exploit the possibilities
Showing 1 - 25 of 228 RSS Feed

Files Date: 2004-11-01 to 2004-11-30

Posted Nov 28, 2004
Site cipherdyne.org

Port Scan Attack Detector (psad) is a collection of four lightweight daemons written in Perl and C that are designed to work with Linux firewalling code (iptables and ipchains) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate. Changelog available here.

Changes: p0f-style passive OS fingerprinting has been added through the use of the OPT field in iptables log messages. There is a bugfix for iptables log messages that include TCP sequence numbers, in addition to other bug fixes.
tags | remote, kernel, udp, perl, tcp
systems | linux
MD5 | f932bc9063810a8798fbc4c9730be9a4
Posted Nov 25, 2004
Authored by Nithen Naidoo

FTP server spider, written in perl. Scans a ftp server to get the entire directory structure, detect anonymous access and writable directories, and look for user specified data. Not tested against Windows ftpd.

tags | tool, scanner, perl
systems | windows, unix
MD5 | e8c27b5dfc647be35cefe32afd5bd366
Posted Nov 24, 2004
Authored by Thun

This forwards connections on any port you want to any host & port you like. Added the ability to select which device to listen on. Based on Laq's relay.3.

tags | tool
systems | unix
MD5 | 8e550e97fcbd9798504057657196313e
iDEFENSE Security Advisory 2004-11-22.t
Posted Nov 24, 2004
Authored by Jouko Pynnonen, iDefense Labs | Site klikki.fi

iDEFENSE Security Advisory 11.22.04 - J2SE prior to v1.4.2_06 contains serious remote vulnerabilities which allow applets loaded in browsers to load an unsafe class, and write to any file on a users system. IE, Mozilla, and Firefox can lead to compromise on Linux and Windows systems if a malicious web page is loaded.

tags | advisory, remote, web, vulnerability
systems | linux, windows
advisories | CVE-2004-1029
MD5 | 589ce64427e67a02d8109eeaf1fd0809
Posted Nov 24, 2004
Authored by Stefan Esser | Site security.e-matters.de

Cryus v2.2.8 and below contains four remote vulnerabilities, including one which is pre-authentication. Fix available here.

tags | advisory, remote, vulnerability
advisories | CVE-2004-1011, CVE-2004-1012, CVE-2004-1013
MD5 | d4db20d02f1bf3f8bb227f7379525a1a
Posted Nov 24, 2004
Authored by Brett Moore SA | Site security-assessment.com

SecureCRT v4.1 and below contains a remotely exploitable command execution vulnerability. Patch available here.

tags | advisory
MD5 | 47bd4d35a9f090227c841786ea8584b3
Posted Nov 24, 2004
Authored by Brett Moore SA | Site security-assessment.com

A remotely exploitable stack overflow has been found in Winamp version 5.05 and below which allows malformed m3u playlists to execute arbitrary code. Fix available here.

tags | advisory, overflow, arbitrary
MD5 | 7b3cfd0296132b1fdbd30266a79b6e9c
Posted Nov 24, 2004
Authored by evilrabbi

PhpBB v1.0.0 - 2.0.10 remote exploit which takes advantage of a bug in admin_cash.php. Opens a back door on a tcp port.

tags | exploit, remote, php, tcp
MD5 | 3f3f2f16c17761e910f11a2cb42cc9c0
Posted Nov 24, 2004
Authored by ECL Team

Local user input handling vulnerabilities exist in WCI's TC-IDE Embedded Linux prior to v1.54 which allow local users with access to the tools provided with the system to spawn a root console, gaining full control over the running Linux operating system. In corporate environments where this product is being used, such vulnerabilities could cause disastrous effects, all users are encouraged to update to the latest firmware ASAP.

tags | exploit, local, root, vulnerability
systems | linux
MD5 | 2eb22b307cc833cd042d1b49d8b116c4
Openwall Linux Kernel Patch
Posted Nov 24, 2004
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: 2.4.28-ow1 fixes a number of security-related bugs, including the local root ELF loader vulnerabilities discovered by Paul Starzetz, a race condition with reads from Unix domain sockets (potential local root), and smbfs support vulnerabilities discovered by Stefan Esser (remote DoS by a malicious smbfs server; potential: remote root by a malicious smbfs server).
tags | overflow, kernel
systems | linux
MD5 | a17719c83b71c328ef92b53761f3819a
Posted Nov 24, 2004
Authored by Travis Schack

Mailtraq Version remote exploit which allows SYSTEM level access while using the Mailtraq administration console. Requires a Mailtraq admin account.

tags | exploit, remote
MD5 | 427df7d3b6fffda815a1a52caea03bb8
Posted Nov 24, 2004
Authored by priestmaster | Site priestmaster.org

Efuzz is an easy to use Win32 tcp/udp protocol fuzzer which finds unknown buffer overflows in local and remote services. Uses config files to define the range of malformed requests. Includes C source, released under GPL.

tags | remote, overflow, local, udp, tcp, protocol, fuzzer
systems | windows, 32
MD5 | 3c8c380489c496390c8128be757b1a5d
Posted Nov 24, 2004
Authored by Serkan Akpolat | Site deicide.siyahsapka.org

Prozilla-1.3.6 remote client side stack overflow exploit, tested against current Gentoo, slackware, Debian, and suse.

tags | exploit, remote, overflow
systems | linux, suse, slackware, debian, gentoo
MD5 | 9a0268a366aa17a0540e97e9a3beee8c
Posted Nov 21, 2004
Authored by Milos Koprla

Simple C tool and binutils patch with step by step description (HowTo_Reverse_engineering_Cisco_image.html) how to convert cisco image to MIPSIV file for reverse engineering. Allows you to dump and disassemble the text section, tested on a Cisco Catalyst 6509.

systems | cisco
MD5 | 69b035d8d5ac135be7f12daf7e8c93d6
Posted Nov 20, 2004
Authored by Pokleyzz, How Dark | Site howdark.com

Remote command execution exploit for phpBB 2.0.10 that makes use of a flaw in the viewtopic.php code.

tags | exploit, remote, php
MD5 | f921925d25c8aefc535037fe9d34cefd
Gentoo Linux Security Advisory 200411-29
Posted Nov 20, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-29 - unarj contains a buffer overflow and a directory traversal vulnerability. This could lead to overwriting of arbitrary files or the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
MD5 | d64e8594bc3721d95c03e41c483c0370
Posted Nov 20, 2004
Authored by cyber flash | Site k-otik.com

Microsoft Internet Explorer (including IE for Windows XP SP2) is reported vulnerable to a file download security warning bypass. This unpatched flaw may be exploited to download a malicious executable file masqueraded as a HTML file. Full exploitation given. Original posted on k-otik.

tags | exploit
systems | windows, xp
MD5 | efd4da6639e3f50e0df00ddbd6efee64
Posted Nov 20, 2004
Authored by Paul Starzetz | Site isec.pl

A subtle race condition in Linux kernels below 2.4.28 allow a non-root user to increment (up to 256 times) any arbitrary location(s) in kernel space. This flaw could be used to gain elevated privileges.

tags | advisory, arbitrary, kernel, root
systems | linux
MD5 | 42de458b8f020d22510cbfb0a1a95d9e
Corsaire Security Advisory 2004-07-20.1
Posted Nov 20, 2004
Authored by Stephen de Vries, Corsaire | Site penetration-testing.com

Corsaire Security Advisory - The aim of this document is to define a vulnerability in the Netopia Timbuktu 7.0.3 product for Mac OS X that suffers from a buffer overflow.

tags | advisory, overflow
systems | apple, osx
advisories | CVE-2004-0810
MD5 | 1444e99d41aca0d1fe6e55cfef2f2a69
Corsaire Security Advisory 2004-06-19.1
Posted Nov 20, 2004
Authored by Martin O'Neal, Corsaire | Site penetration-testing.com

Corsaire Security Advisory - The aim of this document is to clearly define several vulnerabilities in the Danware NetOp Host product that suffers from multiple information disclosure issues.

tags | advisory, vulnerability, info disclosure
advisories | CVE-2004-0950
MD5 | 62ac9ea687c7f3b8d3f743ef6881f1f0
Posted Nov 20, 2004
Authored by Marc Schoenefeld | Site illegalaccess.org

Opera 7.54 is vulnerable to leakage of the java sandbox, allowing malicious applets to gain privileges. This allows for information gathering as well as denial of service effects.

tags | advisory, java, denial of service
MD5 | a67b11d7269a7f701fd1a3682d495e7b
Posted Nov 20, 2004
Authored by Reed Arvin

Altiris Deployment Solution 5.6 SP1 (Hotfix E) suffers from a privilege escalation flaw that allows for SYSTEM level access. Step by step exploitation given.

tags | exploit
MD5 | 1be9fdc191a6ebdcdd6f90985f998910
Posted Nov 20, 2004
Site zonelabs.com

ZoneAlarm Security Suite and ZoneAlarm Pro have been updated to address a vulnerability in their ad-blocking functions.

tags | advisory
MD5 | 491b70c200644db74a75979fec666aef
Posted Nov 20, 2004
Authored by Reed Arvin

A privilege escalation technique can be used to gain SYSTEM level access while using the Mailtraq administration console. Mailtraq Version is vulnerable.

tags | exploit
MD5 | 570f63e06a088944b32ac1db1e0bb12f
Posted Nov 20, 2004
Authored by muts | Site whitehat.co.il

SLMail 5.x POP3 remote PASS buffer overflow exploit that binds a shell to port 4444. Tested on Windows 2000 SP4.

tags | exploit, remote, overflow, shell
systems | windows, 2k
advisories | CVE-2004-0942
MD5 | 2f39531126d87191b5ceaf073ca81878
Page 1 of 10

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By