what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

Sourcetree Remote Code Execution
Posted Jul 24, 2018
Authored by Etienne Stalmans, Terry Zhang | Site atlassian.com

Sourcetree suffers from multiple remote code execution vulnerabilities related to git submodules and argument injection. macOS versions 1.0b2 up to 2.7.6 and Windows versions 0.5.1.0 up to 2.6.10 are affected.

tags | advisory, remote, vulnerability, code execution
systems | windows
advisories | CVE-2018-11235, CVE-2018-13385, CVE-2018-13386
SHA-256 | cde4d25e68a273c6d5c20d3578cda77f6c048e35cf3936b680f4f3eaecbffdd7

Related Files

unrfs-poc.zip
Posted Mar 11, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Remote exploit for the Unreal game engine for Windows, MacOS, and Linux that makes use of a format string bug. This proof-of-concept is a proxy server able to modify the Unreal packets in real-time allowing the insertion of %n into the class names sent by the client to the server causing the remote crash. Games affected: America's Army, DeusEx, Devastation, Magic Battlegrounds, Mobile Forces, Nerf Arena Blast, Postal 2, Rainbow Six: Raven Shield, Rune, Sephiroth: 3rd episode the Crusade, Star Trek: Klingon Honor Guard, Tactical Ops, TNN Pro Hunter, Unreal 1, Unreal II XMP, Unreal Tournament, Unreal Tournament 2003, Wheel of Time, X-com Enforcer, and XIII.

tags | exploit, remote
systems | linux, windows
SHA-256 | 87f327452ec46e6b01fe3b3812aa44923bf4c03bcf59360267ddca9d1b307e79
ap-utils-1.4.1pre3.tar.bz2
Posted Mar 11, 2004
Authored by roma | Site ap-utils.polesye.net

Access Point Utilities for Unix is a set of utilities that configure and monitor a Wireless Access Point under Unix. It is known to compile (with GCC and the IBM C compiler) and run under Linux, FreeBSD, OpenBSD, MacOS X, AIX, and QNX.

Changes: Now works on Sun Solaris, bigendian fixes, MacOS X build fixed, updated to work with SysV curses, Ukrainian translation and docs update.
tags | tool, wireless
systems | linux, unix, freebsd, openbsd, aix, osx
SHA-256 | 0389286b9521691014e34e17612c2dcfe8bd007f7ea4a673870e7418734fa223
unrealEngine.txt
Posted Mar 11, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

The Unreal game engine for Windows, MacOS, and Linux has a format string bug that allows an attacker to remotely crash or execute malicious code on the server. Games affected: America's Army, DeusEx, Devastation, Magic Battlegrounds, Mobile Forces, Nerf Arena Blast, Postal 2, Rainbow Six: Raven Shield, Rune, Sephiroth: 3rd episode the Crusade, Star Trek: Klingon Honor Guard, Tactical Ops, TNN Pro Hunter, Unreal 1, Unreal II XMP, Unreal Tournament, Unreal Tournament 2003, Wheel of Time, X-com Enforcer, and XIII.

tags | advisory
systems | linux, windows
SHA-256 | e0ba75525b76f3a8f0df41fe6ab0de28307f96f2564e4076dce7b1591c77c934
redfaction120.txt
Posted Mar 1, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Red Faction versions 1.20 and below for Windows and MacOS is susceptible to a buffer overflow client-side.

tags | advisory, overflow
systems | windows
SHA-256 | 0d23110c88e8d9c7c911aebf57b21d8ab68ac87a39911f38102ece3b8015a52c
ap-utils-1.4.tar.bz2
Posted Feb 23, 2004
Authored by roma | Site ap-utils.polesye.net

Access Point Utilities for Unix is a set of utilities that configure and monitor a Wireless Access Point under Unix. It is known to compile (with GCC and the IBM C compiler) and run under Linux, FreeBSD, OpenBSD, MacOS X, AIX, and QNX.

Changes: Various bug fixes, feature enhancements, and better documentation.
tags | tool, wireless
systems | linux, unix, freebsd, openbsd, aix, osx
SHA-256 | bc0e8606560421ac048a819458d51837d40ddf66dac82615455a6249ac91535a
ap-utils-1.3.3.tar.bz2
Posted Jan 5, 2004
Authored by roma | Site ap-utils.polesye.net

Access Point Utilities for Unix is a set of utilities that configure and monitor a Wireless Access Point under Unix. It is known to compile (with GCC and the IBM C compiler) and run under Linux, FreeBSD, OpenBSD, MacOS X, AIX, and QNX.

tags | tool, wireless
systems | linux, unix, freebsd, openbsd, aix, osx
SHA-256 | 450841067ef99c99f5e9815e58113334b25e1619a4fdc1263a93d810a9cfd8c9
dosMac.txt
Posted Jan 1, 2004
Authored by Matt Burnett

It is possible to cause a denial of service attack against the SecurityServer daemon in MacOS X, MacOS X Server, and Darwin by unlocking a locked keychain and specifying a very long password.

tags | exploit, denial of service
SHA-256 | a3653aefeca3ecafb4c185983e02665e6bbf3fc54e93bfd64cdf5df740dd80e9
arping-2.02.tar.gz
Posted Nov 16, 2003
Authored by Thomas Habets | Site habets.pp.se

Arping is an arp level ping utility which broadcasts a who-has ARP packet on the network and prints answers. Very useful when you are trying to pick an unused IP for a net that you don't yet have routing to, or to ping an ethernet address directly. Tested on Linux, {Free,Net,Open}BSD, MacOS X, and Solaris.

Changes: Updated to work with Libnet 1.1.x.
tags | tool
systems | linux, unix, solaris, bsd, osx
SHA-256 | 0e5dbf5e869c1139029b8bddb195e1f07112372d3fc6a8cd531dd8f298bfd15a
screenapple.txt
Posted Jul 4, 2003
Authored by Delfim Machado | Site lab.xpto.org

The screen saver that comes with MacOSX crashes when an large amount of characters are entered and then the return key is pressed. At this point, access to the desktop is achieved.

tags | exploit
SHA-256 | 580c1aa4b027ccdd05e8525a8ed42272ff29b6f6fedab5539018ad21fadd994c
Atstake Security Advisory 03-04-10.1
Posted Apr 11, 2003
Authored by David Goldsmith, Atstake | Site atstake.com

Atstake Security Advisory A041003-1 - MacOS X DirectoryService, which runs setuid as root, uses a system() to execute the touch command without properly using a full path. Due to this, a local attacker can execute commands as root.

tags | advisory, local, root
SHA-256 | ca8fa585c5c12890f30e767074ee9e77851c6c136557059afdae4911aeae24fd
Atstake Security Advisory 03-02-14.1
Posted Feb 19, 2003
Authored by David Goldsmith, Atstake | Site atstake.com

Atstake Security Advisory A021403-1 - Mac OS X v10.2.3 contains a local root vulnerability in the TruBlueEnvironment portion of the MacOS Classic Emulator, which is suid root and installed by default.

tags | local, root
systems | apple, osx
SHA-256 | 922979add04dd03a99e8b8cf1546f75144cba14cd5ed8c57ec889932256bc0db
gdd23.tar.gz
Posted Jul 8, 2002
Authored by shadowpenguin, Shadow Penguin Security | Site shadowpenguin.org

GreedyDog v2.3 is an ethernet packet sniffer for Linux, FreeBSD, OpenBSD, NetBSD, Solaris, IRIX, SunOS4, AIX, MacOSX, and Windows2000/Xp. GreedyDog keeps stream of each TCP session and writes to logfile. Very portable. Manual is here.

tags | tcp
systems | linux, netbsd, solaris, freebsd, irix, openbsd, aix
SHA-256 | 9ea5aa65e79bb73b43231fbad538888ef8b601b0fa200261c300006cf9e23e7c
hack-hm-1.0.txt
Posted Nov 22, 2001
Authored by Hawaiian Superman

Hotmail is vulnerable to yet another serious security problem involving javascript. Windows, MacOS, and Linux users are affected. Filters may be bypassed by putting line feeds in the middle of the javascript code, the browser will remove the line feeds and execute it.

tags | exploit, javascript
systems | linux, windows
SHA-256 | 38d619755398daddb4094c74d9e46a705ebf54917924ac7f57da9be93f94b110
iss.summary.6.2
Posted Jan 22, 2001
Site xforce.iss.net

ISS Security Alert Summary for January 1, 2001 - Volume 6 Number 2. 115 new vulnerabilities were reported this month. This document has links to more information and full advisories on each. Includes: exmh-error-symlink, informix-webdriver-symlink, informix-webdriver-admin-access, zonealarm-mutex-dos, zonealarm-batfile-dos, shockwave-flash-swf-bo, macos-multiple-users, http-cgi-ikonboard, http-cgi-technote-main, xwindows-char-dos, 1stup-mail-server-bo, dialog-symlink, ibm-wcs-admin, http-cgi-technote-print, iis-web-form-submit, hpux-kermit-bo, bsguest-cgi-execute-commands, bslist-cgi-execute-commands, infinite-interchange-dos, oracle-execute-plsql, ksh-redirection-symlink, oracle-webdb-admin-access, infinite-interchange-dos, gnupg-detached-sig-modify, gnupg-reveal-private, zonealarm-nmap-scans, zonealarm-open-shares, win2k-index-service-activex, proftpd-size-memory-leak, weblogic-dot-bo, mdaemon-imap-dos, zope-calculate-roles, itetris-svgalib-path, bsd-ftpd-replydirname-bo, sonata-command-execute, solaris-catman-symlink, solaris-patchadd-symlink, stunnel-format-logfile, hp-top-sys-files, zope-legacy-names, mrj-runtime-malicious-applets, coffeecup-ftp-weak-encryption, watchguard-soho-fragmented-packets, jpilot-perms, mediaservices-dropped-connection-dos, watchguard-soho-web-auth, watchguard-soho-passcfg-reset, http-cgi-simplestguest, safeword-palm-pin-extraction, mdaemon-lock-bypass-password, cisco-catalyst-ssh-mismatch, microsoft-iis-file-disclosure, ezshopper-cgi-file-disclosure, winnt-mstask-dos, bftpd-site-chown-bo, aim-remote-bo, subscribemelite-gain-admin-access, zope-image-file, http-cgi-everythingform, http-cgi-simplestmail, http-cgi-ad, kde-kmail-weak-encryption, aolim-buddyicon-bo, aim-remote-bo, rppppoe-zero-length-dos, proftpd-modsqlpw-unauth-access, gnu-ed-symlink, oops-ftputils-bo, oracle-oidldap-write-permission, foolproof-security-bypass, broadvision-bv1to1-reveal-path, ssldump-format-strings, coldfusion-sample-dos, kerberos4-arbitrary-proxy, kerberos4-auth-packet-overflow, kerberos4-user-config, kerberos4-tmpfile-dos, homeseer-directory-traversal, offline-explorer-reveal-files, imail-smtp-auth-dos, apc-apcupsd-dos, cisco-catalyst-telnet-dos, ultraseek-reveal-path, irc-dreamforge-dns-dos, mailman-alternate-templates, markvision-printer-driver-bo, nt-ras-reg-perms, nt-snmp-reg-perms, nt-mts-reg-perms, irc-bitchx-dns-bo, ibm-db2-gain-access, ibm-db2-dos, vsu-source-routing, vsu-ip-bridging, ftp-servu-homedir-travers, cisco-cbos-web-access, watchguard-soho-get-dos, phone-book-service-bo, cisco-cbos-syn-packets, cisco-cbos-invalid-login, cisco-cbos-icmp-echo, linux-diskcheck-race-symlink, ie-form-file-upload, mssql-xp-paraminfo-bo, majordomo-auth-execute-commands, ie-print-template, aix-piobe-bo, aix-pioout-bo, aix-setclock-bo, aix-enq-bo, aix-digest-bo, and aix-setsenv-bo.

