exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 228 RSS Feed

Files Date: 2004-11-01 to 2004-11-30

psad-1.4.0.tar.gz
Posted Nov 28, 2004
Site cipherdyne.org

Port Scan Attack Detector (psad) is a collection of four lightweight daemons written in Perl and C that are designed to work with Linux firewalling code (iptables and ipchains) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate. Changelog available here.

Changes: p0f-style passive OS fingerprinting has been added through the use of the OPT field in iptables log messages. There is a bugfix for iptables log messages that include TCP sequence numbers, in addition to other bug fixes.
tags | remote, kernel, udp, perl, tcp
systems | linux
SHA-256 | 33650e388b7b5ef0b8d41568240f4214402ca68677a5486e7254f8a6fac52176
ftp-spider.pl
Posted Nov 25, 2004
Authored by Nithen Naidoo

FTP server spider, written in perl. Scans a ftp server to get the entire directory structure, detect anonymous access and writable directories, and look for user specified data. Not tested against Windows ftpd.

tags | tool, scanner, perl
systems | windows, unix
SHA-256 | 78f5bc8f3404b5374217fb0b045274c6f8f7013f84aa1aaaeaa08a0ac46d9fd8
relay.v4.c
Posted Nov 24, 2004
Authored by Thun

This forwards connections on any port you want to any host & port you like. Added the ability to select which device to listen on. Based on Laq's relay.3.

tags | tool
systems | unix
SHA-256 | 086dfbc690fc8acaf175d245b3348248fc74d730c4f0b737150ad04bf943a604
iDEFENSE Security Advisory 2004-11-22.t
Posted Nov 24, 2004
Authored by Jouko Pynnonen, iDefense Labs | Site klikki.fi

iDEFENSE Security Advisory 11.22.04 - J2SE prior to v1.4.2_06 contains serious remote vulnerabilities which allow applets loaded in browsers to load an unsafe class, and write to any file on a users system. IE, Mozilla, and Firefox can lead to compromise on Linux and Windows systems if a malicious web page is loaded.

tags | advisory, remote, web, vulnerability
systems | linux, windows
advisories | CVE-2004-1029
SHA-256 | b770dc7b3597a8eddba091ed48f8c2ebe227fb5643add55bafe7f720d7437c26
cryus.imap.2.2.8.txt
Posted Nov 24, 2004
Authored by Stefan Esser | Site security.e-matters.de

Cryus v2.2.8 and below contains four remote vulnerabilities, including one which is pre-authentication. Fix available here.

tags | advisory, remote, vulnerability
advisories | CVE-2004-1011, CVE-2004-1012, CVE-2004-1013
SHA-256 | 54d472e1537f333c599a3d7c14b3c297aa87884e8449678168feafb1d6d5a268
SecureCRT_Remote_Command_Execution.pdf
Posted Nov 24, 2004
Authored by Brett Moore SA | Site security-assessment.com

SecureCRT v4.1 and below contains a remotely exploitable command execution vulnerability. Patch available here.

tags | advisory
SHA-256 | 80795399469e1e338277c2f037190ee6918aae65b2a141bfe5ab27d0d50dbaf9
Winamp_IN_CDDA_Buffer_Overflow.pdf
Posted Nov 24, 2004
Authored by Brett Moore SA | Site security-assessment.com

A remotely exploitable stack overflow has been found in Winamp version 5.05 and below which allows malformed m3u playlists to execute arbitrary code. Fix available here.

tags | advisory, overflow, arbitrary
SHA-256 | 99d0d7a37a9704572d57022f0d3742f404776b272e3755e80703ceb58318934b
b4b0-phpbb.tgz
Posted Nov 24, 2004
Authored by evilrabbi

PhpBB v1.0.0 - 2.0.10 remote exploit which takes advantage of a bug in admin_cash.php. Opens a back door on a tcp port.

tags | exploit, remote, php, tcp
SHA-256 | 759e1b3c1fd320dbe0d222403ebfadaef07dc4d09e204984eb5cd514f21054bc
ecl-channel.adv
Posted Nov 24, 2004
Authored by ECL Team

