exploit the possibilities
Showing 1 - 25 of 349 RSS Feed

Files Date: 2005-04-01 to 2005-04-30

Posted Apr 28, 2005
Authored by X-Hacker

Motorola SBV5120 cable modem denial of service exploit v0.1.

tags | exploit, denial of service
MD5 | 8fcb34b9de0660ee6d76d1a921e7b077
Posted Apr 28, 2005
Authored by un10x | Site 0x90sec.tk

This is a fast banner scanner which uses fork().

tags | tool, scanner
systems | unix
MD5 | 8f7ae86fe1b681827ddbffdcb0b2daef
Posted Apr 28, 2005
Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: Supports E-smith (SME 6.0), updated Fedora core 2 hashes, and many cool improvements to the installer and the tools. Also fixes a bug with the --allow-ssh-root-user option.
tags | tool, shell, perl, integrity, rootkit
systems | netbsd, unix, solaris
MD5 | d3f653233376af34bcdd2837cff56a3a
Posted Apr 27, 2005
Authored by vade79 | Site fakehalo.us

Tcpdump v3.8.x/3.9.1 remote infinite loop denial of service exploit which takes advantage of the isis_print() function by sending a GRE packet.

tags | exploit, remote, denial of service
MD5 | a350bbe8a4a509d9a7ea62aee31f4411
Posted Apr 27, 2005
Authored by vade79 | Site fakehalo.us

Tcpdump v3.8.x and below remote denial of service exploit which causes tcpdump to go into an infinite loop when it processes an evil BGP packet. Works if TCP port 179 is not filtered.

tags | exploit, remote, denial of service, tcp
MD5 | 7910a287be1c5dc61afe4be886bba8be
Posted Apr 27, 2005
Authored by vade79 | Site fakehalo.us

Tcpdump v3.8.3 and below remote denial of service exploit which causes tcpdump to go into an infinite loop when it processes an evil LDP packet.

tags | exploit, remote, denial of service
MD5 | 3991741f125a8d4af45b16bccb9449a5
Posted Apr 27, 2005
Authored by vade79 | Site fakehalo.us

Tcpdump v3.9.1 and below and Ethereal v0.10.10 and below remote denial of service exploit which takes advantage of a bug in rsvp_print().

tags | exploit, remote, denial of service
MD5 | e53d15334d77bab6ccbe7c0f187f5ca9
Posted Apr 27, 2005
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Added a new mini-preprocessor to catch the X-Link2State vulnerability, which can be configured to drop the offending connection when in Inline-mode. Also, issues with suppressing sfPortscan Open Ports have been fixed.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
MD5 | 06bf140893e7cb120aaa9372d10a0100
Posted Apr 24, 2005

Many XML/RPC servers based on Python / Ruby seem to be vulnerable to a simple Denial of Service where transmitting a large amount of data (circa 4 MB) results in them utilizing 100% of the CPU and apparently never recovering.

tags | advisory, denial of service, python, ruby
MD5 | bf78ed2c3f69d946d00477dcd7a001ec
Posted Apr 24, 2005
Authored by David Remahl | Site remahl.se

AppleWebKit XMLHttpRequest arbitrary file disclosure - Apple Safari 1.2+, Apple RSS 2.0 pre-release, OmniGroup OmniWeb 5.1+, as well as other software based on a common engine, are vulnerable to malicious webservers attacking them and retrieving information (arbitrary files on disk).

tags | advisory, arbitrary
systems | apple
MD5 | cf0c4e84a3ad8a3644cb13974a057dc2
Gentoo Linux Security Advisory 200504-14
Posted Apr 24, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200504-14 - Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discovered a Denial of Service vulnerability, a syntax error caused monkeyd to zero out unallocated memory should a zero byte file be requested. Versions less than 0.9.1 are affected.

tags | advisory, denial of service
systems | linux, gentoo
MD5 | 7484c4d9f139e0fbb3588db7f4dcd8b5
Posted Apr 24, 2005
Authored by Robert Fly | Site hyperdose.com

Musicmatch installs an ActiveX control which can then be called by other sites (totally unrelated to musicmatch). The ActiveX control allows for arbitrary files on the user's disk to be overwritten.

tags | advisory, arbitrary, activex
MD5 | a7909b1105fc11d2517d4ec83033f60f
Posted Apr 24, 2005
Site ophcrack.sourceforge.net

Ophcrack version 2.0. Ophcrack is a cracker aimed at NT-style (LANMAN) password-hashes. It uses a large precomputed hash database to crack the majority of all passwords within a matter of seconds, rather than hours or days as would be the case if you search the entire likely keyspace each time you are looking for a specific password. This type of cracking is based on a technique referred to as "rainbow tables".

tags | cracker
MD5 | 7ff3f70a5bfdf9410c609aa47fee9214
Posted Apr 24, 2005
Site overflow.pl

System's protected with libsafe my not be fully protected when multithreaded applications are running on them: a brief attack window may exist where an attack can execute malicious code without libsafe being called to verify things as safe.

tags | advisory
MD5 | 3cffc3a846e233428294afcecc02757d
Posted Apr 24, 2005
Site overflow.pl

GOCR (Gnu Optical Character Recognition) contains a heap overflow.

tags | advisory, overflow
MD5 | 62f8acb3e0968ea4932d62319c4f617f
Posted Apr 24, 2005
Site security.debian.org

Debian Security Advisory DSA 709-1 - libexif remote buffer overflow. Sylvain Defresne discovered a buffer overflow in libexif, a library that parses EXIF files (such as JPEG files with extra tags).

tags | advisory, remote, overflow
systems | linux, debian
advisories | CVE-2005-0664
MD5 | 1f3ee7c450ba7ded2f371453e57307ff
Posted Apr 24, 2005
Authored by Jordi Corrales | Site shellsec.net

Dameware stores the username / password of the currently connected user in cleartext somewhere on its heap. (Note: a great number of other remote-access products probably do this as well).

tags | advisory, remote
MD5 | 6886f49e4bafe1d96f70e5f69d811df7
Posted Apr 24, 2005
Authored by Dr. Peter Bieringer | Site aerasec.de

The log function in Perl's Net::Server module (used by postgrey, among other tools) is vulnerable to format string attacks. However, it is not clear what the exact impact of this is in a Perl environment.

tags | advisory, perl
MD5 | 3767307653939ab1f99821507769fb63
Posted Apr 24, 2005
Site freebsd.org

The SIOCGIFCONF ioctl, used to request the kernel to produce a list of interfaces, can be exploited to reveal 12 bytes of memory. It is not at all guaranteed that this memory will contain anything interesting.

tags | kernel
systems | freebsd
MD5 | 66eb4676bc3cd1b2175f219366017011
Posted Apr 24, 2005
Authored by Luigi Auriemma | Site aluigi.altervista.org

Yager, an online air-combat simulation game, is vulnerable to several overflows as well as several Denial of Service attacks. This advisory details issues in versions up to 5.24.

tags | advisory, denial of service, overflow
MD5 | 30f3ab11ce3b70217434562a33a160df
Posted Apr 20, 2005
Authored by Shalom Carmel | Site venera.com

The default POP3 server installed on iSeries boxes allows for username enumeration. This PDF contains a table converting POP3 login errorcodes to their actual meanings.

tags | advisory
MD5 | ae799c704cb402a2a24f7519be23be2a
Posted Apr 20, 2005
Authored by 3APA3A | Site security.nnov.ru

The InternetCreateUrlW function of wininet.dll, a core component of Internet Explorer, is vulnerable to a buffer overflow attack when the source buffer is copied into the destination buffer using WideCharToMultiByte. In practice this is probably only useful for Denial of Service attacks (if that) and still requires some social-engineering to actually exploit this.

tags | advisory, denial of service, overflow
MD5 | e8aa17f57952998a8d3c7cb862511780
Posted Apr 20, 2005
Authored by Robert Fly

Older versions of MusicMatch (like a large number of other software packages, including core components of Windows) make an insecure call to CreateProcess. This is a local attack which requires that an attack can write files to the root of the C:\ drive, something that actually is possible with versions of Winows prior to XP.

tags | advisory, local, root
systems | windows
MD5 | b3dbd2ef75700f33eaa28b64ce9538ad
Ubuntu Security Notice 111-1
Posted Apr 20, 2005
Authored by Ubuntu | Site ubuntu.com

Ubuntu Security Notice USN-111-1 - A remote Denial of Service vulnerability has been discovered in Squid. Versions of ubunto up to 2.5.5-6ubuntu0.7 may contain vulnerable versions of squid.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2005-0718
MD5 | c1bdf923532eec630b11bb7d1e9d6cac
Posted Apr 20, 2005

Sumus, a Internet-based cardgame program, is vulnerable to a stack-based buffer-overflow in the server component.

tags | exploit, overflow
MD5 | eaf54b1362348681b9d86ec29f77a1ca
Page 1 of 14

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    1 Files
  • 29
    Nov 29th
    11 Files
  • 30
    Nov 30th
    7 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By