exploit the possibilities
Showing 51 - 75 of 220 RSS Feed

Operating System: IRIX

Posted Oct 4, 2001
Site xforce.iss.net

ISS Security Advisory - A format string vulnerability has been found in the tooltalk service (rpc.ttdbserverd) on multiple versions of HP-UX, IBM AIX, IRIX, DG-UX, and Solaris. ToolTalk contains a "syslog()" call that will interpret user-supplied formatting arguments. This call is insecure and allows remote attackers to control formatting and manipulate data at arbitrary locations in the memory of the running executable.

tags | remote, arbitrary
systems | solaris, irix, aix, hpux
MD5 | fc846f2aab901cd94774643b4e146f2d
Posted Sep 11, 2001
Authored by hhp, Cody Tubbs | Site hhp-programming.net

Hhp-temprace6_0.pl is a quick and simple temp race checker for Linux, BSD, Sun/Solaris and IRIX. Put together to eliminate the hassle of manual checking.

systems | linux, solaris, irix, bsd
MD5 | 559f3a9f22658577b77a93c23f00ab8f
Posted Jul 29, 2001
Authored by teso, scut | Site team-teso.net

TESO Security Advisory #11 - Multiple vendor Telnet Daemon vulnerability. Most current telnet daemons in use today contain a buffer overflow in the telnet option handling. Under certain circumstances it may be possible to exploit it to gain root privileges remotely. Affected systems include BSDI 4.x, FreeBSD, IRIX, Linux with netkit-telnetd < 0.14, NetBSD, OpenBSD 2.x, and Solaris.

tags | overflow, root
systems | linux, netbsd, solaris, freebsd, irix, openbsd
MD5 | 56fb4e5983fdf5c58663113d30bc8c33
Posted Jul 29, 2001
Authored by The Last Stage of Delerium | Site lsd-pl.net

Unix Assembly Code Development for Vulnerabilities Illustration Purposes v1.02 - Covers IRIX / MIPS, Solaris, HP-UX, AIX, Ultrix, Linux, BeOS, and BSD. Includes system call invocation information, code specifics, "Zero free" code, ASM functionality, and examples.

tags | paper, vulnerability
systems | linux, unix, solaris, irix, bsd, aix, hpux, beos
MD5 | 024ff88ab975a35c795a04c9db0f0576
Posted May 17, 2001
Site xforce.iss.net

ISS Security Advisory - A buffer overflow has been discovered in IRIX rpc.espd, which is installed by default on all current SGI IRIX installations. Remote attackers without accounts can execute commands as root. Patch available here.

tags | remote, overflow, root
systems | irix
MD5 | 7409d9d244ce290b32c9c3efd7962913
Posted May 16, 2001
Site xforce.iss.net

ISS Security Alert Summary for May 10, 2001 - Volume 6 Number 6. 120 new vulnerabilities were reported this month. This document has links to more information and full advisories on each. Includes: thebat-masked-file-type, php-nuke-url-redirect, orinoco-rg1000-wep-key, navision-server-dos, ustorekeeper-retrieve-files, resin-view-javabean, bpftp-obtain-credentials, ntpd-remote-bo, cisco-css-elevate-privileges, bea-tuxedo-remote-access, ultimatebb-bypass-authentication, bintec-x4000-nmap-dos, firebox-kernel-dos, cisco-pix-tacacs-dos, ipfilter-access-ports, veritas-netbackup-nc-dos, nai-pgp-split-keys, solaris-kcms-command-bo, talkback-cgi-read-files, ftp-glob-implementation, pine-tmp-file-symlink, ftp-glob-expansion, netscape-javascript-access-data, strip-weak-passwords, solaris-xsun-home-bo, compaq-activex-dos, alcatel-expert-account, alcatel-tftp-lan-access, alcatel-tftp-wan-access, oracle-appserver-ndwfn4-bo, alcatel-blank-password, solaris-dtsession-bo, solaris-kcssunwiosolf-bo, lightwave-consoleserver-brute-force, nph-maillist-execute-code, ghost-configuration-server-dos, lotus-domino-device-dos, lotus-domino-header-dos, lotus-domino-url-dos, lotus-domino-corba-dos, ghost-database-engine-dos, cfingerd-remote-format-string, lotus-domino-unicode-dos, mkpasswd-weak-passwords, solaris-ipcs-bo, interscan-viruswall-isadmin-bo, hylafax-hfaxd-format-string, cisco-vpn-ip-dos, ibm-websphere-reveals-path, qpc-ftpd-bo, qpc-ftpd-directory-traversal, qpc-popd-bo, ncm-content-database-access, netscape-smartdownload-sdph20-bo, sco-openserver-accept-bo, sco-openserver-cancel-bo, sco-openserver-disable-bo, sco-openserver-enable-bo, sco-openserver-lp-bo, sco-openserver-lpfilter-bo, sco-openserver-lpstat-bo, sco-openserver-reject-bo, sco-openserver-rmail-bo, sco-openserver-tput-bo, ibm-websphere-macro-dos, sco-openserver-lpmove-bo, reliant-unix-ppd-symlink, exuberant-ctags-symlink, processit-cgi-view-info, isa-web-proxy-dos, ie-clsid-execute-files, cisco-catalyst-8021x-dos, bubblemon-elevate-privileges, dcforum-az-directory-traversal, dcforum-az-file-upload, dcforum-az-expr, linux-netfilter-iptables, xitami-server-dos, samba-tmpfile-symlink, goahead-aux-dos, analogx-simpleserver-aux-dos, viking-hex-directory-traversal, solaris-ftp-shadow-recovery, thebat-pop3-dos, eudora-plain-text-attachment, vmware-mount-symlink, kfm-tmpfile-symlink, cyberscheduler-timezone-bo, ms-dacipp-webdav-access, oracle-tnslsnr80-dos, innfeed-c-bo, iplanet-calendar-plaintext-password, nedit-print-symlink, checkbo-tcp-bo, hp-pcltotiff-insecure-permissions, netopia-timbuktu-gain-access, cisco-cbos-gain-information, ie-xml-stylesheets-scripting, gftp-format-string, bordermanager-vpn-syn-dos, saft-sendfiled-execute-code, mercury-mta-bo, qnx-fat-file-read, viking-dot-directory-traversal, netcruiser-server-path-disclosure, perl-webserver-directory-traversal, small-http-aux-dos, ipswitch-imail-smtp-bo, kerberos-inject-base64-encode, irix-netprint-shared-library, webxq-dot-directory-traversal, raidenftpd-dot-directory-traversal, perlcal-calmake-directory-traversal, icq-webfront-dos, alex-ftp-directory-traversal, webweaver-ftp-path-disclosure, webweaver-web-directory-traversal, winamp-aip-bo, bearshare-dot-download-files, and iis-isapi-bo.

tags | remote, web, kernel, cgi, perl, php, javascript, tcp, vulnerability, activex
systems | cisco, linux, unix, solaris, irix
MD5 | 358149138360bf4d1ae5e25e561405cc
Posted Apr 30, 2001
Authored by vade79, realhalo | Site realhalo.org

Irix Netprint local root exploit. Exploits netprint's -n option. Tested on IRIX 6.2, but should work on other versions.

tags | exploit, local, root
systems | irix
MD5 | 684f4fd7980f8cd288d4c7246a74c4e0
Posted Apr 10, 2001
Authored by Covert Labs | Site nai.com

NAI Security Advisory - Multiple FTP server implementations contain buffer overflows that allow local and remote attackers to gain root privileges on affected servers. These vulnerabilities are contingent upon the remote user having the ability to create directories on the server hosting the FTP daemon, with the exception of a few cases noted below. The vulnerabilities presented are all related to the use of the glob() function, and can be divided into the following two categories - glob() expansion vulnerabilities and glob() implementation vulnerabilities. Vulnerable FTP servers include OpenBSD, NetBSD, FreeBSD, Irix, HPUX 11, and Solaris 8.

tags | remote, overflow, local, root, vulnerability
systems | netbsd, solaris, freebsd, irix, openbsd, hpux
MD5 | 779b9a6bfb8d165fb8719eea4d80f593
Posted Apr 10, 2001
Site cert.org

CERT Advisory CA-2001-07 - Many FTP servers have remote vulnerabilities in filename expansion due to the glob() function which allow arbitrary code execution. Vulnerable FTP servers include OpenBSD, NetBSD, FreeBSD, Irix, HPUX 11, and Solaris 8.

tags | remote, arbitrary, vulnerability, code execution
systems | netbsd, solaris, freebsd, irix, openbsd, hpux
MD5 | affce6442bd731ae8d4c7a694b8c8c00
Posted Jan 19, 2001
Authored by teso, scut | Site team-teso.net

Introduction to the MIPS architecture and the IRIX operating system, focusing on how to write shellcode for IRIX. Includes 3 sample shell codes. This is an updated version of the article in Phrack 56.

tags | shell, shellcode
systems | irix
MD5 | c472df5fea5c517411de24591466e2b2
Posted Dec 19, 2000
Authored by teso | Site team-teso.net

Exploit for the Bind NXT remote root vulnerability, which affects Bind v8.2 - 8.2.1. Compiles on Linux, tested against Irix, BSD, and Linux. Includes Irix shellcode for breaking chroot.

tags | exploit, remote, root, shellcode
systems | linux, irix, bsd
MD5 | 3f3ad411c0a0e1da430789e6af29ae93
Posted Dec 3, 2000
Site cert.org

CERT Quarterly Summary for November, 2000 - Since the last regularly scheduled CERT summary, issued in August (CS-2000-03), we have seen continued compromises via rpc.statd and FTPd. We have also seen a number of sites compromised by exploiting a vulnerability in the IRIX telnet daemon. Notable virus activity includes the Loveletter.as worm and the QAZ worm.

tags | worm, virus
systems | irix
MD5 | 2e5e1d522b7b4f9b03089a3a4d5bd060
Posted Sep 15, 2000
Site xforce.iss.net

ISS Security Alert Summary for September 15, 2000. 87 new vulnerablities were reported this month. This document has links to more information and full advisories on each. Includes: ftp-goodtech-rnto-dos, imail-file-attachment, go-gnome-preinstaller-symlink, mailers-cgimail-spoof, win-netbios-corrupt-cache, news-publisher-add-author, xpdf-embedded-url, intel-express-switch-dos, viking-server-bo, win2k-corrupt-lsp, vqserver-get-dos, mgetty-faxrunq-symlink, money-plaintext-password, wormhttp-dir-traverse, wormhttp-filename-dos, cgi-auction-weaver-read-files, iis-cross-site-scripting, telnetserver-rpc-bo, nai-pgp-unsigned-adk, website-pro-upload-files, account-manager-overwrite-password, subscribe-me-overwrite-password, hp-netinit-symlink, realsecure-frag-syn-dos, sunjava-webadmin-bbs, zkey-java-compromise-accounts, java-vm-applet, darxite-login-bo, gopherd-halidate-bo, phpnuke-pwd-admin-access, becky-imail-header-dos, gnome-installer-overwrite-configuration, gnome-lokkit-open-ports, minicom-capture-groupown, webshield-smtp-dos, netwin-netauth-dir-traverse, xlock-format-d-option, frontpage-ext-device-name-dos, xchat-url-execute-commands, irix-worldview-wnn-bo, os2-ftpserver-login-dos, weblogic-plugin-bo, ie-folder-remote-exe, firebox-url-dos, trustix-secure-apache-misconfig, irix-telnetd-syslog-format, rapidstream-remote-execution, ntop-bo, iis-specialized-header, linux-update-race-condition, etrust-access-control-default, zope-additional-role, list-manager-elevate-privileges, iis-incorrect-permissions, varicad-world-write-permissions, gopherd-gdeskey-bo, gopherd-gdeskey-bo, mediahouse-stats-livestats-bo, linux-umb-scheme, mdaemon-session-id-hijack, tumbleweed-mms-blank-password, ie-scriptlet-rendering-file-access, office-html-object-tag, hp-openview-nnm-password, hp-newgrp, totalbill-remote-execution, solaris-answerbook2-admin-interface, perl-shell-escape, solaris-answerbook2-remote-execution, mopd-bo, java-brownorifice, diskcheck-tmp-race-condition, servu-null-character-dos, pccs-mysql-admin-tool, irix-xfs-truncate, win-ipx-ping-packet, nai-nettools-strong-bo, fw1-unauth-rsh-connection, win2k-named-pipes, sol-libprint-bo, ntop-remote-file-access, irix-grosview-bo, irix-libgl-bo, irix-dmplay-bo, irix-inpview-symlink, nettools-pki-dir-traverse, fw1-localhost-auth.

tags | java, remote, shell, cgi, perl, spoof
systems | linux, windows, solaris, irix
MD5 | a8fcb99a030ab278b4a826a50c1ba680
Posted Sep 13, 2000
Authored by LSD | Site lsd-pl.net

A serious vulnerability has been found in IRIX telnetd which can give remote root access to any IRIX 6.2-6.5.8[m,f] system. The vulnerability occurrs when one of the environment variables contains a format string which is passed on to the syslog() function. Proof of concept exploit included (updated version - compiler and little endian fixes). Fix available here.

tags | exploit, remote, root, proof of concept
systems | irix
MD5 | 22385913d3970f9f00addf76aa299fee
Posted Sep 7, 2000
Site lsd-pl.net

/usr/sbin/dmplay local exploit for Irix 6.2 and 6.3.

tags | exploit, local
systems | irix
MD5 | ac9e33b42c4a60714cc75052c38c0cd9
Posted Sep 7, 2000
Site lsd-pl.net

/usr/lib/InPerson/inpview local exploit for irix 6.5 and 6.5.8.

tags | exploit, local
systems | irix
MD5 | e451bb3c91d58f58a0be7cf74296cba9
Posted Sep 7, 2000
Site lsd-pl.net

/usr/sbin/eject local exploit for Irix 6.2.

tags | exploit, local
systems | irix
MD5 | b4d3a80494b3fd6e91498e0cc48548be
Posted Sep 7, 2000
Site lsd-pl.net

libxt.so HOME environment variable local buffer overflow exploit for Irix 6.2 and 6.3.

tags | exploit, overflow, local
systems | irix
MD5 | 7f9f46d42599b7d53ae329ac72d78ee1
Posted Sep 7, 2000
Site lsd-pl.net

/sbin/pset local exploit for Irix 6.2 and 6.3.

tags | exploit, local
systems | irix
MD5 | 248262637213c4375240580b19979b36
Posted Sep 7, 2000
Site lsd-pl.net

/usr/sbin/gr_osview local exploit for Irix 6.2 and 6.3.

tags | exploit, local
systems | irix
MD5 | 5e2840ed7076d1cb5b71eb61c4225231
Posted Sep 7, 2000
Site lsd-pl.net

libc.so NLSPATH local exploit for Irix 6.2.

tags | exploit, local
systems | irix
MD5 | 2b1f37157932fbf6eba526123da8636f
Posted Sep 7, 2000
Site lsd-pl.net

libgl.so HOME environment variable local exploit for irix 6.2.

tags | exploit, local
systems | irix
MD5 | 7d324da5715b5fe5187746417eff352c
Posted Sep 7, 2000
Site lsd-pl.net

/usr/lib/iaf/scheme (login) local exploit for Irix 5.3.

tags | exploit, local
systems | irix
MD5 | ccb17fe3c022a4e18e6bdbfe5af14102
Posted Sep 7, 2000
Site lsd-pl.net

libxaw.so inputmethod local exploit for irix 6.2.

tags | exploit, local
systems | irix
MD5 | f021df30c7f4708c805d9116ac2dc5f9
Posted Sep 7, 2000
Site lsd-pl.net

/usr/bin/mail local exploit for Irix 6.2 and 6.3.

tags | exploit, local
systems | irix
MD5 | 7ebdbdd3a3ce3f6fb2be68925c40d8ff
Page 3 of 9

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    13 Files
  • 28
    May 28th
    18 Files
  • 29
    May 29th
    17 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By