exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2002-05-10

Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin | Site cqure.net

The 4D webserver v4.7.3 has a buffer overflow condition in the username or password field in a basic authentication resulting in EIP overwrite and possible arbitrary code execution.

tags | overflow, arbitrary, code execution
SHA-256 | b96f3931116f62370d7fc24b352b14216c1aa472d09e0f7a13ec66181f1c021f
Posted May 10, 2002
Authored by Zillion | Site safemode.org

Remote FreeBSD cURL exploit for versions 6.1 - 7.3. More info available here.

tags | exploit, remote
systems | freebsd
SHA-256 | cb3b41070a035495a6c0d2f9b4a6cfc27b235c73e132f73706c9a2910cdd0597
Posted May 10, 2002
Authored by Zillion | Site safemode.org

Remote linux cURL exploit for versions 6.1 - 7.3. More info available here.

tags | exploit, remote
systems | linux
SHA-256 | dad91fe61044ca9a5d49c69ade363fac8dad8e28d8281dc3943fb2ce21ed8fb8
Posted May 10, 2002
Site dimlight.org

Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks inetd entries and looks for unneeded RPM packages. It is being expanded to work with Linux distributions other than Red Hat, and checks for kernel versions.

Changes: Fixed bugs and added checkrpm module to report RPM integrity on redhat based systems.
tags | kernel
systems | linux, redhat
SHA-256 | 52892f514f310b0e0929cbd03ed544a7652ba88640cc4ed57c4d787006117e00
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin

Cqure.net Security Advisory cqure.net.20020412.bordermanager_36_mv1.a - Three vulnerabilities were identified in Novell Border Manager 3.6. The vulnerabilities will cause the handling NLM to abend, and in some cases result in a denial of service to to Novell server.

tags | denial of service, vulnerability
SHA-256 | f299bcf1188f4c8c7d32630643702fd962fc7a016d90a590fa5014a2d1f6d783
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin

Cqure.net Security Advisory cqure.net.20020412.netware_sdmr.a - The IPX compatibility issue Posted to BugTraq on July 11, 2000 by Dimuthu Parussalla applies to Netware 6.0 SP 1 as well. An attacker could cause the SDMR.NLM to abend and in some cases reboot the server.

SHA-256 | 6e6452d419db4e473889709434156d711e2dea30704458f960ad8691c0bfdd80
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin

Cqure.net Security Advisory cqure.net.20020412.netware_client.a - Multiple buffer overflow conditions exist in the Novell Netware client for Windows v4.83 which allow an attacker to crash any software relying in name resolution.

tags | overflow
systems | windows
SHA-256 | acf676864959962a18ec7ee46cd42809dc4d8f63457b8d3aa66b57a2932b55b5
Posted May 10, 2002
Authored by FJ Serna | Site ngsec.com

ISC DHCPD in its version 3 introduced new dns-update features. ISC DHCPD v3.0 to 3.0.1rc8 is vulnerable to a remote root format string bug attack, while reporting the result of a dns-update request.

tags | remote, root
SHA-256 | a290c9d40604af3f940c6014c394c6ae911843feb29f15807b203cd233a48342
Posted May 10, 2002
Authored by Boris Wesslowski | Site kyb.uni-stuttgart.de

Fwlogwatch analyzes the ipchains, netfilter, iptables packet filter, and Cisco logfiles and generates text and HTML summaries. Features realtime anomaly alerting capability, an interactive report generator, and the ability to cut off attacks by adding firewall rules.

Changes: Adds support for Snort IDS logs and for sending summaries by email. Bugs were fixed!!!
tags | tool, firewall
systems | cisco, unix
SHA-256 | 795c67cf5a2db29ed7dd5a76ae3f841e7a8d70ca6895bf6f78bbc9910c6b3ab3
Posted May 10, 2002
Authored by Everton da Silva Marques | Site nucleo.freeservers.com

portfwd is a small userlevel daemon which forwards incoming TCP connections or UDP packets to remote hosts. Multiple forwarders can be specified in a flexible configuration file. There is support for FTP forwarding and transparent proxy.

