Microsoft Security Advisory MS03-002 - The Microsoft Content Management Server 2001 contains a cross site scripting flaw in an ASP page.
74a7aed76f12d26a055fd96848693567f0b873d08688f03ea7cc1d73ea07e8ab55hb is a SSH account brute force auditing tool written in expect. Allows you to specify hosts, password lists, and a user.
0a0c26ff49e9be32c07baf34b748e84956150a706ffab89a9984575b51fbc922Kernel Based Keystroke Loggers for Linux - This paper describes the basic concepts and techniques used for recording keystroke activity under linux. Includes proof of concept LKM which is stealthy, works with recent distributions, and is capable of logging local logins and ssh sessions to and from the host. Tested on Slackware v8.0 with kernel v2.4.5.
09fc0bff73308b65d6613b51aaf2ab2c2e5caf5e344479dd7bcbd5138e4efdecGnomeICU v0.96.1 remote dos exploit. Sends a message with uin=0000000 causing a seg fault. Tested on GnomeICU 0.95->0.96.1 on RH 7.0, Slackware 8.0.
6c7a971a62cffc000b5fbfe560a6c6266cee3054efb33e5fa8c904d551d9a46dFreeBSD Security Advisory FreeBSD-SA-02:08 - A race condition during exec allows local root compromise. A race condition exists in the FreeBSD exec system call implementation. It is possible for a user to attach a debugger to a process while it is exec'ing, but before the kernel has determined that the process is set-user-ID or set-group-ID. All versions of FreeBSD 4.x prior to FreeBSD 4.5-RELEASE are vulnerable to this problem. The problem has been corrected by marking processes that have started.
e39b7337b2653475b68a0ab6e1689bf3692bf6483d1a3ef99c45b26407ae0464There is a remotely exploitable buffer overflow in ICQ v2001A and below. Attackers that are able to exploit the vulnerability can execute arbitrary code with the privileges of the victim user. There are 122 million vulnerable clients. Full details are discussed in VU#570167. An exploit is known to exist. Voice Video & Games plugin installed with AOL Mirabilis ICQ Versions 2001B Beta v5.18 Build #3659 and prior is also vulnerable.
b76478c875f3e3639885e152c0e431077274669ba8875919014f2fd0c3eb15c4This document describes buffer overrun vulnerabilities on Sun Microsystems SPARC machines. We will begin by examining the SPARC architecture, looking at the registers and the stack. We will then go on to see exact how buffer overrun vulnerabilities occur and how control over the processes execution is gained under SPARC and then detail how, from here, the vulnerability can be exploited to gain control over the computer by looking at exploit code that spawns a shell under Solaris.
ea2827088b20a431d2ee4be68183cd2ee8cf525ff70d198af4b747cffecabe5cWindows 2000 Format String Vulnerabilities - Includes detailed discussion of how format string bugs in fprintf(), vprintf() and sprintf() calls they are created, discovered, and exploited.
cc470ec4478e27b35f145967b8b7096795122256fa90b4a6e74a53055431fa40trNkit v1.0 -Release- (beta). Includes patched versions of du, locate, netstat, ps, pstree, top, w, and who.
fb11308261e9f479a6f9cbbb82668d53c8a257caa0245ec4fb24c3d7a47feca1Arirang is a powerful webserver security scanner with many features. Checks over 700 vulnerabilities. This is the OpenBSD/NetBSD/FreeBSD version.
a41da9d3a7d03e2b9b5480072c1510ef16c9c55fc612653d20e1fdc5b8265a9bAPG (Automated Password Generator) is the tool set for random password generation. Includes built-in ANSI X9.17 RNG (Random Number Generator)(CAST/SHA1).
aad730fb3f171a82fe650f3f6a998bcdbdf74beec5b1d358d936be43a9be071aThe Leviathan Auditor is an enumeration and penetration testing tool which runs on and against Microsoft machines. It dumps Users, Groups, Services, Shares, Transport devices and MAC addresses over port 139 or 445. It enumerates RPC portmapper entries over port 135 and also tries to exploit MS SQL servers if it is presented. With its built-in SQL Server exploit you can execute remote commands as Local System. Source code is freely available on demand.
3863c6f29cd341d1958cccd0e9cfa0ecd21e76b0b7745b4f16997e6203c5b2f3Deltaflown , it is a ICMP/TCP/UDP packet forger which is very easy to use. It is coded in C and it can be compiled on a linux machine or on another UNIX if you change the name of headers.
272f40e310301484bfbd2ebfbf84e05c16b9b67ec0f402fecc53c21b932812d455hb is a SSH account brute force auditing tool written in expect. Allows you to specify hosts, password lists, and a user.
fb723aa7785e3130278d7ec8ff23e3a0e2b718012bbe3d2bb35b612d4c64a2b8Header Based Exploitation - Web Statistical Software Threats. When people visit your website, certain information is passed from the users web browser to your web server/script. This information contains data such as what browser they are using, the last site visited, the file they requested, and other information. This paper was written to help you understand how an attacker can use these information fields to exploit your web statistics software. Includes info on SSI Tag Insertion, HTML Insertion, and more.
28d2fa4685980f28f5b718d00024231d08243ee32e0bb94551324cd39274d5aaStMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.
cfdc95d46449ec34094b6f6d84b7777f5aa317ca625e1df739166a92bce9f556Debian uucp v1.06.1 local uid=utmp or root exploit. Trojans uucp and uux, attempting to get a root shell. Based on an exploit by zen-parse. Tested on Debian PowerPC Unstable.
c9cbbdcce388932c2f4626a8b3f784ee30cadbd876fa9fedf737a7fee68ad530NetBSD Security Advisory 2002-001 - A vulnerability found in the ptrace implementation on NetBSD 1.5.* , 1.4.* and CURRENT (prior to January 14, 2002) systems can result in race conditions where it is possible to use ptrace and SUID binaries to execute code with elevated privileges.
e2ceb90aa470a1126631cd2c2ce223394cc423f2b65930b3f1227dd7029eb3b2ICMP Shell is a program written in C for the UNIX environment that allows an administrator to access their computer remotely via ICMP. More info available here.
f7bc22221aa7d982e7e69a1f1ba7bb267744d00b83ca1902191cba9950fb70acchkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, Solaris, and OpenBSD. Tested on Linux 2.0.x, 2.2.x and 2.4.x (any distribution), FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9 and 3.0, Solaris 2.5.1, 2.6 and 8.0.
245625e58aa65c130869fc32a8e8c06888ee940e89fad501cb0ae03bfd778566Mailstation.pl exploits a DoS condition in the Intel eMail station.
f501f204ec204100cb68bc75ae260cad7caa05999ea63ac831eb65e0e1d8e4bfSniffit v0.3.7beta remote root buffer overflow exploit. Requires the admin to be running sniffit with the -L option.
59327ddb76c91e3de271d2d39d73f05e157642374a506dd212cb01e7026276c7FreeBSD Security Advisory FreeBSD-SA-02:07 - The k5su command included with FreeBSD, versions prior to 4.5-RELEASE, and the su command included in the heimdal port, versions prior to heimdal-0.4e_2, use the getlogin system call in order to determine whether the currently logged-in user is 'root'. In some circumstances, it is possible for a non-privileged process to have 'root' as the login name returned by getlogin. You don't actually want that to happen, trust us.
53875598a31417450b640a6ead62cd1ba3c1efd31d8d7e05c0c072b13bc5bca6Attn.tar.gz is a Redhat 7.0 local root exploit which takes advantage of a bug in the at command which allows an attacker to free() user controlled memory. Tested on Redhat 7.0 with the glibc-2.2.4-18.7.0.3 and at-3.1.8-12 packages installed.
68cf6e7dc2b3afc0aa47e66d705351d8b032f2fac0afda3d0b705506d8468181The Avirt telnet proxy v4.2 and below has a remotely exploitable buffer overflow. Tested on Win2k. Strumpf Noir Society
b95135944e65dc824cd0d38a5ed558adbd0ce830e4673f4169c91b2793ff41bd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed