exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

iDEFENSE Security Advisory 2008-04-09.3
Posted Apr 11, 2008
Authored by iDefense Labs, Stephen Fewer | Site idefense.com

iDefense Security Advisory 04.09.08 - Remote exploitation of a format string vulnerability in EMC Corp.'s DiskXtender could allow an attacker to execute arbitrary code with the privileges of the affected service. When handling requests on the RPC interface with UUID b157b800-aef5-11d3-ae49-00600834c15f, the service does not properly validate the content of a string in requests. Since this string is passed directly to a formatting function, a format string vulnerability occurs. iDefense confirmed the existence of this vulnerability in DiskXtender version 6.20.060 for Windows. Previous versions may also be affected.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2008-0963
SHA-256 | 5b88804d6ae7468d490bc8ef3fe7c0ea5e0670d6692d6006ad9bcc470224792c

Related Files

Secunia Security Advisory 29778
Posted Apr 15, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in EMC DiskXtender, which can be exploited by malicious people to bypass certain security restrictions or by malicious users to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 2e86c63fdd9b525a69b2cd45f23527b4ae30c0d591854f5c636ec6c21e47ad6f
iDEFENSE Security Advisory 2008-04-09.2
Posted Apr 11, 2008
Authored by iDefense Labs, Stephen Fewer | Site idefense.com

iDefense Security Advisory 04.09.08 - Remote exploitation of a buffer overflow vulnerability in EMC Corp.'s DiskXtender could allow an attacker to execute arbitrary code with the privileges of the affected service. The File System Manager is prone to a stack-based buffer overflow vulnerability. When handling requests on the RPC interface with UUID b157b800-aef5-11d3-ae49-00600834c15f, the service does not properly validate the length of a string in the request. By making a specially crafted request, a stack based buffer overflow occurs. iDefense confirmed the existence of this vulnerability in DiskXtender version 6.20.060 for Windows. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
systems | windows
advisories | CVE-2008-0962
SHA-256 | cc3f3fbc0041112ee44d533bc22ba56a70fd751510708f2c713a709b97e17abf
iDEFENSE Security Advisory 2008-04-09.1
Posted Apr 11, 2008
Authored by iDefense Labs, Stephen Fewer | Site idefense.com

iDefense Security Advisory 04.09.08 - Remote exploitation of an authentication bypass vulnerability in EMC Corp.'s DiskXtender could allow an attacker to execute arbitrary code. Each of the main components of the DiskXtender suite is vulnerable to an authentication bypass vulnerability. Specifically, the authentication code contains a hard-coded login and password. By connecting to the RPC interface, and logging on with these credentials, it is possible to bypass the normal authentication process. iDefense confirmed the existence of this vulnerability in DiskXtender version 6.20.060 for Windows. Previous versions may also be affected.

tags | advisory, remote, arbitrary, bypass
systems | windows
advisories | CVE-2008-0961
SHA-256 | e7ab9fbbb99710e5ebe00c8010b6d349ef5bccd241e9f3a13af867571d08d281
w00os.tgz
Posted Jan 3, 2008
Authored by w00w00

w00w00's operating system. Yes, a joke.

SHA-256 | c7c869568d15aee512c973a781e7aacc751b7d434724db343e310154d469a194
octopus.c
Posted Aug 26, 2002
Authored by Maniac

This little program opens as many sockets with a remote host as can be supported by both. It catches ^C and kill commands to shut down cleanly by closing all open connections before exiting. Often, a remote workstation can be brought to its knees by saturating its process table via multiple invocations of sendmail. That's why port 25 (the sendmail port) is the default. If the target's process table (set when the target kernel was created) is filled, users will be unable to execute any shell commands. Many MUDs also crash when the number of sockets they have open exceeds a certain number. This program will put stress on MUDs by testing their limits. If a limit is reached, the MUD will either crash or will refuse to let new users log in. * The program is incomplete, in that it doesn't check for socket timeouts and subsequently reuse timed out sockets. That means the program can only keep a remote host / mud locked up until it exhausts its own available new sockets, or until it has reached MAX_DESCRIPTORS remote connections as set by the #define statement. * If the local machine starts issuing error messages, then the program has failed to saturate the remote host and has instead reached the limits of the local machine. Use ^C or the kill command to terminate it. If you are knowledgable about rebuilding kernels and have access to the root account, you can build a special kernel that will allow you to reach a much larger number of open sockets.

tags | remote, denial of service, shell, kernel, local, root
SHA-256 | b17774a047da8f2dda8f5acbd018f5ca39bc608c82b3694b31d3ff473671c675
twlc.gif
Posted Jan 2, 2002
Authored by twlc

twlc logo

SHA-256 | 4bda0b4a3fc3c22022e033d7c302b65ce2a5d00d65841e0f1e0ebe6756af3a5d
PR09.txt.zip
Posted May 22, 2000
Authored by proyecto-r

PR09.txt.zip

tags | magazine
SHA-256 | 9996a1594ee69bb668a1744749d3f577ed5deae37acaa60790a092bb44c7594e
PR08.txt.zip
Posted May 22, 2000
Authored by proyecto-r

PR08.txt.zip

tags | magazine
SHA-256 | 36b80c6c10bd2225e2e17e81d9b987f04bf37bea78c18fa4fb6374b3e511b38f
PR07.txt.zip
Posted May 22, 2000
Authored by proyecto-r

PR07.txt.zip

tags | magazine
SHA-256 | 36e8db0e6b74cb9f0375d215491338ca8198e3f7ae0285fadb8acb796e543fd5
PR06.txt.zip
Posted May 22, 2000
Authored by proyecto-r

