exploit the possibilities
Showing 51 - 75 of 82 RSS Feed

Files Date: 2003-02-01 to 2003-02-28

Posted Feb 11, 2003
Authored by Marc Schoenefeld | Site illegalaccess.org

A specially constructed Java Applet crashes Opera versions 6.05 and 7.01. Opera's own class files in the opera.jar library are susceptible to a buffer overrun which causes a JVM crash and then crashes Opera.

tags | exploit, java, overflow
SHA-256 | 348fa9d0eb2e4f65de49b13f851cd88cba36942bf730efaae4b722eecbce6fa8
Posted Feb 11, 2003
Authored by Ueli Kistler | Site packx.net

IDScenter is a control and management front-end for the Windows platform. Main features: Snort 1.9/1.8/1.7 support, Snort service support, Snort configuration wizard, Rule editor, AutoBlock plugins (Network ICE BlackICE Defender plugin included (Delphi, open-source), Plugin framework for Delphi included), MySQL alert detection & file monitoring, e-mail alerts / alarm sound alerts / visual notification, etc.

Changes: Fixed Stream4, Frag2 preprocessors setup, and minor bugs.
tags | tool, sniffer
systems | windows
SHA-256 | 69cbc9866723c2a52f2fe4ea7f68cc35f117253d649d9afa4245f43c1d6680a7
Posted Feb 11, 2003
Authored by Proxy Labs | Site proxylabs.com

YAPH, or Yet Another Proxy Hunter, is a stealth proxy hunter that finds public access proxy servers on the Internet and validates proxy lists. YAPH reveals SOCK4, SOCKS5 and HTTP (CONNECT method) proxies.

tags | web
SHA-256 | 62c236eb1cd4a5140b712726ae18fb9f8a1eaee597912ff49170d43d56674a2c
Posted Feb 11, 2003
Authored by Knud Erik Hojgaard

Local Exploit for a buffer overflow in /usr/ports/games/nethack32 which gives a privilege escalation to group id games.

tags | exploit, overflow, local
SHA-256 | abb5288b7bfd7cc323676bad19715c4a998d3dc8a42907c4990dee00d5bc2822
iDEFENSE Security Advisory 2003-02-10.t
Posted Feb 11, 2003
Authored by iDefense Labs, Knud Erik Hojgaard | Site idefense.com

iDEFENSE Security Advisory 02.10.03: Eset Software's NOD32 Antivirus System is a cross-platform anti-virus application which contains a locally exploitable buffer overflow on the Unix version which could allow attackers to gain root privileges.

tags | advisory, overflow, root, virus
systems | unix
SHA-256 | 9c873e85cfe6992b13b2e8da5382e348d3979db26cf79e682de57495f210babf
Posted Feb 9, 2003
Authored by Mandrake Linux Security Team | Site mandrakesecure.net

Mandrake Linux Security Advisory MDKSA-2003:015 - A buffer overflow vulnerability was discovered in slocate by team USG. The overflow appears when slocate is used with the -c and -r parameters, using a 1024 (or 10240) byte string. This has been corrected in slocate version 2.7. Affected Mandrake versions: 8.0, 8.1, 8.2 and 9.0

tags | overflow
systems | linux, mandrake
SHA-256 | aadb5388056e5519e20c8bceae53605626d6a2a12bf45477b585fd83693fef06
Posted Feb 9, 2003
Authored by Mandrake Linux Security Team | Site mandrakesecure.net

Mandrake Linux Security Advisory MDKSA-2003:014 - An updated kernel for Mandrake 9.0 is available with a number of bug fixes. This new package also fixes a security problem that allows non-root users to freeze the kernel, and a fix for a vulnerability in O_DIRECT handling that can create a limited information leak. This last bug also allows users to create minor file system corruption (this can easily be repaired by fsck).

tags | kernel, root
systems | linux, mandrake
SHA-256 | c116e3fc3745453b25f2c7dce5ded5e55c55e7bc93d37b907f46a59d8a81e5a1
Posted Feb 7, 2003
Authored by Knud Erik Hojgaard | Site kokanins.homepage.dk