tags | remote, web, overflow, arbitrary, cgi, vulnerability, imap, activex
systems | cisco, linux, windows, solaris, bsd, aix, hpux
SHA-256 | 5e663d9821efd059b23f294cdfa745ad9b5a6aab6c5de4ec2febfa417d586623
sawmill-5.0.21.txt
Posted Jun 29, 2000
Authored by Larry W. Cashdollar | Site vapid.betteros.org

Sawmill 5.0.21 is a site log statistics package for UNIX, Windows and MacOS which has remote vulnerabilities. Any file on the system can be read, and password is stored with a weak hash algorithm and can be decrypted using the included C program. This is dangerous because the previous security hole will allow you to read the hash and decrypt the admin password.

tags | exploit, remote, vulnerability
systems | windows, unix
SHA-256 | 2c2c58f021857e688f36ad471178bf0306d758fc5829abf90f77a22c58174057
iss.summary.5.5
Posted Jun 1, 2000

ISS Security Alert Summary June 1, 2000 - 78 new vulnerabilities have been reported in this quarter. This document has links to more information and full advisories on each. Includes: linux-cdrecord-execute, xlock-bo-read-passwd, bsd-syscall-cpu-dos, win-browser-hostannouncement, nai-webshield-config-mod, nai-webshield-bo, mdbms-bo, mailsite-get-overflow, hp-jetadmin-malformed-url-dos, hp-jetadmin-directory-traversal, deerfield-mdaemon-dos, cayman-dsl-dos, carello-file-duplication, netscape-ssl-certificate, cobalt-cgiwrap-bypass, gnome-gdm-bo, linux-fdmount-bo, qualcomm-qpopper-euidl, cart32-price-change, gauntlet-cyberdaemon-bo, ip-fragment-reassembly-dos, domino-doc-modify, domino-web-apps-access, axent-netprowler-ipfrag-dos, lotus-domino-esmtp-bo, linux-masquerading-dos, netice-icecap-alert-execute, netice-icecap-default, beos-tcp-frag-dos, ie-frame-domain-verification, ie-malformed-component-attribute, kerberos-krb-rd-req-bo, kerberos-krb425-conv-principal-bo, kerberos-ksu-bo, kscd-shell-env-variable, cproxy-http-dos, emurl-account-access, eudora-long-attachment-filename, ie-active-movie-control, antisniff-dns-overflow, delphi-ics-dot-attack, netscape-invalid-ssl-sessions, sol-netpr-bo, ie-cookie-disclosure, iis-malformed-information-extension, iis-url-extension-data-dos, netscape-import-certificate-symlink, ssh-zedz-consultants, coldfusion-cfcache-dos, http-cgi-formmail-environment, libmytinfo-bo, netopia-snmp-comm-strings, gnapster-view-files, netstructure-root-compromise, netstructure-wizard-mode, allaire-clustercats-url-redirect, aolim-file-path, iis-shtml-reveal-path, http-cgi-dbman-db, http-cgi-dnews-bo, ultraboard-cgi-dos, aladdin-etoken-pin-reset, http-cgi-dmailweb-bo, interscan-viruswall-bo, quake3-auto-download, ultraboard-printabletopic-fileread, cart32-expdate, cisco-online-help, hp-shutdown-privileges, http-cgi-listserv-wa-bo, aaabase-execute-dot-files, aaabase-file-deletion, macos-appleshare-invalid-range, win-netbios-source-null, linux-knfsd-dos, macos-filemaker-anonymous-email, and macos-filemaker-email. ISS X-Force homepage here.

