what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2002-04-23 to 2002-04-24

Posted Apr 23, 2002
Authored by eSDee, netric | Site netric.org

Posadis m5pre1 local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 02990a3bf9a9b52f587bd26ec96d8142429acc8d34e02e69e765ef4fb60221b1
Posted Apr 23, 2002
Authored by eSDee, netric | Site netric.org

Posadis m5pre2 local format string exploit.

tags | exploit, local
SHA-256 | 025e81c77e339b0490a61b132dcf3996293528d7e06703be59938c0e883873e7
Posted Apr 23, 2002
Authored by Peter Grundl

Cold Fusion v5.0 on Windows 2000 w. IIS5 contains a bug because requests for certain DOS-devices are parsed by the isapi filter that handles .cfm and .dbm result in error messages containing the physical path to the web root.

tags | web, root
systems | windows
SHA-256 | e1c8dfbb628e1242d3787672e22d4588966e1ef76382598ce80d04e1ad70f7e9
Posted Apr 23, 2002
Authored by Peter Grundl

The Sambar Webserver v5.1p on Windows 2000 contains a flaw in the serverside URL parsing that allows malicious users to bypass serverside fileparsing and display the sourcecode of scripts. The same flaw could allow a malicious user to crash the web service. Example URL's included. Fix available here.

tags | web
systems | windows
SHA-256 | 7bff33cd3a2c799145ed9e3a6b0e19f2ba86cc4529efcc24ac878157fb592ca0
Posted Apr 23, 2002

Microsoft Security Advisory MS02-020 - Microsoft SQL Server 7.0 and 2000 contain buffer overflows in stored procedures which allow remote attackers to execute arbitrary code in the security context in which SQL Server is running. An attacker could exploit this vulnerability in one of two ways - the attacker could attempt to load and execute a database query that calls one of the affected functions, or if a web-site or other database front-end were configured to access and process arbitrary queries, it could be possible for the attacker to provide inputs that would cause the query to call one of the functions in question with the appropriate malformed parameters. Microsoft FAQ on this issue available here.

tags | remote, web, overflow, arbitrary
SHA-256 | e9aa37ecfa4622fac79e02caae7328ee79458d9a6c012915da1dea341479db03
Posted Apr 23, 2002
Authored by Filip Maertens | Site filip.compsec.be

Microsoft IIS W3SVC Denial of Service - Brings down the inetinfo.exe process, crashing IIS.

tags | exploit, denial of service
SHA-256 | 81814de9d2e596727cfc98782533c7d68dd2b7ae0b565762aba72a987fd5e7bd
FreeBSD Security Advisory 2002.21
Posted Apr 23, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:21 - A bug in the FreeBSD kernel's TCP/IP stack's processing of ICMP echo replies can be exploited to create new routing table entries which are never deallocated, using all available memory.

tags | kernel, tcp
systems | freebsd
SHA-256 | 1b209ae5272e1c845302bb2943ef5557ae459d0b9bb2720c44291a59a7de1062
Posted Apr 23, 2002
Authored by Arne Vidstrom | Site ntsecurity.nu

PromiscDetect for Windows NT 4.0 / 2000 / XP checks if your network adapter(s) is in promiscuous mode or not (that is, in most cases, if a sniffer is running on the computer or not). Of course the attacker might be intercepting the communication between the tool and the adapter, making the result unreliable, but there are probably many more cases out there where the tool will really detect a sniffer.

systems | windows
SHA-256 | 8a4345015f03031fc61b7d463780177d80619f954ab9748ce8585b34ea995058
Posted Apr 23, 2002
Authored by Dug Song | Site monkey.org

Fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. It features a simple ruleset language to delay, duplicate, drop, fragment, overlap, print, reorder, segment, source-route, or otherwise monkey with all outbound packets destined for a target host, with minimal support for randomized or probabilistic behavior. Includes scripts to defeat even the current CVS snort IDS.

tags | denial of service
systems | unix
SHA-256 | 6899a61ecacba3bb400a65b51b3c0f76d4e591dbf976fba0389434a29efc2003
Posted Apr 23, 2002
Authored by Peter Grundl

Windows 2000 microsoft-ds Denial of Service - The default LANMAN registry settings on Windows 2000 could allow a malicious user, with access to TCP port 445 on your Windows 2000, to cause a Denial of Service on Windows 2000 server, advanced server, and processional with SP0, SP1, and SP2. An attack could be something as simple as sending a continuous stream of 10k null chars to TCP port 445.

tags | denial of service, registry, tcp
systems | windows
SHA-256 | 7fe2f78f85a4b46727a496296575d34dab9432bafa9cfa3c252c2610e27d4ae9
Page 1 of 1

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By