exploit the possibilities
Showing 1 - 25 of 83 RSS Feed

Files Date: 2003-01-01 to 2003-01-31

Posted Jan 30, 2003

NGSSoftware Security Advisory NISR29012003 - There is a remotely exploitable buffer overflow vulnerability in the Microsoft RPC (Remote Procedure Call) Locator Service. This vulnerability, which especially affects Windows Domain Controllers, has been fixed by Microsoft and patch information can be found in Microsoft security advisory MS03-001.

tags | advisory, remote, overflow
systems | windows
MD5 | 65eb9ac93802f55ed2de5a92a6cfd606
Posted Jan 30, 2003
Authored by Knud Erik Hojgaard | Site idefense.com

iDEFENSE Security Advisory 01.28.03 - It has been found that several SSH clients leave authentication data unprotected in the system memory while connecting to a remote host using the SSH2 protocol. Anyone with read access to the system memory can retrieve and abuse this information.

tags | remote, protocol
MD5 | 36c04322cdacf86e0da9f60335c94d46
Posted Jan 30, 2003
Authored by Carl Livitt

Carl Livitt security advisory CLIVITT-2003-2 - A format string vulnerability has been found in the plpnfsd daemon that comes with versions of the plptools package prior to 0.7. This issue can allow code execution with elevated privileges and has been fixed in newer versions of plptools. This advisory contains exploit code that may be used against affected SuSE Linux systems.

tags | advisory, code execution
systems | linux, suse
MD5 | ac9f4e45a524276516f7ca240c0ae0a0
Posted Jan 27, 2003
Authored by Lubomir Nistor

This paper discusses using Snort as an anomaly based IDS, outlining the utilization of different deployments with listings of advantages and disadvantages.

tags | paper
MD5 | 840f4fe86e49259b4ae53ed522238238
Posted Jan 27, 2003
Authored by inkubus | Site usg.org.uk

The utility slocate has a local buffer overflow vulnerability when the -r and -c switches are used. Due to this utility being setgid slocate on many default installs, slight privilege escalation is possible.

tags | advisory, overflow, local
MD5 | 183a5220d52fe7a1bf9e1f346889bb9c
Posted Jan 27, 2003
Authored by teso, scut | Site team-teso.net

This utility converts a dynamically link Linux IA32 ELF binary to a static binary.

systems | linux
MD5 | 51bd11bc0ce5e38a9cb6933d910de716
Posted Jan 27, 2003
Authored by Mike Kershaw | Site kismetwireless.net

Kismet is an 802.11b wireless network sniffer. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.

Changes: 802.11a support, XML Updates, GPSMap updates, Speech/Sound updates, and Speech shellcode security updates.
tags | tool, wireless
systems | cisco, linux, freebsd, openbsd, apple, osx
MD5 | 7839368a4e5feee7d41b6582b3b8c3ab
Posted Jan 27, 2003
Authored by Dianne Skoll | Site roaringpenguin.com

MIME Defanger is a flexible MIME e-mail scanner designed to protect Windows clients from viruses and other harmful executables. It works with Sendmail 8.11 / 8.12's "milter" API and will alter or delete various parts of a MIME message according to a flexible configuration file.

Changes: Clarification of the license, Added -x option that allows users to change the X-Scanned-Authored header, added support for Trophie, and various other bug and performance fixes.
systems | windows, unix
MD5 | 258a84611e0e4e53bf4e8b8736d42b1e
Posted Jan 27, 2003
Site rsug.itd.umich.edu

radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.

Changes: Fixed connection accepting code, added argument checking, and various other bug fixes.
tags | tool, intrusion detection
systems | unix
MD5 | a1f5f6d35263239c8e9ed78bea69ad7b
Posted Jan 27, 2003
Authored by Wojciech Purczynski | Site isec.pl

The at utility in Solaris has name handling and race condition vulnerabilities. Using the -r switch to remove a job allows an attacker to remove any file on the filesystem as root. Although at filters out absolute paths, a simple ../ directory traversal maneuver allows an attacker to remove files out of the allowed boundary.

tags | exploit, root, vulnerability
systems | solaris
MD5 | ade275e5de208f97a322a2f79d94f71c
Posted Jan 27, 2003
Authored by Dennis Rand | Site infowarfare.dk

PlatinumFTPserver, the server engine that runs as an application on Windows 9x and a service under NT/2K/XP, has a directory traversal vulnerability that allows remote attackers to enter directories that reside outside the bounding FTP root directory. Another vulnerability exists which allows an attacker to commit a DoS against the server. Version affected: 1.0.7. Version Unaffected: 1.0.8.

tags | exploit, remote, root
systems | windows, 9x
MD5 | a833b7d7a2a1d81359c6be96784cd9db
Posted Jan 27, 2003
Authored by Ulf Harnhammar | Site hypermail.org

Hypermail 2, a popular tool that converts mails into html, has two buffer overflows. One exists in the hypermail program itself and another is in the CGI program mail. The overflow in the main program can be overflowed by sending an email while the CGI program can be overflowed by a DNS server being populated with faulty information. Versions affected: 2.1.3, 2.1.4, 2.1.5, possibly others. 2.1.6 is not affected.

tags | exploit, overflow, cgi
MD5 | d197f6b39b31e4f89f67d75abd1b2706
Posted Jan 27, 2003
Site microsoft.com

Microsoft Security Advisory MS03-003 - A flaw in how Outlook 2002 handles V1 Exchange Server Certificates causes Outlook to sometimes accidently sends messages in plain text even though it tells the user it has been sent encrypted.

