exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2000-12-07

CSA-200012.txt
Posted Dec 7, 2000
Site chinansl.com

CHINANSL Security Advisory(CSA-200012) - Ultraseek Server 3.0 Vulnerability allows malicious users to see the full pathnames of server addons.

tags | exploit
MD5 | f130b37b60b3713150311f51a2a97c88
cisco.00-12-06.memleak
Posted Dec 7, 2000
Site cisco.com

Cisco Security Advisory - Catalyst Memory Leak Vulnerability. A series of failed telnet authentication attempts to the switch can cause the Catalyst Switch to fail to pass traffic or accept management connections until the system is rebooted or a power cycle is performed. All types of telnet authentication are affected, including Kerberized telnet, and AAA authentication.

tags | memory leak
systems | cisco
MD5 | 9b1539403f297d72a54b5354e0c90da1
bf-code.c
Posted Dec 7, 2000
Authored by Asynchro | Site pkcrew.org

Bftpd 1.0.12 contains a remote buffer overflow. Denial of service exploit included.

tags | exploit, remote, denial of service, overflow
MD5 | 2c83fb7aa5e258203dc119f297a8ac28
tcpspy-1.4.tar.gz
Posted Dec 7, 2000
Authored by Tim J Robbins | Site box3n.gumbynet.org

tcpspy is a linux administrator's tool that logs information about incoming and outgoing TCP/IP connections: local address, remote address and, probably the most useful feature, the user name. The current version allows you to include and exclude certain users from logging - this may be useful if you suspect one of the users on your system is up to no good but do not want to violate the privacy of the other users.

Changes: Can now log the filename of the executable that created or accepted connections. Assorted bug fixes and code cleanups.
tags | remote, local, tcp
systems | linux
MD5 | 320900fd99bc47d1f81a86cd78e934e7
Log02Package.zip
Posted Dec 7, 2000
Site twilightminds.com

The Twilight Minds Extensible Logging Package is intended to provide a basis for efficient logging of sequential output. It helps get the groundwork of logging done and out of the way. It also removes the processes associated with recording log entries and managing logs from the main thread of execution. TwilightMinds.Log allows for one-line logging to any end-point within a common framework, and allows for potentially complex but easily managed logging setups.

tags | system logging
systems | unix
MD5 | 994abed61634fc9555a996a91937425c
SRADV00007.txt
Posted Dec 7, 2000
Authored by Secure Reality | Site securereality.com.au

Secure Reality Pty Ltd. Security Advisory #7 - MarkVision is a printer administration package from Lexmark. Versions previous to v4.4 contain local root buffer overflow vulnerabilities. Fix available here.

tags | exploit, overflow, local, root, vulnerability
MD5 | 113233d78a10150be63357a8bf74b213
SRADV00006.txt
Posted Dec 7, 2000
Authored by Secure Reality | Site securereality.com.au

Secure Reality Pty Ltd. Security Advisory #6 - phpGroupWare is a multi-user web based groupware suite written in PHP. Versions below 0.9.7 under Unix make insecure calls to the include() function of PHP which can allow the inclusion of remote files, and thereby the execution of arbitrary commands on the remote web server with the permissions of the web server user, usually 'nobody'. Fix available here.

tags | exploit, remote, web, arbitrary, php
systems | unix
MD5 | 825eada62aec8c9d778fcf218af4b89d
SRADV00005.txt
Posted Dec 7, 2000
Authored by Secure Reality | Site securereality.com.au

Secure Reality Pty Ltd. Security Advisory #5 - All 3.x versions of MailMan Webmail below v3.0.26 contain remote command execution vulnerabilities. The code contains several insecure calls to open() containing user specified data. These calls can be used to execute commands on the remote server with the permissions of the user that runs CGI scripts, usually the web server user which is in most cases 'nobody'. Fix available here.

tags | exploit, remote, web, cgi, vulnerability
MD5 | 96ff5c0a43e1bb855c5a5ed569224bc6
ncat-0.1.tar.gz
Posted Dec 7, 2000
Site ncat.sourceforge.net

ncat is a network config Audit Tool for IOS (and other) configs. ncat reads a master config file (default ./ncat.conf) and checks one or more config files specified on the command line against rules found in the master. Rules specify that a particular chunk of text is either required or forbidden. Once all rules have been checked, a report is output listing violations.

systems | cisco
MD5 | 6425ce92fa026fd987c73c76239051ca
BWL-00-04.txt
Posted Dec 7, 2000
Authored by Black Watch Labs | Site perfectotech.com

Black Watch Labs Security Advisory #00-04 (April 6, 2000) - BizDB is a database and search engine software by Cnctek. Part of the installation is a CGI script, ?bizdb-search.cgi? which is used to search the bizdb database. This script is vulnerable to modification of its paramater, in such way that causes it to run user provided shell commands on the server. Exploit URL's included. These issues have been resolved in newer versions of this software, make sure to upgrade!

tags | shell, cgi
MD5 | 8865d9c1eafd735f0d6148dc82d1579c
f8-120500-vpnet.txt
Posted Dec 7, 2000
Authored by Loki, f8labs | Site f8labs.com

VPNet Technologies VSU VPN appliances have serious remote vulnerabilities. A source routing flaw in VSU allows for unauthenticated connections to a target host on protected LAN of VPN, and a flaw in NOS bridging code causes VSU to pass spoofed private address packets from it's public interface to the private network.

tags | remote, spoof, vulnerability
MD5 | 842563e9a74d9ce032ecd3ad2b09bdc3
qaudit.pl
Posted Dec 7, 2000
Authored by vade79, realhalo | Site realhalo.org

Qaudit.pl is a script for quickly auditing .c and .cc source files for stack and heap overflows, format bugs, exec calls, environment variables, and misc functions which often have security issues.

tags | overflow
systems | unix
MD5 | 945f43000ecf29f3bfeb21f35f812a51
ms00-096
Posted Dec 7, 2000

Microsoft Security Bulletin (MS00-096) - Microsoft has released a tool that corrects the permissions on several registry values in Windows 2000. The default permissions allow malicious users to monitor or reconfigure some network devices by displaying the SNMP community name and management station identifiers. Microsoft FAQ on this issue available here

tags | registry
systems | windows, 2k
MD5 | 2716b1455f4027553fb74f469770ae22
ms00-095
Posted Dec 7, 2000

Microsoft Security Bulletin (MS00-095) - Microsoft has released a tool that corrects the permissions on several registry values in Microsoft Windows NT 4.0. The default permissions allow malicious users to gain additional privileges on affected machines. Affected keys include the SNMP Parameters key, the RAS Administration key, and the MTS Package Administration key. Microsoft FAQ on this issue available here.

tags | registry
systems | windows, nt
MD5 | 314f3a8c6320458f7802d4f1ed397377
tessa.c
Posted Dec 7, 2000
Authored by Incubus | Site securax.org

Remote denial of service exploit for Microsoft Exchange 5.5 SP3 Internet Mail Service and Information Store. The bug is in the handling of a line containing Content="".

tags | exploit, remote, denial of service
MD5 | 0943fe0243c5f19593bfcb6ee1ecddd1
Page 1 of 1
Back1Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    10 Files
  • 23
    Apr 23rd
    22 Files
  • 24
    Apr 24th
    11 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close