what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 42 of 42 RSS Feed

Files Date: 2005-12-01 to 2005-12-02

Posted Dec 1, 2005
Authored by pasquale minervini

NetBSD/i386 2.0, setreuid(0, 0); execve("/bin//sh", ..., NULL); shellcode. 29 Bytes.

tags | shellcode
systems | netbsd
SHA-256 | 2361c89276305bd09af3f19909dd5cda1173703a34b42ec8f14d0baaec5e090a
Posted Dec 1, 2005
Authored by pasquale minervini

NetBSD/i386 2.0, setreuid(0, 0); execve("/bin//sh", ..., NULL); shellcode. 30 Bytes.

tags | shellcode
systems | netbsd
SHA-256 | 117af4cd119203328bda7ac1a71cede1ce1eff0d09363550faf1f7a805060a54
Posted Dec 1, 2005
Site dyadsecurity.com

The Webmin miniserv.pl code suffers from a format string vulnerability.

tags | advisory
SHA-256 | 97ebba960f457a58ad0e761322199ad5c6c0a070121c559a0100561ad97b67fc
Posted Dec 1, 2005
Authored by Winny Thomas

Microsoft Internet Explorer denial of service metafile exploit. Raises CPU utilization up to 100%.

tags | exploit, denial of service
SHA-256 | 48fd7350f572c62e78b0b5618eba85ff145865f9260ae631a6875341622b4523
Posted Dec 1, 2005
Authored by pasquale minervini

A buffer overflow vulnerability in the utility phgrafx included in the QNX Neutrino Realtime Operating System can potentially be exploited by malicious users to escalate their privileges. Exploit included.

tags | exploit, overflow
SHA-256 | 59ea4aa5c272f08159cf44506744ef6f78fd70d1feb59c535e77bf1afa84aea9
Posted Dec 1, 2005
Authored by Luigi Mori | Site symbolic.it

It is possible to mount a denial of service attack against Windows 2000/2003 hosts where the SYN attack protection has been enabled.

tags | advisory, denial of service
systems | windows
SHA-256 | 5aff64df96ecc852c2daff2bb5ddea80c392c2a30780ca25b8aab68fefc3bfcb
Posted Dec 1, 2005
Authored by rgod | Site retrogod.altervista.org

Guppy versions 4.5.9 and below suffer from remote code execution and arbitrary inclusion flaws. Full exploit provided.

tags | exploit, remote, arbitrary, code execution
SHA-256 | 968ffef02bac67138cf981ec650bc3a7d33b94c0c0c8eb860f158874ad6f9ca9
WebCalendar Multiple Vulnerabilities
Posted Dec 1, 2005
Authored by Francesco Ongaro | Site ush.it

WebCalendar 1.0.1 is susceptible to SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 23e27c95c7836fb9ed4b91fc3f6d56dabd8ce00e2c70c418b4563aabab3e4fb9
PHP Web Statistik Multiple Vulnerabilities
Posted Dec 1, 2005
Authored by Francesco Ongaro | Site ush.it

PHP Web Statistik version 1.4 suffers from injection vulnerabilities.

tags | advisory, web, php, vulnerability
SHA-256 | 1254628e2da8b1b1b6f411da297d1ea9e16f19f55e843ac8d21250c14532a6ef
FreeWebStat Multiple Cross Site Scripting
Posted Dec 1, 2005
Authored by Francesco Ongaro | Site ush.it

FreeWebStat version 1.0 rev37 is vulnerable to multiple cross site scripting flaws.

tags | advisory, xss
SHA-256 | 0020303ba5ebcc0da8d674752ec0c2c826555fce3288cdd245981ad3915983ad
Posted Dec 1, 2005
Site infohacking.com

Cisco IOS exploit that demonstrates how unsanitized input from a user can be injected into dynamically generated web pages.

tags | exploit, web
systems | cisco
SHA-256 | 4d70c45a942ad697419897fb1a6037e8fa9a37acf43cbbe1c805f31581738d5b
Posted Dec 1, 2005
Authored by Michal Gizowski

Kadu, an opensource Gadu-Gadu instant messaging client, is susceptible to a denial of service condition.

tags | advisory, denial of service
SHA-256 | 09bf206aa9b5e425a10bdda36dbf29d831e765432536a018af9b045321bb7ecb
Posted Dec 1, 2005
Authored by Liz0ziM, wannacut | Site biyo.tk

Randshop is susceptible to SQL injection attacks.

tags | exploit, sql injection
SHA-256 | 1a59e41d524a0c0075464b3e6e4f4bd5df6198c644af1105c7c17ed7ce2102bd
Posted Dec 1, 2005

APC PowerChute Network Shutdown's web interface only supports HTTP, forcing credentials to be passed in the clear.

tags | advisory, web
SHA-256 | 8885c9bf6f4b2c0fa09d301f83d4ae9733e49fd941dbcba894109c631117a434
Posted Dec 1, 2005
Authored by pagvac aka Adrian Pastor | Site ikwt.com

Google Talk Beta Messenger stores all credentials in clear text in the process memory.

tags | advisory
SHA-256 | 77351e323ebc2b62b46a2bc7cd97d4de54156ea418e6b6aeaadbc17bf1698b51
Posted Dec 1, 2005
Site modsecurity.org

Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.

Changes: Some small security improvements, and improvements, also some enhancements.
tags | java, web
SHA-256 | b8ef27d4bdfa652884217592c1c17d31a78a1b97978a9d9e2b7dcdf6e969cd6b
Posted Dec 1, 2005
Site cipherdyne.org

Port Scan Attack Detector (psad) is a collection of four lightweight daemons written in Perl and C that are designed to work with Linux firewalling code (iptables and ipchains) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate. Changelog available here.

Changes: Bug fixes and some cool new features.
tags | remote, kernel, udp, perl, tcp
systems | linux
SHA-256 | 623d26c4ef62dca439222272bc448db49a7551150f3fbb17951e9163d7ddbbd0
Page 2 of 2

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By