MD5 | 44f5e08b3a8642a5b150ebbedabc7f84
Posted Jan 26, 2003
Site cert.org

CERT Advisory CA-2003-04 - A quickly spreading Microsoft SQL worm exploits two vulnerabilities in Microsoft SQL Server 2000 over udp port 1434.

tags | worm, udp, vulnerability
MD5 | 9a3232db2280856d044de3dc8eaac1af
Posted Jan 25, 2003
Site microsoft.com

Microsoft Security Advisory MS03-001 - A buffer overflow in the Microsoft Windows Locator Service in Windows NT, 2000, and XP allows remote attackers to execute commands on Windows 2000 and NT domain controllers by default, and any other server which has the locator service enabled.

tags | remote, overflow
systems | windows, 2k, nt
MD5 | ba89547e50972948dbd1b7f18d0770b3
Posted Jan 25, 2003
Authored by Riley Hassell | Site eEye.com

Eeye Advisory - The "SQL Sapphire" worm is spreading quickly among unpatched Microsoft SQL Server 2000 pre SP 2 systems on the internet with are accessible over port 1434 udp. Includes a detailed analysis of the worms payload.

tags | worm, udp
MD5 | f427e8b507867589bbb319c87afdaf10
Posted Jan 25, 2003
Site xforce.iss.net

ISS Security Advisory - The "Microsoft SQL Slammer Worm" is spreading via unpatched SQL servers. Once a vulnerable computer is compromised, the worm will infect that target, randomly select a new target, and resend the exploit and propagation code to that host sending a large amount of network traffic in the process which crashes some network equipment.

tags | worm
advisories | CVE-2002-0649
MD5 | 6ddebac702eda1acef91bb54c7773882
Posted Jan 25, 2003
Authored by Mayhem | Site devhell.org

Net/Free/Open/BSD x86 143 bytes shellcode which binds a shell on tcp port 31337 using setuid/setgid/socket/bind/listen/accept/dup2/exec("/bin/sh").

tags | shell, x86, tcp, shellcode
systems | bsd
MD5 | dce2b5a74d99266f6756c0cfe90f1bf1
Posted Jan 25, 2003
Authored by eSDee | Site netric.org

ISC dhcpd v3.0.1rc8 and below remote root format string exploit. Tested against Debian 3.0, Mandrake 8.1, Red Hat 7.2, 7.3, and 8.0, and SuSE 7.3. Includes the option to check for vulnerability on any platform by crashing the service.

tags | exploit, remote, root
systems | linux, redhat, suse, debian, mandrake
MD5 | 1da87ccba0bbd62b90b532655ce17f50
Posted Jan 24, 2003
Authored by Matt Blaze | Site crypto.com

Rights Amplification in Master-Keyed Mechanical Locks - This paper describes a relatively unknown procedure for obtaining a master key if given access to a tumbler based master keyed lock and any low level key in the system. No special skill or equipment beyond a small number of blank keys and a file is needed, and the attacker does not need to engage in any suspicious behavior at the locks location. Countermeasures are described with provide limited protection under certain circumstances.

tags | paper
MD5 | 203c6fc8532d603649f8a707002650ee
Posted Jan 24, 2003
Authored by DrBIOS, Bagabontu

Bscan is a banner grabber for httpd which uses non-blocking sockets for improved speed.

tags | web
MD5 | 2f77c7ea5bdc18fe67c42343f78e8536
Posted Jan 24, 2003
Authored by Gerald Combs | Site ethereal.com

Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.

Changes: The RADIUS dissector can now decrypt user passwords. The statistics graphs have been enhanced. The ATM and DOS sniffer code received major improvements. Top talker statistics for Ethernet, IP and Token Ring are now available. Improved configuration and build environment.
tags | tool, sniffer, protocol
systems | unix
MD5 | 711007f6ae56ded4fe1062e4f9dcdba8
Posted Jan 24, 2003
Site cert.org

CERT Advisory CA-2003-03 - Windows NT, 2000, and XP contains a buffer overflow in the Windows Locator service that allows remote attackers to execute arbitrary code via the netbios ports. More information available ms03-001.

tags | remote, overflow, arbitrary
systems | windows, nt
MD5 | e25389d4f4430a44f678578aad102a83
Posted Jan 23, 2003
Authored by Stefan Esser | Site security.e-matters.de

CVS v1.11.4 and below contains a double free bug which allows attackers with read access to execute code on the server by sending a malformed directory name. By default, CVS runs with root privileges. Patch available here.

tags | advisory, root
advisories | CVE-2003-0015
MD5 | 04389f84addb51044ce4e82de3bf21cf
Posted Jan 23, 2003
Authored by Core Security Team | Site core-sec.com

Vulnerabilities in Your Code Part II - Format string vulnerabilities and exploitation. Shows the exact location of the vulnerabilities, providing detailed explanations and exploits for each one found.

tags | paper, vulnerability
systems | unix
MD5 | bb907eb9a4f60e0c9bfc8c3f75d6307a
Page 1 of 4

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    1 Files
  • 29
    Nov 29th
    11 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By