what you don't know can hurt you
Showing 1 - 25 of 101 RSS Feed

Files Date: 2002-01-01 to 2002-01-31

Posted Jan 27, 2002

Microsoft Security Advisory MS03-002 - The Microsoft Content Management Server 2001 contains a cross site scripting flaw in an ASP page.

tags | xss, asp
MD5 | 5f9a08fd4a965c6bbfb642a30dcf8d05
Posted Jan 26, 2002
Site crimelabs.net

55hb is a SSH account brute force auditing tool written in expect. Allows you to specify hosts, password lists, and a user.

Changes: Fixed the code. Now you can specify a user file rather then just using one user to streamline things a little bit and made it so it was more stable and efficient.
tags | cracker
MD5 | 16da26e552c32d0f52c78a0331e4a5e4
Posted Jan 26, 2002
Authored by mercenary | Site phreedom.org

Kernel Based Keystroke Loggers for Linux - This paper describes the basic concepts and techniques used for recording keystroke activity under linux. Includes proof of concept LKM which is stealthy, works with recent distributions, and is capable of logging local logins and ssh sessions to and from the host. Tested on Slackware v8.0 with kernel v2.4.5.

tags | kernel, local, proof of concept
systems | linux, unix, slackware
MD5 | a9615f10eaef0364e7e748a96c2fb1c1
Posted Jan 25, 2002
Authored by Christian Milow

GnomeICU v0.96.1 remote dos exploit. Sends a message with uin=0000000 causing a seg fault. Tested on GnomeICU 0.95->0.96.1 on RH 7.0, Slackware 8.0.

tags | exploit, remote, denial of service
systems | linux, slackware
MD5 | 619d5fe13a0c7cbcdc31462b9aab2591
FreeBSD Security Advisory 2002.8
Posted Jan 25, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:08 - A race condition during exec allows local root compromise. A race condition exists in the FreeBSD exec system call implementation. It is possible for a user to attach a debugger to a process while it is exec'ing, but before the kernel has determined that the process is set-user-ID or set-group-ID. All versions of FreeBSD 4.x prior to FreeBSD 4.5-RELEASE are vulnerable to this problem. The problem has been corrected by marking processes that have started.

tags | kernel, local, root
systems | freebsd
MD5 | d01d62114dbd97adf1fd167c813cd187
Posted Jan 25, 2002
Site cert.org

There is a remotely exploitable buffer overflow in ICQ v2001A and below. Attackers that are able to exploit the vulnerability can execute arbitrary code with the privileges of the victim user. There are 122 million vulnerable clients. Full details are discussed in VU#570167. An exploit is known to exist. Voice Video & Games plugin installed with AOL Mirabilis ICQ Versions 2001B Beta v5.18 Build #3659 and prior is also vulnerable.

tags | overflow, arbitrary
MD5 | c8d272590ca4613ec1a4cac1ae2b3505
Posted Jan 25, 2002
Authored by David Litchfield | Site atstake.com

This document describes buffer overrun vulnerabilities on Sun Microsystems SPARC machines. We will begin by examining the SPARC architecture, looking at the registers and the stack. We will then go on to see exact how buffer overrun vulnerabilities occur and how control over the processes execution is gained under SPARC and then detail how, from here, the vulnerability can be exploited to gain control over the computer by looking at exploit code that spawns a shell under Solaris.

tags | paper, overflow, shell, vulnerability
systems | unix, solaris
MD5 | f84c8fdc8a46ebf7eb620006ec7dd07d
Posted Jan 25, 2002
Authored by David Litchfield | Site atstake.com

Windows 2000 Format String Vulnerabilities - Includes detailed discussion of how format string bugs in fprintf(), vprintf() and sprintf() calls they are created, discovered, and exploited.

tags | paper, vulnerability
systems | windows, 2k
MD5 | f08de556c293621dc8bbde597c7b51c3
Posted Jan 25, 2002
Authored by turnrightNever

trNkit v1.0 -Release- (beta). Includes patched versions of du, locate, netstat, ps, pstree, top, w, and who.

tags | tool, rootkit
systems | unix
MD5 | 30e6999a115ab145c17d2351744c1bda
Posted Jan 25, 2002
Authored by Pilot | Site monkey.org

Arirang is a powerful webserver security scanner with many features. Checks over 700 vulnerabilities. This is the OpenBSD/NetBSD/FreeBSD version.

tags | cgi, vulnerability
systems | netbsd, unix, freebsd, openbsd
MD5 | e5fbca4ae12308dd8edc11f675841488
Posted Jan 25, 2002
Authored by Adel I. Mirzazhanov | Site adel.nursat.kz

APG (Automated Password Generator) is the tool set for random password generation. Includes built-in ANSI X9.17 RNG (Random Number Generator)(CAST/SHA1).

systems | unix
MD5 | e3204157078f617f7ef025f4872a8d2f
Posted Jan 25, 2002
Authored by Egemen Tas

The Leviathan Auditor is an enumeration and penetration testing tool which runs on and against Microsoft machines. It dumps Users, Groups, Services, Shares, Transport devices and MAC addresses over port 139 or 445. It enumerates RPC portmapper entries over port 135 and also tries to exploit MS SQL servers if it is presented. With its built-in SQL Server exploit you can execute remote commands as Local System. Source code is freely available on demand.

