Half-Life client versions 1.1.1.0 and below (including all MODs based on the game, such as Counter-Strike and DoD) remote exploit that will pose as a server that overwrites the stored return address but does not attempt any command execution.
44be5c2e6e78147a8f0de38d21ea6b80522c6cf03abe697bdec7874a3dbeb2c3Half-Life client versions 1.1.1.0 and below (including all MODs based on the game, such as Counter-Strike and DoD) on Windows has a remote buffer overflow in the connection routine.
9540a71644397aa409518bdea6814beebd68bcc6d4a27ae30c029fa370e794dfHalf-Life server versions 1.1.1.0 and below (including all MODs based on the game, such as Counter-Strike and DoD) remote exploit that will cause a denial of service.
706fd5353b5e853ceb8c02e4e9e1f109f309a18a74c35359fd60bc19a2ff4254Half-Life server versions 1.1.1.0 and below (including all MODs based on the game, such as Counter-Strike and DoD) on both Windows and Linux suffer from a remote buffer overflow and are vulnerable to a denial of service attack. Affects both the game and dedicated servers.
5dce8cfa8b96e9ceeb1fbb028948c1988e64d953e047db3459746c6114ef207biDEFENSE Security Advisory 07.29.03: A locally exploitable buffer overflow exists in the ld.so.1 dynamic runtime linker in Sun's Solaris operating system. The LD_PRELOAD variable can be passed a large value, which will cause the runtime linker to overflow a stack based buffer.
d8980a0f0ad83ec39a5c9e1bb61a448ba42a0962cdcf38b33b5dde750fc4a931lockdev 1.0.0 local exploit that escalates privileges to group lock. Tested against RedHat 7.3, 8.0, and 9.0.
d0afaca473e2a2cea7605ae7ca0fee0eb61359d67f42b7273ea99dfa14d03b2bDCOM remote exploit utilizing the issue discussed here. Covers Microsoft Windows NT SP6/6a (cn), as well as Windows 2000 SP0-4 (cn) SP0-2 (jp) SP0-2,4 (kr) SP0-1 (mx) SP3-4 (Big 5) SP0-4 (english) SP0 Server (english), and Windows XP SP0-1 (english) SP1 (cn) SP0-1 (Big 5). Modified by sbaa.
ce4477817dd7877597f0f89a169f5f8a3cfa8f3f08363bbd31bcf7bbc15209b8Version two of this paper discussing more shatter attacks that are possible using SEH memory locations to escalate privileges in Windows. Exploit code included. Related information available here.
612a9a5519a9d7da1fa8a00f1bcf9fc1be3a52c2d4df149c08548435c64b009bVigilante Advisory 2003002 - A flaw in firmware version 12.2(4)JA and earlier of the Cisco Aironet 1100 series allows a malicious remote user to discover which accounts are valid on the targeted Cisco Aironet Access Point by using classical brute force techniques. Exploitation of this flaw is possible if the telnet service is enabled with authentication.
dd1081c4783f7f655e1c47afb23551054a850f7af1193270e29c559513a42be0Vigilante Advisory 2003001 - It is possible to cause Cisco Aironet Access Point to crash and reboot if the HTTP server feature is enabled. This can be accomplished by submitting a specially crafted request to the web server. There is no need to authenticate to perform this attack, only access to the web server is required. The Aironet bridge reboots upon receiving the request and failing to handle correctly this one. Afterwards, no further access to the WLAN or its services is possible.
09dfb097fa92748f917490889523147c68604ec665bb7b5d1d0bcc10d69cd1d3Cisco Security Advisory - Sending a malformed URL to the Cisco Aironet AP1x00 can cause the device to reload resulting in a denial of service.
b5f01ee6843f1717778b675558375cdac99aabddf4d619a637ffffc33ea77257Apache 1.3.x using the mod_mylo module version 0.2.1 and below is vulnerable to a buffer overflow. The mod_mylo module is designed to log HTTP requests to a MySQL database and insufficient bounds checking in mylo_log() allows a remote attacker to gain full webserver uid access. Remote exploit for SuSE 8.1 Linux with Apache 1.3.27, RedHat 7.2/7.3 Linux with Apache 1.3.20, and FreeBSD 4.8 with Apache 1.3.27 included.
35db86fbefd818ae72497d5bec23002b6922e45da53d40b85d2ee31a56599032SQLScan v1.2 is intended to run against Microsoft SQL Server and attempts to connect directly to port 1433. It features the ability to scan one host or an IP list from an input file, the ability to scan for one SQL account password or multiple passwords from a dictionary file, and the ability to create an administrative NT backdoor account on vulnerable hosts, which will fail if xp_cmdshell is disabled on the server.
eca82aed20abb912a9c17c7069bad04790fdd937165e74d8b842e04d3204d1e5Packet capturing and network monitoring tool. Contains all the basics for monitoring network traffic. Tested on NetBSD and Linux. v0.1.2
f728d951a0777e163cc1aedce8b286b17370b9ae1406810579f65d8222bee865A program that XORs the bytes of a given file with a specified key to encrypt the file. With the same file, the file can be decrypted.
c84a3fd78621e6c95212d285b0b26130d5635439914934859ea3be8a332cb554A demonstration of ELF relocation.
15f16677b70d453d8baa3551f84c1a7dff88f2b60f14e3269391e42b8eeba9fb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed