exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

RealTerm Serial Terminal 2.0.0.70 Echo Port Buffer Overflow
Posted Feb 21, 2019
Authored by Matteo Malvica

RealTerm Serial Terminal version 2.0.0.70 suffers from an echo port buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 801b86d255328b3fedc995c0bcbbcc29d2ca3f7b6e8522ecf7a4d5babd746c01

Related Files

Secunia Security Advisory 27374
Posted Oct 25, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for xfce4-terminal. This fixes a security issue, which can be exploited by malicious people to inject shell commands.

tags | advisory, shell
systems | linux, debian
SHA-256 | 1478959eb63590dc4b208b338ac436338f3786882d2e8ead48b4e80e6e89e595
Debian Linux Security Advisory 1393-1
Posted Oct 23, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1393-1 - It was discovered that xfce-terminal, a terminal emulator for the xfce environment, did not correctly escape arguments passed to the processes spawned by "Open Link". This allowed malicious links to execute arbitrary commands upon the local system.

tags | advisory, arbitrary, local
systems | linux, debian
advisories | CVE-2007-3770
SHA-256 | 31be8cc034e77cdfc8024b7182247c9b9c32d51c2d7e9a0014476144661a646e
openct-0.6.14.tar.gz
Posted Sep 10, 2007
Authored by Andreas Jellinghaus | Site opensc-project.org

OpenCT is a library for accessing smart card terminals. It provides a rich set of functions for driver writers, protocol drivers for T=0 and T=1, serial and USB functionality, including USB hotplugging. The main user of OpenCT is the OpenSC smart card framework, but OpenCT can of course be used by other applications as well. OpenCT provides a native OpenCT, CT-API and PC/SC Lite IFD interface with an OpenCT ifdhandler resource manager.

Changes: Various updates.
tags | protocol, library
SHA-256 | 3df187f63eb6694652098238bdf967b304dad8f62e9219be4cf3b6d5ec5db58b
pshtoolkit-1.1.tgz
Posted Sep 5, 2007
Authored by Hernan Ochoa | Site oss.coresecurity.com

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.

Changes: Improvements for the German and French versions of Microsoft Windows XPSP2, Windows 2003 SP1/SP2, and more.
tags | remote, local
systems | windows
SHA-256 | 6be2b9d8c80c3ce8623695fe34d59e1da13a69e745c495039e6e3840b294cafd
pshtoolkit-1.0.tgz
Posted Aug 16, 2007
Authored by Hernan Ochoa | Site oss.coresecurity.com

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.

tags | remote, local
systems | windows
SHA-256 | 12647279df0a167a813e91d94627b92abe1cca879d0528921db39c1d55eb68d2
Secunia Security Advisory 26392
Posted Aug 14, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for xfce4-terminal. This fixes a security issue, which can be exploited by malicious people to inject shell commands.

tags | advisory, shell
systems | linux, ubuntu
SHA-256 | bd2232b539f5a18100f0129c62660c9c3c1cceb450ea5ff5917a0ae35a3a4542
Gentoo Linux Security Advisory 200708-7
Posted Aug 14, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200708-07 - Lasse Karkkainen discovered that the function terminal_helper_execute() in file terminal-helper.c does not properly escape the URIs before processing. Versions less than 0.2.6_p25931 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-3770
SHA-256 | 330b4e24fb821b2cd5f7c0a3bd591f92d633d2a9129ad6efcf09f92746b72a12
Secunia Security Advisory 26418
Posted Aug 14, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for terminal. This fixes a security issue, which can be exploited by malicious people to inject shell commands.

tags | advisory, shell
systems | linux, gentoo
SHA-256 | a7f3981a5ef06e535dabe1150e3b4c997589a4a74eafb6b4f4877812f7d50644
iDEFENSE Security Advisory 2007-07-26.2
Posted Jul 28, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 07.26.07 - Local exploitation of a stack-based buffer overflow vulnerability in the 'capture' program, as included with IBM Corp.'s AIX operating system, allows an attacker to execute arbitrary code with root privileges. The vulnerability exists within the code that parses terminal control sequences. A long series of control sequences will trigger an exploitable stack-based buffer overflow. iDefense has confirmed the existence of this vulnerability in AIX version 5.3 with service pack 6. Previous versions may also be affected.

tags | advisory, overflow, arbitrary, local, root
systems | aix
advisories | CVE-2007-3333
SHA-256 | 908a645d01d8e4edec8e221b469bcc9e5ff3c39e86322bbb73f81a6763bd38fc
aix53-capture.txt
Posted Jul 28, 2007
Authored by qaaz

