exploit the possibilities
Showing 1 - 25 of 762 RSS Feed

Files Date: 2006-01-01 to 2006-01-31

Posted Jan 30, 2006
Authored by ATmaCA | Site atmacasoft.com

Winamp versions 5.12 and below remote buffer overflow universal exploit that makes use of the PLS file handing buffer overflow flaw.

tags | exploit, remote, overflow
MD5 | dbc47c8a4f8105ead181869a3cab0c13
Posted Jan 30, 2006
Authored by Pasv

Cisco Aironet wireless access point ARP replies remote denial of service exploit. Takes advantage of the flaw originally discovered by Eric Smith.

tags | exploit, remote, denial of service
systems | cisco
MD5 | 629b072695b012fb13d8be7b7386d0aa
Nmap Scanning Utility 3.9999
Posted Jan 30, 2006
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.

Changes: Generated a new libpcre/configure to cope with changes in LibPCRE 6.4. Various other enhancements.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
MD5 | fb3fe7cd5b30f662c2b334d54ef7de9a
Scapy Packet Manipulation Tool 1.0.3
Posted Jan 30, 2006
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: See changelog.
tags | tool, scanner, python
systems | unix
MD5 | bdc5247105312c61597d5c3e00dc1127
Posted Jan 30, 2006
Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, and BeOS. Its primary purpose is to detect weak Unix passwords, but a number of other hash types are supported as well.

tags | cracker
systems | windows, unix, beos
MD5 | c8121c5304ad64c7d5893b1b8177ea53
Posted Jan 30, 2006
Authored by Markus Fraczek | Site mpscan.sourceforge.net

mpscan is a parallel network scanner that checks for open ports. It uses select() to increase its speed and was designed for rapidly scanning large networks, but also works with a single IP.

tags | tool, scanner
systems | unix
MD5 | 07699c969fdce919965c67523e21589c
Posted Jan 30, 2006
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: Added -R option.
systems | windows, unix
MD5 | 9200da98f444394011628417de518560
Posted Jan 30, 2006
Site opensc-project.org

OpenSC consists of a SmartCard library that uses any common transport API (e.g. PC/SC, CT-API, OpenCT) as its backend and applications that use the library. It has been tested extensively on Finnish Electronic Identity (FINEID) cards, but a number of other PKCS #15 and ISO 7816 compatible cards work too. Also implemented are a PKCS #11 module (e.g. for Mozilla Web/email usage), a PAM module, somewhat working OpenSSH support, an OpenSSL engine, a few basic tools, and a PKCS #15 structure generation tool for supported cards.

Changes: Various improvements. Check changelog for more info.
tags | web, library
MD5 | 5549c7c339775356784837887750d232
strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Jan 30, 2006
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: ipsec starter now supports the also parameter which allows a modular structure of the connection definitions.
tags | kernel, encryption
systems | linux
MD5 | fc35f7e491c8de8e50edb4b9db3c86cb
Posted Jan 30, 2006
Authored by Eric des Courtis

Simple utility that allows a user to switch applications while keeping a TCP connection established.

tags | tool, tcp
systems | unix
MD5 | fb917420e0c752e205e6bac225580d28
Gentoo Linux Security Advisory 200601-15
Posted Jan 30, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200601-15 - Andrew Christensen discovered that in older versions of Paros the database component HSQLDB is installed with an empty password for the database administrator sa. Versions less than or equal to 3.2.5 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 89c98e04f637d9f855db5e59f9aad074
Gentoo Linux Security Advisory 200601-14
Posted Jan 30, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200601-14 - Michael Jennings discovered an exploitable buffer overflow in the configuration engine of LibAST. Versions less than 0.7 are affected.

tags | advisory, overflow
systems | linux, gentoo
MD5 | a0deb13fa89cb6641fea43edb09fc761
Posted Jan 30, 2006
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

Whitepaper discussing three fairly interesting flaws in how HTTP cookies were designed and later implemented in various browsers.

tags | paper, web
MD5 | eb95f20964831f7e4d910c25d9af0738
Posted Jan 30, 2006
Authored by MoHaJaLi

The file hosting company rapidshare.de suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 92c1fdd496535dea73b1f57848c4bab3
Posted Jan 29, 2006
Site gleg.net

Multiple vulnerabilities in the LDAP component of CommuniGate Pro Server version 5.0.6 have been uncovered.

tags | advisory, vulnerability
MD5 | 74f6699d822dec4b4cfa6267fa505b4d
Posted Jan 29, 2006
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Fix for the ssh2 module. VMWare-Auth module added.
tags | web, imap
systems | cisco
MD5 | 75c27a72ef87daf9026e06992c95d58f
Posted Jan 29, 2006
Authored by tracewar

VP-ASP Shopping Cart version 5.50 is susceptible to SQL injection attacks.

tags | exploit, sql injection, asp
MD5 | f7775e5cbc389819c373c3ac3508f55f
Posted Jan 29, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

Score is an interactive shellcode that allows a user to work further with an exploited process. Designed for exploitation of Linux systems on x86.

tags | x86, shellcode
systems | linux
MD5 | 9aa0ec429170fa39850e110e79811180
Debian Linux Security Advisory 958-1
Posted Jan 29, 2006
Authored by Debian | Site debian.org

Debian Security Advisory DSA 958-1 - Several security related problems have been discovered in Drupal. Several cross-site scripting vulnerabilities allow remote attackers to inject arbitrary web script or HTML. When running on PHP5, Drupal does not correctly enforce user privileges, which allows remote attackers to bypass the 'access user profiles' permission. An interpretation conflict allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF or JPEG file extension.

tags | advisory, remote, web, arbitrary, vulnerability, xss
systems | linux, debian
advisories | CVE-2005-3973, CVE-2005-3974, CVE-2005-3975
MD5 | eb5b4e351da8b6ef8da44b58032ac3da
Posted Jan 29, 2006
Authored by Ken Williams | Site supportconnect.ca.com

The CA iGateway common component, which is included with several CA products for UNIX/Linux/Windows platforms, contains a buffer overflow vulnerability that can allow arbitrary code to be executed remotely with SYSTEM privileges on Windows, and cause iGateway component failure on UNIX and Linux platforms.

tags | advisory, overflow, arbitrary
systems | linux, windows, unix
MD5 | 6d70db55dc4c564b0ec58ee8e5214e32
Posted Jan 29, 2006
Authored by iM4n | Site imanonline.com

ASPThai Forums version 8.0 and below suffer from a SQL injection vulnerability.

tags | exploit, sql injection
MD5 | e8f7c37fa0929da667774c0643413fd7
Posted Jan 29, 2006
Authored by Esteban Martinez Fayo | Site argeniss.com

Oracle 10g Release 1 exploit for the GENERATESCHEMA buffer overflow with shellcode that creates a file named Unbreakable.txt.

tags | exploit, overflow, shellcode
MD5 | 58e81ef8d8f5dcde7c2a0fbf81cefc47
Posted Jan 29, 2006
Authored by Esteban Martinez Fayo | Site argeniss.com

Argeniss Security Advisory - Oracle Database Server provides the DBMS_XMLSCHEMA and DBMS_XMLSCHEMA_INT Packages that include procedures to register and delete XML schemas. These packages contain the public procedures GENERATESCHEMA and GENERATESCHEMAS that are vulnerable to buffer overflow attacks.

tags | advisory, overflow
MD5 | cb100bd23a668c0e0a5f2bfb1ca14f7e
Posted Jan 29, 2006
Site whitedust.net

A severe problem with the way browsers translate the soft-hyphen (alt + 0173) character has been brought to light which malicious users could utilise alongside a multitude of injection methods as a way to gain unauthorized access and or to spoof content on websites. Both Microsoft Internet Explorer and Mozilla Firefox are affected.

tags | advisory, spoof
MD5 | b28909e7213b7f085cd4ec456fcacb06
Posted Jan 29, 2006
Authored by Endrazine

Windows DOS emulation allows dumping of the first 1 Mo of RAM with no particular privileges needed. asm code that demonstrates this is included.

tags | exploit
systems | windows
MD5 | 1ff8a5eb6ca89e1f9f4d6b4f5253478d
Page 1 of 31

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By