what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 227 RSS Feed

Files Date: 2004-06-01 to 2004-06-30

mod_rootme-0.1.tgz
Posted Jun 22, 2004
Authored by Christophe Devine

mod_rootme is a very cool module for the Apache 1.3 series that sets up a backdoor inside of Apache where a simple GET request will allow a remote administrator the ability to grab a root shell on the system without any logging.

tags | remote, web, shell, root
SHA-256 | 4ad725b929e8714ed72b2aef702d7383e7f30973e4a777ae8a882ba784fcf58a
dsa-522.txt
Posted Jun 22, 2004
Authored by Matt Zimmerman, Max Vozeler | Site debian.org

Debian Security Advisory DSA 522-1 - A format string vulnerability in super has been discovered that allows specified users to execute commands with root privileges. This vulnerability could potentially be exploited by a local user to execute arbitrary code with root privileges.

tags | advisory, arbitrary, local, root
systems | linux, debian
advisories | CVE-2004-0579
SHA-256 | 78c7e1bf65152d505c10fbb236ca5fba4a3cc83b2737cffa0bc5add027d86b91
0406214.txt
Posted Jun 22, 2004
Authored by Paul Kurczaba | Site kurczaba.com

A vulnerability has been found in the Mobile Code filter in ZoneAlarm Pro where SSL content is not filtered. Tested against Windows XP Pro running ZoneAlarm Pro 5.0.590.015 and Internet Explorer version 6, with all patches.

tags | advisory
systems | windows
SHA-256 | 9f550907ba57239e2e48c56db138dbfa750a3cb38f6d2cdd756fae1d650f0bba
0406213.txt
Posted Jun 22, 2004
Authored by Paul Kurczaba | Site kurczaba.com

A user can deny access to the web-based administration by establishing 30 connections to the web-based administration port (80) on the Microsoft MN-500 Wireless Router. Until the connections are closed, the router administrator cannot access the web-based administration.

tags | advisory, web
SHA-256 | 9eb7fa9b0faacd20f011010c664c60362d59d51325c8fb8bda4a97e82a6c3447
0406212.txt
Posted Jun 22, 2004
Authored by Paul Kurczaba | Site kurczaba.com

A user can deny access to the web-based administration by establishing 1 connection to the web-based administration port (80) on a Linksys BEFSR41 Cable/DSL Router. Until the connection is closed, the router administrator cannot access the web-based administration. Note that the router automatically closes the TCP connection after about ten seconds of inactivity.

tags | advisory, web, tcp
SHA-256 | cc4d06d74473ac6a04901d1309b131325e16dbe2a571ed5f24f1a9fce4b531f9
0406211.txt
Posted Jun 22, 2004
Authored by Paul Kurczaba | Site kurczaba.com

A user can deny access to the web-based administration by establishing 7 connections to the web-based administration port (80) in the Netgear FVS318 VPN Router. Until the 7 connections are closed, the router administrator cannot access the web-based administration.

tags | advisory, web
SHA-256 | 77be9a97404a9717378c0f2ab65614511596841eee00cf9f40135e461979c75c
iss7bypass.txt
Posted Jun 22, 2004
Authored by Chris Hurley | Site assureddecisions.com

Users of Internet Scanner 7 from ISS can bypass license restrictions due to a key bypass flaw.

tags | advisory
SHA-256 | bb3871b4ccbc9d65dd1ff8985c5fc1269a333b4183fe4611dc028efc5f5a0b58
code.zip
Posted Jun 22, 2004
Authored by Jelmer Kuperus | Site jelmer.homedns.org

Some bits of code that show how modified URL encoding can easily bypass restricted zones via Microsoft Internet Explorer.

tags | exploit
SHA-256 | 969ea80d5ad83d70772c9700ecf916fdc2e3c5a210e6edf42c960f36f4150530
ircd-hybrid.txt
Posted Jun 22, 2004
Authored by Erik Sperling Johansen

Due to faulty logic in the socket dequeuing mechanism used in hybrid 7 and the derivate ircd-ratbox, it is possible to severely lag an irc server using a low-bandwidth DoS attack. Affected versions: ircd-hybrid below and equal to 7.0.1, ircd-ratbox below and equal to 1.5.1, ircd-ratbox below and equal to 2.0rc6. Full exploitation included.