The code that sets the programs title bar in AbsoluteTelnet contains a buffer overflow vulnerability that can allow code execution. This affects AbsoluteTelnet version 2.00, 2.11 and has been fixed in this beta version of AbsoluteTelnet.

tags | advisory, overflow, code execution
SHA-256 | 65f6d610ec78851f395bbebde3a968de65fed38e03e1bd3371bc86a90631695f
Posted Feb 7, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2003:037-09 - Xpdf v2.01 and below contains remote vulnerabilities which allow attackers to execute code via malformed PDF files.

tags | remote, vulnerability
systems | linux, redhat
advisories | CVE-2002-1384
SHA-256 | d36bd83c1e631ca88b084773941fc003645cf2620c32e9cea362d123ae67f368
Posted Feb 7, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2003:043-12 - A buffer overflow in Window Maker v0.80.0 and earlier allows remote attackers to execute arbitrary code via an image file that is not properly handled when Window Maker uses width and height information to allocate a buffer. This could be exploited by a user opening a malicious theme.

tags | remote, overflow, arbitrary
systems | linux, redhat
SHA-256 | dcb96d7190a5017b1ad85fba57f8db0ab2b5e205a1b1efcc5fdeb082a66fd3ec
Posted Feb 7, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2002-014 - Libldap and the slapd and slurpd servers that come with OpenLDAP v1.2.13 and below contains local and remote buffer overflow vulnerabilities.

tags | remote, overflow, local, vulnerability
systems | linux, redhat
SHA-256 | d9a0934797365d47e79498ec86e7fcaf8d412e815d2c12f3616bd01c66513348
Posted Feb 6, 2003
Authored by Wojciech Purczynski | Site isec.pl

Solaris "at -r" tmp race condition exploit which allows users to remove any file on the system.

tags | exploit
systems | solaris
SHA-256 | 0e4eab68b09f0e8fa8ff07d18d3403760f7028cb038b1899882f303593f7e53a
Posted Feb 5, 2003
Site microsoft.com

Microsoft Security Advisory MS03-005 - A buffer overflow in the Windows XP Windows Redirector allows local users to gain increased privileges provided they are able to log onto the system interactively.

tags | overflow, local
systems | windows
SHA-256 | 8bfdb49825e91a5de6549e055b50782a186b046a126f241d61d6f888147ccc6d
Posted Feb 5, 2003
Site microsoft.com

Microsoft Security Advisory MS03-004 - A large patch for IE 5.01, 5.5, 6.0 has been released which fixes two newly discovered vulnerabilities, one of which allows malicious web sites to execute remote code on client browsers by misusing a dialog box. A cross-domain vulnerability in Internet Explorer's showHelp() functionality can be tricked into invoking executables already present on a user's local system, downloading malicious code onto a user's local system, and allowing attackers to download users data.

tags | remote, web, local, vulnerability
SHA-256 | b362e647344b3d8fd63fe7d03e850546c8bde19ce683f1a987e257d371541666
Posted Feb 5, 2003
Authored by Simon Roses Femerling | Site packetfactory.net

LibExploit is a generic exploit creation library to help the security community when writing exploits to test a vulnerability. Using the API you can write buffer overflows (stack/heap/remote/local) and format strings fast and easily by taking care of a lot of the redundant code. Features network and overflow functions, shellcode for several platforms, NIDS evading shellcode, OS detection, multiplatform exploits, and more.

tags | remote, overflow, local, shellcode, library
SHA-256 | 046cce8986889c3f51abdd31b061df4593c566aaede812809e4a06a1fe5865bc
Posted Feb 5, 2003
Authored by netric, Gloomy | Site netric.org

This 137 byte Linux shellcode creates a remote ICMP backdoor that can be controlled trough the ping utility.

tags | remote, shellcode
systems | linux
SHA-256 | 9b7f1bf697b9a01fb4663131fe0f9e6fccb1296052337e0f27f72333d60f55df
Posted Feb 5, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2003:017-06 - Red Hat released new PHP packages that are no longer affected by the wordwrap() heap overflow vulnerability. These packages are available for Red Hat version 8.0.

