Local exploit for the setgid game toppler. There is a stack overflow vulnerability with how toppler makes use of the HOME environment variable. Successful exploitation escalates user privileges to the group for games.
b929d57b7291105dabeaf26fc57dd8cfe25c295a669f60710c9a3723bbf60bf8Fport v2.0 is powerful windows tool which reports all open TCP/IP and UDP ports and maps them to the owning application. This is the same information you would see using the 'netstat -an' command, but it also maps those ports to running processes with the PID, process name and path. Fport can be used to quickly identify unknown open ports and their associated applications. Supports Windows NT4, Windows 2000 and Windows XP.
a279608c63ed6d10fe9b87e1e2f80d6d98e87abd33df72324dd3cb7bccb75064ipv6fuck is a IPv6 flooder inside of an IPv4 tunnel for testing IPv6 routers and tunneling. Supports ICMP6 and UDP, with further support due out in future releases.
86f76be1c5e89a788d30de7216c0a60484ff860dbc8e9aad9da67832b8b94806The ProductCart ASP shopping cart is vulnerable to a SQL injection attack which allows administrative access to the control panel.
4f9ef8763b86d76d3f50234d4399dd48e218739d71bee1deacdd0f9c58129c81VP-ASP suffers from a SQL injection attack in shopexd.asp. The vulnerability allows a remote attacker to gain full administrative control of the web based interface.
acef5d0430f484356d4bafe6d6bb7a863035055ef4891db178a00a0e6eee8b36RpcScan enumerates the RPC endpoint-map elements for port 135. You may differentiate between, for example, Windows NT 4.0 SP3 or before and Windows NT 4.0 SP4 or later, Windows 2000 SP2 or before and Windows 2000 SP3, default Windows XP and Windows XP SP1, Windows XP Home Edition and Windows XP Professional.
39f3c9fae88adafc7e22aee6d9e87422027eba1e5dd428d810798bd972ea488dInternet Explorer 6 has a bug that will lock up the browser if C:\aux is entered. It is similar to the C:\con\con problem where it is trying to access a hardware device. Microsoft claims this bug does not exist.
c943ab7331e279cda3e4a0ab88bd027093b18ebd6e03f5545fc94ff1f60f415bThis script runs in place of ftpd to exploit the moxftp/mftp 2.2, cftp 0.12, and Iglooftp 0.6.1 clients. Written to exploit these clients on FreeBSD.
67e0e9f6bca8ed6e1bd88ca18e787b3b189c8c1e1e8366b20442d23f28fc63c1isdnrep has a buffer overflow in the -t switch that allows a local attacker to escalate privileges if the binary is setuid/setgid (which it normally is not).
804a0aa86f8c6966d0e86f4ab5f2b34ec46a14840d4114f214eb1acd1eb8c7bfgnuan, the utility that produces an analysis of a chess game, has a buffer overflow that allows a local attacker to escalate privileges if the binary is setuid (which it normally is not).
5efd55881268d90b3371e25863f4b6f910273e7430b5838fb9ad464171b0a76cgnuchess, if setuid, is vulnerable to a buffer overflow using the -s switch that will allow an attacker to escalate their privileges. Vulnerable versions are 5.0.6 and below.
59abda22ffeddcfb2e70bd71e9bc5a5f442fac07ea31a04cd258e4ffe1a47a60Proof of concept exploit for IglooFTP PRO 3.8 and possibly earlier versions. This package suffers from multiple client side vulnerabilities including the banner, username, password, and account SMTP parameters.
012f188e05c0cd48ca2d55347c1fef1243732b738b287ec3f6b9007ffa7a13f5IglooFTP PRO 3.8 and possibly earlier versions suffers from multiple client side vulnerabilities including the banner, username, password, and account SMTP parameters. Related proof of concept exploit here.
be6ba59a065b4bbfe9a8f5feb2cda1345218b4d6b7fbaca76ce60f31f06aaf3dLinux eXtremail versions 1.5-8 and below remote root exploit that makes use of a format string vulnerability in its logging mechanism.
f73f3161c91641b7b5567b990f13c9d5b919ba33786bbedc6f63f3cc2fb52d54Linux eXtremail versions 1.5-8 and below hold a format string vulnerability in its logging mechanism. Exploiting this can allow for arbitrary code execution or a denial of service on the server.
9f300aec91de3f79ec8ad7dea040e62aded97cd4340b3ea05a7067bc03e93163
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed