exploit the possibilities
Showing 1 - 25 of 35 RSS Feed

Files Date: 2006-01-08

ms05-055.c
Posted Jan 8, 2006
Authored by SoBeIt

Microsoft Windows Kernel APC Data-Free local privilege escalation vulnerability exploit.

tags | exploit, kernel, local
systems | windows
MD5 | 3364bf57dfbfff5b82e1c2917e44cfc5
ihs_winrar.c
Posted Jan 8, 2006
Authored by c0d3r

WinRAR local buffer overflow exploit for versions 3.3.0 and below.

tags | exploit, overflow, local
MD5 | 68a94ebfd48c42c061dfb8437d23f021
linvpn-3.0.tar.gz
Posted Jan 8, 2006
Authored by Alexandre Fiori | Site linvpn.sourceforge.net

Linvpn is a secure socket layer for pppd. It allows creation of virtual private networks by using an IP routing system between PPP network interfaces. Cryptography is done by libgcrypt's 3DES or blowfish, and Initialization Vector (IV) is changed in each packet transmission. As linvpn works as client and server, and communication is a single TCP connection, it allows creation of secure tunnels even in complex network layouts, when one or both endpoints are behind a firewall or NAT, with or without dynamic IP addresses.

tags | tool, tcp
systems | unix
MD5 | 94255d8df28fc44ee67fd3fd1fe77cb3
shade-1.0.0-src.tar.gz
Posted Jan 8, 2006
Authored by zeroth404 | Site shade.sourceforge.net

Shade (Steganographically Hide and Analyze Data Entries) is a versatile and feature-rich program designed to analyze and manipulate the LSBs (least significant bits) of files. LSB manipulation is a form of steganography, the art or science of making the existence of information undetectable by normal means. This is achieved by writing the contents of a file to the LSBs of a separate and inconspicuous host file.

tags | encryption, steganography
MD5 | 914f98dfe1c73f936e795b6b7d718986
snortsms-1.2.2.tar.gz
Posted Jan 8, 2006
Authored by SmithJ108 | Site snortsms.servangle.net

SnortSMS is a highly configurable sensor management system that provides the ability to remotely administer Snort [and Barnyard] based Intrusion Detection Systems (IDS), push configuration files, add/edit rules, and monitor system health and statistics, all from a simple and clean Web interface console. Whether you have one or multiple Snort sensors, it can help unify and synchronize all sensor configurations.

Changes: Various fixes and enhancements.
tags | tool, web, sniffer
MD5 | 40c577ee51dd2aa83c75b0a6e4960fb9
TOR Virtual Network Tunneling Tool 0.1.0.16
Posted Jan 8, 2006
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Various bug fixes.
tags | tool, remote, local, peer2peer
MD5 | 13631507b8eeee5d6e8fd245dc3eef4f
vr-10.0e.tar.gz
Posted Jan 8, 2006
Site visualware.com

VisualRoute is a traceroute tool which displays a map of the path to the destination server by looking up the geographical location of each traceroute hop. The network service provider is identified for each hop, and instant domain and network whois information enable quick problem or abuse reporting.

Changes: Optional reporting of full Whois lookup record.
systems | unix
MD5 | d0394fd5d093acb830dfd27390827c3e
Gentoo Linux Security Advisory 200601-4
Posted Jan 8, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200601-04 - Tim Shelton discovered that vmnet-natd, the host module providing NAT-style networking for VMware guest operating systems, is unable to process incorrect 'EPRT' and 'PORT' FTP requests. Versions less than 5.5.1.19175 are affected.

tags | advisory
systems | linux, gentoo
MD5 | c0f65423d0f84c342825ad60d991290c
EV0019.txt
Posted Jan 8, 2006
Authored by Aliaksandr Hartsuyeu

NavBoard BBcode version 16 Stable (2.6.0) is susceptible to cross site scripting attacks. Exploitation details provided.

tags | exploit, xss
MD5 | 795dcec7a4b3981f729c758dd838b026
fuzzer-cirt.tgz
Posted Jan 8, 2006
Site cirt.dk

A simple TCP/UDP protocol Fuzzer version 1.0.

tags | udp, tcp, protocol, fuzzer
MD5 | dad0879daea0478cd9a898bf8f3925b6
EV0017.txt
Posted Jan 8, 2006
Authored by Aliaksandr Hartsuyeu

TheWebForum version 1.2.1 is susceptible to cross site scripting and SQL injection attacks. Exploitation details provided.

tags | exploit, xss, sql injection
MD5 | bae4e106cc7612ff061fa6c458a550d0
Gentoo Linux Security Advisory 200601-3
Posted Jan 8, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200601-03 - Patrice Fournier discovered that HylaFAX runs the notify script on untrusted user input. Furthermore, users can log in without a password when HylaFAX is installed with the pam USE-flag disabled. Versions less than 4.2.3-r1 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 83ffe9f2f439954f90015fa3ca4bd7b0
Ubuntu Security Notice 238-2
Posted Jan 8, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-238-2 - Damian Put discovered that Blender did not properly validate a length value in .blend files. Negative values led to an insufficiently sized memory allocation. By tricking a user into opening a specially crafted .blend file, this could be exploited to execute arbitrary code with the privileges of the Blender user.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2005-4470
MD5 | 0df14be9c51888dea426148b1f276df0
Ubuntu Security Notice 237-1
Posted Jan 8, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-237-1 - Kurt Fitzner discovered that the NBD (network block device) server did not correctly verify the maximum size of request packets. By sending specially crafted large request packets, a remote attacker who is allowed to access the server could exploit this to execute arbitrary code with root privileges.