tags | web, overflow, shell, cgi, root, tcp, vulnerability
systems | cisco, linux, bsd, beos
SHA-256 | 4db0d03fb6271c35418d4d58ecec415169ad7a59e0467e9f65044a7c79068f6e
hack-hm-1.1.txt
Posted May 11, 2000
Authored by Hawaiian Superman

Hotmail is vulnerable to yet another serious security problem involving javascript. Windows, MacOS, and Linux users are affected. Consequences include hotmail account takeover, redirecting a hotmail user to any site, or access to the users computer if combined with other known exploits.

tags | exploit, javascript
systems | linux, windows
SHA-256 | b5c11b65292e58dd2677389be22affdd1c3df87cc7488c5d48a5d785938ef4f6
winreal.6-7.txt
Posted Apr 6, 2000
Authored by Adam Muntner

There is a buffer overflow in the Win32 RealPlayer Basic client versions 6 and 7 which occurs when a long location to play string is entered. Using the HTML "EMBED" tag to embed RealPlayer in a webpage and setting the "AUTOSTART=true" flag, you can force RealPlayer to start automatically, triggering the overflow condition. It appears that arbitrary code could be exploited simply by *VISITING* a webpage with the malicious embedded RealPlayer tags. MacOS and linux versions appear not to be vulnerable.

tags | exploit, overflow, arbitrary
systems | linux, windows
SHA-256 | 37419905d1e37c015f0676d7c50395144408e6d018c7cd4c3400a0871bbd49fd
CA-99-17.dos
Posted Dec 31, 1999

CERT Advisory CA-99-17 - Denial-of-Service Tools. Recently, new techniques for executing denial-of-service attacks have been made public. MacOS 9 can be abused by an intruder to generate a large volume of traffic directed at a victim in response to a small amount of traffic produced by an intruder. This allows an intruder to use MacOS 9 as a "traffic amplifier," and flood victims with traffic. A tool similar to Tribe FloodNet (TFN), called Tribe FloodNet 2K (TFN2K) was released.

SHA-256 | ab550f432f810ab211b9bb7a79666b37ff7dae0625f51ff5088743f51352e8ec
l0pht.macos.fwb.hdtoolkit
Posted Sep 23, 1999

l0pht.macos.fwb.hdtoolkit

SHA-256 | 0f37fcc8444cf20d26f12ea18dc6275587918888c721286d30c67e3a6fea4944
MacOS_encryption.txt
Posted Sep 21, 1999

The encryption algorithm in MacOS system is simple and the password can be easily decoded

tags | exploit
SHA-256 | 175d58893e91fe5f4d9047d46442dd17e5161c68d3431d910914873508df3ad6
mac-webshare-DoS.txt
Posted Aug 17, 1999

DoS attack, and maybe worse, present in Apple MacOS 8.5.1 "Web Sharing".

tags | exploit, web
systems | apple
SHA-256 | aed7c32d95b5b5b2c61dcb1e6515a3f62876f67545fb30ede8c69fd9d587e019
macattack-syn-dos.txt
Posted Aug 17, 1999

MacOS synflood DoS attack affecting all versions of MacOS.

tags | exploit
SHA-256 | 6812e0500cf036e070bb5dee39e94ae42856d8d675a430873c5bf8f254c9d6d7
macos.x.server.cgi.txt
Posted Aug 17, 1999

Process-based denial of service vulnerability exists in MacOS X Server running Apache that allows remote attacker to easily kill the web server via looped HTTP requests. Test exploit code included.

tags | exploit, remote, web, denial of service
SHA-256 | f5a096462e64fb0011ee44a1691b337f8d7d1e10a3e7f24ac2832333238bc622
FileGuard_308_Holes.txt
Posted Aug 17, 1999
Authored by ProZaq

Security Holes In FileGuard 3.0.8 file protection software for the MacOS allows anyone with guest account access to gain administrator privileges and access to ALL files.

tags | exploit
SHA-256 | d30b0ace07c9127553b40b6f9b093814c9d1d6b26296018f0a52eb9ceca0e436
Page 4 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close