what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files Date: 2003-03-14

hoagie_solarisldap.c
Posted Mar 14, 2003
Authored by Andi

Local exploit for the SUNWlldap library buffer overflow vulnerability on Sun Solaris x86.

tags | exploit, overflow, x86, local
systems | solaris
SHA-256 | 9741295723632b8059de0525584841db6e2fb91f9d27d52e0c0d9caf0562ad64
packit-0.5.0.tgz
Posted Mar 14, 2003
Site packit.sourceforge.net

Packit offers the ability to monitor, manipulate and inject IPv4 (and soon IPv6) traffic (TCP/UDP/ICMP) on and into your network. This can be valuable in testing firewalls, intrusion detection systems and in general TCP/IP auditing. At the comment Packit can be run using one of two modes. packet capture, and IPv4 packet injection. Packit is dependent on libnet 1.1.0+ and libpcap and has been tested with numerous FreeBSD and Linux kernels.

Changes: Added full ARP/RARP injection support, Added ICMP unreach/redirect/timexceed/timestamp/mask injection options, Added support for injection port ranges, MacOS X support, Bug fixes, and more.
tags | kernel, udp, tcp
systems | linux, unix, freebsd
SHA-256 | bb1010dd3019726b778a6ca1ad09bb5a11a141ea0260a0fc581292dfbebb2b45
Atstake Security Advisory 03-03-13.2
Posted Mar 14, 2003
Authored by Atstake, Ollie Whitehouse | Site atstake.com

Atstake Security Advisory A031303-2 - Nokia SGSN (DX200 Based Network Element) is a platform that exists between legacy GSM networks and the new IP core of the GPRS network. The SGSN, or Serving GPRS Support Node, is vulnerable in that it allows any attackers to read the SNMP options with any community string.

SHA-256 | a743e83228a8aa4690b234f2fa9cd8ae048f018026c6d5f4f2c72ee4558edd4d
Atstake Security Advisory 03-03-13.1
Posted Mar 14, 2003
Authored by Atstake, Kevin Dunn, Chris Eng | Site atstake.com

Atstake Security Advisory A031303-1 - A stack buffer overflow exists in the Connector Module that ships with the Sun ONE Application Server. The module is an NSAPI plugin that integrates the Sun ONE Web Server (formerly iPlanet Enterprise Server) with the Application Server. Incoming HTTP request URLs are handled by the module and an unbounded string operation causes the overflow.

tags | web, overflow
SHA-256 | d3e56ce7b90eff64e31f495c396f7513465f86ec2348d3cd53df4ab0ba8e61dc
Rapid7 Security Advisory 12
Posted Mar 14, 2003
Authored by Rapid7 | Site rapid7.com

Rapid 7 Security Advisory - In July 2001, the PROTOS protocol testing group at the University of Oulu in Finland released an LDAP protocol test suite that exposed flaws in LDAP implementations from multiple vendors. Lotus Domino R5.0.7a addressed these issues but regression testing on the R6 Beta release shows that it is still vulnerable to the issues PROTOS discovered. Vulnerable Versions: Lotus Notes/Domino R6 pre-release and beta versions, Lotus Domino R5.0.7 and earlier versions.

tags | advisory, protocol
SHA-256 | cdbcbb8ace4dd1eac056a47326a4c7d94f7ee4cee734a2d5b0c50984a1c31022
Rapid7 Security Advisory 11
Posted Mar 14, 2003
Authored by Rapid7 | Site rapid7.com

Rapid 7 Security Advisory - The Lotus Notes/Domino Web Retriever functionality has an HTTP Status buffer overflow. By issuing an overly long status message in its HTTP response, a remote server can crash the Web Retriever process. The response line consists of the standard HTTP version and code followed by an overly long (~6000 bytes) status message, followed by two carriage return/linefeed pairs. Vulnerable Versions: Lotus Notes/Domino R4.5/4.6/5/6Beta servers and clients.

tags | advisory, remote, web, overflow
SHA-256 | 3f2e0431aa427592a575437b66bdc0a85215a479d21c84a10bf295c095007de3
OpenFuck.c
Posted Mar 14, 2003
Authored by SPAX | Site spabam.tk

Remote exploit for Apache + OpenSSL v0.9.6d and below. This exploit is based upon the openssl-too-open exploit by Solar Eclipse and offers more than 130 targets including various flavors of Linux.

tags | exploit, remote
systems | linux
SHA-256 | 3a5210e98085c90e9f463fc1ab409702683f014b9cd595a3baf694c9a429a289
cpanel.pl
Posted Mar 14, 2003
Authored by SPAX | Site spabam.tk

Remote CGI exploit written in Perl for Cpanel 5 Guestbook. Spawns a bash shell with the uid of the webserver.

tags | exploit, remote, shell, cgi, perl, bash
SHA-256 | ca9f2885c908445eb60e8177358c48d394aa727280a6bb55d5f86eff26d45bb7
ssl-timing.pdf
Posted Mar 14, 2003
Authored by David Brumley, Dan Boneh

A paper written on timing attacks against OpenSSL 0.9.7. In this experiment, it shows that the extraction of private keys from an OpenSSL-based webserver is realistic. Monitoring about a million queries allows an attackers to remotely extract a 1024-bit RSA private key.

tags | paper
SHA-256 | 3d4961ee75c84a008149b8dd877da26a4c5981aca08e27f73afa074a0c1cf0a5
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close