exploit the possibilities
Showing 76 - 100 of 243 RSS Feed

Files Date: 2000-10-01 to 2000-10-31

Posted Oct 19, 2000
Site ussrback.com

USSR Advisory #54 - TransSoft's Broker FTP Server versions prior to v4.3.0.1 contains a buffer overflow which results in denial of service. Fix available here.

tags | denial of service, overflow
MD5 | 816250b0fb72f98902f3b0373014f4d0
Posted Oct 19, 2000
Authored by Mark Cooper

The Half-Life Dedicated Server for Linux v3.1.0.3 and below contains a remotely exploitable buffer overflow. Exploit code available here.

tags | exploit, overflow
systems | linux
MD5 | e1dc7dab4d9f39bd6f77d91cddb82325
Posted Oct 19, 2000
Site mitre.org

Auction Weaver LITE 1.0 - 1.04 contains remote vulnerabilities which allow users to read any file on the filesystem, and delete arbitrary files. Fix available here.

tags | exploit, remote, arbitrary, vulnerability
MD5 | 0faa1f42e06c1dbd596780495acf70f4
Posted Oct 19, 2000
Authored by Silicosis | Site atstake.com

Atstake Security Advisory (updated) - iPlanet's iCal, a multiplatform calendaring server, introduces a number of vulnerabilities to the system in which it is installed on. These vulnerabilities, ranging from poor file permissions to insecure programming practices allow local attackers to obtain root access, and remote attackers to monitor keystrokes. Includes obtain-ics.sh, a simple proof of concept local exploit.

tags | remote, local, root, vulnerability, proof of concept
MD5 | 60bb23df486299e0d93af96ee3eef323
Posted Oct 19, 2000
Site redhat.com

Red Hat Security Advisory - Potential security problems in ping have been fixed. An 8 byte buffer overflow was fixed, a static buffer overflow was fixed, and root priviledges are now dropped after acquiring a raw socket.

tags | overflow, root
systems | linux, redhat
MD5 | 3b6256fa177e4ae098a6a39885668cd7
Posted Oct 19, 2000
Authored by Georgi Guninski | Site nat.bg

Georgi Guninski security advisory #24 - IE 5.5, Outlook, and Outlook Express has a serious security vulnerability which allows remote users to read local files, arbitrary URLs, and local directory structure after viewing a web page or reading HTML message. The problem is that you are allowed to specify an arbitrary codebase for an applet loaded from here.

tags | exploit, remote, web, arbitrary, local
MD5 | 37c0ccba570189e89b7140ff3f4dcb64
Posted Oct 18, 2000

Web Store (cgi-bin/Web_store/web_store.cgi) is vulnerable to a bug which allows remote users to read any file on the webserver. Exploit URL included.

tags | exploit, remote, web, cgi
MD5 | 217a90cc853c850edbf39ac47376b7fd
Posted Oct 18, 2000
Authored by Dvorak

Red Hat 6.1/6.2 traceroute local root exploit which exploits the traceroute -g bug, as described in the Red Hat Advisory on Traceroute.

tags | exploit, local, root
systems | linux, redhat
MD5 | 7fe0963076aa544fd113abc153166147
Posted Oct 18, 2000
Site andykruger.com

MailScan is an email scanner that plugs into Sendmail which passes all messages into MailScan for scanning/filtering/optional-virus-scanning before being delivered or quarantined.

Changes: Parrtial rewrite to a modular format, checks are now seperate files in the /etc/mailscan/checks directory with their own config options. Fixed a problem in &bodycheck.
tags | virus
systems | unix
MD5 | ce7985714410ecd90c6753ce9c3436b0
Posted Oct 18, 2000
Site suse.de

SuSE Security Advisory - Ypbind suffers from remote root format string bugs and needs to be updated.

tags | remote, root
systems | linux, suse
MD5 | 6948959682e6e887aae904ead542d0b5
Posted Oct 18, 2000
Authored by Cory L. Scott

Windows NT/2000 Event Log Management and Intrusion Detection - This powerpoint presentation focuses on how Windows NT/2000 administrators can get a handle on multiple event logs on many boxes, how to interface with the UNIX syslog facility, how to build a real-time monitoring system for a heterogeneous environment using inexpensive tools, and what event log messages to look for in regards to host-based intrusion detection.

tags | paper
systems | windows, unix, nt
MD5 | 7cf2f2635e5569aecb894d8bfe9520c0
Posted Oct 18, 2000
Authored by Sam Kline | Site wwdsi.com

SAINT (Security Administrator's Integrated Network Tool) is a security assessment tool based on SATAN. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.

Changes: Added check for the recently discovered folder traversal vulnerability in IIS 4.0 and 5.0 and BOA webservers.
tags | tool, scanner
systems | unix
MD5 | 6e3e53f816d1ac580342e72bd75a4dad
Posted Oct 17, 2000
Authored by rain forest puppy | Site wiretrip.net

RFPolicy 2.0 - rain forest puppy's policy on notifying vendors and releasing security vulnerabilities.

