exploit the possibilities
Showing 1 - 25 of 100 RSS Feed


F5 BIG-IP SSH Private Key Exposure
Posted Jun 12, 2012
Authored by egypt | Site metasploit.com

F5 ships a public/private key pair on BIG-IP appliances that allows passwordless authentication to any other BIG-IP box. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as root.

tags | exploit, remote, root
advisories | CVE-2012-1493, OSVDB-82780
MD5 | af1646ec0e8678f829f5946ae8c5cabb

Related Files

Posted May 17, 2000

The precise details of how to exploit these holes is minimized to prevent compromising the integrity of all current Internet-accessible FileMaker Pro 5 databases and mail servers. However, details can be easily deduced by referencing the FileMaker Pro 5 documentation and by consulting the FileMaker XML Technology Overview white paper available via the FileMaker XML Central Web site.

tags | exploit, web
MD5 | 49e14890d7d253a6e5deeec63ed4b65d
Posted May 4, 2000
Authored by s0ftpj, Pigpen | Site s0ftpj.org

Anti-spoofing lkm for FreeBSD via setsockopt() - detects and logs IP header manipulation.

tags | spoof
systems | freebsd
MD5 | 28aa34facd8f7a86b9811e2bb464b061
Posted May 4, 2000
Authored by s0ftpj, Pigpen | Site s0ftpj.org

Simple Example of log for bad packets.

MD5 | e439b0d8f1d81c35ab09608ca0b56782
Posted Apr 24, 2000
Authored by Movax4c00int21h | Site geocities.com

FTP Scanner v2.2.59 is a windows application which will scan a range of IP addresses for any login and password you specify.

Changes: Fixed the overflow problem with the Socket Shutdown function. FTP Scanner now has support for 256 threads under Windows 2000.
systems | windows
MD5 | 7dbdfcdf3e643c0e08d6324d2b09d149
Posted Apr 20, 2000
Authored by telar

Fake PS. A ps trojan that hides multiple services of your choice.

tags | tool, trojan
systems | unix
MD5 | 3b2a131e934d43012b1108d992a3d19d
Posted Mar 24, 2000
Site freebsd.org

FreeBSD Security Advisory - (Revised Mar 19) MH and its successor NMH are popular Mail User Agents, availabe in the FreeBSD ports collection. EXMH and EXMH2 are TCL/TK-based front-ends to the MH system. The mhshow command used for viewing MIME attachments contains a buffer overflow which can be exploited by a specially-crafted email attachment, which will allow the execution of arbitrary code as the local user when the attachment is opened. The japanese version is also vulnerable.

tags | overflow, arbitrary, local
systems | freebsd
MD5 | 3e571188ff7eec5a07aa4e51f0719aaa
Posted Mar 16, 2000
Site freebsd.org

FreeBSD Security Advisory - The lynx software is written in a very insecure style and contains numerous potential and several proven security vulnerabilities exploitable by a malicious server. No simple fix is available until a full review of lynx is done.

tags | vulnerability
systems | freebsd
MD5 | 6a9211b7872cd98e9ce57404b3db5704
Posted Mar 16, 2000
Site freebsd.org

FreeBSD Security Advisory - mtr, from the ports collection, fails to correctly drop setuid root privileges during operation, allowing a local root compromise.

tags | local, root
systems | freebsd
MD5 | 2361080ffc72e324024fd83475fa4a3d
Posted Mar 16, 2000
Site freebsd.org

FreeBSD Security Advisory - Orville-write, provided in the ports collection, is a replacement for the write command, which provides improved control over message delivery and other features. One of the commands installed by the port is incorrectly installed with setuid root permissions. The 'huh' command should not have any special privileges since it is intended to be run by the local user to view his saved messages.

tags | local, root
systems | freebsd
MD5 | 3ad1d2c8a7bc7b46102752cf9167e0ea
Posted Mar 10, 2000
Authored by Grampa Elite

Vulnerability in the game Flying rev 6.20 - read any file on the system. Tested on Redhat 5.2, possibly others.

tags | exploit
systems | linux, redhat
MD5 | 9f3b7f5d4c3f719dac166467fd907fe9
Posted Mar 7, 2000
Authored by Infernal Pulse

Flog.c crashes Win95/98/se webservers by sending GET /con/con HTTP/1.0.

Changes: This one works.
tags | exploit, web
systems | windows
MD5 | face3eec57e0c42e0f426bf40d37d3b5
Posted Mar 7, 2000
Authored by Farrell McKay | Site fortify.net

Fortify provides full strength, 128-bit encryption facilities to the export editions of Netscape Navigator and Communicator. These facilites are used when connecting to an encrypting web server (with the SSL protocol). Fortify also adds the ability to generate 1024-bit RSA keys internally (these are typically used for client certificates), plus the ability to send and receive e-mail messages using strong 128-bit encryption (with the S/MIME protocol).

