what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2003-12-15

Posted Dec 15, 2003
Authored by Watercloud | Site xfocus.org

X_hp-ux11i_nls_ct.c is a local root format string exploit for /usr/bin/ct tested on HP-UX B11.11. Uses the NLSPATH vulnerability described here.

tags | exploit, local, root
systems | hpux
SHA-256 | 71dde078136563709d69fffe76fe51d144aa3f58c1a83dfd88e0d7845f48b687
Posted Dec 15, 2003
Authored by Angelo Rosiello, rosiello | Site rosiello.org

Find file routine for Windows, in asm.

systems | windows
SHA-256 | 0b7f4f98ac3878c2534bdee8d0045cfa8a21c3084b6b3c175293850771857d70
Posted Dec 15, 2003
Authored by Fugi

DNS reflection denial of service attack, in perl.

tags | denial of service, perl
SHA-256 | a368a34d10ea873cc0c842888f12b59a2dffaefd52f32d4d2973d6f74182a5c9
Posted Dec 15, 2003
Authored by Oscar Linderholm

Mvdsv Quake Server v0.171 and below remote exploit. Tested against Debian GNU/Linux 3.0 and Slackware 9.0. Includes a patched Quake source which includes shellcode in cl_main.c which binds a shell to port 30464.

tags | exploit, remote, shell, shellcode
systems | linux, slackware, debian
SHA-256 | 30a5e6805df4145c2e675df1b085f969cb03d35f69cc9143029a9300b4cc4caa
Posted Dec 15, 2003
Authored by GML | Site phrick.net

Buffer Builder v1.5 is a tool which assists in building buffer overflow strings for local and remote exploits. Goes well with a disassembler and netcat and contains several useful shell codes.

Changes: Added ability to change offset, cleaned up output, added more byte order parameters, added new shellcodes, fixed $SHELLCODE offset calculation problem on freebsd, and added author strings to shellcode.
tags | remote, overflow, shell, local, shellcode
SHA-256 | 39c3af509337569eee964333a3439de850f8fc3714f170e17d504bf6ee4104ed
Posted Dec 15, 2003
Authored by Dr. Insane

WarFTPD v1.82.0.2 and below remote denial of service exploit, win32 binary. Disables WarFTPD by making multiple connections, causing the server to stop accepting new connections, and crash after two days.

tags | exploit, remote, denial of service
systems | windows
SHA-256 | 8bf7426ed1dc76d02428fbb97a2a3528d8b853a4f90f55b79a8b0ec534da0fc2
Posted Dec 15, 2003
Authored by Phender

Thttpd v2.21 through 2.23b1 remote denial of service buffer overflow exploit.

tags | exploit, remote, denial of service, overflow
SHA-256 | dc4ab59e4569091147040021c6785d26637756f5863cd9d183215b3d2809884d
Posted Dec 15, 2003
Authored by Luke Macken

Viagra.pl is a linux hardening script which implements the /proc suggestions in the article available at http://www.securityfocus.com/infocus/1711. Disables ICMP ping replies, broadcast replies, source routed packets, packet spoofing protection, ignores ICMP redirects, packet forwarding, changes ip fragmentation buffers, allowed local sockets, rate limit ICMP replies, reject new ARP entries, change arp timeouts, enables syncookies, and more.

tags | web, local, spoof
systems | linux
SHA-256 | bd9dbf517e0f7ab18068c895eb5122a0fb0808a9ec37fccfbdbf19d0586c069a
Posted Dec 15, 2003
Authored by decka_trash

Thttpd v2.21 through 2.23b1 remote denial of service buffer overflow exploit. Tested against FreeBSD, SunOS 4, Solaris 2, BSD/OS, Linux, and OSF.

tags | exploit, remote, denial of service, overflow
systems | linux, solaris, freebsd, bsd
SHA-256 | 38d094daad04305c09883e203114d57290f80d0373787893a50500e94e4263e9
Posted Dec 15, 2003
Authored by Slaizer

The FlexWATCH surveillance camera server (tested FlexWATCH-50 web ver 2.2 Build Nov 18 2003) is used by many banks and "secure" places and contains remotely exploitable vulnerabilities which allow remote attackers to view camera footage, add users, remove users, change the configuration, disable camera surveillance, cross site scripting, and more.

tags | exploit, remote, web, vulnerability, xss
SHA-256 | 4934d0e7b56716500ef80132c3567024e4d6fe3186aa10eb1cec0cc51e6eb833
Posted Dec 15, 2003

Dcom RPC remote win32 exploit, ported to Windows for compilation with VC++ 6. Uses "magic keys" to find the offset. Ported by Lordy

tags | exploit, remote
systems | windows
SHA-256 | 132c24caa22412268215f455fb5e2eb14b4e96dd8f2b7f5f467245ef0395479e
Posted Dec 15, 2003
Authored by skylazart | Site core.cx

UW-imapd v12.261, 12.264, 2000.283, 2000.284, 2000.287 and 2001.315 remote exploit which takes advantage of a bug in the body command. Requires an IMAP username and password.

tags | exploit, remote, imap
SHA-256 | 57acbd6f36f6e92260c5b0473a8510cf6873394e0cc85a088e9a5fb87f970645
Posted Dec 15, 2003
Authored by skylazart | Site core.cx

