exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 58 RSS Feed

Files

spike.sh5.2.tgz
Posted Feb 29, 2000
Authored by Spikeman

Spikeman's DoS Attack Tool - Revision 5.2. 33 denial of service attacks at once, launched from a 61k shell script!

Changes: Never Die Menu Added, new attacks.
tags | denial of service, shell
SHA-256 | d205b7a1f577183e4b8183c293ef82aa0cd5c4abaa624624abed5f55cb4c9a22

Related Files

Aerospike Database UDF Lua Code Execution
Posted Dec 11, 2020
Authored by Brendan Coles, b4ny4n | Site metasploit.com

Aerospike Database versions before 5.1.0.3 permitted user-defined functions (UDF) to call the os.execute Lua function. This Metasploit module creates a UDF utilizing this function to execute arbitrary operating system commands with the privileges of the user running the Aerospike service. This module does not support authentication; however Aerospike Database Community Edition does not enable authentication by default. This module has been tested successfully on Ubuntu with Aerospike Database Community Edition versions 4.9.0.5, 4.9.0.11 and 5.0.0.10.

tags | exploit, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-13151
SHA-256 | 9da6a0d3621953b2fc4709d0b41d45d3637b5f4cbe3f23650d74e4584833bfb6
Aerospike Database 5.1.0.3 Remote Command Execution
Posted Nov 17, 2020
Authored by Matt S

Aerospike Database version 5.1.0.3 suffers from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2020-13151
SHA-256 | 85d661669c51c929165146b2e93e735c18d4d5c9f251500e8397b85991b533ba
ifchk 1.1.1
Posted Apr 30, 2019
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Fixed a bug whereby a printf(3) format specifier did not have a corresponding argument (ifchk.c:521).
tags | tool
systems | unix
SHA-256 | d47ce9415527099c24ec20155c09bc95f6b268293fd545bd5c6eb0d8a30e975a
ifchk 1.1.0
Posted Apr 2, 2018
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Various updates.
tags | tool
systems | unix
SHA-256 | 94a86b57df925c74b1a5b9955b8844d13c666e34bcd266915a8d7858206c495b
ifchk 1.0.9
Posted Feb 3, 2018
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Various updates.
tags | tool
systems | unix
SHA-256 | a12cb641290b2c83f598df89e91ebe5a4fada4b6fd008797fc0be41358edcdd4
ifchk 1.0.8
Posted Sep 19, 2017
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Various updates.
tags | tool
systems | unix
SHA-256 | 8e43bd3b37ee5bcdadaedc212ca897b1902bb0455ebf3464fd72deac8526b57e
ifchk 1.0.7
Posted Aug 29, 2017
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Various updates.
tags | tool
systems | unix
SHA-256 | e6bc2af368b655d99e34562466fc8067cb348eedc6f6f60975ff2539ebeecb76
ifchk 1.0.6
Posted Dec 29, 2016
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Default log directory location has changed. PID file has been relocated.
tags | tool
systems | unix
SHA-256 | 972db3aa0cca5a41e4432bc9c3475cedbf89ac641971474928f4bfb8940ed4bc
ifchk 1.0.5
Posted Aug 21, 2016
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: ifchk PID file has been relocated.
tags | tool
systems | unix
SHA-256 | 2ad7b74e2094b8b5670f0efbb77231515d92114cd814cc17d2fc90f2f9b2df84
ifchk 1.0.4
Posted Jul 12, 2016
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Added systemd service unit support for Red Hat Enterprise Linux 7 and CentOS 7.
tags | tool
systems | unix
SHA-256 | be6233788c5f551bb00d25f07e4c7322da322729d845d3e0614a9822f78f967a
ifchk 1.0.3
Posted May 13, 2016
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Reorganization of POSIX timer initialization code via relocation to ptimer.c and ptimer.h translation units.
tags | tool
systems | unix
SHA-256 | efd8383c76a727d0e3dcaf8f9052bac35e63e57cffd4cf95b9c56a94fc3ffe5d
ifchk 1.0.2
Posted Apr 3, 2016
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Reorganization of POSIX signal set initialization code via relocation to psig.c and psig.h translation units.
tags | tool
systems | unix
SHA-256 | df3195a268465becabadb8bfa924d3a7c69a0f11e5c70b8be206eef0eb94988c
Debian Security Advisory 3307-1
Posted Jul 10, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3307-1 - Toshifumi Sakaguchi discovered that the patch applied to pdns-recursor, a recursive DNS server, fixing CVE-2015-1868, was insufficient in some cases, allowing remote attackers to cause a denial of service (service-affecting CPU spikes and in some cases a crash).

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2015-1868
SHA-256 | 52c2f6866da2d72e1111af168275c5446d2db324e865b7f2e7e95a1eff611b4f
Debian Security Advisory 3306-1
Posted Jul 10, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3306-1 - Toshifumi Sakaguchi discovered that the patch applied to pdns, an authoritative DNS server, fixing CVE-2015-1868, was insufficient in some cases, allowing remote attackers to cause a denial of service (service-affecting CPU spikes and in some cases a crash).

