exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 228 RSS Feed

Files Date: 2004-11-01 to 2004-11-30

Secunia Security Advisory 13198
Posted Nov 20, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Frank Mileto has discovered a vulnerability in Spy Sweeper Enterprise, which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
SHA-256 | d4ec931c32eac56df2a1ec5fc9724dd68008d82a99ecc7e79baba9771efa06ba
Secunia Security Advisory 13191
Posted Nov 20, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Skype, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the handling of command line arguments.

tags | advisory
SHA-256 | 59cbbcfa7e686fe8ef8eeed0c62e0acfde336cb713778930512d78d59c1d0234
passwords.txt
Posted Nov 20, 2004

Password article that discusses common attacks and possible solutions.

tags | paper
SHA-256 | 3538e96f4db235417b69d3fe2694ab99b4e8ae7672633c45c99c2eb10fb74699
tweaky.pl
Posted Nov 20, 2004
Authored by Roman Medina-Heigl Hernandez aka RoMaNSoFt | Site rs-labs.com

TWiki Release 01-Feb-2003 and below remote code execution exploit in perl.

tags | exploit, remote, perl, code execution
advisories | CVE-2004-1037
SHA-256 | 0a072dc39641233ff8523728ea4118373e6bd2bb4fa0c66b9edc40ca2e45e42d
GFHost.pl
Posted Nov 20, 2004
Authored by SPABAM

GFHost PHP GMail remote command execution exploit that achieves webserver id privileges.

tags | exploit, remote, php
SHA-256 | 3f16949c103704d441900ba1b74ee6b4743175756fe13c17ced1c7e2e43e7ece
132004.txt
Posted Nov 20, 2004
Authored by Stefan Esser | Site security.e-matters.de

Samba versions 3 through 3.0.7 suffer from a buffer overflow inside the QFILEPATHINFO request handler. This vulnerability allows for remote code execution.

tags | advisory, remote, overflow, code execution
advisories | CVE-2004-0882
SHA-256 | 19cd039a672527a6b47d2c45a1745de3a774b639ca25e062a5e1932683d23767
BelluaCFP.txt
Posted Nov 20, 2004
Authored by Anthony Zboralski | Site bellua.com

Call for papers for the Bellua conference being held from March 21st through the 24th. It will take place in Jakarta, Indonesia at the Hotel Borobudur.

tags | paper, conference
SHA-256 | bc06ebed080fe2c1da23d35f2f95485a972a98357aaa8c2272f68e3d49dac0ec
p0f-db-20041116.tar.gz
Posted Nov 20, 2004
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.

tags | tool, remote, local, scanner
systems | linux, netbsd, unix, solaris, freebsd, openbsd
SHA-256 | 78702c2f8f43e546c8002d842fad47e077f205f16b6ac210cff5a285cdfe0d58
floppyfw-2.0.10.img
Posted Nov 20, 2004
Authored by Thomas Lundquist | Site zelow.no

Floppyfw is a router and firewall on one floppy disk. It uses Linux basic firewall capabilities, and has a simple packaging system. It is ideal for masquerading and securing networks on ADSL and cable lines, using static IP, DHCP, and PPPoE. Installation involves editing of only one file on the floppy.

Changes: Upgraded to kernel 2.4.27 and busybox 1.0-rc3.
tags | tool, firewall
systems | linux
SHA-256 | d5898b34b5e8fcca1c55049ddfb0c0e80cc8679971127e9acf53605cf04c3502
Bastille-2.1.6.tar.bz2
Posted Nov 20, 2004
Authored by Jay Beale | Site bastille-linux.org

The Bastille Hardening System attempts to "harden" or "tighten" the Linux/Unix operating systems. It currently supports Red Hat and Mandrake systems, with support on the way for Debian, SuSE, TurboLinux and HP-UX. We attempt to provide the most secure, yet usable, system possible. Screenshot available here..

Changes: Bug fixes and updates.
systems | linux, redhat, unix, suse, debian, hpux, mandrake
SHA-256 | 18c3643d5abc13291c89be6422f9faeb0f6c33a58497aa372db196c07b342521
alph-0.6.tar.gz
Posted Nov 20, 2004
Authored by Corcalciuc V. Horia | Site sourceforge.net

alph implements and analyzes historical and traditional ciphers and codes, such as polyalphabetic, substitutional, and mixed employing human-reconstructable algorithms. It provides a pipe filter interface in order to encrypt and decrypt block text to achieve transparency. The program is meant to be used in conjunction with external programs that transfer data, resulting in transparent encryption or decryption of information. The program can thus be used as a mail filter, IRC filter, IM filter, and so on.

Changes: coff binary available, removed libpopt dependency.
tags | encryption
SHA-256 | 2e562a5d56a143716ae8404d7ccca3b9a2034aaf751fc306ca68e3bd9bc69c2f
Vuurmuur-0.5.55.tar.gz
Posted Nov 20, 2004
Authored by Victor Julien | Site vuurmuur.sourceforge.net

Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.

Changes: Code clean ups and some improvements.
tags | tool, firewall, bash
systems | linux
SHA-256 | 86d0fcdd27e195df1a3081104e7057415b9929878a05adb79a7311ee4cd8c054
armymen10.txt
Posted Nov 20, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Army Men RTS version 1.0 is susceptible to a format string bug that results in a denial of service.

tags | advisory, denial of service
SHA-256 | b0edb52988fc0c2d479204cb4e5f55a2738415330abf4e16111143b5dbafc2db
atk-3.0src.zip
Posted Nov 20, 2004
Authored by Marc Ruef | Site computec.ch

The Attack Tool Kit (ATK) is an open-source utility to perform vulnerability checks and enhance security audits. The most important changes in ATK 3.0 are the introduction of a dedicated exploiting routine and the Plugin AutoUpdate (over HTTP). Check the website for more details. Source version.

tags | web
SHA-256 | 7f89c48dbd6e74ad67035543136179675a0328f040fcecf4319d6c1e658b63ee
atk-3.0.zip
Posted Nov 20, 2004
Authored by Marc Ruef | Site computec.ch

The Attack Tool Kit (ATK) is an open-source utility to perform vulnerability checks and enhance security audits. The most important changes in ATK 3.0 are the introduction of a dedicated exploiting routine and the Plugin AutoUpdate (over HTTP). Check the website for more details. Binary version.

tags | web
SHA-256 | fff78b654c27955434f6b2c513880a3a88ef5fdf1aa10a4ba630fa3f163f1362
googleDisclose.txt
Posted Nov 20, 2004
Authored by Elliott Back | Site elliottback.com

Although one of the features of Google Desktop Search is to archive web history in its index for future searching, unchecking the preference to archive Web History and saving the preference does not clear the web history from the index.

tags | advisory, web
SHA-256 | d6ac298483d170e897ea9fdc64c9e41824b213b20b76a5907a327dc8094dc5a7
zipbrk.zip
Posted Nov 20, 2004
Authored by oc.192

This is a simple tool that searches for the central and local headers contained in a zip file and alters the uncompressed data variable to be 0 in an attempt to trick anti-virus software into not scanning the files inside the zip file.

tags | exploit, local, virus
advisories | CVE-2004-0932, CVE-2004-0937
SHA-256 | 89007618a7cc506d601e2523249eba67ce6ad4d3cc000482f70f5e18ab449a0d
TheFaceBook.txt
Posted Nov 20, 2004
Authored by Alex Lanstein, Ivo Parashkevov

TheFaceBook is susceptible to multiple cross site scripting flaws.

tags | advisory, xss
SHA-256 | e8602f6f087e56db508594ec635b29de6aac55141c8f005ff868b24087ef3a19
eudora62014.txt
Posted Nov 20, 2004
Authored by Paul Szabo

Eudora 6.2.14 for Windows that was just released is still susceptible to an attachment spoofing vulnerability. Working exploit included.

tags | exploit, spoof
systems | windows
SHA-256 | 40feffee7423a8d9403bc9b62c864111246e0808bd8068c7ab5f09b183a516b9
IPSwitch-IMail-8.13-DELETE.pl
Posted Nov 20, 2004
Authored by Mati Aharoni, Zatlander | Site whitehat.co.il

Remote exploit for the IPSwitch-IMail 8.13 stack overflow in the DELETE command. Successful exploitation binds a shell to port 4444.

tags | exploit, remote, overflow, shell
SHA-256 | 34486ab358c7f8793e3c20cec33de6a9c6baf7c1e07b04a872a23d2c482b2059
ZipMe!.cpp
Posted Nov 19, 2004
Authored by Miguel Tarasco Acuna | Site Haxorcitos.com

Microsoft Windows Vulnerability in Compressed (zipped) Folders (MS04-034) proof of concept exploit. Tested on Windows XP SP0 Spanish and English. More information available here.

tags | exploit, proof of concept
systems | windows
SHA-256 | 44517de41c7c9de3c636a5828759c01db0889a38ca5ba75dd8fd12a42642db83
tct-1.15.tar.gz
Posted Nov 19, 2004
Authored by Dan Farmer, Wietse Venema | Site porcupine.org

TCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, Solaris, and SunOS. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.

Changes: Big bug fixes, and really cool new features. Everyone needs to download and use this, right now. Do not delay.
tags | tool
systems | linux, unix, solaris, bsd
SHA-256 | 4c8e343453332bd1fdf0627f9b888e2a4f597e70b367f124cc7f2562558213a1
apache-squ1rt.c
Posted Nov 18, 2004
Authored by Daniel Guido

Apache v2.0.52 remote denial of service exploit (version two) which sends a lot of spaces, consuming CPU and RAM. More information available here. Versions between 2.0.35 and 2.0.52 may be vulnerable, but only v2.0.50 through 2.0.52 was tested.

tags | exploit, remote, denial of service
advisories | CVE-2004-0942
SHA-256 | 6ef0cd246b77f086571410803e9f7d0266154b693ceb51628715ee955cf53ea7
infect.S
Posted Nov 18, 2004
Authored by Bysin

ELF binary infector written in assembly. Infects all binaries in /bin and opens a backdoor on port 30464. Shellcode can be added at the end.

tags | shellcode
SHA-256 | b9973eeb2a742b906827bee86168be04984e30a36b880c9138bb8905fd7d0d35
101_netn.cpp
Posted Nov 13, 2004
Authored by class101

NetNote Server version 2.2 build 230 crafted string vulnerability exploit that crashes the server.

tags | exploit
SHA-256 | 7c6dc403c38101273cb023408861ce7734dd9c375fdbf92d16d88321a1e85197
Page 3 of 10
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close