what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2007-06-06

gdbupx-overflow.txt
Posted Jun 6, 2007
Authored by Lau KaiJern

GDB versions 6.6 and above suffer from a buffer overflow vulnerability.

tags | advisory, overflow
SHA-256 | b27ad2bcdb6a587d53ab34591698395b86c8e5844ea6001722e665e65bb4310d
CVE-2007-2815.txt
Posted Jun 6, 2007
Authored by ff0000

Exploit that takes advantage of the Microsoft IIS5 NTLM and basic authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2007-2815
SHA-256 | da48bc1fb0d7baf79ec390c809a98038135a0452d168b8ba8cd128e1daa06466
pbsite-rfi.txt
Posted Jun 6, 2007
Authored by Titanichacker

PHP Bulletin Site CMS appears to suffer from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, php, vulnerability, code execution, file inclusion
SHA-256 | b1ba54062ca6fea5e41c0950daa49f1cc4e8fbb7964b19fbeffa3bce0ca01cc5
linker-xss.txt
Posted Jun 6, 2007
Authored by Vagrant | Site e-hack.org

Linker appears to have a cross site scripting vulnerability in index.php.

tags | exploit, php, xss
SHA-256 | ac1f3444a31ad93f4a6903c064ce3deb369bbde2a5bcbd07557ef9cb535e94db
vonage-default.txt
Posted Jun 6, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

It appears that the Vonage VoIP telephone adapter comes with an embedded login of user with a password of user.

tags | exploit, telephony
SHA-256 | 8fa0bcdf0449b90a1155919f3af5b775eb05b38ec790226c77fb954515bad07b
BTP00002P004AO.zip
Posted Jun 6, 2007
Site matousec.com

Demonstration code that exploits Outpost 4.0 which fails to sufficiently protect its own mutex outpost_ipc_hdr.

tags | exploit
SHA-256 | fe47f17ca33453c8b9eb5e5edfe42dd9fdfeac116500ee496bd3faccfc2e1474
outpost40-insuff.txt
Posted Jun 6, 2007
Site matousec.com

Outpost insufficiently protects its own mutex outpost_ipc_hdr. An arbitrary process is able to open and capture this mutex. In such case, Outpost is not able to use this mutex for its synchronization and its internal mechanisms lock when they try to use it.

tags | advisory, arbitrary
SHA-256 | 4b728de6e0df39c7bfccbaed86974d325bc92b7217e6fb0afa51f4336b947dfb
Samotny_pi3.c
Posted Jun 6, 2007
Authored by Adam Zabrocki | Site pi3.int.pl

Port scanner that can perform SYN, FIN, NULL, and XMAS scans with options to perform them very slowly and in decoy mode.

tags | tool, scanner
systems | unix
SHA-256 | 2bcf0d84a7c42318177d48b119992c9c9bd61b342e62e2177213a4f763875e11
iDEFENSE Security Advisory 2007-06-01.1
Posted Jun 6, 2007
Authored by iDefense Labs, CIRT.DK | Site idefense.com

iDefense Security Advisory 06.01.07 - Remote exploitation of an input validation vulnerability in VERITAS Software Corp.'s Storage Foundation 4.3 Enterprise Administration service could allow an unauthenticated attacker to consume excessive resources or crash the service. The vulnerability specifically exists in the handling of packets delivered to the VVR Administration service port, TCP/8199. iDefense Labs confirmed that VERITAS Storage Foundation for Windows version 4.3.01 is vulnerable. It is suspected that all previous versions of are vulnerable.

tags | advisory, remote, tcp
systems | windows
advisories | CVE-2007-1593
SHA-256 | 60fb4c9663c03e96b08482498405842db453417a1bd3df36eaaeff61135c41ec
mood-nt_2.3.tgz
Posted Jun 6, 2007
Authored by darkangel | Site darkangel.antifork.org

Mood-NT 2.3 is a linux kernel rootkit for kernels 2.4.x and 2.6 versions below 2.6.20. It can hide processes, files, connections (unix, raw, and ipv6 too), promisc flag and it allows tty sniffing, exec redirection, exec parameters sniffing, has an internal private init script for starting whatever you want on boot. It has a lot of anti-detectors engines and a unique hiding engine hardware based (through the debug registers) that makes it completely stealth on x86 machines. It fully supports vsyscalls and if the kernel changes it automatically reinstall itself on boot.

tags | tool, x86, kernel, rootkit
systems | linux, unix
SHA-256 | 012a5bab721e46dbce7f6cd37dc53ff79ac5dee9f75ea82a5b9c248d286935b8
Technical Cyber Security Alert 2007-151A
Posted Jun 6, 2007
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA07-151A - The Mozilla web browser and derived products contain several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system.

tags | advisory, remote, web, arbitrary, vulnerability
SHA-256 | 04e6d8a10e0e2cd8f6003b8738d890093f482b4a4d8bf1a5bdb7ce28442dc2e4
Fwknop Port Knocking Utility
Posted Jun 6, 2007
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added support for ipfw firewalls. Added init script for FreeBSD systems. Various other additions and updates.
tags | tool, scanner, vulnerability
systems | unix
SHA-256 | 3d63f585dc5fcdbe56fc900d442168c00d79d149b4596cd0f514d17c8a2f28c3
integrit-4.1.tar.gz
Posted Jun 6, 2007
Site integrit.sourceforge.net

Integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.

Changes: Fixed exit status, considering missing files correctly as a change.
tags | tool, intrusion detection
systems | unix
SHA-256 | 2a09b670ee025d6fae756e044f780ccaca90688a97183a350927e3885174223e
Clam AntiVirus Toolkit 0.90.3
Posted Jun 6, 2007
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Various bug fixes and enhancements.
tags | virus
systems | unix
SHA-256 | 939913d15ad0dc583ba609274ae61a948f4fa18b848bd503d958feacdaab54a4
pnphpbb2-sql.txt
Posted Jun 6, 2007
Authored by Kacper | Site rahim.webd.pl

PNphpBB2 versions 1.2 and below remote SQL injection exploit that makes use of index.php.

tags | exploit, remote, php, sql injection
SHA-256 | 47afc5a4c97e41df02c44547f6330501d9a1cd766b3b8c3d6903537b97f6a4b3
quickcart-exec.txt
Posted Jun 6, 2007
Authored by Kacper | Site rahim.webd.pl

Quick.Cart version 2.2 and below remote and local file inclusion remote code execution exploit.

tags | exploit, remote, local, code execution, file inclusion
SHA-256 | 86c95ae454491be8cc208b3f4c184e8d2fc77fd324c597c8798a939d2227f051
xoopsicontent-rfi.txt
Posted Jun 6, 2007
Authored by GolD_M | Site tryag.cc

XOOPS module icontent version 1.0 remote file inclusion exploit.

tags | exploit, remote, code execution, file inclusion
SHA-256 | ef0c99441fa957c3462d80a175278987c7413f49d5a8fabe2c518ce776ab2f40
revokebb-sql.txt
Posted Jun 6, 2007
Authored by BlackHawk | Site itablackhawk.altervista.org

RevokeBB versions 1.0 RC4 and below blind SQL injection and hash retrieval exploit.

tags | exploit, sql injection
SHA-256 | c66e01abb43d2e58b3ba8908292328527f99b93ed124ddbc3b3cd6a894d427fe
pg-sql.txt
Posted Jun 6, 2007
Authored by Silentz | Site w4ck1ng.com

Particle Gallery versions 1.0.1 and below remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 41820164eee9c6ef0dd5a11bc480f168481221a5481d09bac5e9b1950eeb54df
drdos.txt
Posted Jun 6, 2007
Authored by whoppix

Distributed reflection denial of service program.

tags | denial of service
SHA-256 | ef9e2f9bd14654663df3c9614b561a442e5e3eb4a14aba3c1cdbe1263f00f448
snmpc-meta.txt
Posted Jun 6, 2007
Authored by En Douli

SNMPc versions 7.0.18 and below remote denial of service exploit. This is for the Metasploit framework.

tags | exploit, remote, denial of service
SHA-256 | 511419b9a2d3329e2b9b9ac702ff1a3ccd7a614cf8795e5319badc3de0430ec2
isdebug-shell.txt
Posted Jun 6, 2007
Authored by ex-pb

39 byte win32 IsDebuggerPresent shellcode for NT/XP.

tags | shellcode
systems | windows
SHA-256 | 0f91a7dfc87993453f3702ef9ee4fabcd1a2432233df09661d9405feecf378c9
phun.pdf
Posted Jun 6, 2007
Authored by sapheal

Exploitation for phun and profit.

tags | paper
SHA-256 | d6279352ae9c3297ef4ca9b50d21756bf60d0675a3574215a8ff31314fcec9af
exp-bo.pdf
Posted Jun 6, 2007
Authored by Denis Maggiorotto

Explanation of a remote buffer overflow vulnerability.

tags | paper, remote, overflow
SHA-256 | bf2eead871e6947431d87bbe5599e6c806ad3598c9580c17dc59633c4fbfe882
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close