exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 107 RSS Feed

Files Date: 2001-11-01 to 2001-11-30

locale_sol.txt
Posted Nov 22, 2001
Authored by Solar Eclipse | Site phreedom.org

This paper describes in detail the exploitation of the libc locale format string vulnerability on Solaris/SPARC. The full source code for the exploit is presented and some details of the implementation are discussed.

tags | exploit
systems | solaris
SHA-256 | 7b17fe99c5995c3700f946e8abe827d958a46295cd8e9068e1a590b08b7ef993
xitami-2.5b4.txt
Posted Nov 22, 2001
Authored by Zerologic | Site nssolution.net

Xitami WEB/FTP Server for Windows 95/98/NT/2k v2.5b4 has remote vulnerabilities which allow users to view sensitive system information via testcgi.exe. Passwords are stored in plain text. Denial of service is possible.

tags | exploit, remote, web, denial of service, vulnerability
systems | windows
SHA-256 | 963cbf8d5f403c450c746e48d4a87ee002babfa21848572bbe2f6ac1680a715f
Solaris_x86_mail_exploit.txt
Posted Nov 22, 2001

Working Solaris x86 /usr/bin/mail exploit

tags | exploit, x86
systems | solaris
SHA-256 | a711668cc0d9690ee75eb24dd2d018bd428e023e5b49e67478bbd7fdca690496
oracle8.exploit.txt
Posted Nov 22, 2001
Authored by Brock Tellier

A vulnerability exists in Oracle 8.1.5 for UN*X which may allow any user to obtain root privileges. Local root exploit shell script included.

tags | exploit, shell, local, root
SHA-256 | 17d374afd2a8378ded9bbbbbe17182f77ee586f2c4da4eb247fb052a192da311
sambar.remote.dos.txt
Posted Nov 22, 2001
Authored by Sixkiller

The Sambar web server version 4.3 Beta 2 is vulnerable to remote buffer overflow. Dos example included.

tags | exploit, remote, web, overflow
SHA-256 | e480e4ea52df200307b608978e22215ea04221336cc1ca0297728e71575dd718
nn45-overflow.txt
Posted Nov 22, 2001
Authored by Darkplan | Site indigo.ie

Netscape Navigator/Communicator 4.5 buffer overflow advisory - I recently uncovered a stack based buffer overflow in NN which allowed me to execute arbitrary code. Exploit included. Tested with Netscape Navigator 4.5 using Windows98.

tags | exploit, overflow, arbitrary
SHA-256 | 8ae2a6160c963cdc89d7ce97dcfa06db4b47da886d8c54227c1f6ca9cec3bdad
plogd2.c
Posted Nov 22, 2001
Authored by Venglin | Site freebsd.lublin.pl

Plogd v2 - syn/udp/icmp packet logger (freebsd version).

tags | udp, system logging
systems | unix, freebsd
SHA-256 | 6c7d6a373bf27fc4fe88c764bdf5b002ece8a6296bef7632474fc0eaa5c56233
vexed.sh
Posted Nov 22, 2001
Authored by Sil

Backdoor shell script to be run from cron monthly.

tags | tool, shell, rootkit
systems | unix
SHA-256 | 4a51bcecc880b78e5845e0c1ac80f9ec82f41bd9dad31c57256aed344a399b3c
rh10_nt.zip
Posted Nov 22, 2001
Authored by Serge Birj

RemoteHit searches for a computer on a remote network, in a given IP Range, using NetBIOS protocol. The program is fully multi-threaded. RemoteHit has MS "Find: Computer" like interface.

tags | remote, protocol
SHA-256 | db0de589bc6f540188e5838ce03d6e87817cab5274689fdee8c1f91cb44f7ca0
nsi.rwhois.txt
Posted Nov 22, 2001
Authored by alert7 | Site netguard.com.cn

NSI Rwhoisd v1.5 through 1.5.7.2 contains a remotely exploitable format string vulnerability if use-syslog: is on, which is the default.

SHA-256 | 4caaf3484ee97afe74157fd65fa4dad6415e2f47eebe489b3f4b240baea110ff
php-nuke.5.1.txt
Posted Nov 22, 2001
Authored by Cabezon Aurelien | Site iSecureLabs.com

PhpNuke v5.1 allows remote users to steal the admin password, which is Base 64 encoded. The password is in a cookie which needs to be stolen from the admin by asking him to visit a link.

tags | exploit, remote
SHA-256 | 7af6df4201e5053dd29cb236178603fdb4a5bda31c8042192edb2f568326c3d9
CgiXp.exe
Posted Nov 22, 2001
Authored by Trippin Smurfs

CgiXp.exe is a remote exploit for Webcart v8.4 (bugtraq id 3453) and several unicode vulnerabilities (bugtraq id 1806). Tested against Windows NT Server 2000 / IIS 5.0 and Linux Red Hat 7.2 / Apache 1.3.22 +webcart.cgi. Gui based, requires Visual Basic 5.0 .OCX files in your system directory (richtext ocx, msinet dll).

tags | exploit, remote, cgi, vulnerability
systems | linux, redhat, windows
SHA-256 | bfb17b9ce107c0b63e002bf9a232a47c3933a3eba05ece3d08aebbad41d5c025
apache_1.3.22+ssl_1.44.tar.gz
Posted Nov 22, 2001
Site apache-ssl.org

Apache-SSL is a set of patches for Apache to create a secure Webserver, based on SSLeay/OpenSSL. It is designed to be small, secure, and efficient.

Changes: Updates for the new version of apache.
tags | encryption
SHA-256 | 91d9326eb3feff14935b0fae89ce6b59cba7e70e4491826037ccce5f82f1ec78
fingerd-cgi.txt
Posted Nov 22, 2001
Authored by gobbles | Site bugtraq.org

Berkeley finger.cgi has a remote command execution vulnerability because it does not strip out newlines.

tags | exploit, remote, cgi
SHA-256 | 9522938f90cc239769620d06fc8cdd679f71ea497be3e18b34ec0cfceaaf02f6
regbrws001.zip
Posted Nov 22, 2001
Authored by Urity | Site securityfriday.com

RegistryBrowser is a utility which demonstrates problems associated with stolen windows passwords by remotely browsing remote system registries using a specified user account. Tested on Windows NT and 2000.

tags | remote
systems | windows
SHA-256 | 754befcbca706cd9b4ff37c98092c6a93a03c9734298d1ab59b156a982dc7d9b
uni.pl
Posted Nov 22, 2001
Authored by Stealthmode316

Uni.pl checks a host for the recent IIS unicode vulnerability in 14 different ways.

tags | exploit
SHA-256 | 32bd5f34a95c46295f57976cfbf6555ee9b99614f669f3c03817d94d1fb5c99d
flickstitan.txt
Posted Nov 22, 2001

The Flicks Titan application firewall for IIS has a vulnerability in the url inspection allowing it to be easily bypassed.

tags | exploit
SHA-256 | c9ae3c7cec218aa4c0a512ca5aab4dada76da541b52fcc647bd0702fc4ea36a6
ADMftpforce.tgz
Posted Nov 21, 2001
Authored by ADM, Holywarez

ADM ftp server brute force password cracker. Uses a dictionary, of course.

SHA-256 | eb2d2b7b7079e96e58453f44c0bab50584ff3c778e7aff3061a21db68b9aa9b2
write.c
Posted Nov 21, 2001

Proof of concept code for the Solaris 2.6 and 2.7 (SPARC) "write" buffer overflow. Guile Cool

tags | exploit, overflow, proof of concept
systems | solaris
SHA-256 | f21badab966bdf7e602bc08f4a5c985093b94ac2fd1db132e7a1e225c048e477
shtroj2.c
Posted Nov 21, 2001
Authored by J.B. Lesage

shtroj2.c is an auto-hiding back door kernel module for linux that executes an arbitrary command when the environment variable TERM is set to a specific password on the execution of a program. Can be used to drop immediately to a functional tty-based shell instead of running /bin/login with sshd and telnetd.

tags | tool, arbitrary, shell, kernel, rootkit
systems | linux, unix
SHA-256 | 2a5e1ed71748161de81d6d0a9b0b72b1da9a35faa6043246f127de53b3988ac9
passlogd-0.1d.tar.gz
Posted Nov 21, 2001
Authored by Christian Void | Site morphine.com

Passlogd is a sniffer which logs traffic on the UDP syslog port, allowing a syslog receiver to have no open ports.

Changes: Fixed serious bugs that caused all hell to break loose. Since you do not like hell breaking loose in passlogd, you will upgrade.
tags | udp
systems | unix
SHA-256 | babdc54eb766a9d916345491692393e349eefcc11b0d887fdcc6f9fbdb588622
bushy.jpg
Posted Nov 21, 2001

This jpg has nothing to do with unix, but it is easily funny enough to warrant being in the unix humor section anyway. It is an unaltered press photo of GW Bush being accosted by a gooselike animal.

systems | unix
SHA-256 | 75116b6771c9d248c08316ec5bd924cb8b50f4e987fa253f3c360a20bc795186
pdd-1.00.zip
Posted Nov 21, 2001
Authored by Joe Grand | Site atstake.com

PDD is the first tool of its kind for forensic analysis of Palm OS platform devices. pdd (Palm dd) is a Windows-based tool for Palm OS memory imaging and forensic acquisition. The Palm OS Console Mode is used to acquire memory card information and to create a bit-for-bit image of the selected memory region. No data is modified on the target device and the data retrieval is not detectable by the user of the PDA. Source code is available here.

systems | windows
SHA-256 | a2d15a1002636e6a06a171d2b43bbbad21f1b6715583ac5be11e1a3ea69e055e
Internet Security Systems Security Advisory November 20, 2001
Posted Nov 20, 2001
Site iss.net

Internet Security Systems (ISS) X-Force has discovered a vulnerability in the HP-UX line printer daemon (rlpdaemon). This vulnerability may allow a remote or local attacker to execute arbitrary code with superuser privilege.

tags | remote, arbitrary, local, root
systems | hpux
SHA-256 | fc8855c32af05bfe561174dc0946a2ed415b60808e50f138370be7dc3d2426dc
qdav-2001-11-1
Posted Nov 20, 2001
Site qdefense.com

qDefense Security Advisory QDAV-2001-11-1 - A vulnerability in Hypermail SSI has been discovered that allows users to execute arbitrary commands on a server running Hypermail and SSI.

tags | arbitrary
SHA-256 | 1f00acda38a91de5892bf56ba2d321748d458c17881de94dda4ec2e0d925c6d9
Page 2 of 5
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close