what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2003-06-21

Posted Jun 21, 2003
Authored by Andrea Barisani

The Firewall Tester consists of two perl scripts, the client part (ftest) and the listening sniffer (ftestd). The client injects custom marked packets, while the sniffer listens for them. The comparison of the script's log files permit the detection of filtered packets and consequently filtering rules if the two scripts are ran on different sides of a firewall. An IDS (Intrusion Detection System) testing feature is also available and snort rule definition file can parsed instead of the standard configuration syntax, ftest can also use common IDS evasion techniques. Stateful inspection firewall and IDS can be tested with the 'connection spoofing' option. Requires: Net::RawIP, Net::PcapUtils, NetPacket.

Changes: Added support for CIDR notation, added pseudo fragments reassembly in ftestd, minor code rewrites and cleanup.
tags | tool, perl, spoof, firewall
systems | unix
SHA-256 | c48c80e3066209b78c7fbc41f645fb86367300c006054db11014fedf633d98d3
Posted Jun 21, 2003
Authored by r-code

jnethack 1.1.5 and below exploit that yields gid of games. Tested against Debian Woody 3.0.

tags | exploit
systems | linux, debian
SHA-256 | 0cac4955047c0b0311c5301dedcf27d64d4f5c78c3f77710a896d66963d8b72b
Posted Jun 21, 2003
Authored by Rick Patel

Remote exploit that makes use of a SQL injection vulnerability that exists in the /viewtopic.php file in phpBB.

tags | exploit, remote, php, sql injection
SHA-256 | ae816afd06e9754038e95b8a44efd5ef404baaa7ba725077b7e618cdab27686b
Posted Jun 21, 2003
Authored by ph1zzle

Yet another OpenSSH Patch. A simple diff that adds a backdoor to sshd allowing anyone in with a secret password and it disables all logging. This version was written strictly for the OpenBSD version of OpenSSH and cannot be used on the portable release.

tags | patch
systems | unix, openbsd
SHA-256 | 81750ac6c5c07a5d9dbed37ac1295667a41f6533df2197539ecde15327f71360
Rapid7 Security Advisory 14
Posted Jun 21, 2003
Authored by Rapid7 | Site rapid7.com

Rapid 7 Security Advisory - The secure redirect function of the RSA ACE/Agents protecting IIS, Apache, or SunONE web servers contains a cross-site scripting vulnerability. The redirector does not properly escape special characters, so requests for a URL containing special script characters will cause the ACE/Agent to emit a page containing web script which would execute in the user's browser. An attacker could potentially use this to fool unsuspecting users into entering their passphrase information, which could then be replayed by the attacker to the protected server to gain access.

tags | advisory, web, xss
SHA-256 | d332921b1cffe2e12b86291375e5c8fff2ac5021f59bc3b7ad98fa7a22fa41c9
Posted Jun 21, 2003
Authored by Gunzip

Remote exploit for Squid V2.4.DEVEL4 and below on linux/x86.

tags | exploit, remote, x86
systems | linux
SHA-256 | 4d88b1cac25a2d926015a0a76de60258e2921cc54ee0b1bed4f093b1ee59cf9e
Posted Jun 21, 2003
Authored by STG Security | Site stgsecurity.com

STG Security Advisory - Java Enterprise User Solution, or JEUS, has a cross site scripting vulnerability issue when invoking non-existent URLs.

tags | exploit, java, xss
SHA-256 | fb61d2e5a250f0d0de9f36ee16d044503666f5e77723563ef05e9844f37d058c
Posted Jun 21, 2003
Authored by Simon Castro, Alex Dyatlov | Site gray-world.net

Exploitation of data streams authorized by a network access control system for arbitrary data transfers: tunneling and covert channels over the HTTP protocol.

tags | paper, web, arbitrary, protocol
SHA-256 | 45e9e41b5b3669bd7cdaa1190fc3c1cf452a3ee7911a2a4b07f203f858377e21
HexView Security Advisory 2003-06-05.01
Posted Jun 21, 2003
Authored by HexView | Site sgi.com

SGI Security Advisory 20030605-01-A - SGI acknowledges the MIPSPro compiler temporary file vulnerability reported by Crimelabs. The have nothing else to say about it at this time.

tags | advisory
SHA-256 | 3977debbe76e19253bd052ccf85de793d7de03b7c0daa864382ffc4feafb04e9
Posted Jun 21, 2003
Authored by dsr, Angelo Rosiello, rosiello | Site rosiello.org

RPM Finder Project version 1.2 is a utility that works much like the rpmfind.net site. It supports RedHat and Mandrake Linux.

systems | linux, redhat, mandrake
SHA-256 | 6459a4c851ab66b8349b4e3c4a5708961d44bcb8b8619a9b9ba72fa620066729
Posted Jun 21, 2003
Authored by Cabezon Aurelien | Site sibylle.isecurelabs.com

Sibylle 1.0 is a password manager that make use of the following features: 3-Way block encryption, A simple and easy to use interface, and DOD 5220.22-M secure file deletion function. It is Securengine (securengine.isecurelabs.com) 3.0 compatible and offers multiple user support. All passwords are stored in an encrypted file that can be easily backed up.

SHA-256 | 006539a44fb2caa3d4724b8de1a367be71e4031cf78307c56e2b27330d6899a3
Posted Jun 21, 2003
Authored by GreyMagic Software | Site greymagic.com

Microsoft Internet Explorer 5.01, 5.5 and 6.0 has a parsing procedure with a flaw in it that may cause arbitrary script commands to be executed in the Local Zone. This can lead to potential arbitrary command execution, local file reading and other severe consequences.

tags | exploit, arbitrary, local
SHA-256 | a1540b588487d7bd0bd38292e470f26634d2bc21c8824bc90b85740e975aa019
Posted Jun 21, 2003
Authored by Michael H.G. Schmidt

This script is used to automate escalation of normal user privileges to root making use of FORTH hacking on Sparc hardware.

tags | exploit, root
SHA-256 | 325fd7bf0f7765175435cfc0edb188bbfee72d6c1fa31b5dedf1ab31c371b473
Posted Jun 21, 2003
Authored by Gabriel Maggiotti | Site qb0x.net

Xmame local root exploit for Redhat 7.0 and 7.2 which overflows the --lang switch in /usr/local/bin/xmame.x11.

tags | exploit, overflow, local, root
systems | linux, redhat
SHA-256 | 8dce5d3bb6bbe4081f8ca8af9f20e24a1da5ec801e3f803058e7c3e1025ce41f
Page 1 of 1

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By