tags | exploit
SHA-256 | 55974cc18c7257c5e90e2f3887ac897970b45e11380ca3ee193ebdcf9304a993
dnsone.txt
Posted Jun 22, 2004
Authored by Gregory Duchemin

It has been reported that a vulnerability exists in DNS One, potentially allowing malicious people to conduct script insertion attacks. The problem is that input supplied to the HOSTNAME and CLIENTID parameters in a valid DHCP request are logged unfiltered, allowing arbitrary HTML and script code to be embedded. Successful exploitation allows code execution in an administrative user's browser in context of the affected site when the report / log is viewed. Reportedly, firmware version 2.4.0-8 and 2.4.0-8A and prior are affected.

tags | advisory, arbitrary, code execution
SHA-256 | 834a3a0d683b2f180754f7d96f8cbc06c96db82fa7ecf2da5fe00ff2985869ab
eEye.ibm.txt
Posted Jun 22, 2004
Authored by Drew Copley, http-equiv | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a security vulnerability in IBM's signed eGatherer activex. Because this application is signed, it might be presented to users on the web for execution in the name of IBM. If users trust IBM, they will run this, and their systems will be compromised. This activex was designed by IBM to be used for an automated support solution for their PC's. This is installed by default on many popular IBM PC models.

tags | advisory, web, activex
SHA-256 | 6599862e14320181a6e068e3cea972c1e37c7c9c9660660f00865030c0c1566a
dsa-521.txt
Posted Jun 22, 2004
Authored by jaguar | Site debian.org

Debian Security Advisory DSA 521-1 - A format string vulnerability has been discovered in sup, a set of programs to synchronize collections of files across a number of machines, whereby a remote attacker could potentially cause arbitrary code to be executed with the privileges of the supfilesrv process.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2004-0451
SHA-256 | c97c96287dc17e80c241ce806844485d5301d9292c2078a15e158a669306eb14
wasabi-0.2.tgz
Posted Jun 22, 2004
Authored by Andrea Barisani | Site gentoo.org

Wasabi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: Added multiple files support, big performance improvements, better signal handling, new smtp code, see the Changelog for full details.
tags | system logging
systems | unix
SHA-256 | 2dc461abd6fca9f0892cd556b8e002aed7647d73572150960e754c28c150de68
elfrape2.c
Posted Jun 22, 2004

Proof of concept exploit that will patch an ELF binary to utilize the stack overflow in file 3.39 and below. If someone runs file against said binary, a suid shell is created as /tmp/.sh of that uid. New version works on both Linux and the BSDs .

tags | exploit, overflow, shell, proof of concept
systems | linux
SHA-256 | 21103ace980bf29abaf0743ed5d8816533999653245d3642f709e758b76ba991
elfrape.c
Posted Jun 22, 2004

Proof of concept exploit that will patch an ELF binary to utilize the stack overflow in file 3.39 and below. If someone runs file against said binary, a suid shell is created as /tmp/.sh of that uid.

tags | exploit, overflow, shell, proof of concept
SHA-256 | 15a084aac71ca804bb1ff97e1ca230d473228271616ff4493d50b4b2a3d11cd4
sbd-1.31.tar.gz
Posted Jun 20, 2004
Authored by Michel Blomgren | Site cycom.se

sbd is a Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. sbd features AES-128-CBC + HMAC-SHA1 encryption (by Christophe Devine), program execution (-e option), choosing source port, continuous reconnection with delay, and some other nice features. Only TCP/IP communication is supported. Source code and binaries are distributed under the GNU General Public License.

Changes: Version 1.31 added setuid(geteuid()) code and command line wiping. If sbd is setuid (chmod 4755 or 6755), sbd will do setuid(geteuid()) on Unix-like operating systems. Feature added to offer root shells during pen-tests. Various other enhancements.
tags | tcp
systems | windows, unix
SHA-256 | 04e6578b1f96467b06d686fdee0cf09088505e20956429ebb44582e24d9303b0
dsniff-2.4b2.tar.gz
Posted Jun 18, 2004
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: This particular version is a modified release by Michael Robin that has been migrated to work with libnet 1.2 libraries. Includes a new tool called filenamesnarf.
tags | tool, local, sniffer, tcp, protocol
SHA-256 | 4a78a46ce5efe6f6ac271db49d1bf28238da3d4eb346603510f969291bf6df2c
dupchecker.pl
Posted Jun 18, 2004
Authored by glitch

