exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files Date: 2003-10-02

opensslAgain.txt
Posted Oct 2, 2003
Authored by Patrik Hornik

Originally discovered in the source code for build 32 of the RedHat OpenSSL rpm, another denial of service vulnerability was recently discovered that would disable an SSLv2 server. Any build after 32 of the RedHat RPM and 0.9.7c of OpenSSL have already addressed and fixed this issue.

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | 00325774735f7cdba433936c32fc5730fe0ffd361e1b8f7dfc2fb8ab13d87a16
MOSDEF0.1.tgz
Posted Oct 2, 2003
Authored by Dave Aitel | Site immunitysec.com

MOSDEF is a 100% Python retargetable compiler for C->shellcode that has been released to the public under the LGPL.

tags | tool, shellcode, python
systems | unix
SHA-256 | 54e0931a0105789ff6e3a81c696033a19f35fb5cfc10aafb6e9eddb334d14ddf
FreeBSD Security Advisory 2003.16
Posted Oct 2, 2003
Authored by The FreeBSD Project, Joost Pol | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-03:16.filedesc - A programming error in the readv system call can result in the given file descriptor's reference count being erroneously incremented. A local attacker may cause the operating system to crash by repeatedly calling readv on a file descriptor until the reference count wraps to a negative value, and then calling close on that file descriptor. Similarly, it may be possible to cause a file descriptor to reference unallocated kernel memory, but remain valid. If a new file is later opened and the kernel allocates the new file structure at the same memory location, then an attacker may be able to gain read or write access to that file. This may in turn lead to privilege escalation. This affects releases 4.3-RELEASE through 4.8 RELEASE.

tags | advisory, kernel, local
systems | freebsd
SHA-256 | d77bc848ba499127eb6972feeba3dbe40a919dde740117b4638758fd937de5da
login-back.c
Posted Oct 2, 2003
Authored by tracewar

Backdoor for login where the original binary must be renamed and only gets called whenever the remote user's TERM variable is not set to the magic password. If the magic password is set, the user gets the option of a shell with or without logging.

tags | tool, remote, shell, rootkit
systems | unix
SHA-256 | e3fb9f9f65c704ddf3602b2cf854c54524ca1cacb73518276e083cfaff3953db
metacoretex-0.8.0.tar.gz
Posted Oct 2, 2003
Authored by visigoth

MetaCoretex is an entirely JAVA based vulnerability scanning framework which puts special emphasis on databases. Probe objects are written in JAVA for the sake of the ability to extend the AbstractProbe class. Additionally, probe generators make the process of writing simple probes a small task for the end user.

tags | tool, java, scanner
systems | unix
SHA-256 | 0f255567fa1caf70c3334bd61230aa9dde253ce31bff72e0226181ee36f712d9
prockill.txt
Posted Oct 2, 2003
Authored by Brett Moore SA | Site security-assessment.com

Inside the PostThreadMessage API, any user of any security level can give a WM_QUIT message causing the process to terminate. Sample exploit code included.

tags | exploit
SHA-256 | dae92371caa61085fff77e818f7e1bd44af495374120d1706c46fb9deee38189
gspoof-3.1.tar.gz
Posted Oct 2, 2003
Authored by embyte | Site gspoof.sourceforge.net

Gspoof is a GTK+ program written in C which makes easy and accurate the building and the sending of TCP packets with or without a data payload. It's possible to modify TCP/IP fields or the Ethernet header.

tags | tcp
systems | unix
SHA-256 | a4311747ff8a38a89d69720d50bd74ace8857b74985661d5b99d7d5e671dcff9
ssh477.txt
Posted Oct 2, 2003
Site ssh.com

SSH Communications Security announced that a vulnerability has been detected in the way that SSH Sentinel handles the decoding of BER/DER encoded packets which may result in a denial of service. The find is derived from the recent ASN.1 parsing problems discovered by NISCC. All versions from 3.0 to 3.2.5 are affected.

tags | advisory, denial of service
SHA-256 | 9cc69d43825cb7247caee0b7b03f789f52e208df386f3d3bc72f339b70910477
ssh476.txt
Posted Oct 2, 2003
Site ssh.com

SSH Communications Security announced that a vulnerability has been detected in the way it handles the decoding of BER/DER encoded packets which may result in a denial of service. The find is derived from the recent ASN.1 parsing problems discovered by NISCC. All versions from 3.0 to 3.2.5 are affected.

tags | advisory, denial of service
SHA-256 | 3324ecd2262e4c5dc21e88abef9407a8723e04a8fc0f3d179145198703413202
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close