exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2003-11-14

Nmap Scanning Utility 3.48
Posted Nov 14, 2003
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.

Changes: Integrated an enormous number of version detection service submissions. The database has almost doubled in size to 663 signatures representing 130 services. Various other feature enhancements and bug fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | b85a3569521d487f348eec697b602b0b49d6e5d08aedb81a6a7d19cc0a5c6b98
symbol.txt
Posted Nov 14, 2003
Authored by Michael Scheidell

The Symbol PDT 8100 does not attempt to change its default existing WEP keys during installation. If not changed, the PDT 8100 will reveal the WEP keys to any user in plain text by taping on the wireless icon on lower right hand of 8100 and scrolling to the 'encryption tab'. A stolen PDT 8100 or copied keys can allow an insider the ability to totally compromise the Wi-Fi network.

tags | advisory
advisories | CVE-2003-0934
SHA-256 | 0ef878b8880cfbb42ed45bacdfc32fa99f275624901e1d58461985859e733d1f
sp-myserver0.5-dos.c
Posted Nov 14, 2003
Authored by Badpack3t | Site security-protocols.com

Remote denial of service exploit for MyServer 0.5. Malicious payload crashes the server giving a runtime error. Tested on Windows XP Pro SP1 and Windows 2000 SP3.

tags | exploit, remote, denial of service
systems | windows
SHA-256 | e035fca3aada6de19f50360c4b2ef07a3ea8445d6717a098382a678b587a876c
_SRT2003-11-13-0218.txt
Posted Nov 14, 2003
Authored by Kevin Finisterre | Site secnetops.com

Secure Network Operations Advisory SRT2003-11-13-0218 - Symantec PCAnywhere versions 10.x to 11.x allow for a local attacker to gain SYSTEM privileges via AWHOST32.exe that can be run via an icon.

tags | advisory, local
SHA-256 | 06a0532b6f5bf502d7995e8c3aae01db81045cd634c514dc2d89f1ab19d59781
superkit.tar.gz
Posted Nov 14, 2003
Authored by mostarac

Superkit is an extremely user-friendly rootkit that hides files, processes, and connections. It provides a password protected remote access connect-back shell initiated by a spoofed packet. It is loaded via /dev/kmem, without support for loadable modules required, and cannot be detected by checking the syscall table, because it redirects the kernel entry point to a private copy of the syscall table. A couple of backdoors are included.

tags | tool, remote, shell, kernel, spoof, rootkit
systems | unix
SHA-256 | 037050dd308f5665105f3ca4347b34ad15c25ee30bd808a2ca9a072a862ad100
peoplesoftCGI.txt
Posted Nov 14, 2003
Authored by Martin O'Neal

Corsaire Security Advisory - The PeopleSoft PeopleBooks Search CGI is susceptible to argument handling vulnerabilities that allow a remote attacker to gain access to files outside of the webroot.

tags | advisory, remote, cgi, vulnerability
SHA-256 | 54bdecc65f1cc150934bc3dc63cf2ef28eea6cf37d5cea1c26b8bb166ac96381
peoplesoftXSS.txt
Posted Nov 14, 2003
Authored by Martin O'Neal

Corsaire Security Advisory - The PeopleSoft IScript interface accepts a number of arguments via HTTP POST/GET calls. Using a carefully constructed URL, Java code can be executed in a users context.

tags | advisory, java, web
SHA-256 | 49c7d7dac2df8685c1ffa08b0ea2b20a702114b5f2b917806113e242380c3f43
peoplesoftServlet.txt
Posted Nov 14, 2003
Authored by Martin O'Neal

Corsaire Security Advisory - The PeopleSoft Gateway Administration utility has a servlet that discloses its full path to the configuration files on the server when improper values are passed to it.

tags | advisory
SHA-256 | 08f4265e6b6df73f2a516dc2004f39b7a6a8b4a9721fbac7e78d54b11bea003a
boomerang.tgz
Posted Nov 14, 2003
Authored by Crazy Einstein