Simple perl script that checks for duplicate files in a directory based upon md5 checksums.

tags | tool, perl
systems | unix
SHA-256 | ee148a4d01605255a7b2db70af1471e57ba67077a53f4d273ec105e5a31d01b7
sqlat-src-1.1.0.tar.gz
Posted Jun 18, 2004
Authored by Patrik Karlsson | Site cqure.net

SQLAT is a suite of tools which could be useful for pen-testing a MS SQL Server. The tools do dictionary attacks, upload files, read registry and dump the SAM. They do this by wrapping extended stored procedures. There is also a tool for doing a minimal analysis of a SQL Server with output as HTML. You need to be 'sa' to run some of the tools, but this usually isn't a problem. SQLAT works over port 1433.

Changes: Applied patches from Eric Augustus and minor changes.
tags | registry
systems | unix
SHA-256 | 33ef7508838012b697f29ea87790514fe74b23e77d4da94f5351850384e86cad
cifspwscan-1_0_3.tar.gz
Posted Jun 18, 2004
Authored by Patrik Karlsson | Site cqure.net

A CIFS/SMB password scanner based on the jcifs implementation. The scanner and jcifs are both 100% pure Java, making it possible to run the scanner on a few different platforms. Both the Java source and binary distributions are included.

tags | tool, java, scanner
systems | unix
SHA-256 | d7ddc0a81891ee38242dfbcfd94e1c5afa8a97bf82ec803ca9d964710a6963bb
pivot1.1.0SoundwaveAdv.txt
Posted Jun 18, 2004
Authored by Alex Buck aka loofus | Site 0x90.org

Pivot 1.10 Soundwave is susceptible to a remote file inclusion and execution vulnerability that enables a remote attacker to execute anything they want in the context of the user id running the web server.

tags | exploit, remote, web, file inclusion
SHA-256 | bc31d33c1db4f1dcd9a4ae2f956fc02dbd2c9d2de27d2c22695f954c79bf9233
BEA Systems Security Advisory 04-62.00
Posted Jun 18, 2004
Authored by Oracle | Site dev2dev.bea.com

A vulnerability exists in various versions of Weblogic Server and Weblogic Express when a client logs in multiple times as different users using RMI (Remote Method Invocation) over IIOP (Internet Inter-ORB Protocol). This may reportedly result in an RMI method being executed under the wrong identity. Affected versions: WebLogic Server and WebLogic Express 8.1, on all platforms, WebLogic Server and WebLogic Express 7.0, on all platforms, and WebLogic Server and WebLogic Express 6.1, on all platforms.

tags | advisory, remote, protocol
SHA-256 | 7c596d91f9fead17e5b14f54e34f7f6c2e74de76810cffc996835d9e9049a456
spfp.html
Posted Jun 18, 2004
Authored by Tan Chew Keong | Site security.org.sg

Sygate Personal Firewall Pro version 5.x is susceptible to a denial of service attack by being crashed via unprivileged applications sending specially crafted messages to the ListView control in the GUI.

tags | advisory, denial of service
SHA-256 | c4b523beea4596ecf960bcae931886280975333d872f47098e91d7d4f0b32445
DumpSIS-0.8.zip
Posted Jun 18, 2004
Authored by Jimmy Shah

Symbian SIS file dumping utility that allows for analysis of potential malware without actual installation of files. It provides information on file headers (UIDs, Version, Number of Languages, Number of files), file list (Destination name by default, Source filename and file type).

Changes: Fixes decompress bug and compatibility with Perl on Unix.
systems | unix
SHA-256 | feb8c2423354851a76c204ffad717cdddb2cfba59ef6138cc50471f7e0831640
FSlint-2.08.tar.gz
Posted Jun 18, 2004
Authored by pixelbeat | Site pixelbeat.org

FSlint is a toolkit to find various forms of lint on a filesystem. At the moment it reports duplicate files, bad symbolic links, troublesome file names, empty directories, non stripped executables, temporary files, duplicate/conflicting (binary) names, and unused ext2 directory blocks.

Changes: Added and fixed translations. Various bug fixes.
tags | tool
systems | unix
SHA-256 | 8f37fdeeb5e5b3e104f50171d564315d0f1b6adb60a563fcc9082647e6839841
Page 4 of 10
Back23456Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close