mIRC v5.91 and below has an exploitable bug which allows remote code execution. mIRC assumes the current nickname of the client as sent by the server is fewer than 100 characters long. mIRC stores the current and alternative nickname as a static array. Sending a nickname over 200 characters long allows overwriting of a key variable, the index to the current nickname. Fix available here.
7be119c91ef0d3642fc205b923d39056b40a51bb3e468568211d9c3586fdc091Appcap is an application for x86 Linux which allows root on a machine to attach and redirect standard input and output of any application to his actual tty. Appcap can help admins running a multiuser machine to snoop on users. It is especially very useful for tracing and monitoring ssh and telnet sessions.
cddc2516ea1f004646e84826e5bcfaa6f30d6b1b47320ef43edca41f1c33e5f8FreeBSD/Linux exploit for a buffer overflow in the snes9x Nintendo emulator. The linux shellcode works also on FreeBSD since snes9x runs on those systems with linux emulation.
db628cc64cef1685a7de38aff3d19885b177d6ead58e67ec5e2be496541d0bc2Linux x86 shellcode that does an execve of /bin/sh. This shellcode contains no slashes so it can bypass certain application filters and was originally written for a snes9x buffer overflow.
4ef2d0f1cd24777b5709b44238b964e296e95e992d81fd668b2dcd7eb70e8405Cw.c is a udp flooder which does not need root, based off udp-bitchslap.c.
fd4fa0ce23247466ed1ce79fba1ac0cba1ac50e5323529de536791507e4c9994Lotus Domino web server prior to v5.0.9 allows password protected features to be accessed without the password by sending a malformed URL.
341aaccaace7b4578c0a8e33e943b60798194133ad005fdf50c6a57861cef67dNetBSD Security Advisory 2001-018 - A remote buffer overflow in BSD derived Line Printer Daemons can lead to a remote root compromise. This vulnerability affects NetBSD current, 1.5, 1.5.1 and 1.5.2.
b589390a59a8227dbdee0c06ef0e0f5ace6b72b971cd71a9fbf5cd832adc1ed3NetBSD Security Advisory 2001-017 - Sendmail's incorrect command line argument check can lead to a local root privilege compromise. This vulnerability affects all sendmail versions between 8.10.0 to 8.11.5.
c1d946cc82df64dd75efc0311699d13db94d85dfddc1469a505f55afa5c3f41aThe Winter issue of Hacker's Digest - In this issue: Microsoft The Soup Nazis, Hacker's Digest Focus - The Honeynet Project, Changing Your IP With @Home Service Without the aid of Tech Support, A Mobile Phone ANI Diversion Technique, An Analysis of the RADIUS Authentication Protocol, A Detailed Look Into Prison Phone Systems, Fingerprinting Port 80 Attacks - A look into web server, and web application, attack signatures, Letters!, Windows 2000 and XP Terminal Service IP Address Spoofing, An Insightful Look at the GOVnet Network, iDEFENSE Labs Analyzes Feasibility of Distributed Attacks using SubSeven, Full Disclosure of Vulnerabilities - pros/cons and fake arguments, and Microsoft Passport Account Hijack Attack.
561b44ae4abba35c92535f6a350886a372fe1938c53b253a8422d394a1ef833fNetBSD Security Advisory 2001-016 - The fts functions are provided for traversing UNIX file hierarchies. The NetBSD fts implementation can be tricked to follow symbolic links and can therefore be abused by local users. All NetBSD releases prior to July 9, 2001 are affected by this vulnerability.
f57f124958aad1172bfa011eb3991d0cb4f8265a45e2b79e6e2404b5bb702613NetBSD Security Advisory 2001-015 - Several buffer overflows found in the NetBSD kernel can enable local users to crash the system or gain superuser privileges. This vulnerability affects NetBSD-current, 1.4.*, 1.5, and 1.5.1.
4100e22d5d95db64c64e1eea57538c4244bb28b9aa2f17e30a3b540f5f1c60a0TESO Security Advisory - LIDS Linux Intrusion Detection System vulnerability. The "Linux Intrusion Detection System" security patch for the Linux kernel creates a security vulnerability. Exploitation is easy and local users may be able to gain unrestricted root privileges.
8db59c973f0a09a893a58ab51abf452ad932286369e021ea1f5d4515063ef9d4NetBSD Security Advisory 2001-014 - Dump (/sbin/dump), which is setgid tty, does not drop its privileges correctly and can be used to execute commands with setgid tty privileges by using the RCMD_CMD environment variable. This vulnerability affects the NetBSD-1.4, 1.5, 1.5.1 and current branch.
529f55f5564a602c83f290e0f3090627ee3a03395e7520f50edb110c86697cf7NetBSD Security Advisory 2001-013 - The OpenSSL libcrypto includes a PRNG (pseudo random number generator) implementation. The logic used for PRNG was not strong enough, and allows attackers to guess the internal state of the PRNG. Therefore, attackers can predict future PRNG output. This vulnerability undermines the security level of cryptographic programs such as ssh and pgp.
264acefa92a1c14959125bb710b0220fa91d956f0c123a93d60a53ec07ffb5b8NetBSD Security Advisory 2001-012 - A remotely exploitable buffer overflow found in BSD derived telnet daemons can be used to execute shell code with root privileges.
abd588019233fcad4fe67559cd67fe90fa0e9b1db3af226b1c231844e91ea10bLinux x86 shellcode that does a sync(),sync() and then reboot(). Exit() was added in case the previous syscalls fail.
2a81a00a01fb93b1d0701c442911f09ffe9075a1f32d755a4eefdd63a9c2d8e1Linux x86 shellcode that does a rename() of /bin/motd to /bin/owned.txt.
c08087a9d2b40464bf48bb83e0210b95af5595e13cc818be21c128b45db326abLinux x86 shellcode that does a reboot().
a60f971b1b2c77391e3e9d43a47e554227ec63b5cc99a417cf70f5e18f451dc1Linux x86 shellcode that does an execve of /bin/sh /tmp/p00p.
a63c3eefd42c563f8c4553b56dde2155a919427d878f9e92c32def321f5074c9Linux x86 shellcode that does an execve() of /sbin/iptables -F in order to flush activated firewall rules.
3ce24c6dbb6a4441745c8a1f8f94109161f80d7f25a9e6b22f721f5a034324f1Linux x86 shell code that does an execve of /sbin/ipchains -F.
cb1122033c6453ca6dd2cd7f3f957f12101d952a92e4069803880036c606f53fLinux x86 shellcode that uses execve and echo >> to create a passwordless root account.
476110f24a8fc0d9904743658a7ce6ad2d312ef90df05c1145c481107d84bbd9Linux/x86 shell code that creates the directory 'hacked' (perm 755) using the mkdir() syscall and then does an exit().
a47f49596e69b77ee0502080bd57ac9b793baacb34f6573d5f3f9cc5492e6a0eWaveStumbler is console based 802.11 network mapper for Linux and supports WEP, ESSID, MAC and more. This package includes a kernel patch (for the wireless nic drivers) which can be applied to the linux-2.4.17 sources and a program called wavestumbler. The program interacts with the patched network drivers to map wireless networks.
4194bbebe1197ab17393b9b111e5d57f13bd75d916018ecb3a297a88c41dc29cLcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex. Windows binaries available here.
f443f1d9b7abac16c75c966c36d01bb92f9ec557d4f39faa05424be913b9c16c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed