.:[ packet storm ]:.
                         
paranoia is a friend like no other
paranoia is a friend like no other

 Section:  .. / 0008-exploits  /

Some of these exploits are from Bugtraq and Security Bugware

Page 4 of 5
<< 1 2 3 4 5 >> Files 75 - 100 of 119
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: Critical_Path_CSS
Description:
 A simple flaw in the web mail service offered by Critical Path (www.cp.net) allows an attacker to gain full access of any webmail account. The attack falls under the umbrella of cross-site scripting, which was addressed in detail by CERT in their advisory CA-2000-02, entitled "Malicious HTML Tags Embedded in Client Web Requests." The bug is aggravated by an defective session token scheme.
Author:Jeffrey W. Baker
File Size:7803
Last Modified:Aug 30 02:41:07 2000
MD5 Checksum:ce67656bc39d3867917caa86196bff78

 ///  File Name: WDK_v1.0.vuln.txt
Description:
 The Javaserver Webserver Development Kit (WDK) v1.0 contains a .. vulnerability allowing remote attackers to read any file on the system with the permissions of the webserver. The server typically resides on TCP port 8080 and instructions for identifying this server are given.
Author: Kevin Finisterre
File Size:1517
Last Modified:Aug 29 05:34:19 2000
MD5 Checksum:942419ad40c9d395eabf61da00278016

 ///  File Name: vqserver.dos.txt
Description:
 vqServer version 1.4.49 is vulnerable to a denial of service attack by sending a malformed URL request. Tested on Windows version. The latest edition of vqServer (1.9.47) is unaffected.
Author:nemesystm
Homepage:http://dhcorp.cjb.net
File Size:2228
Last Modified:Aug 29 05:25:00 2000
MD5 Checksum:303c9106b865941caabe75045152da02

 ///  File Name: VIGILANTE-2000007
Description:
 Vigilante Advisory #7 - A malicious user can crash an Intel Express 550F or a host behind it by sending a packet with a malformed header. To restart the box you need remove it from it's power source as the reset button loses functionality as well. Affected systems: Intel Express Switch 550F - Firmware version 2.63 - Firmware version 2.64.
Author:Vigilante
Homepage:http://www.vigilante.com
File Size:1871
Last Modified:Aug 28 11:16:01 2000
MD5 Checksum:70f964bfc3be8ff1be7c1a6ab323c0e2

 ///  File Name: bubonic.c
Description:
 Bubonic.c is a denial of service tool that sends random TCP packets with random settings. Tested against Windows 2000 and RedHat Zoot.
Author:Sil
Homepage:http://www.antioffline.com
File Size:6625
Last Modified:Aug 28 11:06:39 2000
MD5 Checksum:c3272ac6b130a121e601108895f93080

 ///  File Name: daemonic.c
Description:
 Dameonic.c is a theoretical router based denial of service attack that exploits a weakness within the Border Gateway Protocol (BGP). If a malicious user sends spoofed malformed packets to a neighboring router, the peer will ignore it and possibly kill the session entirely. Written on a Ultra 5 running Linux Zoot, this has been compiled on Linux, OpenBSD, Solaris without problems.
Author:Sil
Homepage:http://www.antioffline.com
File Size:8144
Last Modified:Aug 28 10:55:49 2000
MD5 Checksum:6f0c6611db0f18e797c8422d40ca25a2

 ///  File Name: subscribeme.txt
Description:
 Unavailable.
File Size:2010
Last Modified:Aug 24 22:29:08 2000
MD5 Checksum:b32fff4d493f1bd7bb88989d494fd742

 ///  File Name: spad02.txt
Description:
 Unavailable.
File Size:8894
Last Modified:Aug 24 19:57:43 2000
MD5 Checksum:78978df1ffd3d83d01195c113927bb9a

 ///  File Name: php-nuke.txt
Description:
 A short advisory on how to manipulate a bug in the PHP-nuke Web Portal System to allow you to gain administrative access.
Author:Starman_Jones
File Size:1799
Last Modified:Aug 24 19:09:49 2000
MD5 Checksum:f63871452fe6ee993b8f7a7961c8f7e0

 ///  File Name: labs51.txt
Description:
 USSR Labs Advisory #51 - There is a remote denial of service caused by a buffer overflow memory problem in the rpc module of the Pragma TelnetServer 2000 for Windows NT/2000. The included shell code causes the system to crash.
Homepage:http://www.ussrback.com
File Size:4816
Last Modified:Aug 24 18:53:33 2000
MD5 Checksum:5451e4fdd8c8cb64106282d8dc91a7fc

 ///  File Name: darxite.tar.gz
Description:
 Darxite, a daemon that retrieves files via FTP or HTTP, has several vulnerabilities throughout the code that allow a local/remote user to crash the servers, as well as a passwd authentication remote overflow, allowing remote shell access as the uid of the darxite daemon. Exploit and advisory included. Tested against Linux x86 systems.
Author:dethy
Homepage:http://www.synnergy.net
File Size:4738
Last Modified:Aug 23 02:03:59 2000
MD5 Checksum:32a8c8dcfdcba3259e8d0e9af20eba1a

 ///  File Name: xslrnpull.c
Description:
 Slrnpull.c exploits a local buffer overflow vulnerability in slrnpull version 0.9.6.2, which is setgid news. Tested against RedHat 6.2.
Author:Vade79
Homepage:http://www.realhalo.org
File Size:2272
Last Modified:Aug 23 01:39:37 2000
MD5 Checksum:71914e4011b9a4a07c80e1c6268761eb

 ///  File Name: PHP-Nuke.c
Description:
 A vulnerability in the way PHP-Nuke, a news site administrative tool, authenticates administrative accounts, allows a remote attacker to gain administrative access to the application. Attacker could edit users, articles, topics, banners, assign authors, etc
Author:Fabian Clone
File Size:2800
Last Modified:Aug 22 00:29:53 2000
MD5 Checksum:be38d88ef4fe90bff7fa3c1c2766dfb5

 ///  File Name: htgrep.c
Description:
 Htgrep has a vulnerability which allows a remote user to read arbitrary files on the system with the priviledge of the user running the program.
Author:n30
File Size:2386
Last Modified:Aug 21 23:04:12 2000
MD5 Checksum:44e6b83eeb52eb927c6866f44c07cd87

 ///  File Name: srcgrab.pl.txt
Description:
 Srcgrab.pl exploits the Translate:f bug as described in ms00-058. The vulnerability, present in IIS 4.0 and Windows 2000 Frontpage server extensions, allows a remote user to retrieve the source of .asa and .asp pages.
Author:Smiler
File Size:7692
Last Modified:Aug 17 19:28:32 2000
MD5 Checksum:821dc542307911b4bfd039e2463a515e

 ///  File Name: crackncftp.c
Description:
 The ncftp client uses an easily decrypted scheme to save passwords to remote FTP sites in a bookmark file. Crackncftp.c provides the plaintext when from the encrypted string.
Author:Zorgon
Homepage:http://zorgon.freeshell.org
File Size:5056
Last Modified:Aug 17 03:45:04 2000
MD5 Checksum:652d5a84fea593b7798071e24c6325d1

 ///  File Name: ie5-msn.exec.txt
Description:
 Georgi Guninski security advisory #18 - Two serious vulnerabilities have been found Microsoft products - Internet Explorer 5.5/5.x may execute arbitrary programs when visiting a web page, reading HTML based mail with Outlook, or simply browsing folders as web pages. In addition, the default installation of Windows 2000 allows Local Administrator compromise via opening local folders as web pages. In both cases a malicous person may take full control over user's computer / server. Includes proof of concept HTML code. Demonstration available here.
Author:Georgi Guninski
Homepage:http://www.nat.bg/~joro
File Size:8941
Last Modified:Aug 16 02:12:00 2000
MD5 Checksum:1f4cc1e9ab9d13efedb1c42dbabdbc96

 ///  File Name: rapidstream.vpn.txt
Description:
 RapidStream VPN nodes has hard-coded the 'rsadmin' account into the sshd binary in the appliance OS. The account has been given a 'null' password in which password assignment and authentication was expected to be handled by the RapidStream software itself. The vendor failed to realize that arbitrary commands could be appended to the ssh string when connecting to the SSH server on the remote vpn. This in effect could lead to many things, including the ability to spawn a remote root shell on the vpn.
Author:Loki courtesy of Bugtraq.
File Size:2409
Last Modified:Aug 16 01:41:19 2000
MD5 Checksum:6e70e4def5f1cac4ebe348a0e56c6965

 ///  File Name: linsql.c
Description:
 Linsql is a simple command-line client for MS SQL server which can execute arbitrary SQL queries and OS commands on an MS-SQL hosts that uses a blank 'sa' password, a common default configuration.
Author:Herbless courtesy of Bugtraq.
File Size:39781
Last Modified:Aug 16 01:32:36 2000
MD5 Checksum:b2093a37c013dad47d3336afc2da99a5

 ///  File Name: VIGILANTE-2000006.txt
Description:
 Vigilante Security Advisory - The OS/2 Warp 4.5 FTP Server contains denial of service vulnerabilities which allow anyone who can connect to port 21 to crash the service. Fix available here.
Author:Vigilante
Homepage:http://www.vigilante.com
File Size:1763
Last Modified:Aug 16 00:48:42 2000
MD5 Checksum:076354db31d3da7d9ef4e70cab192a03

 ///  File Name: VIGILANTE-2000005.txt
Description:
 Vigilante Security Advisory - Watchguard Firebox Authentication dos vulnerability. Sending a malformed URL to tcp port 4100 causes Watchguard to shut down and require a reboot to restart. Fix available here.
Author:Vigilante
Homepage:http://www.vigilante.com
File Size:2090
Last Modified:Aug 16 00:44:08 2000
MD5 Checksum:3f541d31e07cd77684a3542ad46821b9

 ///  File Name: lyris.3-4.txt
Description:
 Versions 3 and 4 of the Lyris List Manager allow any mailing list subscriber to gain access to the administrative interface of that list by changing a form before submitting it. Fix available here.
Author:Adam Hupp courtesy of Bugtraq.
File Size:721
Last Modified:Aug 15 07:22:23 2000
MD5 Checksum:a9644285ccce803fd21a6ecad931c843

 ///  File Name: form-totaller.txt
Description:
 Form-Totaller version 1.0 (form-totaller.cgi) trusts user input for filenames, allowing a remote user to read any file on the webserver.
Author:Signal 9
File Size:1879
Last Modified:Aug 14 22:29:59 2000
MD5 Checksum:c176fa3885dae24832840fa6cf24539d

 ///  File Name: everythingform.txt
Description:
 The Everything Form (everythingform.cgi) contains remote vulnerabilities which allow any file on the sytem to be read.
Author:Signal 9
File Size:1850
Last Modified:Aug 14 22:25:42 2000
MD5 Checksum:886d2b5c72aae75767b040e22b3bbd9f

 ///  File Name: wais.pl.advisory.txt
Description:
 The wais.pl CGI written by Tony Sanders provides means to access the waisq WAIS client via the webserver. Waisq contains buffer overflows allowing remote code execution which can be exploited via wais.pl. In addition, files owned by nobody on the webserver can be overwritten with arbitrary content. Includes exploit for Linux/x86.
Author:Scrippie
Homepage:http://www.synnergy.net
File Size:13976
Last Modified:Aug 14 19:36:58 2000
MD5 Checksum:795f85e6d55de6d0878a8c35c77da7a9
 

 ///  Last 10 Files
  1. :· CORE-2009-0727.txt
  2. :· CA20090818-02.txt
  3. :· android-root-20090816.tar.gz
  4. :· vuplayer249m3u-overflow.txt
  5. :· CA20090818-01.txt
  6. :· glsa-200908-10.txt
  7. :· glsa-200908-09.txt
  8. :· asaherpro-disclose.txt
  9. :· traidntup20-sql.txt
  10. :· srm-1.2.10.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· CORE-2009-0727.txt
  2. :· CA20090818-02.txt
  3. :· CA20090818-01.txt
  4. :· glsa-200908-10.txt
  5. :· glsa-200908-09.txt
  6. :· glsa-200908-08.txt
  7. :· glsa-200908-07.txt
  8. :· glsa-200908-06.txt
  9. :· glsa-200908-05.txt
  10. :· MDVSA-2009-205.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· android-root-20090816.tar.gz
  2. :· vuplayer249m3u-overflow.txt
  3. :· asaherpro-disclose.txt
  4. :· traidntup20-sql.txt
  5. :· broid-overflow.txt
  6. :· htmlecs-overflow.txt
  7. :· cfg80211-remote-dos.c
  8. :· phpem-sql.txt
  9. :· videosby-sql.txt
  10. :· arcadempro28-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· srm-1.2.10.tar.gz
  2. :· hyenae-0.31-1.tar.gz
  3. :· trafscrambler-0.2.tgz
  4. :· samhain-2.5.8.tar.gz
  5. :· Ipsbuilder.txt
  6. :· sshdautoban-0.75.tar.bz2
  7. :· xplico-0.5.2.tgz
  8. :· xplico_interface-0.5.2.tgz
  9. :· fiked-0.0.5.tar.bz2
  10. :· silc-server-1.1.17.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· eth0.c
  2. :· clubhack2009-cfp.txt
  3. :· Botan-1.8.6.tgz
  4. :· windows7_firewire_physical_attacks.pdf
  5. :· kiwicon2009-cfp.txt
  6. :· polybin-shellcode.txt
  7. :· killall5-shellcode.txt
  8. :· SecSE2010-cfp.txt
  9. :· shell-lfi.txt
  10. :· tcpip-fragment.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice