The enq program under AIX has an overflow that exists in the command line argument parsing. This exploit successfully utilizes the vulnerability to escalate privileges to egid=printq. Tested on AIX 4.3.3.
b9aa6fde8e33084acefb4bf66b450b630fbf86049e406631ffdece9bd065b6e7A high-speed brute-force password cracker for MySQL hashed passwords. It can break an 8-character password containing any printable ASCII characters in a matter of hours.
124ae704ea210354bcd693361cbb0422d6c9271c715fd794d16e619576ca22b5Remote root exploit for PoPToP, the PPTP server designed for Linux, versions 1.1.4-b3 and below. Fixed by blightninjas. Original code by einstein.
7b259fb68ba2f2394efa8a75f26c214b7561cd714f3e1726df283dfa4947ffe2Getdata Protocol Analyzer is another sniffer made with libpcap that supports multiple protocols like TCP, UDP, ICMP, IGMP, etc.
8285a9d512c65e7274f5cba58bb8fe1ca1b585b0e3af544f58156a031e5c130aInjectso is a tool that can be used to inject shared libraries into running processes on Linux (x86/IA32 and Sparc) and Solaris (Sparc). It also provides routines that can be used by injected libraries to easily modify the behavior of the host process by intercepting library function calls. This allows you to intercept input or output, send and receive information over open sockets in that process, read and write to files opened exclusively by that process, close a file descriptor to a socket and redirect the i/o to a file for debugging, and much more. This is similar to an article in Phrack 59, but more refined. More information available here.
25106b23436fc67af56f43cfd1460da33596d3d37d9f72f591582b65d8ed3225Shiva is a tool to encrypt ELF executables under Linux. Shiva can be used to wrap an executable in such a way that though it continues to run as it did before it is very difficult to debug or reverse engineer. Shiva can be used to password protect critical programs, including setuid programs, or simply to obfuscate sensitive data stored within programs.
ab9b952d330d5b067330bad8fe8c5a78d38d920e6daffaa451428a427464cd7bRemote root exploit for Sendmail 8.12.8 and below that makes use of the vulnerability in prescan(). Note: This exploit is crippled and needs to be fixed.
b3c08d4687af2292f82e2d9dac63e977ef8497f5afbf665b31499dbc02ad22baRemote root exploit for Sendmail 8.12.8 and below that uses the vulnerability in crackaddr().
939cd7761692b6a6fdd91b9b6e74d8c5e902c6f7530d6acd1c651d71efcfc833Local root exploit for Qpopper v4.0.x poppassd that utilizes the ability to set the smbpasswd path.
ce5f5d341e016678062e1b6bd29ac00f6270e383375a46773cf0166a0247087fSamba 2.2.x Remote root exploit. Tested against RedHat 8.0.
13c39033253a9725ddb7ac8cf13eb639cca2208e1d16c19ff60bf316d0a4fbeeA simple TCP packetlogger/sniffer for Linux which includes background logging.
35c08a7777d1b751a168478dad9d3126b0d7fa46d8d372c1035af3c21843f383Software Insight Security Research Advisory #NISR29042003 - A classic stack based buffer overflow vulnerability exists in the Oracle database server that can be set up for exploitation by providing an overly long parameter for a connect string with the 'CREATE DATABASE LINK' query.
c3f8b0302120eee28deb89f9e37d6fc46825608d07e31b5127eebc4b72b60651bug-exploit is a utility designed to go through a list of setuid and setgid files and will assist a coder in figuring out whether or not a buffer overflow exists in the command line arguments fed to the binary.
2e38a2ca5690f924d27eedd76b77db17c972e891c972352e2e474555002f1fe4Simple Perl script to enumerate information on Machines that are running SNMP
4f4f920f8b8d8bb5b11f535163c3bba075a441377d423b39895918db914bc1b4Kerio Personal Firewall version 2.1.4 and below is vulnerable to a replay attack against the authenticated/encrypted channel for remote administration. A remotely exploitable buffer overflow also exists in the authentication process.
51f426c01a5ad688ec33c74da88fe1f7fc33549a9d8404fc4084179856d88505This utility scans a class C or B network for hosts infected with the Code Red II worm. It does this by checking for the presence of /scripts/root.exe which is the backdoor Code Red II leaves behind.
9d7ac64116e321ee9ad184ad22c7d68ea6e8821fb7ce10daf672883ea8effbeaINetCop Security Advisory #2003-0x82-016 - Qpopper v4.0.x poppassd, the utility that allows users to change their mail passwords, is setuid root and allows for a definable path to smbpasswd. In doing so, a local attacker can easily escalate to root privileges.
20cb7ad78ee34a4462fc2669a4d2d11d3fe2de2037bd5095118d7d9b3abee361Updated version of the remote root exploit for Realserver 8 on several Windows platforms.
faac60e3244b42b5c4ede35ae529a0d44f8df9e59b986f1e0455c38db816a155
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed