exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2000-09-01 to 2000-09-02

thatware.txt
Posted Sep 1, 2000
Authored by Fabian Clone

Thatware is a news portal administration tool. The security vulnerabilities in Thatware allows attacker to gain administrative access to the application. Two exploits included. Fix: For a quick fix, simply rename admin.php3 and simply quote all numeric data in SQL statements.

tags | exploit, vulnerability
SHA-256 | f1837f7f0c5bc17cf29726c8a0e878307e31fc3411e3a8cfb596b751b87fd088
blackhat-fw1.tgz
Posted Sep 1, 2000
Authored by Dug Song, John McDonald, Thomas Lopatic

A Stateful Inspection of FireWall-1 - In this advisory we summarize our findings from BlackHat 2000 on Checkpoint Firewall-1. It is susceptible to several trivial attacks against its inter-module authentication protocols, IP address verification has flaws, FWN1 and FWA1 is vulnerable to a replay attack, Fastmode vulnerabilities, FWZ Encapsulation vulnerabilities, and Stateful Inspection problems, and much more. Included in the tarball is the presentation in two formats, the technical documentation for the vulnerabilities, and the source code used in the demonstation.

tags | paper, vulnerability, protocol
SHA-256 | 2307e3b4992373126506a9e8ddec37a8bb211d7837d390f321905d5f799474dd
CIMcheck2.pl
Posted Sep 1, 2000
Authored by Neon | Site TheGovernment.com

CIMcheck2.pl is an updated version of the CIMcheck.pl exploit checker for the Compaq Insight Manager root dot dot bug. Updates include: Fixed Errors and Better Input features. The remote webserver must be running NT with port 2301 open. The exploit opens up the full vulnerable url and attempts to get the sam._ backup password file from the remote repa ir directory. You can specify which file you want to download, default is the /wi k nnt/repair/ directory and the sam._ backup password file.

tags | exploit, remote, root
SHA-256 | e61a8564d2ced7114295c1a3afdbb9445be64ee4696516061c8a0e67388605de
labs52.clarification
Posted Sep 1, 2000
Site ussrback.com

USSR Advisory #52 - Clarification. To clear up a few comments about USSR Advisory #52. One regarding the DoS against Iris 1.01 "BETA", and the other regarding "in this case Eeye".

SHA-256 | d896e26836e7ab23f58fb1922907ce3ec2c70631df59172b191a984429cad68d
tcp2.htm
Posted Sep 1, 2000
Authored by Erik Iverson | Site dragonmount.net

Dragonmount Networks has released Part 2 of a multipart series on the Transmission Control Protocol. This installment looks at how to use tools provided with your operating system to see TCP and related protocols in action. It also describes the flow of data between machines at multiple levels during simple network operations.

tags | tcp, protocol
SHA-256 | f51add40b996ecf1990c275bbd083fcae7cd466641b1e38a2b0bf55d8417a4af
cmctl_exp
Posted Sep 1, 2000
Authored by Kevin Wenchel

This script is an exploit that is an addendum to ID 170 in the Bugtraq database. ID 170 lists several Oracle setuid executables but does not offer any exploit information. This code exploits the cmctl command by violating its trust in the integrity of the ORACLE_HOME and ORA_HOME environment variables. When the command "cmctl start cmadmin" is executed, it looks under the ORACLE_HOME\bin directory and attempts to execute cmadmin. The ORACLE_HOME variable can be modified to create a change in the path of execution.

tags | exploit
SHA-256 | baabf3683d5e3e05e4139396752c7d9eb51dcf6e6f61509565b5d8a451188910
dievqs.pl
Posted Sep 1, 2000
Authored by Sinfony | Site ro0t.nu

DoS exploit vulnerability test script. Affected: vqServer 1.4.49. There is a DoS possible in vqServer 1.4.49 if the remote host gets a GET command with approx 65000 chars in it.

tags | exploit, remote
SHA-256 | 7a038f9c1d82043dbb38f1bf6f9f86650e691e4dc79a2af2c543f50c111502ea
saint-2.2.beta1p1.tar.gz
Posted Sep 1, 2000

SAINT (Security Administrator's Integrated Network Tool) is a security assessment tool based on SATAN. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.

Changes: This version features a new check for smurf and fraggle amplifiers based on NMAP, a check for the Specialized Header (Translate: f) vulnerability in Microsoft web servers, a check for vulnerable ntop daemons, and a fix for the compilation problem in Red Hat 6.2 (thanks to Allan Clark). Developed by WWDSI
tags | tool, scanner
systems | unix
SHA-256 | 59a9709a60ae365c9defacad250c695e5acdefaa7b45b72e12cb74bc1a9b83dd
TLSA2000020-1.txt
Posted Sep 1, 2000

TurboLinux Security Announcement - Affected TurboLinux versions: 6.0.5 and earlier. Package: netscape-communicator 4.74 and earlier. There is a serious problem in netscape's java libraries that allows an applet to act as a web server on the client machine, exposing all files on the machine to the world. TurboLinux security announcments here.

tags | java, web
SHA-256 | 9d00cf86eea686722c2c5dd68dc41d102c2b57e3dfcf65c8685df01f370ee639
FreeBSD Security Advisory 2000.45
Posted Sep 1, 2000
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory SA-00:45 - esound port allows file permissions to be modified. EsounD is a component of the GNOME desktop environment which is responsible for multiplexing access to audio devices. The esound port, versions 0.2.19 and earlier, creates a world-writable directory in /tmp owned by the user running the EsounD session, which is used for the storage of a unix domain socket. A race condition exists in the creation of this socket which allows a local attacker to cause an arbitrary file or directory owned by the user running esound to become world-writable. This can give the attacker access to the victim's account, or lead to a system compromise if esound is run by root.

tags | arbitrary, local, root
systems | unix, freebsd
SHA-256 | 09a1768462579f3e6581ae9bbc3d3331249397ca2da3537c18b79471fb7e0de7
labs52.txt
Posted Sep 1, 2000
Site ussrback.com

USSR Advisory #52 - The Ussr Team has found a problem in Eeye IRIS 1.01, There is a heap memory buffer overflow in IRIS 1.01 that causes not only this network sniffing program to crash, but also to take system resources up to 100% usage, until it crashes. The vulnerability arises after sending multiple udp connection to random ports on the host that IRIS or SpyNet CaptureNet is running.

tags | overflow, udp
SHA-256 | e25834b44f953097671edf9008a232d79595b71f52b4a93e91e5a6cea8335b80
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close