Changes: The ability to invoke an external program to select the destination based on the address and port of incoming connections or datagrams has been added.
tags | remote, udp, tcp
systems | unix
SHA-256 | abd24d938ea563ceb77b2bf0b4564443d027463dbb2b03979e7b61d5943405f4
Posted May 10, 2002
Authored by Pedram Amini | Site pedram.redhive.com

Dirwatch is a (/tmp) directory watcher written to to aid in the discovery of race conditions. Dirwatch has multiple speed settings, the fastest of which can even catch a successive link() unlink(). Dirwatch also has the ability to filter files based on user, group, suid bit, and wildcard (*?) file names.

systems | unix
SHA-256 | 5cdc8fea6ea4919bd2106e78c2892ae715e43baa15d23ca4eec2a512646b6089
Posted May 10, 2002
Authored by Pedram Amini | Site pedram.redhive.com

Confuse Router v1.0 is an arp cache poisoner which allows you to see traffic in a switched environment such as a cable modem network. Requires libnet.

systems | unix
SHA-256 | 3f39d0ee3be48ebe6c2f78d8012c01677c3f389706c1f2b080b773de1fd86e82
Posted May 10, 2002

Microsoft Security Advisory MS02-022 - A buffer overflow in the MSN Chat control allows remote attackers to run arbitrary code if a user runs MSN Messenger or Exchange Instant Messenger. It is also possible to exploit this vulnerability via a web site or HTML email. Microsoft FAQ on this issue available here.

tags | remote, web, overflow, arbitrary
SHA-256 | b87ce4858a40e34353bddfda6a10d403e7641db211ecf164002df49eb80edf8c
Posted May 10, 2002
Authored by Fozzy | Site dmpfrance.com

Local root exploit for OpenBSD up to 3.1 which takes advantage of the fd race and skeyaudit binary.

tags | exploit, local, root
systems | openbsd
SHA-256 | 942689559f299505c2d3b0892168e2f9e4a4e49b301c8a85a802e0d8e1361e0d
Posted May 10, 2002
Authored by Fozzy | Site dmpfrance.com

On current OpenBSD systems, any local user can fill the kernel file descriptors table, leading to a denial of service. Because of a flaw in the way the kernel checks closed file descriptors 0-2 when running a setuid program, it is possible to combine these bugs and earn root access by winning a race condition.

tags | denial of service, kernel, local, root
systems | openbsd
SHA-256 | e1b6639e9a5ff47fdbc4fbd454486735d12558a62364c4a7a3c8f06239895718
HexView Security Advisory 2002-05-03.01
Posted May 10, 2002
Authored by HexView, SGI Security Coordinator | Site sgi.com

SGI Security Advisory 20020503-01-I - A vulnerability found in netstat allows local users to detect whether a file exists, even when the permissions and ownership of that file should not allow it. This vulnerability has been corrected in IRIX 6.5.12 and patches are available.

tags | local
systems | irix
SHA-256 | ecfddfe1a5d66662e1eacb3e599522d5cc271ef9922a8b2cb650afd55c1f66d3
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin

Cqure.net Security Advisory 20020408.netware_nwftpd.a - A vulnerability found in the Novell Netware 6.0 SP1 FTP daemon can be used in a denial of service against this application. Exploitation of this problem can result that the daemon starts consuming all CPU resources.

tags | denial of service
SHA-256 | 090c17bdcfa438d7edb5199d6b979d712c815b29b6cfad263682923334c7e20b
Posted May 10, 2002
Site suse.com

SuSE Security Announcement: sysconfig (SuSE-SA:2002:016) - On SuSE 8.0 information gained from DHCP packets is used in commands line execution by the ifup-dhcp script. This vulnerability has been fixed in the sysconfig-0.23.14-60.i386.rpm package.

systems | linux, suse
SHA-256 | c82cc50639bd3babda48b1d2a00ee6187697cb5e6a2f5fdd0ee5849e68c17de6
Posted May 10, 2002
Site cert.org

CERT Advisory CA-2002-12 - A format string vulnerability in ISC DHCP 3 to 3.0.1rc8 can be used to remotely execute code through this application. Because ISC DHCP runs with root privileges, exploitation of this vulnerability can lead to a root compromise.

tags | root
SHA-256 | 04162819e3ff2eccb2f46aeb34787f7c46b175659b06ede22042c9ce455db002
Page 1 of 1

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By