Windows port of the remote exploit utilizing the DCOM RPC overflow originally coded by H D Moore.
98186a16043a537eb59eec975695e217b9043d1747d7a414c37c888c6b72be38Remote exploit utilizing the DCOM RPC overflow discovered by LSD. Includes targets for Windows 2000 and XP. Binds a shell on port 4444.
aac1c914909b279cffcee8699eff0774f5962b99d0dbd3ed2a80f12fa7a64d4aAn interesting bug in the Mitel Voice Over IP system that allows an attacker to discover phone numbers calling through the DHCP server.
1ed33fcc27a383016afe3811d1aa56ff46a4cdcfdf95bf1b10d6082b6b4ffcdbCERT Advisory CA-2003-18 - CERT announces that a set of integer overflows exists in a DirectX library included in Microsoft Windows. An attacker could exploit this vulnerability to execute arbitrary code or to cause a denial of service.
eafbaabf97c03108de6117e44f1d1a3d553ac31d3dabf02f3f7f03ac596520c5NGSSoftware Insight Security Research Advisory #NISR25072003 - In an attempt to fix previous vulnerabilities discovered by NGSSoftware, the Oracle RDBMS fix patched the hole but left a logging function vulnerable to a stack overflow.
237dd712fc93400a7d9eed9e111f3ab5238fd5fcb2322857fa12ec0d69be3187Scans an IP range and checks is a specified port is open for TCP connections. Can also search for specific parts in strings which the servers return. TCP RAW is not fully implemented.
5f26393e2a0d14d3a912b9f88ea34961da5d1612660ca4e6ef10d46898155e30Packet capturing and network monitoring tool. Contains all the basics for monitoring network traffic. Tested on NetBSD and Linux.
b391ac1d3f92a701211db0c0e84bb25f662fa0e6fd9f0c7ae5f66be100ff5ceaAn advanced backdoor which waits for a ICMP packet and then connects to a UDP server on the client.
a82f0882beed30e7c614cc2eabc39c2192750969a622ff0f723746be51b66bb6SACscan is a basic portscanner much alike Nmap
74072f0cf65e2b908075df89fc05ee5c2fb536201cb01e3fcc3c738612f9693aPHP-G
078015488d26f1dd993259eac78f9ecdbd1e53a886fe906982d804667e0be8e6Various configurations of CPU/BIOS/OS can lead to a denial of service on a server by a local user due to certain BIOSes not zeroing out MSRs on reboot. Patch included.
ca31052b05fc2352ad297512130b304003132d25354bf262fd89aa8fc1a9205aRemote denial of service exploit making use of the vulnerability found in DCOM under Windows.
d713c961d2e4c5c929651f387787d375feb82aa68cc35f126fa794fd0d189fdfIntegrigy Security Alert - The Oracle Applications AOL/J Setup Test Suite, used to trouble-shoot the Self-Service framework, can be exploited to remotely retrieve sensitive configuration and host information without application authentication. The AOL/J Setup Test Suite is installed by default for all 11i implementations. A mandatory patch from Oracle is required to solve this security issue. Affected versions: 11.5.1 - 11.5.8.
854e86c2ad0a68b842923e90cca894c381a953aeda7c67d317b9cdd7deb2aefcIntegrigy Security Alert - The Oracle Applications FNDWRR CGI program, used to retrieve report output from the Concurrent Manager server via a web browser, has a remotely exploitable buffer overflow. A mandatory patch from Oracle is required to solve this security issue. Affected versions: 11.0 and 11.5.1 - 11.5.8.
35163210430282df91a1cb019208a07bf7a0cc546bf99ea364752eb19abc2a02Ethereal is one of those packages that many network managers would love to be able to use, but they are often prevented from getting what they would like from Ethereal because of the lack of documentation. This document is part of an effort on the part of the Ethereal team to improve the accessibility of Ethereal.
618a41b9e6642eaa7c78e75a9ba30c173ace317aaeadbc6c608977bbdff33552Remote exploit for miniSQL version 1.3 and below that achieves privilege escalation root gid.
e3637acdc0aea734e04f3ed1cd756e1015ef7c75c0c7bf4b03ee10155c796dc7Remote buffer overflow denial of service exploit for the Netware Enterprise CGI2PERL.NLM.
33d051b502f0487617368e88328921009574f44a7495c5805d2770bd46b2cdd0Atstake Security Advisory A072303-3 - By sending a specially crafted message to the local LPC port for Microsoft SQL Server, it is possible to overwrite information stored on the stack. This would allow an attacker to execute code under SQL Server's credentials thereby escalating privileges. This would then allow the user to read and write access to the database files. If the SQL Server is running under the Administrator or Local System account this would enable system compromise.
117cbb53e11b5d137ca26262d9725ad4c4f1bef3dd4ac8e5e18f9278df670308Atstake Security Advisory A072303-2 - By sending a large request to a named pipe used by the Microsoft SQL Server, an attacker can render the service unresponsive. Under some circumstances, the host has to be restarted to recover from this situation.
4da882968c57e3021287c2926f476d383da49f08fd6b93c99584ab7e7a62fd5eAtstake Security Advisory A072303-1 - A flaw exists in the Windows NT 4.0 file name processing. The flaw can cause heap corruption to occur when a long string is passed to the file name functions. This results in the program calling the NT 4.0 file name processing functions to crash. One attack vector identified is through a Java servlet running on the IBM JVM.
0e3ea90058d665a67768d87daa55ed99b0140ecb0adefcc560fee055b21f3437Post discussing vulnerabilities in deployment of dangerous files onto a target machine utilizing the Windows Media Player.
8f316501a1dad19f5066131347357a6b5fef2a66474c18543f7935f8ac377235Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
b788871c0f91201b1a31c1f00aaa9c66675d601621475bdce6d1b47247ca04f4Threaded banner scanner that is rather versatile and lightweight.
8265bf561570b0b737107a03fe3943d365b3ba56e5ee0416bf40453166ab473dThe Netware 5.1 SP6 suffers from a buffer overflow in the web server PERL handler CGI2PERL.NLM which will cause a denial of service situation. CERT: VU# 185593.
fe0de70876ed6743218b3c34d52b1cccb867bd93640ab254fbe70590d1973c6escip Advisory 2003-01 - MSN search is a link directory moderated by Microsoft. It is possible to inject some scripting with a search query. An attacker could initiate scripting attacks as denial of service attempts or cookie stealing.
c36c2de0aabf0ef9474193ad304fe9cc33e18af8c68c0026acae466d99f577a2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed