exploit the possibilities
Showing 1 - 13 of 13 RSS Feed

Files Date: 2004-04-14

iDEFENSE Security Advisory 2004-04-14.t
Posted Apr 14, 2004
Authored by iDefense Labs, Greg MacManus | Site idefense.com

iDEFENSE Security Advisory 04.14.04: The Linux kernel performs no length checking on symbolic links stored on an ISO9660 file system, allowing a malformed CD to perform an arbitrary length overflow in kernel memory. Symbolic links on ISO9660 file systems are supported by the 'Rock Ridge' extension to the standard format. The vulnerability can be triggered by performing a directory listing on a maliciously constructed ISO file system, or attempting to access a file via a malformed symlink on such a file system. Many distributions allow local users to mount CDs, which makes them potentially vulnerable to local elevation attacks. The issue affects the 2.4.x, 2.5.x and 2.6.x kernel. Other kernel implementations may also be vulnerable.

tags | advisory, overflow, arbitrary, kernel, local
systems | linux
advisories | CVE-2004-0109
MD5 | dc7eb7e05c50a61c6678c82437100df5
emma.c
Posted Apr 14, 2004
Authored by zorlag

IRC channel key cracking utility. It attempts to crack the key to a given channel by using words from a file.

MD5 | 43e2ab16958332492919b34a522573f4
DumpSIS.zip
Posted Apr 14, 2004
Authored by Jimmy Shah

Symbian SIS file dumping utility that allows for analysis of potential malware without actual installation of files. It provides information on file headers (UIDs, Version, Number of Languages, Number of files), file list (Destination name by default, Source filename and file type).

systems | unix
MD5 | 578328fa8e962b2f93f1e82ddbde67da
cdpexpl.tgz
Posted Apr 14, 2004
Authored by priestmaster | Site priestmaster.org

Proof of concept demonstration exploit for cdp versions 0.4 and below.

tags | exploit, proof of concept
MD5 | b7e4101c43e6efa314dee08047dee947
gdbvuln.txt
Posted Apr 14, 2004
Authored by priestmaster | Site priestmaster.org

Brief tutorial on using gdb for developing exploits.

tags | paper
MD5 | 2b8f54615af9ebca8c62c6b66581d5c0
perlvuln.txt
Posted Apr 14, 2004
Authored by priestmaster | Site priestmaster.org

Brief tutorial on using Perl for developing exploits.

tags | paper, perl
MD5 | e2658d00105ae1a0461968bd73587a0e
tutorial.txt
Posted Apr 14, 2004
Authored by priestmaster | Site priestmaster.org

Small tutorial discussing common types of exploitation methods. Cites examples and points to other papers that can provide more information.

tags | paper
MD5 | 71f8bc6553a4ef863191bcc04e2fd79d
faset.tar
Posted Apr 14, 2004
Authored by detach | Site hackaholic.org

FASET stands for File And Stream Encryption Tool. This tool can be used to encrypt a file or to encrypt a stream, for example through a pipe. It uses strong 16 round Blowfish encryption in Cipher Block Chaining mode (CBC) and supports a maximum keysize of 448-bits (56 bytes). Full documentation for possible usage included.

tags | encryption
MD5 | bb157d23397057df41f8818ca1646bd2
Secunia Security Advisory 11358
Posted Apr 14, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory SA11358 - A vulnerability has been discovered in BEA WebLogic Server and WebLogic Express, which potentially allows malicious people to impersonate a user or server. The problem arises when SSL connections are established. A connection may be approved if the certificate chain is valid but the custom trust manager rejects the chain. This can potentially be exploited to gain unauthorized access. Versions affected are Server and Express 7.x through 8.x.

tags | advisory
MD5 | f1c3b4ca363790fdbe999540b5387442
Secunia Security Advisory 11356
Posted Apr 14, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory SA11356 - A security issue has been discovered in BEA WebLogic Server and WebLogic Express, which may lead to inappropriate privileges being granted. The problem arises if a parent group is deleted because child groups remains a member, after the parent group is deleted. If a parent group is re-created and granted higher privileges, those privileges are inherited by any group, which was a member of the group before being deleted. Versions affected are Server and Express 7.x through 8.x.

tags | advisory
MD5 | 8b5481ada8e20fe829f4ade25d0ec635
SurgeLDAP10.txt
Posted Apr 14, 2004
Authored by Dr. Insane | Site members.lycos.co.uk

SurgeLDAP 1.0g suffers from a directory traversal vulnerability in the user.cgi script due to a lack of input validation.

tags | exploit, cgi
MD5 | 114af6df8ed3c31a1fb8814675003e77
1stClass.txt
Posted Apr 14, 2004
Authored by Dr. Insane | Site members.lycos.co.uk

1st Class mail server 4.01 suffers from a directory traversal and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
MD5 | 5028924fba9a2451ea6c3d82cb6d2d12
ADA.image.txt
Posted Apr 14, 2004
Authored by Dr. Insane

ADA Image Server (ImgSvr) 0.4 suffers from a buffer overflow via GET requests, directory traversal vulnerabilities, and a denial of service flaw.

tags | exploit, denial of service, overflow, vulnerability
MD5 | c9af293363595a0fcc1e638e861dfdfd
Page 1 of 1
Back1Next

File Archive:

June 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    35 Files
  • 2
    Jun 2nd
    14 Files
  • 3
    Jun 3rd
    40 Files
  • 4
    Jun 4th
    22 Files
  • 5
    Jun 5th
    1 Files
  • 6
    Jun 6th
    1 Files
  • 7
    Jun 7th
    19 Files
  • 8
    Jun 8th
    14 Files
  • 9
    Jun 9th
    39 Files
  • 10
    Jun 10th
    20 Files
  • 11
    Jun 11th
    22 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close