exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2002-04-23

Posted Apr 23, 2002
Authored by eSDee, netric | Site netric.org

Posadis m5pre1 local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 02990a3bf9a9b52f587bd26ec96d8142429acc8d34e02e69e765ef4fb60221b1
Posted Apr 23, 2002
Authored by eSDee, netric | Site netric.org

Posadis m5pre2 local format string exploit.

tags | exploit, local
SHA-256 | 025e81c77e339b0490a61b132dcf3996293528d7e06703be59938c0e883873e7
Posted Apr 23, 2002
Authored by Peter Grundl

Cold Fusion v5.0 on Windows 2000 w. IIS5 contains a bug because requests for certain DOS-devices are parsed by the isapi filter that handles .cfm and .dbm result in error messages containing the physical path to the web root.

tags | web, root
systems | windows
SHA-256 | e1c8dfbb628e1242d3787672e22d4588966e1ef76382598ce80d04e1ad70f7e9
Posted Apr 23, 2002
Authored by Peter Grundl

The Sambar Webserver v5.1p on Windows 2000 contains a flaw in the serverside URL parsing that allows malicious users to bypass serverside fileparsing and display the sourcecode of scripts. The same flaw could allow a malicious user to crash the web service. Example URL's included. Fix available here.

tags | web
systems | windows
SHA-256 | 7bff33cd3a2c799145ed9e3a6b0e19f2ba86cc4529efcc24ac878157fb592ca0
Posted Apr 23, 2002

Microsoft Security Advisory MS02-020 - Microsoft SQL Server 7.0 and 2000 contain buffer overflows in stored procedures which allow remote attackers to execute arbitrary code in the security context in which SQL Server is running. An attacker could exploit this vulnerability in one of two ways - the attacker could attempt to load and execute a database query that calls one of the affected functions, or if a web-site or other database front-end were configured to access and process arbitrary queries, it could be possible for the attacker to provide inputs that would cause the query to call one of the functions in question with the appropriate malformed parameters. Microsoft FAQ on this issue available here.

tags | remote, web, overflow, arbitrary
SHA-256 | e9aa37ecfa4622fac79e02caae7328ee79458d9a6c012915da1dea341479db03
Posted Apr 23, 2002
Authored by Filip Maertens | Site filip.compsec.be

Microsoft IIS W3SVC Denial of Service - Brings down the inetinfo.exe process, crashing IIS.

tags | exploit, denial of service
SHA-256 | 81814de9d2e596727cfc98782533c7d68dd2b7ae0b565762aba72a987fd5e7bd
FreeBSD Security Advisory 2002.21
Posted Apr 23, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:21 - A bug in the FreeBSD kernel's TCP/IP stack's processing of ICMP echo replies can be exploited to create new routing table entries which are never deallocated, using all available memory.

tags | kernel, tcp
systems | freebsd
SHA-256 | 1b209ae5272e1c845302bb2943ef5557ae459d0b9bb2720c44291a59a7de1062
Posted Apr 23, 2002
Authored by Arne Vidstrom | Site ntsecurity.nu

PromiscDetect for Windows NT 4.0 / 2000 / XP checks if your network adapter(s) is in promiscuous mode or not (that is, in most cases, if a sniffer is running on the computer or not). Of course the attacker might be intercepting the communication between the tool and the adapter, making the result unreliable, but there are probably many more cases out there where the tool will really detect a sniffer.

systems | windows
SHA-256 | 8a4345015f03031fc61b7d463780177d80619f954ab9748ce8585b34ea995058
Posted Apr 23, 2002
Authored by Dug Song | Site monkey.org

Fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. It features a simple ruleset language to delay, duplicate, drop, fragment, overlap, print, reorder, segment, source-route, or otherwise monkey with all outbound packets destined for a target host, with minimal support for randomized or probabilistic behavior. Includes scripts to defeat even the current CVS snort IDS.

tags | denial of service
systems | unix
SHA-256 | 6899a61ecacba3bb400a65b51b3c0f76d4e591dbf976fba0389434a29efc2003
Posted Apr 23, 2002
Authored by Peter Grundl

Windows 2000 microsoft-ds Denial of Service - The default LANMAN registry settings on Windows 2000 could allow a malicious user, with access to TCP port 445 on your Windows 2000, to cause a Denial of Service on Windows 2000 server, advanced server, and processional with SP0, SP1, and SP2. An attack could be something as simple as sending a continuous stream of 10k null chars to TCP port 445.

tags | denial of service, registry, tcp
systems | windows
SHA-256 | 7fe2f78f85a4b46727a496296575d34dab9432bafa9cfa3c252c2610e27d4ae9
Page 1 of 1

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    19 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By