tags | advisory, remote, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2005-3354
MD5 | ce39275a3d5c27f267a55a7ac698237e
reconCFP2006.txt
Posted Jan 8, 2006
Site recon.cx

RECON 2006 Call For Papers - RECON is a security conference taking place in downtown Montreal from the 16th to 18th of June 2006. The call for papers will end on March 31st.

tags | paper, conference
MD5 | 4e4ceae663992c8a4ee435e16ab82cc7
EV0016.txt
Posted Jan 8, 2006
Authored by Aliaksandr Hartsuyeu

Proyecto Domus version 2.10 is susceptible to a cross site scripting vulnerability. Exploitation details provided.

tags | exploit, xss
MD5 | afec9a648f52c5327ffda04fcbe5ce4e
Apple Security Advisory 2006-01-05
Posted Jan 8, 2006
Authored by Apple | Site apple.com

A malicious network attacker that can generate specially crafted packets may be able to cause an AirPort base station's network interface to stop responding normally, resulting in a denial-of-service.

tags | advisory
advisories | CVE-2005-3714
MD5 | 35885c733fa292591a7c6a33103e6900
Technical Cyber Security Alert 2006-5A
Posted Jan 8, 2006
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA06-005A - Microsoft Security Bulletin MS06-001 contains an update to fix a vulnerability in the way Microsoft Windows handles images in the Windows Metafile (WMF) format. A remote, unauthenticated attacker may be able to execute arbitrary code if the user is persuaded to view a specially crafted Windows Metafile.

tags | advisory, remote, arbitrary
systems | windows
MD5 | d633db50e3ad33d50480c1e03eb0f8d8
iDEFENSE Security Advisory 2006-01-05.3
Posted Jan 8, 2006
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 01.05.06 - Remote exploitation of a design error in Blue Coat Systems Inc.'s WinProxy allows attackers to cause a denial of service (DoS) condition. The vulnerability can be triggered by sending a large string of 0xFF characters to the telnet proxy port of the server. Sending such a string will cause a heap corruption in the Winproxy process causing it to crash.

tags | advisory, remote, denial of service
advisories | CVE-2005-3654
MD5 | 51328c7a5ad943401b04a139a636c740
iDEFENSE Security Advisory 2006-01-05.2
Posted Jan 8, 2006
Authored by iDefense Labs, Manuel Santamarina Suarez | Site idefense.com

iDefense Security Advisory 01.05.06 - Remote exploitation of a buffer overflow vulnerability in Blue Coat Systems Inc.'s WinProxy allows for the remote execution of arbitrary code by attackers. The vulnerability can be triggered by sending an overly long Host: string to the web proxy service.

tags | advisory, remote, web, overflow, arbitrary
advisories | CVE-2005-4085
MD5 | 777092cbfe22925db03c68275c4b7bf5
iDEFENSE Security Advisory 2006-01-05.1
Posted Jan 8, 2006
Authored by iDefense Labs, Manuel Santamarina Suarez | Site idefense.com

iDefense Security Advisory 01.05.06 - Remote exploitation of a design error in Blue Coat Systems Inc.'s WinProxy allows attackers to cause a denial of service (DoS) condition. The vulnerability specifically exists due to improper handling of a long HTTP request that is approximately 32,768 bytes long. When such a request occurs, the process will crash while attempting to read past the end of a memory region.

tags | advisory, remote, web, denial of service
advisories | CVE-2005-3187
MD5 | 7bbb5db0939154c658a9a2161a256079
Ubuntu Security Notice 236-1
Posted Jan 8, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-236-1 - Chris Evans discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, and tetex-bin. By tricking an user into opening a specially crafted PDF file, an attacker could exploit this to execute arbitrary code with the privileges of the application that processes the document.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627
MD5 | 3b89c5984a29f99449669b775fdef282
Ubuntu Security Notice 235-1
Posted Jan 8, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-235-1 - Charles Morris discovered a privilege escalation vulnerability in sudo. On executing Perl scripts with sudo, various environment variables that affect Perl's library search path were not cleaned properly. If sudo is set up to grant limited sudo execution of Perl scripts to normal users, this could be exploited to run arbitrary commands as the target user.

tags | advisory, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2005-4158
MD5 | daeb0e42bb6c6f4f3612de4c9a603f73
EV0015.txt
Posted Jan 8, 2006
Authored by Aliaksandr Hartsuyeu

ADNForum version 1.0b is susceptible to SQL injection and cross site scripting vulnerabilities. Exploitation details provided.

tags | exploit, vulnerability, xss, sql injection
MD5 | f56b32e64169be4a853e63ddc387ecdb
wmf-faq.txt
Posted Jan 8, 2006
Authored by H D Moore

A brief faq regarding the recent Microsoft Windows WMF vulnerability.

tags | paper
systems | windows
MD5 | c4aa0fb7f467b7586999221784a46bb7
Page 1 of 2
Back12Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close