Changes: This is a transitionary release to support Communicator 4.72.
tags | web, protocol
MD5 | 0569aee45038ff534791ac042064ab82
Posted Mar 1, 2000
Site freebsd.org

FreeBSD Security Advisory - There is a security hole in the htsearch cgi-bin program for versions of htdig prior to 3.1.5, which allows remote users to read any file on the local system that is accessible to the user ID running htsearch.

tags | remote, local, cgi
systems | freebsd
MD5 | 9a0bf489d75c650bc8f4efdedbff2ac1
Posted Feb 29, 2000
Authored by Lamagra | Site lamagra.seKure.de

Ftpcat v1.0 is a simple program, that allows users to upload and download files and dirlistings from a ftpserver.

tags | tool
systems | unix
MD5 | b4b8748d1e1a5beffec9ea5e87d42069
Posted Feb 29, 2000
Site freebsd.org

FreeBSD Security Advisory - The MySQL database server (versions prior to 3.22.32) has a flaw in the password authentication mechanism which allows anyone who can connect to the server to access databases without requiring a password, given a valid username on the database - in other words, the normal password authentication mechanism can be completely bypassed.

tags | sql injection
systems | freebsd
MD5 | cb6b34a2a03fdcf9ea2e562583b4c132
Posted Feb 28, 2000
Authored by hybrid, faith

Faith Issue 12 - PSTS information gathering, TACS - Customer Line Testing on Digital Exchanges, Meridian PBX remote administration, Cellular phone tracking, and Overview of digital CCITT system 5.

tags | remote, magazine
MD5 | 9900aa570529022b791acd214a7203b6
Posted Feb 24, 2000
Authored by Omachonu Ogali | Site tribune.intranova.net

FreeBSD is vulnerable to a DoS vulnerability involving high speed pinging with packets over 8184 bytes. Unofficial patch included.

tags | exploit, denial of service
systems | freebsd
MD5 | 4cb95ddec281aff341cb23f56666a720
Posted Feb 23, 2000
Site freebsd.org

An optional third-party port distributed with FreeBSD (Delegate) contains numerous remotely-exploitable buffer overflows which allow an attacker to execute arbitrary commands on the local system, typically as the 'nobody' user.

tags | overflow, arbitrary, local
systems | freebsd
MD5 | def7b320311a96898c82289fe813100a
Posted Feb 23, 2000
Site freebsd.org

Two optional third-party ports distributed with FreeBSD (Asmon/Ascpu) can be used to execute commands with elevated privileges, specifically setgid kmem privileges. This may lead to a local root compromise.

tags | local, root
systems | freebsd
MD5 | 78a32f1f72fdf47e048359524c001f91
Posted Feb 23, 2000

Solaris (x86/7.0/2.6) local exploit for Sun's WorkShop 5.0 compilers and other products which use the FlexLM license management system.

tags | exploit, x86, local
systems | solaris
MD5 | 20df6cfa134d57e089c4b7ff9b49063d
Posted Feb 22, 2000
Authored by Francis J. Lacoste | Site indev.insu.com

fwdumpd is a daemon which communicates with the kernel firewall using the netlink socket interface and copies packets marked for outputs to user space (usually using the -o of ipchains) to a binary capture file. This file is compatible with tcpdump and several other analysis programs. It is now possible to inspect all those denied packets.

tags | tool, kernel, firewall
systems | linux
MD5 | 26e92908b29acc8a558367b628494f28
Posted Feb 22, 2000
Authored by Dug Song | Site monkey.org

Exploit for recent FW-1 FTP problems - Demonstrate a basic layer violation in "stateful" firewall inspection of application data (ftp within IP packets). Checkpoint alert about this vulnerability here.

tags | exploit
MD5 | 835a52a28c324e1d897fde567b0680d0
Posted Feb 18, 2000
Authored by Jan van de Rijt

Frontpage-PWS32/ (probably others) allows reading of any file on the system by putting /.../ into the url.

tags | exploit
MD5 | 65ac70283fd3b25fa31c76133ecc7a4e
Posted Feb 18, 2000
Authored by Francis J. Lacoste | Site indev.insu.com

Fwctl is a program that intends to make it easier to configure a tight firewall. It provides a configuration syntax that is easier to use and more expressive than the low-level primitives offered by ipchains. It supports multiple interfaces, masquerading and packet accounting. Fwctl doesn't replace a good security engineer, but it can make the job of the security engineer simpler.

Changes: It's now possible to change the default policy, changes have been made to name_service for better interoperability with some name servers, and small bugfixes have been applied.
tags | tool, firewall
systems | linux
MD5 | b7ce3328204c82ced8a8470a20d36f35
Posted Feb 17, 2000
Site oliver.efri.hr

Checkpoint-1 and other firewall vulnerability - The low-down of it is fooling a firewall into opening "a TCP port of your choice" against an FTP server. Or, if you're running an evil FTP server, having it open ports against clients accessing the server.

tags | exploit, tcp
MD5 | b1d05ea555ac515a02687eb66034ff8f
Page 1 of 4

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By