what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed


A Vulnerability In Implementations of SHA-3, SHAKE, EdDSA, And Other NIST-Approved Algorithms
Posted Mar 7, 2023
Authored by Nicky Mouha, Christopher Celi | Site eprint.iacr.org

This paper describes a vulnerability in several implementations of the Secure Hash Algorithm 3 (SHA-3) that have been released by its designers. The vulnerability has been present since the final-round update of Keccak was submitted to the National Institute of Standards and Technology (NIST) SHA-3 hash function competition in January 2011, and is present in the eXtended Keccak Code Package (XKCP) of the Keccak team. It affects all software projects that have integrated this code, such as the scripting languages Python and PHP Hypertext Preprocessor (PHP). The vulnerability is a buffer overflow that allows attacker-controlled values to be eXclusive-ORed (XORed) into memory (without any restrictions on values to be XORed and even far beyond the location of the original buffer), thereby making many standard protection measures against buffer overflows (e.g., canary values) completely ineffective.

tags | paper, overflow, cryptography, php, python
advisories | CVE-2022-37454
SHA-256 | e5ce94c802fc96b96a37593074295283819a7abf859a04a1c1cbfcdb566dcdb1

Related Files

Posted May 17, 2000
Site sses.net

A vulnerable secure shell distribution is available from the popular Zedz Consultants FTP site (formally known as replay.com). The RedHat Linux RPM ssh-1.2.27-8i.src.rpm contains a PAM patch which contains faulty logic allowing users to essentially pass through the username/password authentication step and gain shell access.

tags | exploit, shell
systems | linux, redhat
SHA-256 | b57e79520315127b620ca4b51d6c7b231203c8de9f7862f0c36dadb45cea51a3
Posted May 17, 2000
Site acros.si

Bypassing Warnings For Invalid SSL Certificates In Netscape Navigator.

tags | exploit
SHA-256 | 08d9a04187e702e38f43d13b65214f58dbce9985e976ef91593cde3c9be2e08a
Posted May 17, 2000
Authored by Michal Zalewski

"I don't think I really love you" or writing internet worms for fun and profit.

tags | worm
SHA-256 | d21298d8550cdb1dce8b32a0ad6a565a74adfde66a4bcb0a08045abe78644dd4
Posted May 17, 2000
Authored by Tim Newsham

Here's an overflow exploit that works on a non-exec stack on x86 boxes. It demonstrates how it is possible to thread together several libc calls.

tags | exploit, overflow, x86
SHA-256 | 3238065018d8cc59f08614d088172be8ae759fa0a29334aa5cf53f44f305b996
Posted May 17, 2000

New Hack City Advisory 20000504a.0 - It is possible to cause a kernel panic on systems running NetBSD by sending a packet remotely with an unaligned IP Timestamp option.

tags | kernel
systems | netbsd
SHA-256 | 80e0199697da1cca26b1bb88f5a8cab6e589a0d7ef89ab3b7ca94c90b255199e
Posted May 17, 2000

Receipt of IP packets with certain sequences of malformed IP options can cause an unaligned access in kernel mode (on many architectures), or data corruption, resulting in a panic or other problems.

tags | denial of service, kernel
systems | netbsd
SHA-256 | f8cef208a1f568ebde931884c1fb940cb0522fa38fe3d9ecf2661a0913573333
Posted May 17, 2000
Authored by Frankie Zie

There is a security problem with shtml.exe that allows anyone to explore the local path of IIS web server.

tags | exploit, web, local
SHA-256 | a81fefb3352747deb54240fa5b25c5a5809579acbd6503684344b867038b8d8f
Posted May 17, 2000
Authored by Cassius

Simple DOS attack against Cayman 3220-H DSL Router. Large username or password strings sent to the Cayman HTTP admin interface restart the router. Router log will show "restart not in response to admin command".

tags | exploit, web
SHA-256 | 3ae878f8c7a9b943309036f7465bd350a17e5d03e16ce1406143f4bf73085af0
Posted May 17, 2000
Authored by Mark Litchfield | Site cerberus-infosec.co.uk