IBM AIX versions 5.3 sp6 and below capture Terminal Sequence local root exploit.

tags | exploit, local, root
systems | aix
SHA-256 | 829483f58084eaa4308caec735b5d7f3bfb3532ddfeb7bf8502ec83b60b014fa
openct-0.6.12.tar.gz
Posted Jul 18, 2007
Authored by Andreas Jellinghaus | Site opensc-project.org

OpenCT is a library for accessing smart card terminals. It provides a rich set of functions for driver writers, protocol drivers for T=0 and T=1, serial and USB functionality, including USB hotplugging. The main user of OpenCT is the OpenSC smart card framework, but OpenCT can of course be used by other applications as well. OpenCT provides a native OpenCT, CT-API and PC/SC Lite IFD interface with an OpenCT ifdhandler resource manager.

Changes: Various updates.
tags | protocol, library
SHA-256 | 21ce1c8c53f21ecb807cfd6a9bef0a10ea60506a6b6cb2be9e1cf79049e43e5f
mts-tls.txt
Posted May 10, 2007
Authored by anonymous

Microsoft's Terminal Server on Windows 2003 Server with all of the current service packs fails to enforce its own settings.

tags | advisory
systems | windows
SHA-256 | 8798b9bc51b7d84c7da9fb7f5b4f9eba6130b48b4e845424495701e089d46feb
openct-0.6.11.tar.gz
Posted Nov 27, 2006
Authored by Andreas Jellinghaus | Site opensc-project.org

OpenCT is a library for accessing smart card terminals. It provides a rich set of functions for driver writers, protocol drivers for T=0 and T=1, serial and USB functionality, including USB hotplugging. The main user of OpenCT is the OpenSC smart card framework, but OpenCT can of course be used by other applications as well. OpenCT provides a native OpenCT, CT-API and PC/SC Lite IFD interface with an OpenCT ifdhandler resource manager.

Changes: Various updates.
tags | protocol, library
SHA-256 | b4fdc700e9778a8c115d0bed82781f967c41ac1c941451b01a91c45ae43088a9
openct-0.6.10.tar.gz
Posted Nov 13, 2006
Authored by Andreas Jellinghaus | Site opensc-project.org

OpenCT is a library for accessing smart card terminals. It provides a rich set of functions for driver writers, protocol drivers for T=0 and T=1, serial and USB functionality, including USB hotplugging. The main user of OpenCT is the OpenSC smart card framework, but OpenCT can of course be used by other applications as well. OpenCT provides a native OpenCT, CT-API and PC/SC Lite IFD interface with an OpenCT ifdhandler resource manager.

tags | protocol, library
SHA-256 | febfef88b93c876fbff1b59e3da4e1db4dd18e6d3af76594ca1e4cfbf5e178e2
Debian Linux Security Advisory 1202-1
Posted Nov 1, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1202-1: "cstone" and Rich Felker discovered that specially crafted UTF-8 sequences may lead an out of bands memory write when displayed inside the screen terminal multiplexer, allowing denial of service and potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
SHA-256 | 0336be55907d9761d17e884f264abb9f84a424adbf5dccce23401605deae86d3
OpenPKG Security Advisory 2006.26
Posted Oct 27, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory - OpenPKG-SA-2006.026: According to a vendor release announcement [0], a denial of service vulnerability exists in the virtual terminal application GNU screen [1], version 4.0.2 and earlier. The vulnerabilities exist in the handling of "UTF-8 combining characters" and allow user-assisted attackers to cause a Denial of Service (crash or hang of GNU screen) via certain UTF-8 character sequences.

tags | advisory, denial of service, vulnerability
SHA-256 | 3d1d7b3be9c6d2ccd5c51acc0f2c4f73714fb8ee5beedde2d14d7a6468e3b555
prdelka-vs-SCO-termshx.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

SCO Openserver 5.0.7 termsh exploit. 'termsh' is a program to view or modify an existing terminal entry on SCO Openserver. A stack based overflow exists in the handling of command line arguments, namely the [-o oadir] argument. It is installed setgid auth in a default SCO Openserver 5.0.7 install. An attacker may use this flaw to gain write access to /etc/passwd or /etc/shadow allowing for local root compromise.

