what you don't know can hurt you
Showing 1 - 25 of 28 RSS Feed

Files Date: 2001-07-12

Posted Jul 12, 2001
Site members.optushome.com.au

Darkstat is an ntop-workalike network statistics gatherer. Built to be faster and smaller than ntop, it uses libpcap to capture network traffic and serves up Web page reports of statistics such as data transferred by host, port, and protocol. It also has a neat bandwidth usage graph.

tags | tool, web, sniffer, protocol
MD5 | f678e0e95fb49536fef7cd6980808fb1
Posted Jul 12, 2001
Authored by Ntf, Sky

Current versions of xdm are sensitive to trivial brute force attack if it is compiled with bad options, mainly HasXdmXauth. Without this option, cookie is generated from gettimeofday(2). If you know starting time of xdm login session, computation of the cookie just takes a few seconds.

tags | exploit
MD5 | cb62c9d2e6db81932cda010ba727d2a0
Posted Jul 12, 2001
Authored by Buggzy | Site nerf.ru

Nerf Group Security Advisory #4 - Microsoft IIS 4 and 5 can be crashed remotely by reading device files (com1, com2, etc). Exploit URL included.

tags | exploit
MD5 | 86ac77030b990207e5472ee62b0bd790
Posted Jul 12, 2001
Authored by Fyodor

Solaris 5.8 ldap / passwd local root exploit. Tested on SunOS 5.8 Generic_108528-06 sun4u sparc SUNW,Ultra-60.

tags | exploit, local, root
systems | solaris
MD5 | fdb9fe8c09fcd1a59d191b3a276848d3
Posted Jul 12, 2001
Authored by Charles Stevenson

lmail local root exploit. Simply run it with the file you want to create/overwrite and the data you wish to place in the file.

tags | exploit, local, root
MD5 | 7f9da8c5028c2fd49aa9c8210d25ec8d
Posted Jul 12, 2001
Authored by Kevin Finisterre

Webmail on the Cobalt Cube contains a directory traversal vulnerability which allows users with mailboxes to read any file on the system. Exploit URL's included. Verified to work against the Sun Cube III as well.

tags | exploit
MD5 | 73faac454049acd5190bea40a1ba809a
Posted Jul 12, 2001
Authored by Pablo Sor

Solaris whodo local root exploit. Tested against SunOS 5.5.1, 5.7, and 5.8 for x86.

tags | exploit, x86, local, root
systems | solaris
MD5 | 82dffcd2065e49a4222ebc5c8dbea224
Posted Jul 12, 2001
Site sunsolve.sun.com

Sun Microsystems Security Bulletin #203 - The ypbind daemon runs on all client and server machines that are set up to use NIS. A buffer overflow vulnerability has been discovered in ypbind which may be exploited by a local or a remote attacker to gain root access. Vulnerable systems include SunOS 5.8, 5.8_x86, 5.7, 5.7_x86, 5.6, 5.6_x86, 5.5.1, 5.5.1_x86, 5.5, 5.5_x86, 5.4, and 5.4_x86.

tags | remote, overflow, local, root
systems | solaris
MD5 | 46e0491127139c68520874f9000b1129
Posted Jul 12, 2001
Site sunsolve.sun.com

Sun Microsystems Security Bulletin #201 - A vulnerability in certain versions of the Java(TM) Runtime Environment may allow malicious Java code to execute unauthorized commands. However, permission to execute at least one command must have been granted in order for this vulnerability to be exploited. Since no permission is granted by default, the circumstances necessary to exploit this vulnerability are relatively rare.

tags | java
MD5 | 8526733307be5d61016adb2be827128d
Posted Jul 12, 2001
Authored by noir

Solaris 8 libsldap local root exploit. Tested on an Ultra10 and an Enterprise 3500 with success.

tags | exploit, local, root
systems | solaris
MD5 | 7fb624eef82b60ad70c6ccf9b601a763
Posted Jul 12, 2001
Site xforce.iss.net

ISS Security Advisory - X-Force has discovered buffer overflow vulnerabilities in two popular Remote Authentication Dial-In User Server (RADIUS) implementations. The vulnerabilities in this advisory allow attackers to launch Denial of Service (DoS) attacks against critical network components, bypass 802.11 WLAN access control, and compromise and control protected network resources. Affected versions include Merit 3.6b RADIUS and Lucent 2.1-2 RADIUS. Prior releases are also vulnerable.

tags | remote, denial of service, overflow, vulnerability
MD5 | 5b49d5a5bf26d13e0f3c41583fb17e54
Posted Jul 12, 2001

Microsoft Security Advisory MS01-037 - The Windows 2000 SMTP service, which is installed by default, allows unauthorized users to successfully authenticate to the service using incorrect credentials. An attacker who exploited the vulnerability could gain user-level privileges on the SMTP service, thereby enabling the attacker to use the service and perform mail relaying via the server. Microsoft FAQ on this issue available here.

systems | windows, 2k
MD5 | fa80e2dfecfb8b16cee75c65c9cee370
Posted Jul 12, 2001
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #48, 2001 - There is local root compromise in FreeBSD 4.3 due to design flaw which allows injecting signal handlers in other processes. Includes vvfreebsd.c, a local root exploit.

tags | exploit, local, root
systems | freebsd
MD5 | 2d223327e13a25c1742fe30e2fda51ba
Posted Jul 12, 2001
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #47, 2001 - OpenBSD 2.8 and 2.9 have a race condition in the kernel which leads to local root compromise. By forking a few process it is possible to attach to +s pid with ptrace. Includes vvopenbsd.c, a local root exploit.

tags | exploit, kernel, local, root
systems | openbsd
MD5 | 9178cad0470bd7e348f0e538216d00c1
Posted Jul 12, 2001
Authored by Tim Lawless | Site sourceforge.net

StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.

Changes: Added Checks to Detect modules hiding their presence, Added Read-Only /dev/kmem, and Added VFS checking.
tags | kernel
systems | linux
MD5 | fda543690273352eaa367dd9d0fbdb92
Posted Jul 12, 2001
Authored by Zen-Parse

Tstot.c is a remote exploit for xloadimage for Red Hat 7.0. Xloadimage is a Netscape 4.77 helper application with a buffer overflow vulnerability. Binds a shell to a port. Fix available here.

tags | exploit, remote, overflow, shell
systems | linux, redhat
MD5 | 84f0f17bc976e6b8be69bacaeb5bf596
Posted Jul 12, 2001
Authored by Russell Handorf

Cayman routers allow remote access by using } as the username.

tags | exploit, remote
MD5 | 9cc90717d2cfb63a71c77417f014dbca
Posted Jul 12, 2001
Site cisco.com

Cisco Security Advisory - Vulnerabilities in Cisco SN 5420 Storage Routers. Two vulnerabilities have been discovered in Cisco SN 5420 Storage Router software release up to and including 1.1(3). One of the vulnerabilities can cause Denial-of-Service attack. The other allows unrestricted low level access to the SN 5420. The vulnerabilities are exploited via TCP ports 514 and 8023.

tags | tcp, vulnerability
systems | cisco
MD5 | 217a13ba3ed96b040635c794eb890afe
Posted Jul 12, 2001
Authored by qitest1

Cfingerd v1.4.3 and below Linux/x86 local root buffer overflow exploit.

tags | exploit, overflow, x86, local, root
systems | linux
MD5 | 4b97d06d5fd883f3f606f5c5bab3b932
Posted Jul 12, 2001
Authored by Gilles

IBM db2 for Windows (98/NT/2000) is vulnerable to a simple remote denial of service attack via db2ccs.exe (listening on port 6790) and db2jds.exe (port 6789).

tags | exploit, remote, denial of service
systems | windows
MD5 | f4b462d2987f201a50bd03e6f68934fd
Posted Jul 12, 2001
Authored by Telehor | Site digit-labs.org

Cfingerd v1.4.3 and below local root buffer overflow exploit in perl. Exploits <a href="http://www.securityfocus.com/archive/1/192844"this</a> vulnerability.

tags | exploit, web, overflow, local, root, perl
MD5 | 7deade15eef46381573d4b4220a005e0
Posted Jul 12, 2001
Authored by Ade245

McAffee's MyCIO directory traversal vulnerability - Any machine running McAffee Agent ASaP VirusScan Software is vulnerable to a remote vulnerability which allows any file on the machine to be read. This software incorporates what is known as "Rumor Technology" that facilitates in the transfer of virus definitions between neighboring machines. This agent software runs as a service ("McAfee Agent") under the local system account and uses a light weight HTTP server that listens on TCP port 6515. Exploit URL included.

tags | exploit, remote, web, local, tcp, virus
MD5 | 3dda84290792822ead2aa88636a565b1
Posted Jul 12, 2001
Authored by Zen-Parse

Cfingerd v1.4.3 and below remote root exploit. Slightly broken. Exploit redirects fopen() call to popen() and executes code from ~/.nofinger.

tags | exploit, remote, root
MD5 | 127d493b92791085586c97eff83512dc
Posted Jul 12, 2001
Site dtype.org

keyanalyze is a program which analyzes keyrings in the OpenPGP format (PGP and GnuPG), looking at properties of connectivity to generate strongly-connected set analysis, as well as some arbitrary statistics including a "mean shortest distance" calculation to show the most connected keys.

tags | arbitrary, encryption
MD5 | d1fe56c2538afa84429fdf731f608841
Posted Jul 12, 2001
Site qDefense.com

qDefense Advisory QDAV-2001-7-1 - Multiple CGI Flat File database manipulation vulnerability. Many CGI scripts store data, including passwords, in a flat file database, using special characters as field and row delimiters. An attacker is often able to manipulate these databases by inserting extra delimiter characters.

tags | exploit, cgi
MD5 | 454c4032e3ae794c228b5636ca6399ae
Page 1 of 2

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    10 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    1 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2019 Packet Storm. All rights reserved.

Security Services
Hosting By