Cerberus Information Security Advisory (CISADV000505) - The Cerberus Security Team has found a remotely exploitable buffer overrun in Netwin's (http://netwinsite.com) DNewsWeb (dnewsweb/dnewsweb.exe v5.3e1), CGI program designed to give access to NNTP services over the world wide web. By supplying a specially formed QUERY_STRING to the program a buffer is overflowed allowing execution of arbitrary code compromising the web server.

tags | exploit, web, overflow, arbitrary, cgi
SHA-256 | 6f72b6f4d384bdcf7670e19301cef27ef2e199ac7ae94fecc8d11621cfa61f7b
Posted May 17, 2000
Site nai.com

Network Associates, Inc. COVERT Labs Security Advisory - An implementation flaw in the InterScan VirusWall SMTP gateway allows a remote attacker to execute code with the privileges of the daemon.

tags | exploit, remote
SHA-256 | 9b36112a1cd5cd874728fcf15c819f8bfd56941ce60048b6bc3d056dd9fd35f2
Posted May 17, 2000
Authored by David Litchfield | Site cerberus-infosec.co.uk

Cerberus Information Security Advisory (CISADV000504) - The Cerberus Security Team has found a remotely exploitable buffer overrun in Netwin's (http://netwinsite.com) DMailWeb (dmailweb/dmailweb.exe v2.5d), CGI program designed to give access to a user's SMTP and POP3 server over the world wide web. By supplying a specially formed QUERY_STRING to the program a buffer is overflowed allowing execution of arbitrary code compromising the web server.

tags | exploit, web, overflow, arbitrary, cgi
SHA-256 | 47a0edd015b1f01cce3d508c12cc5b2cf7330ba998a12a9c7aaf7acfd187723d
Posted May 17, 2000
Authored by David Litchfield | Site cerberus-infosec.co.uk

Cerberus Information Security Advisory (CISADV000503) - The Cerberus Security Team has found a remotely exploitable buffer overrun in Lsoft's (www.lsoft.com) Listserv Web Archive component (wa/wa.exe v1.8d - this is the most recent version.

tags | exploit, web, overflow
SHA-256 | 17136805bc3f264e963bf55df3a44d6c7550f0c96ca7a5a74efedb9e27ff8deb
Posted May 17, 2000
Authored by Morten Welinder

If root ever does "rm -rf /tmp/foo" for a directory structure not completely owned by root, a local user can delete all files that root can.

tags | exploit, local, root
SHA-256 | 3ba1f58d2454e57c2aabb1552bf4229866c003b9fde29b9e8099400b1fef591c
Posted May 17, 2000
Authored by RC

Using the good old NullByte(\000) its possible to open "any" file on the webserver(with its permissions) running the "UltraBoard" forum-software.

tags | exploit
SHA-256 | cac53c20c8f003f1c433d4901d938d89d764d76df657e71ce2c13537f325a103
Posted May 17, 2000
Authored by Hugo Breton

There is a way to disable tcpdump running on a remote host. By sending a carefully crafted UDP packet on the network which tcpdump monitors, it is possible, under certain circonstances, to make tcpdump fall into an infinite loop.

tags | exploit, remote, udp
SHA-256 | 762d8e63fbcb7f43d09fcb049e572dc985c7e6be26bd6c5efc3db1e022573ef8
Posted May 17, 2000

The precise details of how to exploit these holes is minimized to prevent compromising the integrity of all current Internet-accessible FileMaker Pro 5 databases and mail servers. However, details can be easily deduced by referencing the FileMaker Pro 5 documentation and by consulting the FileMaker XML Technology Overview white paper available via the FileMaker XML Central Web site.

tags | exploit, web
SHA-256 | 266a2b3612f869f2b2ce836b82d96495dbb6d573fd9f243d85c88bce65c7fde5
Posted May 17, 2000
Authored by Fernando Montenegro

It seems that, even though a regular (non-"enabled") user should not be able to see the access-lists or other security-related information in the router, one can do just that. The online help systems doesn't list the commands as being available, but out of 75 extra "show" options that are available in "enable" mode (on a 12.0(5)3640), only 13 were actually restricted.