tags | overflow, php
systems | linux, redhat
advisories | CVE-2002-1396
SHA-256 | 65201ac8d85f84a7a6297dd65aa74862be4e863494a472c0612a0d7544f4ae02
FreeBSD Security Advisory 2003.1
Posted Feb 5, 2003
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-03:01 - It has been found that the CVS server can be tricked to free memory more then once, which can be used for remote code execution. Additionally, the CVS server allowed clients with write access to specify arbitrary commands to execute as part of an update (update-prog) or commit (checkin-prog). This behavior has been restricted. This affects all FreeBSD versions prior to 4.6-RELEASE-p7, 4.7-RELEASE-p4 and 5.0-RELEASE-p1.

tags | remote, arbitrary, code execution
systems | freebsd
SHA-256 | 04676dcda11f1a243bf6290503b701850ff6c455eef9399e03ed4dc95e392be6
Posted Feb 5, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2003:025-20 - Updated kernel packages for Red Hat Linux 7.1, 7.2, 7.3, and 8.0 have been made available that fix an information leak from several ethernet drivers (reported by Atstake), and a file system issue.

tags | kernel
systems | linux, redhat
advisories | CVE-2003-0001
SHA-256 | 211f41f3c990e4ed3e36343477ac000e9faf9989b97be3b78b93aa11fa0bdf7a
Posted Feb 5, 2003
Authored by KLC Consulting Security Team | Site klcconsulting.net

SMAC v1.1 is a Windows MAC Address Modifying Utility which allows users to change MAC address for almost any Network Interface Cards (NIC) on the Windows 2000 and XP systems, regardless of whether the manufactures allow this option or not.

systems | windows
SHA-256 | 42d16987f4a90ce771fc4ae9b391e0466508486a0eceaed0396da1d48a0d21ca
Posted Feb 5, 2003
Authored by Dave Aitel | Site immunitysec.com

SPIKE is an attempt to write an easy to use generic protocol API that helps reverse engineer new and unknown network protocols. It features several working examples. Includes a web server NTLM Authentication brute forcer and example code that parses web applications and DCE-RPC (MSRPC). Changelog available here.

Changes: Includes plonk, a new local/remote windows 2000 DoS. A DCE-RPC over named pipe fuzzer was added, SPIKE proxy is updated to 1.4.7, and BSD compatibility is improved and some Oracle tests where added to the audits directory.
tags | web, protocol
systems | unix
SHA-256 | 86d96bf99bcd039981ca89f8b55edca9f39fa71986a9df7c51797e24f233dbcd
Posted Feb 4, 2003
Authored by Dennis Rand | Site infowarfare.dk

Both the 32 FTP Client version p9.49.01 and ByteCatcher FTP Client V1.04b are susceptible to being crashed due to a large banner. Arbitrary code execution against the client may be possible.

tags | exploit, arbitrary, code execution
SHA-256 | dbd4fb324ffcac9ecb0d8c4f98982a0eb9e3c1f0b1ca20e8533d6773e2440c31
Posted Feb 4, 2003
Authored by Marco van Berkum, Jakub Klausa

Majordomo, the popular mailing list utility, defaults which_access to open in the configuration file. A list of email accounts for a mailing list can be compromised by this de-facto setting by sending which @. Patch included.

tags | exploit
SHA-256 | 8efeb015e6583cfd9603c53d758fcd752e89c4d7096f788f8d997d1a1b2f0abe
Posted Feb 4, 2003
Site web.mit.edu

MIT krb5 Security Advisory 2003-001: Multiple vulnerabilities have been found in MIT Kerberos 5 releases prior to release 1.2.5. These vulnerabilities allow a remote user the ability to crash the KDC, a user authenticated in a remote realm may be able to claim to be other non-local users to an application server, and it may be possible for a user to gain access to the KDC system and database.

tags | advisory, remote, local, vulnerability
SHA-256 | b4f8f659f09ba8c3ad8b82d31e826dd9864091b0a2158b838d6900b5c237cea2
Posted Feb 4, 2003
Authored by cellat

Two simple utilities that test the use of the crypt function. des-crypt.c takes in a user entered string and outputs the encrypted hash. des-decrypt.c tests for a valid password.

tags | encryption, crypto
SHA-256 | 5e039b17397c46cdcd88bc0165dad7a6fccb7e02cbb5705effeed7daa77bec55
Page 3 of 4

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By