exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

Files Date: 2001-07-12 to 2001-07-13

darkstat-0.4.tar.gz
Posted Jul 12, 2001
Site members.optushome.com.au

Darkstat is an ntop-workalike network statistics gatherer. Built to be faster and smaller than ntop, it uses libpcap to capture network traffic and serves up Web page reports of statistics such as data transferred by host, port, and protocol. It also has a neat bandwidth usage graph.

tags | tool, web, sniffer, protocol
SHA-256 | c59dc3675e7f761e7150d374776e72156cacf59550ff304c60518a1e1be20918
xdm-cookie-exploit.c
Posted Jul 12, 2001
Authored by Ntf, Sky

Current versions of xdm are sensitive to trivial brute force attack if it is compiled with bad options, mainly HasXdmXauth. Without this option, cookie is generated from gettimeofday(2). If you know starting time of xdm login session, computation of the cookie just takes a few seconds.

tags | exploit
SHA-256 | 0231e769ce0cf64ff3d44ec208793b0c73a09fcdaf72f77222399557a47d9b35
nerf.iis.dos.txt
Posted Jul 12, 2001
Authored by Buggzy | Site nerf.ru

Nerf Group Security Advisory #4 - Microsoft IIS 4 and 5 can be crashed remotely by reading device files (com1, com2, etc). Exploit URL included.

tags | exploit
SHA-256 | 0f02809f7d12dc60415cd1b19bbc6cce5a88d1a6a9c0de0f91484303085ba0d6
ldap_exp2.c
Posted Jul 12, 2001
Authored by Fyodor

Solaris 5.8 ldap / passwd local root exploit. Tested on SunOS 5.8 Generic_108528-06 sun4u sparc SUNW,Ultra-60.

tags | exploit, local, root
systems | solaris
SHA-256 | 976064b2ea77c1c8c443af7bd3a6b22094d124f55fdf673bb26f5205d6e334a3
lmail-xpl.c
Posted Jul 12, 2001
Authored by Charles Stevenson

lmail local root exploit. Simply run it with the file you want to create/overwrite and the data you wish to place in the file.

tags | exploit, local, root
SHA-256 | ff21e217a7ee6a988dfe12d26ee5f7bdafde7ca74bec3f4eee9cbaa42d1ea328
cobalt.webmail.txt
Posted Jul 12, 2001
Authored by Kevin Finisterre

Webmail on the Cobalt Cube contains a directory traversal vulnerability which allows users with mailboxes to read any file on the system. Exploit URL's included. Verified to work against the Sun Cube III as well.

tags | exploit
SHA-256 | 1affd95a288c842d09addf3da78a30cb53346dabcd3917f23ac63d00b2e272cf
whodo-ex.c
Posted Jul 12, 2001
Authored by Pablo Sor

Solaris whodo local root exploit. Tested against SunOS 5.5.1, 5.7, and 5.8 for x86.

tags | exploit, x86, local, root
systems | solaris
SHA-256 | 75132e64c0b577687b4b50af180faba96a00dcb5b64fa8ba8042f7cbbbd10957
SUN MICROSYSTEMS SECURITY BULLETIN: #00203
Posted Jul 12, 2001
Site sunsolve.sun.com

Patch advisory for Sun Microsystems. Please read for details.

tags | remote, overflow, local, root
systems | solaris
SHA-256 | 2172ccc04a06332325edb363539576d955980a9dbc6b5c4161ff4a0aaa6deebf
SUN MICROSYSTEMS SECURITY BULLETIN: #00201
Posted Jul 12, 2001
Site sunsolve.sun.com

Patch advisory for Sun Microsystems. Please read for details.

tags | java
SHA-256 | 7b81d7b40500ef7fc1b31b126879e07d10216118ce7b0486b1fc89745f9819b1
libsldap-exp.c
Posted Jul 12, 2001
Authored by noir

Solaris 8 libsldap local root exploit. Tested on an Ultra10 and an Enterprise 3500 with success.

tags | exploit, local, root
systems | solaris
SHA-256 | 703e2effcab17ca46f0f0820fae8e927c45ac8cfb996d67be8fc666421a7a8f2
Internet Security Systems Security Advisory July 5, 2001
Posted Jul 12, 2001
Site xforce.iss.net

ISS X-Force has discovered buffer overflow vulnerabilities in two popular Remote Authentication Dial-In User Server (RADIUS) implementations. RADIUS was originally designed to manage user authentication into dial-up terminal servers and similar devices. It has since been used as a standard for access control and user authentication for numerous Internet infrastructure devices, including routers, switches, and 802.11 Wireless Access Points.

tags | remote, denial of service, overflow, vulnerability
SHA-256 | d5d80e70fd98ab61af0a31f821187d5887d6b3bb8563e79b3a40554e82a4ba19
ms01-037
Posted Jul 12, 2001

Microsoft Security Advisory MS01-037 - The Windows 2000 SMTP service, which is installed by default, allows unauthorized users to successfully authenticate to the service using incorrect credentials. An attacker who exploited the vulnerability could gain user-level privileges on the SMTP service, thereby enabling the attacker to use the service and perform mail relaying via the server. Microsoft FAQ on this issue available here.

systems | windows
SHA-256 | 7d3ed4b66cfeab0d4a76065bf994f2e1498f2676ac11b99f097bc2f915034245
vvfreebsd.txt
Posted Jul 12, 2001
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #48, 2001 - There is local root compromise in FreeBSD 4.3 due to design flaw which allows injecting signal handlers in other processes. Includes vvfreebsd.c, a local root exploit.

tags | exploit, local, root
systems | freebsd
SHA-256 | 7713d19bc24aa7a9762066afdba62b29c53aa85272d88cc6bfb733c93872c401
openbsdrace.txt
Posted Jul 12, 2001
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #47, 2001 - OpenBSD 2.8 and 2.9 have a race condition in the kernel which leads to local root compromise. By forking a few process it is possible to attach to +s pid with ptrace. Includes vvopenbsd.c, a local root exploit.

tags | exploit, kernel, local, root
systems | openbsd
SHA-256 | 4688ad1afc259ebe9475d2938db6a97bb4b7bba11539103d8d09c14ea9d0232d
StMichael_LKM-0.05.tar.gz
Posted Jul 12, 2001
Authored by Tim Lawless | Site sourceforge.net

StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.

Changes: Added Checks to Detect modules hiding their presence, Added Read-Only /dev/kmem, and Added VFS checking.
tags | kernel
systems | linux
SHA-256 | 33b2a82b72ad4b69da6a97ec42e2075330adf82b34899f654194adb5c628dd98
tstot.c
Posted Jul 12, 2001
Authored by Zen-Parse

Tstot.c is a remote exploit for xloadimage for Red Hat 7.0. Xloadimage is a Netscape 4.77 helper application with a buffer overflow vulnerability. Binds a shell to a port. Fix available here.

tags | exploit, remote, overflow, shell
systems | linux, redhat
SHA-256 | 7c5e9b0f582f8b9f8069d43e9559a992dd4b582e20d60a2d78d0443ffbdce520
cayman.txt
Posted Jul 12, 2001
Authored by Russell Handorf

Cayman routers allow remote access by using } as the username.

tags | exploit, remote
SHA-256 | a17e1c26d5bd70627c96f7b43f1922e3ad836ea6c06226251e575bf5202ffa13
cisco.sn5420.txt
Posted Jul 12, 2001
Site cisco.com

Cisco Security Advisory - Vulnerabilities in Cisco SN 5420 Storage Routers. Two vulnerabilities have been discovered in Cisco SN 5420 Storage Router software release up to and including 1.1(3). One of the vulnerabilities can cause Denial-of-Service attack. The other allows unrestricted low level access to the SN 5420. The vulnerabilities are exploited via TCP ports 514 and 8023.

tags | tcp, vulnerability
systems | cisco
SHA-256 | 1afc76ae5c67cd4b32febcfd4b2c0a11ec83ff017303afaec985ba49773f15b2
cfingerd0x69.c
Posted Jul 12, 2001
Authored by qitest1

Cfingerd v1.4.3 and below Linux/x86 local root buffer overflow exploit.

tags | exploit, overflow, x86, local, root
systems | linux
SHA-256 | 5e415ed8282123a93e68f4a857a9f0ce4671a2b5267122c13f0a903a573d4994
ibm.db2.dos.txt
Posted Jul 12, 2001
Authored by Gilles

IBM db2 for Windows (98/NT/2000) is vulnerable to a simple remote denial of service attack via db2ccs.exe (listening on port 6790) and db2jds.exe (port 6789).

tags | exploit, remote, denial of service
systems | windows
SHA-256 | 6c5296f9d72c17968922f22da1b6375455027b8746c894c2b6b6df7b0c2ccf53
cfingerd-exploit.pl
Posted Jul 12, 2001
Authored by Telehor | Site digit-labs.org

Cfingerd v1.4.3 and below local root buffer overflow exploit in perl. Exploits <a href="http://www.securityfocus.com/archive/1/192844"this</a> vulnerability.

tags | exploit, web, overflow, local, root, perl
SHA-256 | 7b79ae13d85cacf1b8ce314ae39684e5ad6ef29d9488a23ca3c28dde72ba702f
mcaffee.mycio.traversal.txt
Posted Jul 12, 2001
Authored by Ade245

McAffee's MyCIO directory traversal vulnerability - Any machine running McAffee Agent ASaP VirusScan Software is vulnerable to a remote vulnerability which allows any file on the machine to be read. This software incorporates what is known as "Rumor Technology" that facilitates in the transfer of virus definitions between neighboring machines. This agent software runs as a service ("McAfee Agent") under the local system account and uses a light weight HTTP server that listens on TCP port 6515. Exploit URL included.

tags | exploit, remote, web, local, tcp, virus
SHA-256 | 1345f062edc025c7dde3a594f427338427b307283d4fb5cae989577e8ec98887
idcf.c
Posted Jul 12, 2001
Authored by Zen-Parse

Cfingerd v1.4.3 and below remote root exploit. Slightly broken. Exploit redirects fopen() call to popen() and executes code from ~/.nofinger.

tags | exploit, remote, root
SHA-256 | 071f4a1a2ce57b1bfa0e3867ce11912d46f52d364d1efbfd8b9ae3b75029765b
keyanalyze-200107.tar.gz
Posted Jul 12, 2001
Site dtype.org

keyanalyze is a program which analyzes keyrings in the OpenPGP format (PGP and GnuPG), looking at properties of connectivity to generate strongly-connected set analysis, as well as some arbitrary statistics including a "mean shortest distance" calculation to show the most connected keys.

tags | arbitrary, encryption
SHA-256 | 4a30e3807cfb7931365b887feeaa68c234db239f0730ba074cb477c2c9cda851
QDAV-2001-7-1
Posted Jul 12, 2001
Site qDefense.com

qDefense Advisory QDAV-2001-7-1 - Multiple CGI Flat File database manipulation vulnerability. Many CGI scripts store data, including passwords, in a flat file database, using special characters as field and row delimiters. An attacker is often able to manipulate these databases by inserting extra delimiter characters.

tags | exploit, cgi
SHA-256 | 3adbc5bc17ca8d7fbb204c38878615f26bac047bfa7c0f36cb2770033770699f
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close