tags | exploit
SHA-256 | 2c33ae7e113f98c67d0be4eb389aefb18fd47f1579f69e7636939aefb440a243
Posted May 17, 2000

When accepting luser console login, pam_console called by /bin/login tries to be user-friendly, doing several chowns on devices like login tty and corresponding vcs[a] device, as well as other interesting devices: fd*, audio devices (dsp*, mixer*, audio*, midi*, sequencer), cdrom, streamer/zip drive devices, frame buffer devices, kbd*, js*, video*, radio*, winradio*, vtx*, vbi* and so on. Probably it's designed to make console logins more comfortable, but has DEADLY effects on servers with console luser-login ability (and that's quite common).

tags | exploit
SHA-256 | 1d635e59bee6725bcf7c4b9d3459f4bb45a1383179c65d540f6ca36f5edf6fe0
Posted May 17, 2000
Authored by eAX

Here is how to exploit the bug for cracking systems running Jana. I tested it with Jana 1.45 on Windows 98 and Windows 2000. 1. Open a browser window 2. Type i.e http://the.server.com/./.././.././.././windows/win.ini.

tags | exploit, web
systems | windows
SHA-256 | 5619cda37bd593b8aa8636730088c1f2262151ba1f7ad4ec649f9de333df9d1a
Posted May 17, 2000
Authored by Chris Evans

A DoS condition exists in the Linux kernel knfsd server. Remote, unauthenticated users (i.e. those with neither a directory mounted nor permission to mount one) can OOPS the host kernel. The OOPS does not bring down the target host, but it is possible to render the NFS service inoperable until a reboot.

tags | remote, denial of service, kernel
systems | linux
SHA-256 | 7a554cf14acdc3fef95cadd5e0b687b47576cc0e8024390737cb14e3860d6e69
Posted May 14, 2000

Microsoft Linux box cover. Very chilling, frightening, and funny too.

systems | linux, unix
SHA-256 | 1bc986e436715e6db9328f01347cc8326f0de23ce9447218dc4e65884d6302b2
Posted Apr 20, 2000
Authored by psico nauta

Getting r00t 2k. A hacking guide for newbies that is completely written in Spanish. This has been created as a knowledge base for an understanding of hacking in South America and Spain as knowledge of hacking has gained more importance in these areas.

SHA-256 | 1773578b04e321244b6e66f4d60c103506061359e9e02c2945bfe8b49ffb063a
Posted Apr 20, 2000

S.A.F.E.R. Security Bulletin 000317.EXP.1.5 - Remote user can obtain list of directories on Netscape. Netscape Enterprise Server with 'Web Publishing' enabled can be tricked into displaying the list of directories and subdirectories, if user supplies certain 'tags'.

tags | remote, web
SHA-256 | 28a1f7d9a52e29f7b6c7169a7703161db67a48f4e7b0b0a67e10192242dcf897
Posted Apr 20, 2000
Authored by Chopsui-cide

Anyone who can execute CGIMailer (anyone who can use the forms that use CGIMailer) can specify what configuration file to use and this can be any file on the system CGIMailer is running on. This allows for the existance of private files to be detected. There are more dangerous implications though: this vulnerability could possibly be exploited to obtain private files from the target system. If there is an FTP server running on the target system on which an attacker has upload priviledges, he/she could upload a malicious configuration file, and then run it using CGIMailer. Configuration files can be used to send files to the attacker via e-mail (among other things).

tags | exploit
SHA-256 | 93e43f717e47063b7aa4ac1264f4e1f4436a2587838dfecd4a1ffd48d2008703
Posted Apr 20, 2000
Authored by Bladi, Almudena

Two exploits are included in this. It is a dcc chat buffer overflow in seperate exploits for linux and mirc.

tags | exploit, overflow
systems | linux
SHA-256 | f3545aeb86c142cd44d2d9e66a6762114035037eafe2d84e99ae2888730f8e89
Page 3 of 4

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By