Local exploit for the ListBox/ComboBox vulnerabilities in Win32 platforms. Included is an example of a vulnerable program. Related advisory is available here. Tested on Microsoft Windows XP.

tags | exploit, local, vulnerability
systems | windows
SHA-256 | f61c932efba689ebf07ce59c123ce316c2c38a7c038c03fa8755f5576f9aa8e1
o_wks.c
Posted Nov 14, 2003
Authored by snooq | Site angelfire.com

Remote exploit for the Microsoft Windows Workstation server (WKSSVC) buffer overflow.

tags | exploit, remote, overflow
systems | windows
SHA-256 | bc065ceb1c69049d9ee97b3557d5d4ebae7248616f8a39390fa5de28e7bc3d5e
ms03-051
Posted Nov 14, 2003
Site microsoft.com

Microsoft Security Bulletin MS03-051 - This bulletin addresses two new security vulnerabilities in Microsoft FrontPage Server Extensions, the most serious of which could enable an attacker to run arbitrary code on a user's system. The first vulnerability exists because of a buffer overrun in the remote debug functionality of FrontPage Server Extensions. The second vulnerability is a Denial of Service vulnerability that exists in the SmartHTML interpreter.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
SHA-256 | a64a5bca634bcd946c38df1abd14ced1ff623dc64459d7b7e57a6a36c3f219f5
ms03-050
Posted Nov 14, 2003
Site microsoft.com

Microsoft Security Bulletin MS03-050 - A security vulnerability exists in Microsoft Excel that could allow malicious code execution. This vulnerability exists because of the method Excel uses to check the spreadsheet before reading the macro instructions. If successfully exploited, an attacker could craft a malicious file that could bypass the macro security model. Another security vulnerability exists in Microsoft Word that could allow malicious code execution. This vulnerability exists due to to the way Word checks the length of a data value (Macro names) embedded in a document. If a specially crafted document were to be opened it could overflow a data value in Word and allow arbitrary code to be executed.

tags | advisory, overflow, arbitrary, code execution
SHA-256 | 2e65329c134cc1472436bf1dfa5a13a48429afbcc0aa286c1a69fd0eec83e2c5
ms03-049
Posted Nov 14, 2003
Site microsoft.com

Microsoft Security Bulletin MS03-049 - A security vulnerability exists in the Workstation service that could allow remote code execution on an affected system. This vulnerability results because of an unchecked buffer in the Workstation service. If exploited, an attacker could gain System privileges on an affected system, or could cause the Workstation service to fail. An attacker could take any action on the system, including installing programs, viewing data, changing data, or deleting data, or creating new accounts with full privileges.

tags | advisory, remote, code execution
SHA-256 | 2ebf3e9a6635c0389c71cb5892f6c16f50e7ee7d9b2ac16950fd17ef4028aea8
ms03-048
Posted Nov 14, 2003
Site microsoft.com

Microsoft Security Bulletin MS03-048 - A cumulative update patch has been released for Internet Explorer that includes the functionality of all the previously-released updates for Internet Explorer 5.01, Internet Explorer 5.5, and Internet Explorer 6.0. Additionally, it eliminates the following five newly-discovered vulnerabilities.

tags | advisory, vulnerability
SHA-256 | dfc29d27adae94c6b106aaaf9545a35d4b5a7adc9870d2ce88bb70b85d0bef8c
chemtrailX.c
Posted Nov 14, 2003
Authored by Knight420

Proof of concept local root exploit for iwconfig that is normally not setuid by default. Tested on RedHat Linux 9.0.

tags | exploit, local, root, proof of concept
systems | linux, redhat
SHA-256 | 900adc73f0a4fc2b4182803bfcc16f80cd94ca002ee0ac21aa6db656ba58a29f
sa2003-07.txt
Posted Nov 14, 2003
Authored by NSFOCUS | Site nsfocus.com

NSFOCUS Security Advisory SA2003-07 - The HP-UX Software Distributor utilities are susceptible to a buffer overflow vulnerability when reading in the LANG variable since they do not perform any bounds checking on its size. Due to this, local attackers could gain root privileges.

tags | advisory, overflow, local, root
systems | hpux
advisories | CVE-2003-0089
SHA-256 | fa7084e4341d66e2414719a1aa4874b255b2255729d312209d47cbdb4f8997bd
sa2003-08.txt
Posted Nov 14, 2003
Authored by NSFOCUS | Site nsfocus.com

NSFOCUS Security Advisory SA2003-08 - Do to a lack of input validation on the NLSPATH variable, libc on HP-UX is susceptible to a format string vulnerability that will allow a local attacker to gain root privileges.

tags | advisory, local, root
systems | hpux
advisories | CVE-2003-0090
SHA-256 | 7763824063b03d4c3ebd80f0f6e25b25ad766c35105b7d94923ec0e3e6a15b2b
fortigate2.txt
Posted Nov 14, 2003
Authored by Maarten Hartsuijker

Fortigate firewall pre 2.50 maintenance release 4 allows a remote attacker to inject hostile code into an administrative interface. This vulnerability, used in conjunction with the fact that the username and MD5 hash of the user's password are stored in a cookie, allows a remote attacker to trick an administrator into giving up their credentials.

tags | advisory, remote
SHA-256 | 10520ea52ac2e94c5e4b69055bcaa957dce33e5e0594b94759fc3b4eefda58aa
iw-config.c
Posted Nov 14, 2003
Authored by heka

Proof of concept local root exploit for iwconfig, which is not setuid by default.

tags | exploit, local, root, proof of concept
SHA-256 | 3dbd8972e7b154e7c02eb7d11c3f0d3cc45103a8a209a3c7caa8f4999642cd99
kpr-winkill.c
Posted Nov 14, 2003
Authored by Koper

Microsoft Windows 95/98/98SE denial of service utility that makes use of malformed NETBIOS packets to lock-up and reboot the machine.

tags | denial of service
systems | windows
SHA-256 | 926d171c8c658d8861fb0067abda1bc605fcc9caf1e0a70a1986947d8c097432
termxploit.c
Posted Nov 14, 2003
Authored by Phender

TerminatorX version 3.81 and below local root exploit. Makes use of vulnerabilities discussed in this related advisory.

tags | exploit, local, root, vulnerability
SHA-256 | 353e26a854dbb90fd2e44d12f9a85d391324bccb56e027c9fdb3393227f42737
terminatorX-exp.c
Posted Nov 14, 2003
Authored by Li0n7

TerminatorX version 3.81 and below local root exploit. Bruteforcing option included. Makes use of vulnerabilities discussed in this related advisory.

tags | exploit, local, root, vulnerability
SHA-256 | d2ae0f1ca62a0e762c3a10af9db9cf6b2ec2a061ba6c99cecdfaeadde1df7ea5
SRT2003-11-11-1151.txt
Posted Nov 14, 2003
Authored by Kevin Finisterre | Site secnetops.com

Secure Network Operations Advisory SRT2003-11-11-1151 - Clam AntiVirus versions clamav-0.60 through clamav-0.60p are subject to format string attacks that allow a remote attacker to commit a denial of service and possibly perform remote command execution.

tags | advisory, remote, denial of service
SHA-256 | 10ef4bf26c1ab47ad1a7b53bc21aae94a7fe570686b961eb6d52b4a3d73035fa
CA-2003-28.MS.txt
Posted Nov 14, 2003
Site cert.org

CERT Advisory CA-2003-28 - A specially crafted network message can trigger a buffer overflow in Microsoft's Workstation server. The vulnerability is caused by a flaw in the network management functions of the DCE/RPC service and a logging function implemented in Workstation Service (WKSSVC.DLL). Various RPC functions will permit the passing of long strings to the vsprintf() routine that is used to create log entries. The vsprintf() routine contains no bounds checking for parameters thus creating a buffer overflow situation.

tags | advisory, overflow
SHA-256 | 979392a63ca9d86583ec3f6402dafeb1c0ea7237bc2af925d5f46a51e7c89a47
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close