exploit the possibilities
Showing 1 - 25 of 82 RSS Feed

Files Date: 2003-02-01 to 2003-02-28

Posted Feb 27, 2003
Authored by soGNo

Hextodec.java is a simple hex ip to dec ip converter which can be useful for many things, among them is finding the ips of users on java chats similar to the one on www.ircnet.com.

tags | java
MD5 | 79fbfc692c66a035d6240bd2e2c4e524
FreeBSD Security Advisory 2003.2
Posted Feb 26, 2003
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-03:02 Version 1.1 - OpenSSL v0.9.6h and below contains a timing-based vulnerability in CBC ciphersuites in SSL and TLS which can recover fixed plaintext blocks, like a password.

Changes: Updated patches; corrected URLs.
systems | freebsd
MD5 | 8c581cda70ad432693cef8f9ee3def2e
Posted Feb 25, 2003
Authored by Korben | Site macstumbler.com

Macstumber is an application for Mac OS X which scans and detects wireless networks using an Airport card. No driver installation needed.

tags | tool, wireless
systems | apple, osx
MD5 | 524bc6d52804311d94f4684b0ca10a30
FreeBSD Security Advisory 2003.3
Posted Feb 25, 2003
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-03:03 - The FreeBSD syncookie implementation uses keys that are only 32 bits in length, allowing remote attackers to recover the ISN, which can be valid for up to four seconds, allowing ACL's to be bypassed and TCP connections forged. syncookies may be disabled using the 'net.inet.tcp.syncookies' sysctl(8) by running the following command as root: "sysctl net.inet.tcp.syncookies=0".

tags | remote, root, tcp
systems | freebsd
MD5 | c63d88b8c3ba56ae9ba89de75ec0918e
Posted Feb 25, 2003
Authored by Sacrine | Site netric.org

Linux x86 shellcode, 41 bytes. Does a setresuid(0,0,0); execve /bin/sh; exit;.

tags | x86, shellcode
systems | linux
MD5 | 89acd2e404df45e7ccd0471e953e9ebe
Posted Feb 24, 2003
Authored by Knud Erik Hojgaard | Site kokanins.homepage.dk

Sircd v0.4.0 and below and v0.4.4 from CVS before 04/02-03 contains buffer overflow vulnerabilities which allow remote users to execute arbitrary code. Exploit available here.

tags | advisory, remote, overflow, arbitrary, vulnerability
MD5 | 0d8f9f55f74e913e73e4440aa906ceb3
Posted Feb 24, 2003
Authored by Knud Erik Hojgaard | Site kokanins.homepage.dk

Moxftp v2.2 and below contains buffer overflow vulnerabilities which allow remote code execution. Includes exploit code which sends a shell.

tags | exploit, remote, overflow, shell, vulnerability, code execution
MD5 | a2887996e92bf9602abb6740e92d9b63
Posted Feb 24, 2003
Authored by Konstantin Klyagin | Site konst.org.ua

KRIPP is a simple and light-weight network passwords sniffer written in Perl, which uses tcpdump to intercept traffic. Can sniff and display ICQ, FTP and POP3 passwords.

tags | tool, perl, sniffer
MD5 | c5b8fb6bbd3285b7a71ffc9bd9c9e808
Posted Feb 24, 2003
Site openssl.org

A timing based attack has been discovered in OpenSSL v0.9.6h and below which allows SSL/TLS encrypted passwords to be recovered by analyzing the timing of the responses to invalid plaintext.

tags | advisory
MD5 | 9dc778d386cf1242fb314b8f1b7c4219
Posted Feb 24, 2003
Authored by Watercloud | Site xfocus.org

HPUX local buffer overflow exploit for stmkfont which attempts to spawn a gid=bin shell. Tested on HPUX B11.11.

tags | exploit, overflow, shell, local
systems | hpux
MD5 | 05612e25e66d3230934a22c2cc07a40f
Posted Feb 24, 2003
Authored by CaMaLeoN

Remote CGI exploit for Cpanel 5 in perl.

tags | exploit, remote, cgi, perl
MD5 | ba047f28239ea7d388bf568afd780cf8
Posted Feb 24, 2003

Cartoon.c converts ELF binaries to shellcode.

tags | shellcode
MD5 | 7855c0738e5c0f481a630e32f1d308a1
Posted Feb 24, 2003
Authored by James Fell | Site kaleton.com

This paper investigates combining Misuse and Anomaly based IDS into one system. Misuse detection consists of defining malicious network traffic and monitoring for it. Anomaly detection consists of defining normal or typical network traffic and then detecting anything else. The perl source code for a prototype NIDS is included (requires TCPDump).

tags | paper, perl
MD5 | 7f513964d282d00479d3dc881b750de7
Posted Feb 21, 2003
Authored by Gregory Le Bras | Site Security-Corp.org

Security Corporation Security Advisory [SCSA-005]: Proxomitron Universal Web Filter, version 4.4 and below, is vulnerable to a denial of service when being given a parameter over the length of 1024 bytes.

tags | advisory, web, denial of service
MD5 | 0b1ece32944c0c17ec422faa0d5eff3d
Posted Feb 21, 2003
Authored by Modular | Site truncode.org

Coding a TCP Connect Port Scanner Using VLSM - Handbook three in a series. An in-depth beginners tutorial written to explain incorporation of VLSM and CIDR capabilities into a network scanner.

tags | paper, tcp
MD5 | 497a1652d0bfbdeb0b133f040820bf74
Posted Feb 21, 2003
Site cert.org

CERT Advisory CA-2003-06 - Numerous vulnerabilities have been reported in multiple vendor implementations of the Session Initiation Protocol, or SIP, which may allow an attacker to gain unauthorized privileged access, cause denial-of-service attacks, or cause unstable system behavior.

tags | vulnerability, protocol
MD5 | 967409fbce6d95e1ba77b3f2800714d8
Posted Feb 20, 2003
Site cert.org

CERT Advisory CA-2003-05 - Systems running Oracle8 Database v 8.0.6, 8.1.7, Oracle9i Database (Release 1 and 2), and Oracle9i Application Server (Release 9.0.2 and 9.0.3) contain multiple remote vulnerabilities which can lead to the execution of arbitrary code, allow users to modify database records, or cause a denial of service, breaking the database.

tags | remote, denial of service, arbitrary, vulnerability
MD5 | 22a4447df0df965497ab612a64c1a15a
Posted Feb 20, 2003
Authored by Bob | Site dtors.net

Cpanel 5 and below remote exploit which allows users to view any file or execute remote commands due to an insecure open call in guestbook.cgi. Local root vulnerabilities also exist.

tags | exploit, remote, local, cgi, root, vulnerability
MD5 | 3b3e532e3718324aaa6fa16ed89e63f2
Posted Feb 20, 2003
Authored by Bob | Site dtors.net

Nethack v3.4.0 local buffer overflow exploit which spawns a shell as uid=games. Runs /usr/games/lib/nethackdir/nethack.

tags | exploit, overflow, shell, local
MD5 | 3b81d062cf1cb44bc672fbd44da2173e
Posted Feb 20, 2003
Authored by deadbeat, C0w-d0g

Cpanel + Openwebmail local root exploit in perl which affects Cpanel 5 and below. Attempts to copy a suid root zsh into /tmp by exploiting /usr/local/cpanel/base/openwebmail/oom.

tags | exploit, local, root, perl
MD5 | 7e63aefe7851c82f7b4cf3fb23c7f0ee
Posted Feb 19, 2003
Authored by Jani Taskinen | Site php.net

PHP Security Advisory - PHP 4.3.0 contains a bug that allows direct access to the PHP binary via the CGI SAPI which allows remote attackers to trick the server into executing arbitrary PHP code. PHP 4.3.1 fixes the vulnerability.

tags | advisory, remote, arbitrary, cgi, php
MD5 | 66a3e908d3dc182ef810e8953ce4b005
Posted Feb 19, 2003
Authored by Immune Advisory | Site immune.dk

BisonFTP v4r2 is a FTP daemon used on Microsoft Windows 9x/NT systems which has a remote denial of service vulnerability if sent long FTP commands, and can be tricked into revealing information about files outside the ftp root. It's not possible to get in contact with the people at http://www.bisonftp.com anymore. I guess a new version will never be released.

tags | advisory, remote, web, denial of service, root
systems | windows
MD5 | 9481f211960b4a41ce46be92d79f07e9
Posted Feb 19, 2003
Authored by Dr. Insane

Parameter validation bugs exist in Emumail v5.x which allow remote denial of service and allow remote users to view any account history.

tags | exploit, remote, denial of service
MD5 | ea4bcc708b43c31933aeea832cfe6070
Posted Feb 19, 2003
Authored by STE Jones | Site networkpenetration.com

Gobbler is a tool designed to audit various aspects of DHCP networks, from detecting if DHCP is running on a network to performing a denial of service attack. Gobbler also exploits DHCP and ethernet, to allow distributed spoofed port scanning with the added bonus of being able to sniff the reply from a spoofed host. This tool is based on proof of concept code "DHCP Gobbler" available from networkpenetration.com and the DHCP flaws paper.

tags | tool, denial of service, spoof, rootkit, proof of concept
systems | unix
MD5 | 52cc4b9abe3cffccddb5c40b1fc097a5
Posted Feb 19, 2003
Authored by deadbeat

BisonFTP v4.r2 remote denial of service exploit in perl. Tested against Windows 98.

tags | exploit, remote, denial of service, perl
systems | windows
MD5 | 277856a954e219f9d43732719681b0ef
Page 1 of 4

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By