Deffybomb v0.7.1 is a demonstration of a perl mailbomber featuring random name, e-mail address, subject, x-mailer, based on specific relationship variables, for *nix systems.
55872aea6b489e56facfd95ac54443de399c7d89fe6c4bb82daf0e7a968c5adeypk.tar.gz exploits the remote root sunos 4.1.3 ypupdated / keyserv vulnerability.
4c7783ed2a86bc488df0ca142c05ef885da86df6abf7835bf1fb963477f4a288TESO Security Advisory #9 - BinTec router security and privacy weakness. By using SNMP brute-force-techniques for SNMP community-names one is able to remotely gain the management accounts passwords, which are the same as the SNMP community names. Additionally the MIB-Tree holds security related information which should not be accessible through read-only/SNMP. These routers also offer services which can be abused rather easily, like dialing out and getting full line access via a CAPI interface, or a debugging interface which gives you all information which is sent over the BRI-lines.
1e4c21598191f4df1d64c9019b1d5c2ae2c88d693bdec2cd20552f3e94bb6c36Exploit information for the "Virtualized UNC Share" problem talked about in MS00-019 which yeilds the source of .asp's.
95fa2946c47ff7913a1492a8b887bb7d64476444f8a22f608baa88cefaf77142MindTerm is a complete ssh-client in pure java. It can be used either as a standalone java-application or as a java- applet. The source-code is freely available (GPL). Three packages of importance are provided, terminal, ssh, and security. The terminal package is a rather complete vt102/xterm-terminal. The ssh-package contains the ssh- protocol and also "drop-in" socket replacements to use ssh- tunnels transparently from a java application/applet. It also contains functionality to realize a ssh-server. Finally the security package contains RSA, DES, 3DES, RC4 and Blowfish ciphers.
7b2ac91d1bd9578c2eef264a4cdd776c1b5f84b36cb4f31b4ab466c58c3211a3MailForm v1.91 for Windows 95 and NT 4.0 allows potentially dangerous parameters to be specified by anyone who can execute it. The web interface allows remote users to execute arbitrary commands. Exploit code included.
ec1657d7a461dfc355e9839059244543b53c114292ec4f73a2596f3a0c87c20cEthereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.
092cf622de3b82f2278042f10579a0b0bbdd9adbdba9000fc1f2060ac48a665ctcpsee is a tcpdump pipe written in C. It converts tcpdump's snarfed hex data to ASCII and has optional ANSI colors.
f87b03b194b80ebfd706405bdb319f02a5f85655b298e77077a0b816a8dcac19This script exploits a vulnerability in the default installation of Caldera OpenLinux 2.3 which allows an attacker to obtain a listing of the packages, and versions of packages installed on this system, allowing an attacker to remotely determine vulnerabilities.
3c7ca0ba908d5de2a6e1fd15fcf8f251ada7f3de55a0e5b71efffc12ecf0816bircii-4.4 exploit - buffer overflow in ircii dcc chat's allows arbitrary code execution. Tested against SuSE 6.x and Redhat.
88d61d34ecad6ea393743dc89f4c5fee39942c513f990ff68ebb277181f1930bQ v2.0 is a client / server backdoor which features remote shell access with strong encryption for root and normal users, and a encrypted on-demand tcp relay/bouncer that supports encrypted sessions with normal clients using the included tunneling daemon. Also has stealth features like activation via raw packets, syslog spoofing, and single on-demand sessions with variable ports.
708411ad4b73a24961baed61737827818d04eda970f7ae85a0b814d5bf7def52LibMix v1.07 is a library that provides an API for various useful functions, including an AES encryption interface, various network front-ends and low level datagram functions, as well as functions for string manipulations and other miscellaneous utility functions. It also includes functions to transmit encrypted data via stateless spoofed datagrams (tfntransmit/tfnread).
81abb26a06a625cf09c0cef212cb1b761809502154a107cc2d39b61ff2b266a2Cerberus Information Security Advisory (CISADV000330) - The Cerberus Security Team has found a third issue with Microsoft's Index Server that affects any web site running Internet Information Server 4 or 5 with Index Server even if the recent Index Server patch has been installed and even if no .htw files exist. These systems are at risk from having the source of ASP pages or other files such as the global.asa being revealed.
16498bff2cc18ac3aa8a8693229ee77d942225f291834076974c5fbdf2c6727aCobalt Networks -- Security Advisory -- 03.31.2000 - RaQ2 and RaQ3 allow remote users to view the contents of an .htaccess file contained within a public website.
c967460eee20155823f669fd7909e40012a863514db5e64df0c4eec2616cf34dFcheck, a file integrity checker written in perl, can be subverted by a malicious user to execute arbitrary commands as root by creating files with shell metacharacters in their names. Version v.2.7.45 and below is vulnerable.
83567f032de695bd283111b491dcedee8d4e9a0f04b62c7ab4cd89cd545afe9d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed