sh.

tags | shellcode
systems | netbsd
MD5 | 964a38bd4bed5e6efe989a4c890ef7bb
execve_binsh.c
Posted Oct 17, 2000
Authored by Duke

BSDI shellcode which execve's /bin/sh.

tags | shellcode
MD5 | 0200a2e0d3d6e33ef9bcef5c651fc2b0
chroot_break.c
Posted Oct 17, 2000
Authored by Doable

SCO shellcode which breaks out of a chrooted environment.

tags | shellcode
MD5 | a1b096bb33171e0f86da5a4eeb8fb542
dz_w2knt.zip
Posted Oct 17, 2000

Windows NT/2k remote shellcode.

tags | remote, shellcode
systems | windows, nt
MD5 | 9d12cd71ee4025c2a1f5cd157e248453
wwwhack.zip
Posted Oct 17, 2000
Site wwwhack.com

wwwhack - Automates the process of trying to crack logins/passwds for www sites that use basic HTTP authentication.

tags | web, cracker
MD5 | 3de97a3bec9997c160cf2d4be4c20511
netsec34.txt
Posted Oct 17, 2000
Site net-security.org

Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: PHP 3 and 4 remote format string vulnerabilities, Internet Explorer authentication data retrieval, IE cached web credentials vulerability, Master index directory transversal vulnerability, BOA vulnerabilities, tmpwatch local dos, Extropoa Webstore directory transversal vulnerability, Interactive's web shopper directory transversal vulnerability, Microsoft share level password vulnerability, Mandrake openssh/scp update, HP Jetdirect dos, WebTV dos, Apache mod_rewrite, Debian curl update, Winu 1.0-5.1 backdoor password, debian ypbind local vulnerability, and Netmeeting denial of service. Articles include SUID programs, getting to the root of the problem, Testing for Trojans, How to detect virus hoaxes, and more.

tags | remote, web, denial of service, local, root, trojan, php, vulnerability, virus
systems | linux, debian, mandrake
MD5 | 63d4c549a4056b86139eeb354d91678e
suse.traceroute.txt
Posted Oct 17, 2000
Site suse.de

SuSE Security Advisory - SuSE's traceroute (nanog) has a completely different local root vulnerability than the one reported last week. A format string bug was discovered in a routine that can be used to terminate a line in traceroute's output to easily embed the program in cgi scripts.

tags | local, cgi, root
systems | linux, suse
MD5 | a1ae9675d395e47a8a38500090e3e26f
suse.gnorpm.txt
Posted Oct 17, 2000
Site suse.de

SuSE Security Advisory - Gnorpm, a graphical user interface to the rpm subsystem for the gnome desktop, handles tempfiles insecurely and can overwrite arbitrary files on the system.

tags | arbitrary
systems | linux, suse
MD5 | 0894670adcb3699b6e0172fa088c6586
11logger-0.1.3.tar.gz
Posted Oct 17, 2000
Authored by Antirez | Site kyuzz.org

11logger is a small kernel patch, a module and some userspace tools to add SIGSEGV logging and history capabilities to Linux 2.2.x. 11logger is very useful in security auditing and general debugging.

Changes: This release fixes a problem with the kernel patch which didn't unlock the spin lock in signal.c, and segvdump now reports more information on i386.
tags | kernel
systems | linux
MD5 | 8549e144fe49292e8d94bff8765b1cd4
wu-ftpd-2.6.1.tar.gz
Posted Oct 17, 2000
Site wu-ftpd.org

Wu-Ftpd is a portable FTP server.

Changes: Remote root bugs in 2.6.0 fixed.
systems | unix
MD5 | 857ab8504998a753195eb94ac2dc39a4
wgate41a.txt
Posted Oct 17, 2000
Authored by Blue Panda | Site bluepanda.box.sk

Wingate 4.1 Beta A and below allows users with access to read the logs to read any file on the filesystem by encoding the URL with escape codes, bypassing input validation. Includes wgate41a.c, proof of concept code. Fix available here.

tags | exploit, proof of concept
MD5 | f9571f8ce5bba676d3766e52513e5b19
crypto-gram-0010.txt
Posted Oct 17, 2000
Authored by Bruce Schneier, crypto-gram | Site counterpane.com

Crypto-gram for October 15, 2000. In this issue: Semantic Attacks: The Third Wave of Network Attacks, News, Council of Europe Cybercrime Treaty -- Draft, The Doghouse: HSBC, NSA on Security, AES Announced, NSA on AES, and the Privacy Tools Handbook.

tags | crypto, magazine
MD5 | 8f690d52c68f00a56b8fe165c9282680
tcpdump-3.5.2.tar.gz
Posted Oct 17, 2000
Site tcpdump.org

Tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities. Requires Libpcap.

Changes: Remotely exploitable buffer overflows have been fixed! Incorporates Libpcap 0.5.2.
tags | tool, sniffer
MD5 | 61f221d8a81893fbd4efa89f8426e145
libpcap-0.5.2.tar.gz
Posted Oct 17, 2000
Site tcpdump.org

Libpcap is a portable packet capture library which is used in many packet sniffers, including Tcpdump.

tags | tool, sniffer
MD5 | 1138682b9bef56c8c9986346645f7216
Page 1 of 1
Back1Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    17 Files
  • 23
    Mar 23rd
    1 Files
  • 24
    Mar 24th
    1 Files
  • 25
    Mar 25th
    16 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close