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2015-1868
SHA-256 | 1a215fcb65099e37092b0721efe6f44ea5c98f4af9701285916a1353d36f6778
ifchk 1.0.1
Posted Jan 20, 2015
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Various updates.
tags | tool
systems | unix
SHA-256 | 3a46d086bc6d38af96da063d3b38b7f844b4115afb2246133f6ebfabfadecad8
Mp3info Stack Buffer Overflow
Posted Jan 25, 2014
Authored by Juan Sacco

Mp3info local buffer overflow denial of service exploit that spikes CPU usage.

tags | exploit, denial of service, overflow, local
SHA-256 | b5deb6a792d6a949d3e5e679490e6aa9c87258ed31e39e318f17e5babbae1e81
Debian Linux Security Advisory 1935-1
Posted Nov 18, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1935-1 - Dan Kaminsky and Moxie Marlinspike discovered that gnutls, an implementation of the TLS/SSL protocol, does not properly handle a '\\0' character in a domain name in the subject's Common Name or Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. In addition, with this update, certificates with MD2 hash signatures are no longer accepted since they're no longer considered cryptograhically secure.

tags | advisory, arbitrary, spoof, protocol
systems | linux, debian
advisories | CVE-2009-2409, CVE-2009-2730
SHA-256 | f865f82f07d73c848ba941571d0b49f816946149bd8f70b4226dc437168d8570
Debian Linux Security Advisory 1916-1
Posted Oct 26, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1916-1 - Dan Kaminsky and Moxie Marlinspike discovered that kdelibs, core libraries from the official KDE release, does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

tags | advisory, arbitrary, spoof
systems | linux, debian
advisories | CVE-2009-2702
SHA-256 | 88d9ef536fbb093198ad22faeeb4c73bad0b94a4bafd1f42e43a6c1f079e8091
Gentoo Linux Security Advisory 200910-1
Posted Oct 21, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 200910-1 - An error in the X.509 certificate handling of Wget might enable remote attackers to conduct man-in-the-middle attacks. The vendor reported that Wget does not properly handle Common Name (CN) fields in X.509 certificates that contain an ASCII NUL (\\0) character. Specifically, the processing of such fields is stopped at the first occurrence of a NUL character. This type of vulnerability was recently discovered by Dan Kaminsky and Moxie Marlinspike. Versions less than 1.12 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2009-3490
SHA-256 | e19b1568c90378a3d70151fe317843af4d60f22b3c3395301e1bcc36f4edb4fd
Gentoo Linux Security Advisory 200909-20
Posted Sep 26, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200909-20 - An error in the X.509 certificate handling of cURL might enable remote attackers to conduct man-in-the-middle attacks. Scott Cantor reported that cURL does not properly handle fields in X.509 certificates that contain an ASCII NUL (\\0) character. Specifically, the processing of such fields is stopped at the first occurrence of a NUL character. This type of vulnerability was recently discovered by Dan Kaminsky and Moxie Marlinspike. Versions less than 7.19.6 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2009-2417
SHA-256 | d7a6e3c8914f596bc2790f9b68c01a382534d960f78935b39e8bde92ac5178ee
Ubuntu Security Notice 816-1
Posted Aug 13, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-816-1 - Moxie Marlinspike discovered that fetchmail did not properly handle certificates with NULL characters in the certificate name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2009-2666
SHA-256 | f84db5283372ab8ae42ba4dff0f41857f47a11217c3e188b9ac25bc8e7124c00
Mandriva Linux Security Advisory 2009-198
Posted Aug 11, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-198 - Security researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open() on an invalid URL which looks similar to a legitimate URL and then use document.write() to place content within the new document, appearing to have come from the spoofed location. Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names. This vulnerability could be used to compromise the browser and run arbitrary code by presenting a specially crafted certificate to the client. IOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. These certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions. This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates.

tags | advisory, overflow, arbitrary, spoof
systems | linux, mandriva
advisories | CVE-2009-2654, CVE-2009-2404, CVE-2009-2408
SHA-256 | 75f839274f8e82729d0a4c1aca579dbfb860f6c2f1f69f8353c4f57860a78bd7
Ubuntu Security Notice 810-2
Posted Aug 6, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-810-2 - USN-810-1 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service (via application crash) or execute arbitrary code as the user invoking the program. Moxie Marlinspike and Dan Kaminsky independently discovered that NSS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Dan Kaminsky discovered NSS would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
SHA-256 | 141dc865e1cc92a69424274d23598cd30ffe65f83e74c1fb4dd4182ff17a9887
Ubuntu Security Notice 810-1
Posted Aug 6, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-810-1 - Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service (via application crash) or execute arbitrary code as the user invoking the program. Moxie Marlinspike and Dan Kaminsky independently discovered that NSS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Dan Kaminsky discovered NSS would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-2404, CVE-2009-2408, CVE-2009-2409
SHA-256 | 551f75cb720ebd7eaa1e942d3bd0085543b035e372926a826f94e7e0b94f1eb5
Gentoo Linux Security Advisory 200903-22
Posted Mar 10, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-22 - A buffer-overflow in Ganglia's gmetad might lead to the execution of arbitrary code. Spike Spiegel reported a stack-based buffer overflow in the process_path() function when processing overly long pathnames in gmetad/server.c. Versions less than 3.1.1-r2 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2009-0241
SHA-256 | d82d1afc3792aca891062de3ccb6945580ab8592dfba3ffe27583f6250d12fbb
Page 1 of 3
Back123Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close