exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2004-08-13

gv-exploit.c
Posted Aug 13, 2004
Authored by infamous42md

Local buffer overflow exploit for gv postscript viewer. Spawns a shell on port 7000.

tags | exploit, overflow, shell, local
SHA-256 | 0cb7b7a6f09c3f68f36664d22f3f314d8fdbbe9e176580147a168dec28a0d898
sptrace-1.4.0.tar.gz
Posted Aug 13, 2004
Authored by Krzysztof Burghardt | Site underground.org.pl

sptrace is a secure ptrace() module for Linux. It limits users' access to the ptrace() call. It can disable ptrace altogether, or if you add a ptrace group to your system, only users in that group will be able to use ptrace().

systems | linux
SHA-256 | 925d39bcb5258c0d96f619078df465b16b74d54e5578f6050b89569e1a9e3f5f
narc-0.7.tgz
Posted Aug 13, 2004
Authored by Shane Chen | Site knowplace.org

NARC (Netfilter Automatic Rules Configurator) is a free firewalling package for Netfilter/Iptables, released under the BSD license. It attempts to simplify the setup of a firewall (stateful packet filter) via the iptables tools. It is a bash shellscript that generates (hopefully) sensible and secure rules for Netfilter based on a simple configuration file. It features quick setup via a simple configuration file, connection tracking (and fragmentation reassembly), customized logging, probe detection (TCP and UDP), and much more.

tags | tool, udp, tcp, firewall, bash
systems | linux, bsd
SHA-256 | 60f94c7b982da63800a7f82ac756c2d00ee154997acb4cf0f1fa0a49d0296c21
sthuy_article_openvpn_29940810.B.zip
Posted Aug 13, 2004
Authored by Stijn Huyghe

This whitepaper discusses OpenVPN as a free, secure, and easy to use and configure SSL-Based VPN solution. It offers various scenarios of use.

tags | paper
SHA-256 | 3cc0030602a7611c59cb7895e284a2668cab765429606ed84dff1b4d43f04c07
iDEFENSE Security Advisory 2004-08-12.2
Posted Aug 13, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 08.12.04-2: Remote exploitation of a buffer overflow in the uudecoding feature of Adobe Acrobat Reader 5.0 for Unix allows an attacker to execute arbitrary code. The Unix and Linux versions of Adobe Acrobat Reader 5.0 automatically attempt to convert uuencoded docuements back into their original format. The vulnerability specifically exists in that Acrobat Reader fails to check the length of the filename before copying it into a fixed length buffer. This allows a maliciously constructed file to cause a buffer overflow resulting in the execution of arbitrary code.

tags | advisory, remote, overflow, arbitrary
systems | linux, unix
advisories | CVE-2004-0631
SHA-256 | 958b976a69769d6baec2b60fde3c3f54864ac66163b9ad5a24d7b3555dd2d9f7
iDEFENSE Security Advisory 2004-08-12.t
Posted Aug 13, 2004
Authored by iDefense Labs, Greg MacManus | Site idefense.com

iDEFENSE Security Advisory 08.12.04: Remote exploitation of an input validation error in the uudecoding feature of Adobe Acrobat Reader (Unix) 5.0 allows an attacker to execute arbitrary code. The Unix and Linux versions of Adobe Acrobat Reader 5.0 automatically attempt to convert uuencoded documents back into their original format. The vulnerability specifically exists in the failure of Acrobat Reader to check for the backtick shell metacharacter in the filename before executing a command with a shell. This allows a maliciously constructed filename to execute arbitrary programs.

tags | advisory, remote, arbitrary, shell
systems | linux, unix
advisories | CVE-2004-0630
SHA-256 | 6090411f468013d9881fef9aade925396aa2c0ea7ba6bb2b3ff7d794178a1713
Secunia Security Advisory 12277
Posted Aug 13, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in MAILsweeper for SMTP, which can be exploited by malicious people to cause a DoS (Denial of Service) on a vulnerable system. The vulnerability is caused due to an error when processing malformed PowerPoint files, which may cause the service to enter an endless loop and exhaust all CPU resources. Versions below 4.3.15 are affected.

