Exploit the possiblities
Showing 1 - 23 of 23 RSS Feed

Files Date: 2005-01-05

plash-1.4.tar.gz
Posted Jan 5, 2005
Authored by Mark Seaborn | Site cs.jhu.edu

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

tags | tool, shell, kernel
systems | linux, unix
MD5 | e7887736fadee25d07d6c959af492e88
snort2pf-3.4.tar.gz
Posted Jan 5, 2005
Authored by Stephan Schmieder | Site bsd-security.org

Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.

Changes: Fixed to work with OpenBSD 3.6's pf-code.
tags | tool, perl, sniffer
MD5 | 63fb96989fe69efcd686c2d24dd331d2
Vuurmuur-0.5.58.tar.gz
Posted Jan 5, 2005
Authored by Victor Julien | Site vuurmuur.sourceforge.net

Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.

Changes: Bugfix release.
tags | tool, firewall, bash
systems | linux
MD5 | a208bfc520b52827fb0ba4036549d89a
bglimiter-0.1.tar.gz
Posted Jan 5, 2005
Authored by Albert S. Causing | Site coderhythms.com

Utility for limiting background processes on a per user basis on BSD platforms.

systems | unix, bsd
MD5 | bb6f80188c7b96c3be3ced59b63bbfc3
mybbSQL.txt
Posted Jan 5, 2005
Authored by scottm

MyBB is prone to a SQL injection attack within the uid parameter of member.php. The flaw allows for retrieval of the admin password hash. Sample exploit provided.

tags | exploit, php, sql injection
MD5 | e6d1d80285c702f9aef7e683bff126fb
Gentoo Linux Security Advisory 200501-2
Posted Jan 5, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200501-02 - The fixps and psmandup scripts in the a2ps package are vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files. Versions below 4.13c-r2 are affected.

tags | advisory, arbitrary, local
systems | linux, gentoo
MD5 | 08a824f9f2b16aaa953758e984841f92
QWikiwiki.txt
Posted Jan 5, 2005
Authored by Madelman

QWikiwiki 1.4.1 is susceptible to a directory traversal vulnerability. Detailed exploitation provided.

tags | exploit
MD5 | c3fff0ed07b6980af216deb6169b95d7
russian2.tgz
Posted Jan 5, 2005
Authored by inuyasha

Russian word list that has 296790 words.

tags | cracker
MD5 | 67988ec80a5f8e6b624c6918d0d5d686
soldnersock.zip
Posted Jan 5, 2005
Authored by Luigi Auriemma | Site aluigi.altervista.org

Remote proof of concept exploit for Soldner that demonstrates a socket termination when an oversized UDP packet is sent to the server.

tags | exploit, remote, udp, proof of concept
MD5 | 97f85864195a95985c845b23f9848a3d
soldnersock.txt
Posted Jan 5, 2005
Authored by Luigi Auriemma | Site aluigi.altervista.org

Soldner, the tactical military game by Wings Simulations, is susceptible to silent socket termination, format string, and cross site scripting flaws.

tags | advisory, xss
MD5 | 09ca6cac04b57166d3a7695c4b036697
KDE Security Advisory 2005-01-01.1
Posted Jan 5, 2005
Authored by KDE Desktop | Site kde.org

KDE Security Advisory: KDE applications which use the ftp kioslave, e.g. Konqueror, allow remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains an URL-encoded newline ( %0a ) before the ftp command, which causes the commands to be inserted into the resulting FTP session. Due to similarities between the ftp and the SMTP protocol, this vulnerability allows to misuse the ftp slave to connect to a SMTP server and issue arbitrary commands, like sending an email. Systems affected: All KDE releases up to including KDE 3.3.2.

tags | advisory, remote, arbitrary, protocol
advisories | CVE-2004-1165
MD5 | 3af2dd0e12572e297f77d9a3106813fb
Secunia Security Advisory 13701
Posted Jan 5, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Michael Krax has reported a vulnerability in Bugzilla, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 98c70c8eb02b043d19574c3877096b62
scanner_ndde.c
Posted Jan 5, 2005
Authored by Gogu Gigi

Microsoft Windows NetDDE scanner that makes use of a remote code execution vulnerability due to an unchecked buffer.

tags | exploit, remote, code execution
systems | windows
MD5 | e35e458299ec6ed53336864a059dc467
ad20041011.txt
Posted Jan 5, 2005
Authored by Sowhat | Site secway.org

3Com's 3CDaemon 2.0 revision 10 is susceptible to multiple vulnerabilities ranging from various format string and denial of service flaws.

tags | exploit, denial of service, vulnerability
MD5 | 70f67f8c67fad4e6be72a2ea54c68c6f
iWebNegar.c
Posted Jan 5, 2005
Authored by c0d3r, hossein asgary

iWebNegar version 1.1 remote configuration nullification denial of service exploit.

tags | exploit, remote, denial of service
MD5 | 06b94ca728a3a7b374c2588781694558
thc-pptp-bruter-0.1.4.tar.gz
Posted Jan 5, 2005
Authored by thc | Site thc.org

pptp-bruter is a brute force program that works against pptp vpn endpoints (tcp port 1723). It is fully standalone and supports the latest MSChapV2 authentication. It exploits a weakness in Microsoft's anti-brute force implementation which makes it possible to try 300 passwords the second. Tested against Microsoft Windows and Cisco gateways.

tags | tcp
systems | cisco, windows
MD5 | f4406280a796a69f46de2ac5eea48547
hydra-4.5-src.tar.gz
Posted Jan 5, 2005
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Enhancements and bug fixes for modules.
tags | web, imap
systems | cisco
MD5 | 04c45be0ded184d0f7e92c7a4a936f82
secres04012005.txt
Posted Jan 5, 2005
Authored by Jakob Balle | Site secunia.com

Secunia Research has discovered a vulnerability in Mozilla / Mozilla Firefox, which can be exploited to spoof the source displayed in the Download Dialog box. The problem is that long sub-domains and paths are not displayed correctly, which therefore can be exploited to obfuscate what is being displayed in the source field of the Download Dialog box. The vulnerability has been confirmed in Mozilla 1.7.3 for Linux and Mozilla Firefox 1.0.

tags | advisory, spoof
systems | linux
MD5 | 3693d378d99b3ed884ca8b5b80855e59
top_ex.pl
Posted Jan 5, 2005
Authored by Kevin Finisterre

Proof of concept exploit for an old format string vulnerability in setuid versions of top. This vulnerability has popped back up in the Solaris 10 Companion CD.

tags | exploit, proof of concept
systems | solaris
MD5 | 30e63e8e67f59c652ec55c5f2f5cfc66
DMA-2005-0103a.txt
Posted Jan 5, 2005
Authored by Kevin Finisterre

An old format string vulnerability in setuid versions of top has popped back up in the Solaris 10 Companion CD.

tags | advisory
systems | solaris
MD5 | f282577de5d9528cd1589872e9513731
PhotoPost.txt
Posted Jan 5, 2005
Authored by James Bercegay | Site gulftech.org

GulfTech Security Research - PhotoPost PHP versions 4.8.6 and below suffer from cross site scripting and SQL injection flaws. Sample exploitation given.

tags | exploit, php, xss, sql injection
MD5 | a8252c4a7a9a930d42220a299a3a2a0f
ReviewPost.txt
Posted Jan 5, 2005
Authored by James Bercegay | Site gulftech.org

GulfTech Security Research - ReviewPost PHP Pro versions below 2.84 suffer from cross site scripting and SQL injection attacks. Sample exploitation given.

tags | exploit, php, xss, sql injection
MD5 | cc9424064ae6b740688d1fdf641acd1d
firewallbypass.tgz
Posted Jan 5, 2005
Authored by Ferruh Mavituna | Site ferruh.mavituna.com

A generic problem of common personal firewall products is the allowance of shortcuts or interfaces for controlling traffic. Manipulation of these functions can allow for firewall bypass altogether. Various proof of concepts are included for products such as Zone Alarm, Kerio, Agnitium Outpost firewall, Kaspersky Anti-Hacker, Symantec's Norton Personal Firewall, and more.

tags | exploit, proof of concept
MD5 | 683f4f847425dcd4616eab03d0c8f4ee
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close