Remote exploit for login/telnetd tested on Solaris Sparc v6/7/8 which uses the TTYPROMPT vulnerability. Spawns a shell.

tags | exploit, remote, shell
systems | solaris
SHA-256 | 3255dac74a5fa59f23b39f6657e3aa239963942b62faec521f3928afcbece870
Posted Dec 15, 2003
Authored by Christophe Devine

IP Dump is a simple network traffic dump program for Linux 2.x; although it is similar to tcpdump, it does not require the libpcap library.

tags | tool, sniffer
systems | linux
SHA-256 | 09c37ddf38e986cf8e349fd6aa6ae935e9d36b782f35bb44f9f9a8cad1818ba9
Posted Dec 15, 2003
Authored by x1b

x1bscan is a console based tcp connect() port scanner with HTTP and service banner grabbing. Written in perl and compiled into a Windows executable.

tags | web, perl, tcp
systems | windows
SHA-256 | bd884f6d6a70dd8eeb9eef38b00b4d883502a0f0d34c61bb838f51dc438e0aff
Posted Dec 15, 2003
Authored by Nesumin | Site opera.rainyblue.org

Opera for Windows v7.x prior to v7.23 build 3227 contains a file overwrite vulnerability which allows remote downloads to overwrite any file on the filesystem.

tags | advisory, remote
systems | windows
SHA-256 | f4080a105f0722ecfb13159fccbb24fb407efafa0251c74c77d7beb48149e744
Posted Dec 15, 2003
Authored by Delikon | Site delikon.de

A simple tutorial on Windows Shellcoding - Shows how to write shellcode in asm that spawns a cmd shell. Includes tools to encode the asm code to avoid NULL bytes, and to generate the typical C shellcode. In Powerpoint and PDF format.

tags | paper, shell, shellcode
systems | windows
SHA-256 | d612a88f1dba4e28d11743cd0d9579d520bc1ffcfcc355aa2d650faad3da1111
Posted Dec 15, 2003
Authored by Metin Cengiz | Site rsf.gen.tr

/usr/sbin/grpck local buffer overflow exploit. Note that grpck is not setuid by default. Tested on Red Hat 7.3 and 8.0, Cobalt Linux 6.x and 7.x, Debian 2.1 and 2.2, and Mandrake 8.1 and 8.2.

tags | exploit, overflow, local
systems | linux, redhat, debian, mandrake
SHA-256 | 2f0dd037d94f0621fdf5899a98d3b4876af41cefc6e9b04e0ac95bd98280d88a
Posted Dec 15, 2003
Authored by Cowboy, 0x333 | Site 0x333.org

Ebola v0.1.4 remote stack overflow exploit tested against Red Hat 8.0. Bug found by Secure Network Operations.

tags | exploit, remote, overflow
systems | linux, redhat
SHA-256 | f87f77fdbe654f5c4799bc9de765897b0e95f1203c359f53800a5b8bf207f0aa
Posted Dec 15, 2003
Authored by Juliano Rizzo, Javier Kohen | Site coresecurity.com

Core Security Technologies Advisory CORE-2003-12-05 - New attack vectors were found for the Workstation Service vulnerability discussed in MS03-049 and the Messenger service vulnerabilities in MS03-001, MS03-026 and MS03-043. It was found that the attacks can be directed at UDP ports from spoofed source IP's, at the UDP broadcast addresses, or to ports above 1024, bypassing many firewalls by setting the source port to 53 and spoofing the packet from a trusted DNS server.

tags | advisory, udp, spoof, vulnerability
SHA-256 | 44529d93a00bb88bb168c0c51d37842dbc5cf391d901a6518dd8e0c2baf882ee
Cisco Security Advisory 20031210-ACNS-auth
Posted Dec 15, 2003
Authored by Cisco Systems | Site cisco.com

Cisco ACNS software prior to 4.2.11 or 5.0.5 contain a remotely exploitable buffer overflow which is triggered by a long password. Affected devices include Content Routers 4400 series, Content Distribution Manager 4600 series, Content Engine 500 and 7300 series, and Content Engine Module for Cisco Routers 2600, 3600 and 3700 series. Workaround is to disable the CE GUI with the command "no gui-server enable".

tags | overflow
systems | cisco
SHA-256 | e1fbc10f5a4b3db1525b14117a3a9d796203a1de05f9e836b730be2377f7e173
Posted Dec 15, 2003
Authored by konewka | Site olek.org

Bindshell which has a password and defaults to tcp port 1348. Includes the ability to only allow certain IP's.

tags | tool, tcp, rootkit
systems | unix
SHA-256 | a99092c6a71a54dd9ddcfb2fa7d85132274feaf9c4e7738d40c42a4ecdc05cf2
Posted Dec 15, 2003
Authored by Mark Litchfield, Sherief Hammad, Rob Horton | Site ngssoftware.com

Sybase Adaptive Server Anywhere v9.0.0, the relational database at the core of SQL Anywhere Studio 8 contains over 50 vulnerabilities including format string overflows, buffer overflows, and denial of service conditions. Fix available here.

tags | advisory, denial of service, overflow, vulnerability
SHA-256 | 85b020d178f9754cbb630b420899e0a35ec15ff5fd3c3ba755e03d19390d2f14
Page 1 of 1

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By