Local user input handling vulnerabilities exist in WCI's TC-IDE Embedded Linux prior to v1.54 which allow local users with access to the tools provided with the system to spawn a root console, gaining full control over the running Linux operating system. In corporate environments where this product is being used, such vulnerabilities could cause disastrous effects, all users are encouraged to update to the latest firmware ASAP.

tags | exploit, local, root, vulnerability
systems | linux
SHA-256 | 46d3aa11e83ba80562e7262440809b13893d555f6f58bc2ca80b55ac4797533e
Openwall Linux Kernel Patch
Posted Nov 24, 2004
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: 2.4.28-ow1 fixes a number of security-related bugs, including the local root ELF loader vulnerabilities discovered by Paul Starzetz, a race condition with reads from Unix domain sockets (potential local root), and smbfs support vulnerabilities discovered by Stefan Esser (remote DoS by a malicious smbfs server; potential: remote root by a malicious smbfs server).
tags | overflow, kernel
systems | linux
SHA-256 | 256cfa736b57ad57623917b4da7131b7ab1915c65a0a3f47a53ca2d186266ee0
mailtraq-update.txt
Posted Nov 24, 2004
Authored by Travis Schack

Mailtraq Version 2.6.1.1677 remote exploit which allows SYSTEM level access while using the Mailtraq administration console. Requires a Mailtraq admin account.

tags | exploit, remote
SHA-256 | 9363a24390dc5f166823eede37366696be7abfad27c632dc5627567f22951267
efuzz01.zip
Posted Nov 24, 2004
Authored by priestmaster | Site priestmaster.org

Efuzz is an easy to use Win32 tcp/udp protocol fuzzer which finds unknown buffer overflows in local and remote services. Uses config files to define the range of malformed requests. Includes C source, released under GPL.

tags | remote, overflow, local, udp, tcp, protocol, fuzzer
systems | windows
SHA-256 | 83c25ea1e5b3ca8eaa392c20d213c89de0afe7961f65d36d43a2f77976f63a9c
proz_ex.c
Posted Nov 24, 2004
Authored by Serkan Akpolat | Site deicide.siyahsapka.org

Prozilla-1.3.6 remote client side stack overflow exploit, tested against current Gentoo, slackware, Debian, and suse.

tags | exploit, remote, overflow
systems | linux, suse, slackware, debian, gentoo
SHA-256 | 9357bc7d80ccdcff080e1d7069304e8f08c1c576c0e7e49b73ae85830397a0c4
Cisco6509_Reverse.tar.bz2
Posted Nov 21, 2004
Authored by Milos Koprla

Simple C tool and binutils patch with step by step description (HowTo_Reverse_engineering_Cisco_image.html) how to convert cisco image to MIPSIV file for reverse engineering. Allows you to dump and disassemble the text section, tested on a Cisco Catalyst 6509.

systems | cisco
SHA-256 | 05e5bd5d08fdbbcc327796acbc9bf7c17d413e25120d2c77635999b856359d1f
phpbb.php.txt
Posted Nov 20, 2004
Authored by Pokleyzz, How Dark | Site howdark.com

Remote command execution exploit for phpBB 2.0.10 that makes use of a flaw in the viewtopic.php code.

tags | exploit, remote, php
SHA-256 | aee65c849185b91d9b59593d7e00fe8fd6ad03efd250948a95761326bdf70a7d
Gentoo Linux Security Advisory 200411-29
Posted Nov 20, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-29 - unarj contains a buffer overflow and a directory traversal vulnerability. This could lead to overwriting of arbitrary files or the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
SHA-256 | 00d28a18026243d507fbe200677f214b89fb74f4c7748c5f6654dddbe7e4b685
20041119.IESP2Unpatched.html
Posted Nov 20, 2004
Authored by cyber flash | Site k-otik.com

Microsoft Internet Explorer (including IE for Windows XP SP2) is reported vulnerable to a file download security warning bypass. This unpatched flaw may be exploited to download a malicious executable file masqueraded as a HTML file. Full exploitation given. Original posted on k-otik.

tags | exploit
systems | windows
SHA-256 | 5cf54bfc3b98194b62e01d674a293f76a8b55e5d1942178a1fcfe020e729bc73
2427surprise.txt
Posted Nov 20, 2004
Authored by Paul Starzetz | Site isec.pl

A subtle race condition in Linux kernels below 2.4.28 allow a non-root user to increment (up to 256 times) any arbitrary location(s) in kernel space. This flaw could be used to gain elevated privileges.

tags | advisory, arbitrary, kernel, root
systems | linux
SHA-256 | d671cbd752252bb78a3d63491ad5f4be3c8c380bfeaa1eecfe09915f101df920
Corsaire Security Advisory 2004-07-20.1
Posted Nov 20, 2004
Authored by Stephen de Vries, Corsaire | Site penetration-testing.com

Corsaire Security Advisory - The aim of this document is to define a vulnerability in the Netopia Timbuktu 7.0.3 product for Mac OS X that suffers from a buffer overflow.

tags | advisory, overflow
systems | apple, osx
advisories | CVE-2004-0810
SHA-256 | cbc907a49668c0fcf9a73b904dee166db917a6d624962997421a44440286d2ae
Corsaire Security Advisory 2004-06-19.1
Posted Nov 20, 2004
Authored by Martin O'Neal, Corsaire | Site penetration-testing.com

Corsaire Security Advisory - The aim of this document is to clearly define several vulnerabilities in the Danware NetOp Host product that suffers from multiple information disclosure issues.

tags | advisory, vulnerability, info disclosure
advisories | CVE-2004-0950
SHA-256 | 42db080f94b4a9d2053f5f711e043ba751541dcd77b4eb01d14059438cd13bce
opera754.txt
Posted Nov 20, 2004
Authored by Marc Schoenefeld | Site illegalaccess.org

Opera 7.54 is vulnerable to leakage of the java sandbox, allowing malicious applets to gain privileges. This allows for information gathering as well as denial of service effects.

tags | advisory, java, denial of service
SHA-256 | 1f4ec2410d1b05e6a1c8e4034bf16cf1d34b5675d0c35d73f31016c81d7cf149
aclient.txt
Posted Nov 20, 2004
Authored by Reed Arvin

Altiris Deployment Solution 5.6 SP1 (Hotfix E) suffers from a privilege escalation flaw that allows for SYSTEM level access. Step by step exploitation given.

tags | exploit
SHA-256 | 2eeeb547e723092ea08f4321e09bdaa44b9d7db09a51e44e2d576c63d5afa53b
zoneAdBlock.txt
Posted Nov 20, 2004
Site zonelabs.com

ZoneAlarm Security Suite and ZoneAlarm Pro have been updated to address a vulnerability in their ad-blocking functions.

tags | advisory
SHA-256 | 6cdb000d655e7f0ca7361b33bdc652f24d545c5b63e5cd6664020f90d068fe59
mailtraq.txt
Posted Nov 20, 2004
Authored by Reed Arvin

A privilege escalation technique can be used to gain SYSTEM level access while using the Mailtraq administration console. Mailtraq Version 2.6.1.1677 is vulnerable.

tags | exploit
SHA-256 | 754a99a37c23e5ce9586839e1dbef857f90469878efeac14f8dd013ad62fd9e5
slmail5x.txt
Posted Nov 20, 2004
Authored by muts | Site whitehat.co.il

SLMail 5.x POP3 remote PASS buffer overflow exploit that binds a shell to port 4444. Tested on Windows 2000 SP4.

tags | exploit, remote, overflow, shell
systems | windows
advisories | CVE-2004-0942
SHA-256 | e52e26d43fc8281cdd86366385864d1faabe76d496cbf284434a32a5b495a1f4
Page 1 of 10
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close