exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 152 RSS Feed

Files Date: 2006-11-16

katsniff.c
Posted Nov 16, 2006
Authored by Kris Katterjohn

A simple ICMP/TCP/UDP packet sniffer that was written for and tested on Linux.

tags | tool, udp, sniffer, tcp
systems | linux
SHA-256 | b5998435a4a0e12b7ec376aaf53a26839c8421fdbe23f0273a52109c470a54aa
kerio_WebSTAR_pwn.pl.txt
Posted Nov 16, 2006
Authored by Kevin Finisterre | Site digitalmunition.com

Local privilege escalation exploit for Kerio WebSTAR versions 5.4.2 and below which suffer from a local privilege escalation vulnerability due to an improper loading of a library.

tags | exploit, local
SHA-256 | 348e6138bc49a3143247bec9a4c214653ceca1ead1eb83b9e524b1b7cf979444
DMA-2006-1115a.txt
Posted Nov 16, 2006
Authored by Kevin Finisterre | Site digitalmunition.com

Kerio WebSTAR versions 5.4.2 and below suffer from a local privilege escalation vulnerability due to an improper loading of a library.

tags | advisory, local
SHA-256 | 8aef29338e469e924e743135fe46ec140c3e14f4a70c29302bca1c5781c28d15
slrc.sh.txt
Posted Nov 16, 2006
Authored by Stefan Behte | Site ge.mine.nu

SLRC is a simple bash script put together to crack rar archives on Linux.

tags | cracker, bash
systems | linux
SHA-256 | 3eb62117334b9dc42cf227a04409053ed722aa6e8092e51f6c63540a8b3f0a94
Zero Day Initiative Advisory 06-042
Posted Nov 16, 2006
Authored by Sullo, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to proxy web attacks and scan internal hosts through vulnerable installations of Verity Ultraseek. Authentication is not required to exploit this vulnerability. The specific flaw exists within the highlight script used to highlight search terms on spidered pages. An attacker can directly access the highlight script at '/highlight/index.html' to pass parameters to and retrieve content from arbitrary URLs. The same script can also be abused to enumerate otherwise inaccessible internal addresses and open ports.

tags | advisory, remote, web, arbitrary
advisories | CVE-2006-5819
SHA-256 | e68c46d4144a326c7191c980791ede05f02dbf23e2688633f2284d6ec20a8528
outpost-failures.txt
Posted Nov 16, 2006
Site matousec.com

Outpost Firewall PRO version 4.0 (and possibly older versions) hooks many functions in SSDT and in at least twelve cases it fails to validate arguments that come from user mode.

tags | advisory
SHA-256 | bc9bb6e4e3f4642ad76c49bc4cedd0802595ee2c321bb23fda2456831e0ad726
openssh-4.5p1_backdoored.tar.gz
Posted Nov 16, 2006
Authored by santabug

Backdoored version of OpenSSH 4.5p1 that logs passwords to /var/tmp/sshbug.txt.

tags | tool, rootkit
systems | unix
SHA-256 | 9a8ba9bc0a0cb4015271c8d343320c84897ad229fee3c44666e47b7b5162e52d
Debian Linux Security Advisory 1212-1
Posted Nov 16, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1212-1 - Two denial of service vulnerabilities have been found in the OpenSSH server. The sshd support for ssh protocol version 1 does not properly handle duplicate incoming blocks. This could allow a remote attacker to cause sshd to consume significant CPU resources leading to a denial of service. A signal handler race condition could potentially allow a remote attacker to crash sshd and could theoretically lead to the ability to execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability, protocol
systems | linux, debian
advisories | CVE-2006-4924, CVE-2006-5051
SHA-256 | d055d29f8a677bdf5ebce0328815231b0d4096388f3230b3d97eaa2ca84bea58
OpenPKG Security Advisory 2006.34
Posted Nov 16, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.034 - Miloslav Trmac from Red Hat discovered a buffer overflow in GNU Texinfo. The flaw was found in a function used by Texinfo's texi2dvi and texindex commands. An attacker could construct a carefully crafted Texinfo file that could cause texi2dvi or texindex to crash or possibly execute arbitrary code when opened.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2006-4810
SHA-256 | 878e47113669a4f4780cad26b04bda1aa8d62ebe2073d4f4aa25c8cb53347bd8
flushipchains.c
Posted Nov 16, 2006
Authored by Kris Katterjohn

This shellcode does a execve("ipchains -F") in 41 bytes for Linux/x86.

tags | x86, shellcode
systems | linux
SHA-256 | e742f9afc4b4c28d5ccc45d6e151176a73545cd305be09731907f104d0d080c3
trustedbsd-firewire.txt
Posted Nov 16, 2006
Authored by Rodrigo Rubira Branco | Site kernelhacking.com

The Firewire device enabled by default in the GENERIC kernel for TrusedBSD* defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.

tags | advisory, kernel, local
SHA-256 | f94ae1bcce3d81531804a53063bbcd52822d657019342bcde89ef71668151272
dragonflybsd-firewire.txt
Posted Nov 16, 2006
Authored by Rodrigo Rubira Branco | Site kernelhacking.com

The Firewire device enabled by default in the GENERIC kernel for DragonFlyBSD defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.

tags | advisory, kernel, local
SHA-256 | 544872d3cf1474aa8017d59d4555b331e3d8e6bc6286478e935ee38627971745
netbsd-firewire.txt
Posted Nov 16, 2006
Authored by Rodrigo Rubira Branco | Site kernelhacking.com

The Firewire device enabled by default in the GENERIC kernel for NetBSD defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.

tags | advisory, kernel, local
systems | netbsd
SHA-256 | 13c192bac8d2f8ab8a9022715e1340029f8bed9822169e74a3ea56a0de711ecb
freebsd-firewire.txt
Posted Nov 16, 2006
Authored by Rodrigo Rubira Branco | Site kernelhacking.com

The Firewire device enabled by default in the GENERIC kernel for FreeBSD defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.

tags | advisory, kernel, local
systems | freebsd
SHA-256 | 82423b755e39255304cd291c2c1e57430c3c394fcfe1bff6e87af69b61b6bb54
bsd.patch
Posted Nov 16, 2006
Authored by Rodrigo Rubira Branco | Site kernelhacking.com

Firewire patch for BSD kernels that fixes an improper length check.

tags | kernel, patch
systems | unix, bsd
SHA-256 | e5d6f7c84c09a9181031304f08adb48507c1fa8f8d06c44330f6609ff4321308
advchk-1.02.tar.gz
Posted Nov 16, 2006
Authored by Stephan Schmieder | Site advchk.unixgu.ru

Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery.

systems | unix
SHA-256 | c6e3d2322a93ddcef837aad2f9599c06aeeaa9d93aa14a78f8e2924b069de388
DrKnock.zip
Posted Nov 16, 2006
Authored by Olivier ROCH VILATO | Site sourceforge.net

DrKnock is a port knocking solution based on sig2knock by Cappella and Tan Chew Keong (http://www.security.org.sg/code/portknock1.html). Right now, the only functional improvement over sig2knock is the ability to use the client under Windows XP SP2. The client and server work on both Unix and Windows.

tags | tool, web, scanner
systems | windows, unix
SHA-256 | 0969a77fe8ed08a8e9fa2ae30b8308c43d4f7c3712f918655a5e719bab5e0be4
vthrottle-0.60.tar.gz
Posted Nov 16, 2006
Authored by Jose Nazario | Site monkey.org

vthrottle is an implementation of an SMTP throttling engine for Sendmail servers, based upon M. Williamson's mechanisms, as described in his 2003 Usenix Security paper. It allows the administrator to control how much email users and hosts may send, hindering the rapid spread of viruses, worms, and spam. Exceptions can be made using a whitelist mechanism, which can be generated manually or with the included tool vmeasure.

Changes: Miscellaneous updates.
tags | worm
systems | unix
SHA-256 | 81371e8cfdf739eccf59b70ac3a40d53a00742977da0f7c73029f63c7261246e
tm-20061111-0.tar.gz
Posted Nov 16, 2006
Authored by TU Munich, TU Berlin, ICSI | Site net.t-labs.tu-berlin.de

The timemachine can record the entire contents of a high-volume network traffic stream in order to later "travel back in time" and inspect activity that has only become interesting in retrospect. Two examples of use are security forensics (determining just how an attacker compromised a given machine) and network trouble-shooting, such as inspecting the precursors to a fault after the fault. The timemachine is designed to work in Gigabit environments and to store several days of network traffic.

tags | tool, sniffer
SHA-256 | d1c8b279cc9d1626bd858e6e908c26b6074c5828b4bfd6353908545a1e7abc72
Secunia Security Advisory 22933
Posted Nov 16, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - r0ut3r has discovered some vulnerabilities in torrentflux-b4rt, which can be exploited by malicious people to gain system access or to manipulate data.

tags | advisory, vulnerability
SHA-256 | 99393de284ce3c159972cdd1110048018e8c67fef8a1b0293266eb7fd35577ee
Mandriva Linux Security Advisory 2006.208
Posted Nov 16, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-208 - An unspecified vulnerability in OpenLDAP allows remote attackers to cause a denial of service (daemon crash) via a certain combination of SASL Bind requests that triggers an assertion failure in libldap.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2006-5779
SHA-256 | 72f0ced9408a8f34ea32a355dc0ff4f5ac47cbd33bf5978148a3a7850f1552da
Mandriva Linux Security Advisory 2006.207
Posted Nov 16, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-207 - The BIND DNS server is vulnerable to the recently-discovered OpenSSL RSA signature verification problem. BIND uses RSA cryptography as part of its DNSSEC implementation.

tags | advisory
systems | linux, mandriva
advisories | CVE-2006-4339
SHA-256 | 04844bb9f90e36eee3500f3a14039e283c71395210931aac5bca624f2996a049
linkssmbclient.txt
Posted Nov 16, 2006
Authored by Teemu Salmela

There is a flaw in the Links web browser version 1.00pre12 that allows malicious web sites to execute smbclient commands on the victim's machine.

tags | exploit, web
SHA-256 | 6121dc9c6ffa689fd764304d625c202668733f31a7533ba6ec5ed3c9bbb4f0f0
ms06070.c
Posted Nov 16, 2006
Authored by cocoruder | Site ruder.cdut.net

Microsoft Windows Wkssvc NetrJoinDomain2 stack overflow exploit that works against the vulnerability described in MS06-070.

tags | exploit, overflow
systems | windows
SHA-256 | 13641e3cc338d4d93cf646f8124f402f3a5400b71465e1773c54a6e526d6c0a1
winzip-bof.txt
Posted Nov 16, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

WinZIP versions 10.0.7245 and below FileView ActiveX control remote buffer overflow exploit.

tags | exploit, remote, overflow, activex
SHA-256 | a55c09bb96fdc249ab51759f91535b4960838cdf65004233a7630f189ec5dda1
Page 1 of 7
Back12345Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    20 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close