exploit the possibilities
Showing 1 - 25 of 152 RSS Feed

Files Date: 2006-11-16

katsniff.c
Posted Nov 16, 2006
Authored by Kris Katterjohn

A simple ICMP/TCP/UDP packet sniffer that was written for and tested on Linux.

tags | tool, udp, sniffer, tcp
systems | linux
MD5 | 047cbc79c160dd2b932a853e25639043
kerio_WebSTAR_pwn.pl.txt
Posted Nov 16, 2006
Authored by Kevin Finisterre | Site digitalmunition.com

Local privilege escalation exploit for Kerio WebSTAR versions 5.4.2 and below which suffer from a local privilege escalation vulnerability due to an improper loading of a library.

tags | exploit, local
MD5 | a579660f0da9f3f25f527efa6d560184
DMA-2006-1115a.txt
Posted Nov 16, 2006
Authored by Kevin Finisterre | Site digitalmunition.com

Kerio WebSTAR versions 5.4.2 and below suffer from a local privilege escalation vulnerability due to an improper loading of a library.

tags | advisory, local
MD5 | 09885700e3cb27238d5f117272966e65
slrc.sh.txt
Posted Nov 16, 2006
Authored by Stefan Behte | Site ge.mine.nu

SLRC is a simple bash script put together to crack rar archives on Linux.

tags | cracker, bash
systems | linux
MD5 | 1da28315f05267bad8de52045cc7c0b4
Zero Day Initiative Advisory 06-042
Posted Nov 16, 2006
Authored by Sullo, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to proxy web attacks and scan internal hosts through vulnerable installations of Verity Ultraseek. Authentication is not required to exploit this vulnerability. The specific flaw exists within the highlight script used to highlight search terms on spidered pages. An attacker can directly access the highlight script at '/highlight/index.html' to pass parameters to and retrieve content from arbitrary URLs. The same script can also be abused to enumerate otherwise inaccessible internal addresses and open ports.

tags | advisory, remote, web, arbitrary
advisories | CVE-2006-5819
MD5 | 99c032d405a177ee8e3a87b4df6ceef2
outpost-failures.txt
Posted Nov 16, 2006
Site matousec.com

Outpost Firewall PRO version 4.0 (and possibly older versions) hooks many functions in SSDT and in at least twelve cases it fails to validate arguments that come from user mode.

tags | advisory
MD5 | 53c661980a56348ae91ae63facb3c7a9
openssh-4.5p1_backdoored.tar.gz
Posted Nov 16, 2006
Authored by santabug

Backdoored version of OpenSSH 4.5p1 that logs passwords to /var/tmp/sshbug.txt.

tags | tool, rootkit
systems | unix
MD5 | 98c87de1cf5683f9400828281e3f0769
Debian Linux Security Advisory 1212-1
Posted Nov 16, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1212-1 - Two denial of service vulnerabilities have been found in the OpenSSH server. The sshd support for ssh protocol version 1 does not properly handle duplicate incoming blocks. This could allow a remote attacker to cause sshd to consume significant CPU resources leading to a denial of service. A signal handler race condition could potentially allow a remote attacker to crash sshd and could theoretically lead to the ability to execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability, protocol
systems | linux, debian
advisories | CVE-2006-4924, CVE-2006-5051
MD5 | 51971b066a8eeebbdfb1d58b79d8767e
OpenPKG Security Advisory 2006.34
Posted Nov 16, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.034 - Miloslav Trmac from Red Hat discovered a buffer overflow in GNU Texinfo. The flaw was found in a function used by Texinfo's texi2dvi and texindex commands. An attacker could construct a carefully crafted Texinfo file that could cause texi2dvi or texindex to crash or possibly execute arbitrary code when opened.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2006-4810
MD5 | 357716bd18fe692b04d953df901466f2
flushipchains.c
Posted Nov 16, 2006
Authored by Kris Katterjohn

This shellcode does a execve("ipchains -F") in 41 bytes for Linux/x86.

tags | x86, shellcode
systems | linux
MD5 | 9f3204522b110440c71a0070cd759d8c
trustedbsd-firewire.txt
Posted Nov 16, 2006
Authored by Rodrigo Rubira Branco | Site kernelhacking.com

The Firewire device enabled by default in the GENERIC kernel for TrusedBSD* defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.

tags | advisory, kernel, local
MD5 | c4aa48265643c1fa61a56a7322579d01
dragonflybsd-firewire.txt
Posted Nov 16, 2006
Authored by Rodrigo Rubira Branco | Site kernelhacking.com

The Firewire device enabled by default in the GENERIC kernel for DragonFlyBSD defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.

tags | advisory, kernel, local
MD5 | e1730287e3cb0a8eb2886226197ccde0
netbsd-firewire.txt
Posted Nov 16, 2006
Authored by Rodrigo Rubira Branco | Site kernelhacking.com

The Firewire device enabled by default in the GENERIC kernel for NetBSD defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.

tags | advisory, kernel, local
systems | netbsd
MD5 | d64c96b48c1144754f29164eff425a33
freebsd-firewire.txt
Posted Nov 16, 2006
Authored by Rodrigo Rubira Branco | Site kernelhacking.com

The Firewire device enabled by default in the GENERIC kernel for FreeBSD defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.

tags | advisory, kernel, local
systems | freebsd
MD5 | 9bf61a2d6a3b88f11455cec5f19352c2
bsd.patch
Posted Nov 16, 2006
Authored by Rodrigo Rubira Branco | Site kernelhacking.com

Firewire patch for BSD kernels that fixes an improper length check.

tags | kernel, patch
systems | unix, bsd
MD5 | ee54941f2801ae7dffe4bf7236120a89
advchk-1.02.tar.gz
Posted Nov 16, 2006
Authored by Stephan Schmieder | Site advchk.unixgu.ru

Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery.

systems | unix
MD5 | 4caff34ae0e645e05ef731446d3a671a
DrKnock.zip
Posted Nov 16, 2006
Authored by Olivier ROCH VILATO | Site sourceforge.net

DrKnock is a port knocking solution based on sig2knock by Cappella and Tan Chew Keong (http://www.security.org.sg/code/portknock1.html). Right now, the only functional improvement over sig2knock is the ability to use the client under Windows XP SP2. The client and server work on both Unix and Windows.

tags | tool, web, scanner
systems | windows, unix, xp
MD5 | e5e9b5761d8fadc916d74119e5e3775f
vthrottle-0.60.tar.gz
Posted Nov 16, 2006
Authored by Jose Nazario | Site monkey.org

vthrottle is an implementation of an SMTP throttling engine for Sendmail servers, based upon M. Williamson's mechanisms, as described in his 2003 Usenix Security paper. It allows the administrator to control how much email users and hosts may send, hindering the rapid spread of viruses, worms, and spam. Exceptions can be made using a whitelist mechanism, which can be generated manually or with the included tool vmeasure.

Changes: Miscellaneous updates.
tags | worm
systems | unix
MD5 | 54bbcfefd188d4132efa6a21b37bb8ca
tm-20061111-0.tar.gz
Posted Nov 16, 2006
Authored by TU Munich, TU Berlin, ICSI | Site net.t-labs.tu-berlin.de

The timemachine can record the entire contents of a high-volume network traffic stream in order to later "travel back in time" and inspect activity that has only become interesting in retrospect. Two examples of use are security forensics (determining just how an attacker compromised a given machine) and network trouble-shooting, such as inspecting the precursors to a fault after the fault. The timemachine is designed to work in Gigabit environments and to store several days of network traffic.

tags | tool, sniffer
MD5 | c84b46199c3624438291a32f9a436912
Secunia Security Advisory 22933
Posted Nov 16, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - r0ut3r has discovered some vulnerabilities in torrentflux-b4rt, which can be exploited by malicious people to gain system access or to manipulate data.

tags | advisory, vulnerability
MD5 | f4e7cc1da6ab1b6a6810cd8250911ef7
Mandriva Linux Security Advisory 2006.208
Posted Nov 16, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-208 - An unspecified vulnerability in OpenLDAP allows remote attackers to cause a denial of service (daemon crash) via a certain combination of SASL Bind requests that triggers an assertion failure in libldap.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2006-5779
MD5 | f0c1c532227c9ff07f1e441a5d477e05
Mandriva Linux Security Advisory 2006.207
Posted Nov 16, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-207 - The BIND DNS server is vulnerable to the recently-discovered OpenSSL RSA signature verification problem. BIND uses RSA cryptography as part of its DNSSEC implementation.

tags | advisory
systems | linux, mandriva
advisories | CVE-2006-4339
MD5 | 4104389466279b56bbe309055b3063c2
linkssmbclient.txt
Posted Nov 16, 2006
Authored by Teemu Salmela

There is a flaw in the Links web browser version 1.00pre12 that allows malicious web sites to execute smbclient commands on the victim's machine.

tags | exploit, web
MD5 | f9dcd627eaa4d20499c332231ccf1445
ms06070.c
Posted Nov 16, 2006
Authored by cocoruder | Site ruder.cdut.net

Microsoft Windows Wkssvc NetrJoinDomain2 stack overflow exploit that works against the vulnerability described in MS06-070.

tags | exploit, overflow
systems | windows
MD5 | 5f345c7860fdf68e10b87e540f99880d
winzip-bof.txt
Posted Nov 16, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

WinZIP versions 10.0.7245 and below FileView ActiveX control remote buffer overflow exploit.

tags | exploit, remote, overflow, activex
MD5 | 421934b64e514f5fd6e14e2a68eee841
Page 1 of 7
Back12345Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    31 Files
  • 8
    Apr 8th
    18 Files
  • 9
    Apr 9th
    11 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close