exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files Date: 2001-04-19

defcom.cyberscheduler.txt
Posted Apr 19, 2001
Authored by Enrique A. Sanchez Montellano | Site defcom.com

Defcom Labs Advisory def-2001-18 - Cyberscheduler for Linux, Windows, and Solaris lacks bounds checking on the timezone variable, allowing remote root compromise. Patch available here. Includes proof of concept exploit x-cybershcehd.c and a shell script to brute force the offset. Vulnerable systems include Mandrake, RedHat, Slackware, Caldera, Suse, Debian, Windows NT, 2000 (IIS 4.0 and 5.0), and Solaris 2.5, 2.6, 7, and 8.

tags | remote, shell, root, proof of concept
systems | linux, redhat, windows, solaris, suse, slackware, debian, mandrake
SHA-256 | 21c37966585bd74ddeb800641942dfeff9778cd7e600ab1a642ec1d919315aa4
defcom.innfeed.txt
Posted Apr 19, 2001
Authored by Alex Hernandez, Enrique A. Sanchez Montellano | Site defcom.com

Defcom Labs Advisory def-2001-19 - Innfeed has local stack overflow vulnerabilities in the logOrPrint() function which can be exploited to give uid=news. Tested on Slackware 7.1, Mandrake 7.0, and RedHat 7.2. Includes a patch, proof of concept exploit x-startinnfeed.c, and a shell script to brute force the offset.

tags | overflow, shell, local, vulnerability, proof of concept
systems | linux, redhat, slackware, mandrake
SHA-256 | 4138178fdea0de7a98d769d075ebec0aa842b1ff03426901f91cd2c8b12ac932
xlock.txt
Posted Apr 19, 2001
Authored by Marco van Berkum

Removing the SUID bit from xlock causes enter to work as a password to unlock the screen for all users except root. With no SUID bit it can no longer read /etc/shadow, creating a blank .xlockrc, causing enter to be a valid password.

tags | exploit, root
SHA-256 | 7a3fc00fea0ff0994ae858e317eefc68874f30058a8c8af694cc82126a795089
spfx2.c
Posted Apr 19, 2001
Authored by Nijen Rode

spfx2.c is a linux kernel module which stops many exploits by protecting the system from code running on the stack. Works by limiting the use of key system calls to library functions. Although spfx2 does not prevent buffer-overflow related crashes, it does make it very difficult to break security with with a buffer-overflow attack, preventing most root compromises.

tags | overflow, kernel, root
systems | linux
SHA-256 | 21123c498529b71be6d347b91c4205c6d050024dbd2a5899cf8fb5b621b3df73
debian.samba.txt
Posted Apr 19, 2001
Site debian.org

Debian Security Advisory DSA-048-1 - Samba does not use temp files correctly, allowing local attackers to trick samba into overwriting arbitrary files. Both problems have been fixed in version 2.0.7-3.2.

tags | arbitrary, local
systems | linux, debian
SHA-256 | c64ca9f497ad002e62c183ca44b7e3a1180a6da09f6d05e942a74c5b380db8a7
icmp-log-0.4.tar.gz
Posted Apr 19, 2001
Authored by Zucco | Site w3.swi.hu

Icmp-Log v0.4 is a simple ICMP logger.

Changes: Better syslog() and log_it() function.
tags | system logging
systems | unix
SHA-256 | ca68646691293ec198e2109258822f5491defff735799a86db504b84fcaf73a9
check-ps-1.3.2.tar.gz
Posted Apr 19, 2001
Authored by Duncan Simpson | Site checkps.alcom.co.uk

Check-ps is a program that is designed to detect rootkit versions of ps that fail to tell you about selected processes. It currently requires /proc but other scanning methods can be implemented. The program will run in the background or one-shot mode. Check-ps has grown rather to better resist increasingly sophisticated attacks, generate more useful reports, and implement more detection methods. You are encouraged to check the signatures, available here.

Changes: Includes extended kill scanning which will detect LKM's such as adore-0.34. Includes new tests to generate a list of PID's by brute force.
tags | tool, intrusion detection
systems | unix
SHA-256 | b1c08424547c197563f6641aee28b0b9450246b337ba74064bd85a9711b9b8a1
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close