PR06.txt.zip

tags | magazine
SHA-256 | a29664967c27b2c474cda8ba345817718e4c6cb0568ae95f11059ae4357c7062
PR05.txt.zip
Posted May 22, 2000
Authored by proyecto-r

PR05.txt.zip

tags | magazine
SHA-256 | 1cef4a1d48902fc90a4be4486a6719ecdcae3b1d1f7b9f45f4c68dc9519156a6
PR04.txt.zip
Posted May 22, 2000
Authored by proyecto-r

PR04.txt.zip

tags | magazine
SHA-256 | 3a85b727313c6cd98b7757560927b10cefa23e57950d2c5f2bb864718e5f90a0
PR03.txt.zip
Posted May 22, 2000
Authored by proyecto-r

PR03.txt.zip

tags | magazine
SHA-256 | c904099ed19028ed4302a8a950f7498e470268abdd7423fd4c2a0854aaac7263
PR02.txt.zip
Posted May 22, 2000
Authored by proyecto-r

PR02.txt.zip

tags | magazine
SHA-256 | c7508682ed0b699d6ba7628664c6162bf24fa9ec605baa5b16aa0eb9001a8e01
PR01.txt.zip
Posted May 22, 2000
Authored by proyecto-r

PR01.txt.zip

tags | magazine
SHA-256 | 1fd799081a3722ba2b6a8de69f30c1b9cf3c4cf472fd5a67fa9d54a839eeaa1e
netopia.advisory.r9100
Posted May 17, 2000
Authored by Steve Friedl

The Netopia R9100 permits a user not authorized with a special security password to neverthless modify the SNMP community strings, including enabling SNMP access that should be disabled.

tags | exploit
SHA-256 | 3168f68634d059aaa9ea3f13c15e52e139e10b5ab83eef2a37fba5ca881c8d62
preventing.worms
Posted May 17, 2000
Authored by Woody Thrower, Stan Burnett, Gary Wahlquist | Site www2.axent.com

Prevent Current and Future E-Mail Worms.

tags | worm
SHA-256 | b1751241071df22894da713215dce7423eeb70171bb6e5eafc67ab315fb54b15
Emurl2.0.windows
Posted May 17, 2000

Users can access the mailbox's content of anybody on the system. They can also steal their POP passwords since Emurl allows you to fetch your POP email from more than one source.

tags | exploit
SHA-256 | 35e647237c0a38d4a34398da868edd6414f0a0f6309e46a65ff713c97f3e4d78
Banner.rotating
Posted May 17, 2000
Authored by Zillion | Site safemode.org

A file called adpassword.txt is world readable as it is assigned the wrong permissions. This will allow a malicious attacker to read the contents of the file, to crack the DES encrypted password it contains (using a common-or-garden password cracker), and to edit banner entries,to add or to remove banners.

tags | exploit
SHA-256 | 6c3ff8a442e1d2635cfd0603a063047b2989029691b11b442d5c9cce20f68a72
DoS-CProxyv3.3
Posted May 17, 2000
Authored by TDP

Remote Denial of Service for CProxy v3.3 - Service Pack 2. This program xploits an overflow vulnerability in CProxy 3.3 SP2 HTTP Service (8080), causing server shutdown.

tags | exploit, remote, web, denial of service, overflow
SHA-256 | 414890f4eae14551c1d605e97ecea325b12eead335724787e3754a807c6e5230
cisco760.c
Posted May 17, 2000
Authored by Tiz.Telesup

Cisco 760 Series Connection Overflow. Affected Systems: Routers Cisco 760 Series. Others not tested.

tags | exploit, overflow
systems | cisco
SHA-256 | 49c9851a414a339e8fb03b576ee74281497581f96f35f25c614707a6294d572a
calendar.pl.vuln
Posted May 17, 2000
Authored by Suid | Site suid.kg

Remote users can execute arbitrary commands on the web server with the priviledge level of the httpd process.

tags | exploit, remote, web, arbitrary
SHA-256 | 7e8843302cd134bdc683267eeed64db268f619dcb7483ba80947f7f20d7713d0
cisco.00-05-14.http
Posted May 17, 2000
Site cisco.com

A defect in multiple releases of Cisco IOS software will cause a Cisco router or switch to halt and reload if the IOS HTTP service is enabled and browsing to "http://<router-ip>/%%" is attempted. This defect can be exploited to produce a denial of service (DoS) attack. This defect has been discussed on public mailing lists and should be considered public information.

tags | exploit, web, denial of service
systems | cisco
SHA-256 | 06968d61e8af1b8d044e7641ad890947a953133f8a4264e14082028a3cc839c8
sses-sshauth.txt
Posted May 17, 2000
Site sses.net

A vulnerable secure shell distribution is available from the popular Zedz Consultants FTP site (formally known as replay.com). The RedHat Linux RPM ssh-1.2.27-8i.src.rpm contains a PAM patch which contains faulty logic allowing users to essentially pass through the username/password authentication step and gain shell access.

tags | exploit, shell
systems | linux, redhat
SHA-256 | b57e79520315127b620ca4b51d6c7b231203c8de9f7862f0c36dadb45cea51a3
ACROS-2000-04-06-1-PUB
Posted May 17, 2000
Site acros.si

Bypassing Warnings For Invalid SSL Certificates In Netscape Navigator.

tags | exploit
SHA-256 | 08d9a04187e702e38f43d13b65214f58dbce9985e976ef91593cde3c9be2e08a
Page 1 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close