exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

Atstake Security Advisory 03-07-31.1
Posted Aug 5, 2003
Authored by Atstake, Andreas Junestam | Site atstake.com

Atstake Security Advisory A073103-1 - Three vulnerabilities exist in the McAfee Security ePolicy Orchestrator Server and Agent that allow an attacker to anonymously execute arbitrary code.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2003-0148, CVE-2003-0149, CVE-2003-0616
SHA-256 | 39c4da258d3c16be42e6d5d36b203ec57d8400c5e932a4dfde6e4c3688971f66

Related Files

Atstake Security Advisory 02-10-28.1
Posted Oct 29, 2002
Authored by Atstake, Andreas Junestam | Site atstake.com

Atstake Security Advisory a102802-1 - The Oracle9iAS Web Cache contains two denial of service vulnerabilities that can be triggered remotely by sending specially crafted HTTP requests. The denial of service issues, which affect version 9.0.2.0.0 for Windows NT/2000 and XP, result in an immediate crash of the service. Oracle released a security advisory for this vulnerability. This advisory can be found here.

tags | web, denial of service, vulnerability
systems | windows
SHA-256 | a4dd6a957197a9116d53a98c087ac566509792905aae424939563924d019eaa8
Atstake Security Advisory 02-09-10.1
Posted Sep 11, 2002
Authored by Atstake | Site atstake.com

Atstake Security Advisory A091002-1 - Apple QuickTime ActiveX v5.0.2 has a buffer overrun conditions that can result in execution of arbitrary code. To exploit this vulnerability an attacker would need to get his or her target to open a malicious HTML file as an attachment to an email message, as a file on the local or network file system, or as a file via HTTP.

tags | web, overflow, arbitrary, local, activex
systems | apple
SHA-256 | 67fa04ee26e8153f5ebac2a4e8afbc94afbd217f0c2391f6d6bcc01b0c137578
Atstake Security Advisory 02-08-28.1
Posted Aug 29, 2002
Authored by Atstake, Ollie Whitehouse | Site atstake.com

Atstake Security Advisory A082802-1 - The Microsoft Terminal Server ActiveX client contains a buffer overflow in one of the parameters used by the ActiveX component when it is embedded in a web page which an attacker can exploit to run malicious code on a target system. The user would need to open a malicious HTML file as an attachment to an email message, as a file on the local or network file system, or as a link on a malicious web site.

tags | web, overflow, local, activex
SHA-256 | 56359c9b96a1991a0e4e4ca0c9bcd9337adab1526626b1bdc5b1cae7f982e8e1
a-z.zip
Posted Aug 26, 2002

Programming instructions for many, many cell fones

tags | bbs
SHA-256 | 423d53315b97b5dded1e54f673dfdd6b7e08292fa6f2c3f520263b9c6105b16f
Atstake Security Advisory 02-08-16.1
Posted Aug 21, 2002
Authored by Atstake | Site atstake.com

Atstake Security Advisory A081602-1 - The auditing mechanism of Windows NT 4.0 and Windows 2000 SP2 does not understand hard links so it produces some erroneous results allowing an attacker to access files through hard links such that the name of the file being accessed does not appear in the security event log. Instead, the file name of the hard link appears in the event log. The hard link can be deleted after accessing the file thus eliminating any trace of the file I/O activity.

systems | windows
SHA-256 | e5fefbae46a457866facd5d4caafcae07329a7508e7d9764de60f72b741eb0ba
Atstake Security Advisory 02-08-08.1
Posted Aug 9, 2002
Authored by Atstake, Andreas Junestam | Site atstake.com

Atstake Security Advisory A080802-1 - WS_FTP server v3.1.1 for Windows NT/2000/XP contains a buffer overflow that allows remote users to execute code when they change their password. Since the WS_FTP Server is running as a service, an attackers code will be executing as SYSTEM.

tags | remote, overflow
systems | windows
SHA-256 | 217640519642343dd537e34149f73960fd350a4359bf54a02275a74e046990c7
Atstake-Pingtel-Xpressa.txt
Posted Jul 15, 2002
Site atstake.com

Atstake Security Advisory - Several vulnerabilities found in Pingtel Xpressa SIP VoIP phones model PX-1 v1.2.5-1.2.7.4 can lead to the disclosure of user credentials, the hijacking of calls, unauthorized access on phone devices and much more. Pingtel released a workaround that can be used by affected customers, available here.

tags | vulnerability
SHA-256 | 137c467df7a52e511bc1a0959f6c9113896a816a356cc78d4266270c84c5e3e0
Atstake Security Advisory 02-06-05.1
Posted Jun 5, 2002
Authored by Atstake, Ollie Whitehouse | Site atstake.com

Atstake Security Advisory A060502-1 - Red-M's 1050AP Bluetooth Access Point contains a number of vulnerabilities which are outlined below that enable an attacker on the wired/wireless side of the device to mount an attack against the device in an attempt to locate the device, cause loss of administration functionality or compromise the administration interface.

tags | vulnerability
SHA-256 | 6c550edb79304b779ac8aac4982d3ad3e6fb9a08a6d7394b3520dc74a6e1c066
Atstake Security Advisory 02-04-10.1
Posted Apr 11, 2002
Authored by Atstake, Dave Aitel | Site atstake.com

Atstake Security Advisory A041002 - IIS for Windows NT 4.0 and 2000 contains a heap overflow in .htr files which results in remote code execution in the IUSR_machine security context. This vulnerability has been verified on IIS 4.0 and 5.0 with SP2 and the latest security patches as of April 1, 2002.

tags | remote, overflow, code execution
systems | windows
SHA-256 | d3c9eff0c4dcc24c4baf63a87290f4596e2768d47502b4211ec6c148b401ddca
Atstake Security Advisory 00-12-04.1
Posted Dec 6, 2000
Authored by Atstake | Site atstake.com

Atstake Security Advisory A120400-1 - IIS 4.0/5.0 Phone Book server buffer overrun vulnerability. The Phone Book Service was created by Microsoft to help provide dial in services to the corporation and ISPs. As part of the functionality of the service when users dial in their client software can be configured to download phone book updates from a web server. The ISAPI application that serves the update is pbserver.dll. This DLL contains a buffer overrun vulnerability that can allow the execution of arbitrary code or at best crash the Internet Information Server process, inetinfo.exe.

tags | web, overflow, arbitrary
SHA-256 | 7822463a0e0c98a33b81e6be0d33e5d289f446c0bcfff7a90e516e33823ba258
Atstake Security Advisory 00-12-01.1
Posted Dec 3, 2000
Authored by Atstake | Site atstake.com

Atstake Security Advisory A120100-1 - Microsoft's database server, known as SQL Server, contains several buffer overruns vulnerabilities that can be remotely exploited to execute arbitrary computer code on the affected system, thus allowing an attacker to gain complete control of the server. In situations where the SQL Server is protected by a firewall, it may still be possible to launch this attack through a connecting web server - though this depends on how secure the web server's application is. Proof of concept code available here.

tags | web, overflow, arbitrary, vulnerability, proof of concept
SHA-256 | 7a62c36595e25982e5eb61be78940b169d48a8771ddd9252d29796af5fbdf890
Atstake Security Advisory 00-12-01.2
Posted Dec 3, 2000
Authored by Atstake | Site atstake.com

Atstake Security Advisory A120100-2 - This advisory details multiple vulnerabilities in Microsoft SQL Server 2000 that allow an attacker to run arbitrary code on the SQL server in the context of a local administrator account. SQL Server provides a mechanism by which a database query can result in a call into a function called an "extended stored procedure". Several extended stored procedures supplied with SQL Server 2000 are vulnerable to buffer overflow attacks. Furthermore, in a default configuration these extended stored procedures can be executed by any user. Proof of concept code available here.

tags | overflow, arbitrary, local, vulnerability, proof of concept
SHA-256 | ec739fab767d599a0ee58f32f2ff762f3b6dfc21601af5994abc47bc96a9b5ec
A-SnIf.c
Posted Dec 3, 2000
Authored by Asynchro | Site pkcrew.org

A-Snif is a simple packet sniffer, for learning.

tags | tool, sniffer
SHA-256 | 68ca08c3d245a3407496e7357066f73bae641a99f872879772ea1639cea1f8dc
A102600-1.txt
Posted Oct 31, 2000
Authored by David Goldsmith, Brian Carrier, Rex Warren | Site atstake.com

Atstake security advisory - This advisory describes a vulnerability that exists in Cisco Systems Virtual Central Office 4000 (VCO/4K). There is a vulnerability in the SNMP interface that allows an attacker to enumerate username and obfuscated password pairs for the Telnet interface. Since the obfuscation method used on the passwords is reversible, administrative access to the VCO/4K can be obtained. Perl proof of concept exploit included.

