what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 42 RSS Feed

Files Date: 2000-05-17 to 2000-05-18

netopia.advisory.r9100
Posted May 17, 2000
Authored by Steve Friedl

The Netopia R9100 permits a user not authorized with a special security password to neverthless modify the SNMP community strings, including enabling SNMP access that should be disabled.

tags | exploit
SHA-256 | 3168f68634d059aaa9ea3f13c15e52e139e10b5ab83eef2a37fba5ca881c8d62
lids-0.9.4-2.2.15.tar.gz
Posted May 17, 2000
Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: Additional checking is done when adding acls, fixes when the kernel is reading lids.conf, fixes for inherit and no_inherit flags, and fixes for lidsadm.
tags | kernel, root
systems | linux
SHA-256 | e1a309b1d4ba5f70b379ec1c9f7df7feac42c3e88f93cca4acce45e095801be6
preventing.worms
Posted May 17, 2000
Authored by Woody Thrower, Stan Burnett, Gary Wahlquist | Site www2.axent.com

Prevent Current and Future E-Mail Worms.

tags | worm
SHA-256 | b1751241071df22894da713215dce7423eeb70171bb6e5eafc67ab315fb54b15
Emurl2.0.windows
Posted May 17, 2000

Users can access the mailbox's content of anybody on the system. They can also steal their POP passwords since Emurl allows you to fetch your POP email from more than one source.

tags | exploit
SHA-256 | 35e647237c0a38d4a34398da868edd6414f0a0f6309e46a65ff713c97f3e4d78
tcpstat-1.2.tar.gz
Posted May 17, 2000
Authored by Paul Herman | Site frenchfries.net

tcpstat reports certain network interface statistics much like vmstat does for system statistics. It gets its information by either monitoring a specific interface, or by reading previously-saved tcpdump data from a file.

Changes: Solaris support, a couple new features and bug fixes.
tags | tool
systems | unix
SHA-256 | 8edb73f6803ede586e25af50372fb27761403ac583b60f92bf382f1121079fb1
Banner.rotating
Posted May 17, 2000
Authored by Zillion | Site safemode.org

A file called adpassword.txt is world readable as it is assigned the wrong permissions. This will allow a malicious attacker to read the contents of the file, to crack the DES encrypted password it contains (using a common-or-garden password cracker), and to edit banner entries,to add or to remove banners.

tags | exploit
SHA-256 | 6c3ff8a442e1d2635cfd0603a063047b2989029691b11b442d5c9cce20f68a72
DoS-CProxyv3.3
Posted May 17, 2000
Authored by TDP

Remote Denial of Service for CProxy v3.3 - Service Pack 2. This program xploits an overflow vulnerability in CProxy 3.3 SP2 HTTP Service (8080), causing server shutdown.

tags | exploit, remote, web, denial of service, overflow
SHA-256 | 414890f4eae14551c1d605e97ecea325b12eead335724787e3754a807c6e5230
cisco760.c
Posted May 17, 2000
Authored by Tiz.Telesup

Cisco 760 Series Connection Overflow. Affected Systems: Routers Cisco 760 Series. Others not tested.

tags | exploit, overflow
systems | cisco
SHA-256 | 49c9851a414a339e8fb03b576ee74281497581f96f35f25c614707a6294d572a
calendar.pl.vuln
Posted May 17, 2000
Authored by Suid | Site suid.kg

Remote users can execute arbitrary commands on the web server with the priviledge level of the httpd process.

tags | exploit, remote, web, arbitrary
SHA-256 | 7e8843302cd134bdc683267eeed64db268f619dcb7483ba80947f7f20d7713d0
cisco.00-05-14.http
Posted May 17, 2000
Site cisco.com

A defect in multiple releases of Cisco IOS software will cause a Cisco router or switch to halt and reload if the IOS HTTP service is enabled and browsing to "http://<router-ip>/%%" is attempted. This defect can be exploited to produce a denial of service (DoS) attack. This defect has been discussed on public mailing lists and should be considered public information.

tags | exploit, web, denial of service
systems | cisco
SHA-256 | 06968d61e8af1b8d044e7641ad890947a953133f8a4264e14082028a3cc839c8
sses-sshauth.txt
Posted May 17, 2000
Site sses.net

A vulnerable secure shell distribution is available from the popular Zedz Consultants FTP site (formally known as replay.com). The RedHat Linux RPM ssh-1.2.27-8i.src.rpm contains a PAM patch which contains faulty logic allowing users to essentially pass through the username/password authentication step and gain shell access.

tags | exploit, shell
systems | linux, redhat
SHA-256 | b57e79520315127b620ca4b51d6c7b231203c8de9f7862f0c36dadb45cea51a3
ACROS-2000-04-06-1-PUB
Posted May 17, 2000
Site acros.si

Bypassing Warnings For Invalid SSL Certificates In Netscape Navigator.

tags | exploit
SHA-256 | 08d9a04187e702e38f43d13b65214f58dbce9985e976ef91593cde3c9be2e08a
nolove.mz
Posted May 17, 2000
Authored by Michal Zalewski

"I don't think I really love you" or writing internet worms for fun and profit.

tags | worm
SHA-256 | d21298d8550cdb1dce8b32a0ad6a565a74adfde66a4bcb0a08045abe78644dd4
lpset.overflow
Posted May 17, 2000
Authored by Tim Newsham

Here's an overflow exploit that works on a non-exec stack on x86 boxes. It demonstrates how it is possible to thread together several libc calls.