tags | remote, local
MD5 | 6904f9d4553cfc85ac0b86d6f3bf1aa5
Posted Jan 25, 2002
Authored by Mindkind

Deltaflown , it is a ICMP/TCP/UDP packet forger which is very easy to use. It is coded in C and it can be compiled on a linux machine or on another UNIX if you change the name of headers.

tags | udp, tcp
systems | linux, unix
MD5 | 85f18c41b17393f8b4907640ad46d7b7
Posted Jan 25, 2002
Site crimelabs.net

55hb is a SSH account brute force auditing tool written in expect. Allows you to specify hosts, password lists, and a user.

tags | cracker
MD5 | 5bb81bf06b550aff6dc23d6199c0084c
Posted Jan 22, 2002
Authored by Zenomorph | Site cgisecurity.com

Header Based Exploitation - Web Statistical Software Threats. When people visit your website, certain information is passed from the users web browser to your web server/script. This information contains data such as what browser they are using, the last site visited, the file they requested, and other information. This paper was written to help you understand how an attacker can use these information fields to exploit your web statistics software. Includes info on SSI Tag Insertion, HTML Insertion, and more.

tags | paper, web
MD5 | ac4bb0330c08f7582dfc40695a51cf75
Posted Jan 22, 2002
Authored by Tim Lawless | Site sourceforge.net

StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.

Changes: Addition of ability to restore a system attacked using kernel modification techniques such as a Silvio Stealth syscall by reloading the kernel without a reboot. Addition of Checks to detect the possible subversion of the kernel at loadtime. Now does Full Kernel Text Validation.
tags | kernel
systems | linux
MD5 | 56b40532ec8f1f3089de8ec4fe7f5f4f
Posted Jan 22, 2002
Authored by Charles Stevenson

Debian uucp v1.06.1 local uid=utmp or root exploit. Trojans uucp and uux, attempting to get a root shell. Based on an exploit by zen-parse. Tested on Debian PowerPC Unstable.

tags | exploit, shell, local, root, trojan
systems | linux, debian
MD5 | c288ab795b3f52d9cc85af362801096c
Posted Jan 19, 2002
Site netbsd.org

NetBSD Security Advisory 2002-001 - A vulnerability found in the ptrace implementation on NetBSD 1.5.* , 1.4.* and CURRENT (prior to January 14, 2002) systems can result in race conditions where it is possible to use ptrace and SUID binaries to execute code with elevated privileges.

systems | netbsd
MD5 | 413f80cd0aca939c1288738bae4d6d12
Posted Jan 19, 2002
Authored by Peter Kieltyka

ICMP Shell is a program written in C for the UNIX environment that allows an administrator to access their computer remotely via ICMP. More info available here.

tags | shell
systems | unix
MD5 | 873a0975dea090b68c1e0304885cfd5a
Posted Jan 19, 2002
Authored by Nelson Murilo | Site chkrootkit.org

chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, Solaris, and OpenBSD. Tested on Linux 2.0.x, 2.2.x and 2.4.x (any distribution), FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9 and 3.0, Solaris 2.5.1, 2.6 and 8.0.

Changes: Now includes its own strings command, tests for ldsopreload and lsof, new ports added to the bindshell test, and several new rootkits and trojans added, including the RST.b trojan, duarawkz, knark LKM, HiDrootkit, Monkit, Bobkit, Pizdakit, and t0rn v8.0.
tags | tool, integrity, rootkit
systems | linux, unix, solaris, freebsd, openbsd
MD5 | edf50a9c8c6bf09b0a9147f2e6168826
Posted Jan 19, 2002
Authored by KAN|N, Masskic

Mailstation.pl exploits a DoS condition in the Intel eMail station.

tags | denial of service
MD5 | 3998d634b2590fe61b0141901e34af8c
Posted Jan 19, 2002
Authored by g463

Sniffit v0.3.7beta remote root buffer overflow exploit. Requires the admin to be running sniffit with the -L option.

tags | exploit, remote, overflow, root
MD5 | 9e59a59251ace6f72b61e53cd1843f1f
FreeBSD Security Advisory 2002.7
Posted Jan 19, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:07 - The k5su command included with FreeBSD, versions prior to 4.5-RELEASE, and the su command included in the heimdal port, versions prior to heimdal-0.4e_2, use the getlogin system call in order to determine whether the currently logged-in user is 'root'. In some circumstances, it is possible for a non-privileged process to have 'root' as the login name returned by getlogin. You don't actually want that to happen, trust us.

tags | root
systems | freebsd
MD5 | 208b22a679028eed6a4f847a57e20216
Posted Jan 19, 2002
Authored by Zen-Parse

Attn.tar.gz is a Redhat 7.0 local root exploit which takes advantage of a bug in the at command which allows an attacker to free() user controlled memory. Tested on Redhat 7.0 with the glibc-2.2.4- and at-3.1.8-12 packages installed.

tags | exploit, local, root
systems | linux, redhat
MD5 | 228228e20fdbea6cba09e2718ad8cad0
Posted Jan 19, 2002

The Avirt telnet proxy v4.2 and below has a remotely exploitable buffer overflow. Tested on Win2k. Strumpf Noir Society

tags | overflow
systems | windows
MD5 | b632a6b63e2d05565a9262df9e24891e
Page 1 of 5

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By