Changes: Less stringent on timeframes, more stringent on communication. Thanks to everyone who contributed. I also added some supporting notes (FAQ, etc) to help dispell some misconceptions on it.
tags | paper, vulnerability
MD5 | 4bb04bf50ab00e365ec966deb62c2a7a
Posted Oct 17, 2000
Authored by rain forest puppy | Site wiretrip.net

rain forest puppy's investigation of the recent Microsoft IIS remote command execution vulnerability which was first mentioned in a ms00-078. UNICODE character translation on foreign IIS 4.0 and 5.0 servers allows additional ways of encoding '/' and '\', allowing commands to be executed under the IUSR_machine context.

tags | exploit, remote
MD5 | 0747c7e7a7c3fccad5338bc0d6e7aed9
Posted Oct 17, 2000

Microsoft Security Bulletin (MS00-078) - Microsoft has released a patch that eliminates the "Web Server Folder Traversal" vulnerability in IIS 4.0 and 5.0 which allows malicious users to add and remove content or execute code remotely with a malformed URL. Microsoft FAQ on this issue available here.

tags | web
MD5 | 78d8cdbc5e4477b278b3e2f3367cd85e
Posted Oct 17, 2000
Authored by Portal, Tf8 | Site security.is

PHP/3.0.12, 3.0.15, and 3.0.16 with apache 1.3.12 remote format string exploit for FreeBSD 3.4, Slackware Linux 4.0, and 7.0.

tags | exploit, remote, php
systems | linux, freebsd, slackware
MD5 | 1c345b9d81102fcc769ab43be0d147af
Posted Oct 17, 2000

Linux/x86 shellcode which drops a shell in /tmp.

tags | shell, x86, shellcode
systems | linux
MD5 | 791875bd1c36228ebd31934baf24f27e
Posted Oct 17, 2000
Authored by Humble

NetBSD shellcode which execve's /bin/sh.

tags | shellcode
systems | netbsd
MD5 | 964a38bd4bed5e6efe989a4c890ef7bb
Posted Oct 17, 2000
Authored by Duke

BSDI shellcode which execve's /bin/sh.

tags | shellcode
MD5 | 0200a2e0d3d6e33ef9bcef5c651fc2b0
Posted Oct 17, 2000
Authored by Doable

SCO shellcode which breaks out of a chrooted environment.

tags | shellcode
MD5 | a1b096bb33171e0f86da5a4eeb8fb542
Posted Oct 17, 2000

Windows NT/2k remote shellcode.

tags | remote, shellcode
systems | windows, nt
MD5 | 9d12cd71ee4025c2a1f5cd157e248453
Posted Oct 17, 2000
Site wwwhack.com

wwwhack - Automates the process of trying to crack logins/passwds for www sites that use basic HTTP authentication.

tags | web, cracker
MD5 | 3de97a3bec9997c160cf2d4be4c20511
Posted Oct 17, 2000
Site net-security.org

Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: PHP 3 and 4 remote format string vulnerabilities, Internet Explorer authentication data retrieval, IE cached web credentials vulerability, Master index directory transversal vulnerability, BOA vulnerabilities, tmpwatch local dos, Extropoa Webstore directory transversal vulnerability, Interactive's web shopper directory transversal vulnerability, Microsoft share level password vulnerability, Mandrake openssh/scp update, HP Jetdirect dos, WebTV dos, Apache mod_rewrite, Debian curl update, Winu 1.0-5.1 backdoor password, debian ypbind local vulnerability, and Netmeeting denial of service. Articles include SUID programs, getting to the root of the problem, Testing for Trojans, How to detect virus hoaxes, and more.

tags | remote, web, denial of service, local, root, trojan, php, vulnerability, virus
systems | linux, debian, mandrake
MD5 | 63d4c549a4056b86139eeb354d91678e
Posted Oct 17, 2000
Site suse.de

SuSE Security Advisory - SuSE's traceroute (nanog) has a completely different local root vulnerability than the one reported last week. A format string bug was discovered in a routine that can be used to terminate a line in traceroute's output to easily embed the program in cgi scripts.

tags | local, cgi, root
systems | linux, suse
MD5 | a1ae9675d395e47a8a38500090e3e26f
Posted Oct 17, 2000
Site suse.de

SuSE Security Advisory - Gnorpm, a graphical user interface to the rpm subsystem for the gnome desktop, handles tempfiles insecurely and can overwrite arbitrary files on the system.

tags | arbitrary
systems | linux, suse
MD5 | 0894670adcb3699b6e0172fa088c6586
Page 4 of 10

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    18 Files
  • 3
    Apr 3rd
    0 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    0 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2016 Packet Storm. All rights reserved.

Security Services
Hosting By