tags | perl, proof of concept
systems | cisco
SHA-256 | 7efd12964efef16b759d3fcdb2af9a30829c39d81b2e68ec5426c943032bfa96
A100900-1
Posted Oct 19, 2000
Authored by Silicosis | Site atstake.com

Atstake Security Advisory (updated) - iPlanet's iCal, a multiplatform calendaring server, introduces a number of vulnerabilities to the system in which it is installed on. These vulnerabilities, ranging from poor file permissions to insecure programming practices allow local attackers to obtain root access, and remote attackers to monitor keystrokes. Includes obtain-ics.sh, a simple proof of concept local exploit.

tags | remote, local, root, vulnerability, proof of concept
SHA-256 | 9cb5d1d8417dd354b9437abf1dbd4e8347b3b25d0144afcd99dc883675a69423
A100400-1
Posted Oct 5, 2000
Authored by Mnemonix | Site atstake.com

Atstake Security Advisory - Microsoft's Internet Information Server 5.0 is WebDAV (RFC 2518) enabled. As part of the extra functionality provided by the WebDAV components. Microsoft has introduced the SEARCH request method to enable searching for files based upon certain criteria. This functionality can be exploited to gain what are equivalent to directory listings. These directory listings can be used by an attacker to locate files in the web directories that are not normally exposed through links on the web site. .inc files and other components of ASP applications that potentially contain sensitive information can be viewed this way.

tags | web, asp
SHA-256 | f2562bfaf09eac881c34bf6c3fc7b51eb464aca2b3cb81446d72d5bf1fc82e7c
A092600-1
Posted Sep 28, 2000
Authored by Kingpin | Site atstake.com

Atstake Security Advisory - PalmOS Password Retrieval and Decoding. Severity: Moderate. PalmOS offers a built-in Security application which is used for the legitimate user to protect and hide records from unauthorized users by means of a password. Passwords can easily be obtained and decoded allowing an attacker to access all private records on a Palm device.

systems | palmos
SHA-256 | 605b134f485bfa1453bdfd428bc29ebf0cd76aa76b8b91cd4a84f25e95ed0c2d
A091100-1
Posted Sep 13, 2000
Site atstake.com

Atstake Security Advisory - Netegrity's SiteMinder is a web access control product for Solaris and Windows NT that implements various authentication mechanisms to protect content on websites. Due to an error in SiteMinder's URL parsing, it is possible for an attacker to bypass the authentication phase and view protected web pages directly.

tags | web
systems | windows, solaris
SHA-256 | e0d3f793315991d1bfe7a1596da57ae4a879f58a9bf6b103ecee5c49798552b3
a-01.ciac-unix-attacks
Posted Sep 23, 1999

a-01.ciac-unix-attacks

systems | unix
SHA-256 | b5084c4fab6d27541633dce4f24de21f5304c8b8793035ba0ec75d79f3b8de39
a-02.ciac-vms-worm-w_com
Posted Sep 23, 1999

a-02.ciac-vms-worm-w_com

tags | worm
SHA-256 | 0eef36b3b599dfff5a0ca736c908037dddf16aa457e980620dcdae01656e455e
a-03.ciac-wank-worm
Posted Sep 23, 1999

a-03.ciac-wank-worm

tags | worm
SHA-256 | 5084d51bc3bded2184ea94403c6cd86b76e5b0e2eb025e1508852f00a09127a7
a-04.ciac-new-wank-worm
Posted Sep 23, 1999

a-04.ciac-new-wank-worm

tags | worm
SHA-256 | b002afbf32b67dafef5063116d9fa14600cd1eca4de71346ccfcdda68c95460b
a-05.ciac-sun-rpc
Posted Sep 23, 1999

a-05.ciac-sun-rpc

SHA-256 | d9c6d44f3f296bc95cd36e3e1889a38a2a28052643c15acdbfc327c90b4611ef
a-06.ciac-norton-utilities-trojan-horse
Posted Sep 23, 1999

a-06.ciac-norton-utilities-trojan-horse

tags | trojan
SHA-256 | 3a82d417b951d6e36665d077268e28a4b657a1966f80a724e6fca839b12bb0e3
a-07.ciac-unicos
Posted Sep 23, 1999

a-07.ciac-unicos

SHA-256 | c9e7413c992cc1e4c93637b2abb0fad6845c37be3ed75d84005947895ce5a969
Page 3 of 4
Back1234Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close