tags | advisory, denial of service
SHA-256 | 95fd5620becd38fbdace61d84681190a0443ce27dd28f2f467b94b239354bcd8
glFlow-0.0.4.tar.gz
Posted Aug 13, 2004
Authored by Vlad GALU | Site night.rdslink.ro

glFlow is a pcap-based traffic analysis tool intended for monitoring high speed links. The detection algorithm is based on realtime NetFlow traffic aggregation and analysis. The code is portable across platforms, it should work on every system with working md4/md5 and pcap implementations, with very little modifications.

Changes: Fixed building with GCC 3.4.
systems | cisco
SHA-256 | 79b6a64f34273efc4ea59eb78160b32bfa41a87b272f780622e85b0db649cf22
SUSE Security Announcement 2004.25
Posted Aug 13, 2004
Authored by Sebastian Krahmer, Novell | Site suse.com

SUSE Security Announcement - The SuSE Security Team has discovered various remotely exploitable buffer overflows in the MSN-protocol parsing functions during a code review of the MSN protocol handling code of gaim. Remote attackers can execute arbitrary code as the user running the gaim client.

tags | advisory, remote, overflow, arbitrary, protocol
systems | linux, suse
advisories | CVE-2004-0500
SHA-256 | da2f9073a7f83965ed45ec7bb72412cb359a6d649f321acf0c0507490a7f2cc6
ethereal-0.10.6.tar.gz
Posted Aug 13, 2004
Authored by Gerald Combs | Site ethereal.com

Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.

Changes: Fixed an error on startup.
tags | tool, sniffer, protocol
systems | unix
SHA-256 | c81fa12c53192a26420eb3ad1256f79168e01c856dadaee09291db693ff7a036
netgearDG834G.txt
Posted Aug 13, 2004
Authored by thanasonic

The Netgear DG834G has a hardcoded root password of zebra and a debug mode that allows for an immediately available rootshell.

tags | exploit, root
SHA-256 | b999eb2868235898e0d8fc2929bc06e3e523cb6123740972c6f300b3c21e6831
yaotp-0.1.tar.gz
Posted Aug 13, 2004
Authored by thc, Plasmoid | Site thc.org

Yaotp (Yet Another One-Time Pad) implements the one-time pad cipher for en- and decryption of messages. It features real random number generation by audio sampling and hashing, key management that enforces one-time usage and irreproducible key destruction. It is the right choice for the totally paranoid geek and high-security issues beyond any imagination.

SHA-256 | f5d101e25e349399b37f97a876bfd29e59800c8dace4c42493f33574cd763767
priv8afp.pl
Posted Aug 13, 2004
Authored by wsxz | Site priv8security.com

Remote root exploit for Mac OS X versions 10.3.3, 10.3.2, and 10.2.8 that makes use of the stack buffer overflow in the Apple Filing Protocol (AFP).

tags | exploit, remote, overflow, root, protocol
systems | apple, osx
advisories | CVE-2004-0430
SHA-256 | 9f288f0368bfa21ae4ec075d1d997e64fc2e774d97728922d146a07cfacfdd0a
Secunia Security Advisory 12272
Posted Aug 13, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ziv Kamir has reported some vulnerabilities in Keene Digital Media Server, which can be exploited by malicious people to retrieve sensitive information and perform administrative tasks. The vulnerabilities have been reported in version 1.0.2. Other versions may also be affected.

tags | advisory, vulnerability
SHA-256 | 93ca61e3f228e0e110b9d19feec0dba3de5b6f4c2b36f24951786570cd98bfaf
Secunia Security Advisory 12280
Posted Aug 13, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Nokia IPSO, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability affects versions 3.5, 3.5.1, 3.6, 3.7, 3.7.1, and 3.8.

tags | advisory, denial of service
SHA-256 | 99793bbd1271fcfbcafb5e13166f91754ae3f58e3908dbb4bbb0f2601c86958e
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close