tags | exploit, overflow, local, root
SHA-256 | 80848a38a842001ba4c5cb1a4aa2616cfde210738c9f9ac3f9e0ec9ee9fa8266
safebreaker.tar
Posted Oct 25, 2006
Authored by Amir Alsbih | Site informatik.uni-freiburg.de

Safebreaker is a demonstration next-generation packet-sniffing backdoor, that doesn't require libpcap. It offers a full terminal support, comes with a tls encryption for the connection, and the authentication parameters are configurable.

systems | linux
SHA-256 | f6f72ee772f76cad2c257e301e9e32dd81ea91eb20dff6bdc36e59f08553c705
openct-0.6.9.tar.gz
Posted Oct 5, 2006
Authored by Andreas Jellinghaus | Site opensc-project.org

OpenCT is a library for accessing smart card terminals. It provides a rich set of functions for driver writers, protocol drivers for T=0 and T=1, serial and USB functionality, including USB hotplugging. The main user of OpenCT is the OpenSC smart card framework, but OpenCT can of course be used by other applications as well. OpenCT provides a native OpenCT, CT-API and PC/SC Lite IFD interface with an OpenCT ifdhandler resource manager.

tags | protocol, library
SHA-256 | 878703c82cbc1caac996063f1efc54d1adc2b2b94a03dad97d813ca6691a6ef0
XSec-06-06.txt
Posted Aug 27, 2006
Authored by nop | Site xsec.org

A vulnerability has been found in Internet Explorer 6.0 on Microsoft Windows 2003. When Internet Explorer tries to instantiate the tsuserex.dll (Terminal Services) COM object as an ActiveX control, it may corrupt system memory in such a way that an attacker may cause a denial of service and/or execute arbitrary code.

tags | advisory, denial of service, arbitrary, activex
systems | windows
SHA-256 | 45bcc9edc70442e2ba1be2fee5c00146f0504b9dd513529c6d211f040618dda6
msterminal.txt
Posted Aug 27, 2006
Authored by Bill Littlejohn

There is a vulnerability in Microsoft Terminal Server when an application is specified for the user instead of a full Windows Desktop. It is possible to easily cause an error in explorer.exe and to gain access to a full Desktop. This is an issue for anyone publishing applications through TS to domain users who also logon to full desktops either on the TS or on another machine.

tags | advisory
systems | windows
SHA-256 | d64c9d402f1bb8e25e76432b26bcff82f0808bc359afaae44e10c6fe851b3e67
safari-2.0.3.txt
Posted Apr 28, 2006
Authored by Yannick von Arx | Site yanux.ch

Apple Mac OS X Safari 2.0.3 Vulnerability: A vulnerability exists in Safari 2.0.3 (417.9.2) and perhaps in prior versions which causes the operating system to slow down SRCOD (Spinning Rainbow Cursor Of Death), and therefore, it's not possible to launch any applications like Terminal to kill the process. After several minutes Safari crashes.

tags | advisory
systems | apple, osx
SHA-256 | 1b1b00d7a05322c9df74a0bf3744fc5fa2b4665c1d920ba9ac0ca53cb19b8700
safari_safefiles_exec.pm.txt
Posted Feb 26, 2006
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a vulnerability in Safari's "Safe file" feature, which will automatically open any file with one of the allowed extensions. This can be abused by supplying a zip file, containing a shell script, with a metafile indicating that the file should be opened by Terminal.app. This module depends on the 'zip' command-line utility.

tags | exploit, shell
SHA-256 | d07fb300961da20240be4d01af4bf9ae28d737166fc35716c762ae250e33252f
cisco-SA-20060215-guard-auth.txt
Posted Feb 20, 2006
Site cisco.com

A vulnerability in versions 5.0(1) and 5.0(3) of the software used in Cisco Anomaly Detection and Mitigation appliances and service modules may allow unauthorized users to get unauthorized access to the devices and/or escalate their privileges if Terminal Access Controller Access Control System Plus (TACACS+) is incompletely configured.

tags | advisory
systems | cisco
SHA-256 | f4b129b457b402f8fe7136fcc31d2b398212b4e009abebc6478cb32c7649e9e9
fileZillaDoS.txt
Posted Nov 8, 2005
Authored by Inge Henriksen

FileZilla Server Terminal version 0.9.4d appears to suffer from a buffer overflow vulnerability when being passed 900-3000 characters to the USER directive.

tags | advisory, overflow
SHA-256 | 334bebb9956a106eb2cd459c8d4304a22a36821a0e716ac35a08441077fc83c3
Page 3 of 4
Back1234Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close