tags | exploit, overflow, x86
SHA-256 | 3238065018d8cc59f08614d088172be8ae759fa0a29334aa5cf53f44f305b996
nhc.20000504a.0
Posted May 17, 2000

New Hack City Advisory 20000504a.0 - It is possible to cause a kernel panic on systems running NetBSD by sending a packet remotely with an unaligned IP Timestamp option.

tags | kernel
systems | netbsd
SHA-256 | 80e0199697da1cca26b1bb88f5a8cab6e589a0d7ef89ab3b7ca94c90b255199e
netbsd.2000-002.dos
Posted May 17, 2000

Receipt of IP packets with certain sequences of malformed IP options can cause an unaligned access in kernel mode (on many architectures), or data corruption, resulting in a panic or other problems.

tags | denial of service, kernel
systems | netbsd
SHA-256 | f8cef208a1f568ebde931884c1fb940cb0522fa38fe3d9ecf2661a0913573333
windows2k.iss
Posted May 17, 2000
Authored by Frankie Zie

There is a security problem with shtml.exe that allows anyone to explore the local path of IIS web server.

tags | exploit, web, local
SHA-256 | a81fefb3352747deb54240fa5b25c5a5809579acbd6503684344b867038b8d8f
DoS.cayman
Posted May 17, 2000
Authored by Cassius

Simple DOS attack against Cayman 3220-H DSL Router. Large username or password strings sent to the Cayman HTTP admin interface restart the router. Router log will show "restart not in response to admin command".

tags | exploit, web
SHA-256 | 3ae878f8c7a9b943309036f7465bd350a17e5d03e16ce1406143f4bf73085af0
CISADV000505.txt
Posted May 17, 2000
Authored by Mark Litchfield | Site cerberus-infosec.co.uk

Cerberus Information Security Advisory (CISADV000505) - The Cerberus Security Team has found a remotely exploitable buffer overrun in Netwin's (http://netwinsite.com) DNewsWeb (dnewsweb/dnewsweb.exe v5.3e1), CGI program designed to give access to NNTP services over the world wide web. By supplying a specially formed QUERY_STRING to the program a buffer is overflowed allowing execution of arbitrary code compromising the web server.

tags | exploit, web, overflow, arbitrary, cgi
SHA-256 | 6f72b6f4d384bdcf7670e19301cef27ef2e199ac7ae94fecc8d11621cfa61f7b
nai.00-05-04.trendmicro
Posted May 17, 2000
Site nai.com

Network Associates, Inc. COVERT Labs Security Advisory - An implementation flaw in the InterScan VirusWall SMTP gateway allows a remote attacker to execute code with the privileges of the daemon.

tags | exploit, remote
SHA-256 | 9b36112a1cd5cd874728fcf15c819f8bfd56941ce60048b6bc3d056dd9fd35f2
CISADV000504.txt
Posted May 17, 2000
Authored by David Litchfield | Site cerberus-infosec.co.uk

Cerberus Information Security Advisory (CISADV000504) - The Cerberus Security Team has found a remotely exploitable buffer overrun in Netwin's (http://netwinsite.com) DMailWeb (dmailweb/dmailweb.exe v2.5d), CGI program designed to give access to a user's SMTP and POP3 server over the world wide web. By supplying a specially formed QUERY_STRING to the program a buffer is overflowed allowing execution of arbitrary code compromising the web server.

tags | exploit, web, overflow, arbitrary, cgi
SHA-256 | 47a0edd015b1f01cce3d508c12cc5b2cf7330ba998a12a9c7aaf7acfd187723d
pdscanner-0.99.0.tar.gz
Posted May 17, 2000
Authored by Scott G | Site maul.viptx.net

PDscanner is a UNIX based graphical port scanner which uses GNOME. Screen shot available here.

tags | tool, scanner
systems | unix
SHA-256 | 3f2ecbb1ce380d5b44435312894e4e59f0f3c8111f6d6b5a3d98741d040404c4
CISADV000503.txt
Posted May 17, 2000
Authored by David Litchfield | Site cerberus-infosec.co.uk

Cerberus Information Security Advisory (CISADV000503) - The Cerberus Security Team has found a remotely exploitable buffer overrun in Lsoft's (www.lsoft.com) Listserv Web Archive component (wa/wa.exe v1.8d - this is the most recent version.

tags | exploit, web, overflow
SHA-256 | 17136805bc3f264e963bf55df3a44d6c7550f0c96ca7a5a74efedb9e27ff8deb
vtun-2.2.tar.gz
Posted May 17, 2000
Authored by Maxim Krasnyansky | Site vtun.sourceforge.net

VTun is the easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, and encryption. It is a user space implementation and doesn't need modification of any kernel parts. VTun supports IP, PPP, SLIP, Ethernet, and other tunnel types. VTun is easily and highly configurable; it can be used for various network tasks like VPN, Mobil IP, Shaped Internet access, Ethernet tunnel, IP address saving, etc.

Changes: Support for the new OpenBSD tun driver, improved generic tun driver support, documentation updates and bug fixes.
tags | tool, kernel, tcp, firewall
systems | unix
SHA-256 | 87061e15da3e6caab168e44e5ab699a18a33ae035d756355cdefc53e05292f6a
arping-0.2.tar.bz2
Posted May 17, 2000
Authored by Marvin | Site habets.pp.se

Arping is an arp level ping utility which broadcasts a who-has ARP packet on the network and prints answers. Very useful when you are trying to pick an unused IP for a net that you don't yet have routing to.

tags | tool
systems | unix
SHA-256 | a80814949540d623f923dcf26ca26da715bdc22860946f46a9fe9e8f9149c28a
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close