what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2001-02-02

defcom.easycom.txt
Posted Feb 2, 2001
Authored by Defcom Labs | Site defcom.com

Defcom Labs Advisory def-2001-06 - The Easycom/Safecom print server from I-Data International contains multiple vulnerabilities that allow a malicious user to bring down the print server. Execution of arbitrary code is also possible. Tested against Easycom/Safecom, firmware v404.590.

tags | exploit, arbitrary, vulnerability
SHA-256 | d22d8ee0925169a7a2b0a8f0219d7d8ba6ec919d7f13cb955973d4c2a20942ee
frel-1.0.beta.tgz
Posted Feb 2, 2001

Frel-1.0 is a modified version of fragrouter, used to evade NIDS. The frag proxy can run on the same machine as the attacker. It can also run in partial takeover mode, so that the fragmented attack stream seems to be coming from another active machine on the same physical subnet. The neighbor machine runs normally except for the ports being used by attacker. Mods by Lorgor

tags | exploit
SHA-256 | 3ce2bd68b9e2c26ebb95e921e451a302f1fc2d38d553446e801d9ffa8b41bcb3
defcom.netscape-fasttrack.txt
Posted Feb 2, 2001
Authored by Defcom Labs | Site defcom.com

Defcom Labs Advisory def-2001-05 - Netscape Fasttrack Server 4.1 for Windows NT 4.0 has problems with its caching module. The problem can result in remote users consuming all the server memory and causing the server to perform very sluggishly.

tags | exploit, remote
systems | windows
SHA-256 | ca08e2925071628845b708a73a9352fb7f6254f780bc277635749cdf7755c9bc
defcom.netscape-enterprise.txt
Posted Feb 2, 2001
Authored by Defcom Labs | Site defcom.com

Defcom Labs Advisory def-2001-04 - The Netscape Enterprise Server 4.1, SP5 has a problem dealing with dotdot-URLs which allows remote users to crash the server.

tags | exploit, remote
SHA-256 | 768d61483abe30a51ab1cd66b87cfae17257c72ec3296e35a6747a6f502c5357
defcom.goodtech.ftp.txt
Posted Feb 2, 2001
Authored by Defcom Labs | Site defcom.com

Defcom Labs Advisory def-2001-03 - The GoodTech FTP server v3.0.1.2.1.0 does not properly free resources. This can result in the FTP server either crashing or displaying its banner and immediately disconnecting the user.

tags | exploit
SHA-256 | c21918a2c02a00334025bd3b621aa2fae135833c0f0c2652ea547b1c483be300
debian.jazip.txt
Posted Feb 2, 2001
Site debian.org

Debian Security Advisory DSA-017-1 - With older versions of jazip a user could gain root access for members of the floppy group to the local machine. The interface doesn't run as root anymore and this very exploit was prevented. The program now also truncates DISPLAY to 256 characters if it is bigger, which closes the buffer overflow (within xforms).

tags | overflow, local, root
systems | linux, debian
SHA-256 | 004ee072cb6d49b2cf80703984758709a094a0c74519c0c5310e8f243e3969fb
RHSA-2001:003-07.mysql
Posted Feb 2, 2001
Site redhat.com

Red Hat Security Advisory RHSA-2001:003-07 - The MySQL database that shipped with Red Hat Linux 7 and the updates for it have been reported by the MySQL authors to have remote security problems.

tags | remote
systems | linux, redhat
SHA-256 | a0144be31b562e97acf32766b5a13bde7e12fac4482da39f4e8b8096cf33ce43
debian.splitvt.txt
Posted Feb 2, 2001
Site debian.org

Debian Security Advisory DSA-014-1 - Splitvt prior to v1.6.5 contains format string vulnerabilities in the -rcfile command line flag, allowing local users to gain access to the tty group.

tags | local, vulnerability
systems | linux, debian
SHA-256 | d940846ee19c1a5b4a9100e965a24819cf6e930fa122210f06a1922f10c02648
debian.wuftpd.txt
Posted Feb 2, 2001
Site debian.org

Debian Security Advisory DSA-016-3 - Security people at WireX have noticed a temp file creation bug and the WU-FTPD development team has found a possible format string bug in wu-ftpd. Both could be remotely exploited.

systems | linux, debian
SHA-256 | e613e2b71abb5721f9de17772038eebb45f58165354a689e60ab630995570812
nmlog0.7b.tar.gz
Posted Feb 2, 2001
Authored by Yuri A. Kabaenkov | Site null.void.ru

Nmlog is a nmap log parser which parses nmap log (users output) to html page. Include option to not show ports in state 'closed' and to show owner of the subnet and subnet size.

tags | tool, nmap
systems | unix
SHA-256 | c1a2b69e221ee93c7e662bdea2c1c1fac769afb93cfca0ff5e1bd4b922e03d47
safer.010125.EXP.1.12
Posted Feb 2, 2001
Authored by Vanja Hrustic, Fyodor Yarochkin, Thomas Dullien, Emmanuel Gadaix | Site safermag.com

S.A.F.E.R. Security Bulletin 010125.EXP.1.12 - PlanetIntra v2.5 contains remotely exploitable buffer overflows which allow remote users to execute arbitrary code.

tags | remote, overflow, arbitrary
SHA-256 | cf9c81ddaf92dbb20861625b99920ff35b98a886458c109b0340d8f647226a3f
Defeating NetZero
Posted Feb 2, 2001
Authored by Kamikaze | Site geocities.com

How to Defeat NetZero's 40 hour limit by changing a registry key.

tags | paper, registry
SHA-256 | 7f763e182ad0ee27499c4434a8253f180afda1de13123b843e942ad079185d85
pkc004.txt
Posted Feb 2, 2001
Authored by Cyrax | Site pkcrew.org

PKC Security Advisory #4 - Icecast v1.3.8beta2 and prior contains remotely exploitable format string bugs which allow remote code execution with the UID/GID of the user running Icecast. Includes PKCicecast-ex.c, a remote proof of concept exploit tested against Icecast 1.3.7 on Slackware 7.0 and RedHat 7.0.

tags | exploit, remote, code execution, proof of concept
systems | linux, redhat, slackware
SHA-256 | e62ac68d8ec2c2f6b273d6ca02cdbad6ee67e699ea9de3f5912684ee7cded816
pkc003.txt
Posted Feb 2, 2001
Authored by The Recidjvo | Site pkcrew.org

PKC Security Advisory #3 - Micq-0.4.6 contains remotely exploitable buffer overflows which allow running arbitrary code with the UID/GID of the user running micq. Includes micRAq.c, linux/x86 proof of concept exploit.

tags | exploit, overflow, arbitrary, x86, proof of concept
systems | linux
SHA-256 | bdeafc53f03fcf3d7fe4fc162d02cad42920f5cca6a62418729e5e987cf1fc0b
pkc002.txt
Posted Feb 2, 2001
Authored by Cyrax | Site pkcrew.org

PKC Security Advisory #2 - Tinyproxy version 1.3.2 and 1.3.3 has a remotely exploitable heap overflow. Includes PKCtiny-ex.c proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | 9b8487ab46c56a3677f0fd0b25a30f2774de4f0c100682bc5073cbf203ced5eb
pkc001.txt
Posted Feb 2, 2001
Authored by Cyrax | Site pkcrew.org

PKC Security Advisory #1 - The Oops proxy server 1.4.22, 1.4.6, and prior contain a remotely exploitable heap overflow. Includes PKCoops-ex.c, a proof of concept exploit tested on Slackware 7.0.

tags | exploit, overflow, proof of concept
systems | linux, slackware
SHA-256 | ae3fafa2ad77d388455f7d4a62b70e29166ee80961292f51d7b357fd31195cf2
bsdfpf.tar.gz
Posted Feb 2, 2001
Authored by cthulhu | Site pkcrew.org

BSD FingerPrintFucker is kld for Freebsd which changes the tcp/ip stack in order to emulate other OS's against tcp/ip fingerprinting.

tags | tcp
systems | unix, freebsd, bsd
SHA-256 | 1eb05bd3a9e71e60138d7d25f22391996dba4ab59dd9157bff76cf07d93e809d
bounce.c
Posted Feb 2, 2001
Authored by Marco Ivaldi | Site antifork.org

Bounce.c is a simple program to connect TCP ports. Use it just as a telnet-like client and send a SIGINT to make it sit on the background and open the specified port on localhost. Then you can connect on this local port and resume the interrupted session, data-piped.

tags | local, tcp
systems | unix
SHA-256 | 8c61637268c0eaba97793ac36c9f2ae4cd64864567fcb6940196fbcefadb28f6
toshiba-BIOS-backdoor.zip
Posted Feb 2, 2001
Authored by Maze

Assembly source & binary bypassing the BIOS password of a Toshiba Notebook, all models, as described in toshiba-keydisk.txt.

tags | cracker
SHA-256 | 4a0af277097be14106310930bd212edb5cc3ee66c22384b445759fe31d1fd220
RHSA-2001:006-03.inetd
Posted Feb 2, 2001
Site redhat.com

Red Hat Security Advisory RHSA-2001:006-03 - The inetd server as shipped with Red Hat Linux 6.2 fails to close sockets for internal services properly, causing services to stop working when the system had leaked sufficient resources.

systems | linux, redhat
SHA-256 | 26ee89e77c1225e310e1167144b7338d1c66d1e87cb314ea3f258ab54769f139
ms01-005
Posted Feb 2, 2001

Microsoft Security Advisory ms00-005 - Windows 2000 Post Service Pack 1 hotfixes made available through December 18, 2000 can cause Windows File Protection to remove a valid hotfix from a system. If the hotfixes were added in a certain order, a customer's system reverts to a version of a Windows 2000 module that contains security vulnerabilities. Microsoft FAQ on this issue available here.

tags | vulnerability
systems | windows
SHA-256 | 25ef87b72e33cdf7175418c49eb3aee6c42eaaa4e438be678d65482ba6922c34
suse.bind8.txt
Posted Feb 2, 2001
Site suse.de

SuSE Security Announcement - bind-8.x in all versions of the SuSE distributions contain a bug in the transaction signature handling code that can allow to remotely overflow a buffer and thereby execute arbitrary code as the user running the nameserver (this is user named by default on SuSE systems). In addition to this bug, another problem allows for a remote attacker to collect information about the running bind process.

tags | remote, overflow, arbitrary
systems | linux, suse
SHA-256 | 936e9eac95883f538ebdb55426ee35ddc9ab5a894a3dc1e711de8a4395b6c9e2
ms01-006
Posted Feb 2, 2001

Microsoft Security Advisory MS01-006 - The implementation of the Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not correctly handle a particular series of data packets, allowing remote attackers to crash the server via tcp port 3389. Microsoft FAQ on this issue available here.

tags | remote, tcp, protocol
systems | windows
SHA-256 | 205efd9aed64533ded1e973cad6dfa522182347483a5f8df80bc4686e920a617
pyros1.5-Full.tar.gz
Posted Feb 2, 2001
Authored by Sector-X | Site atrix.cjb.net

Pyros is an attack tool designed to run under Trinux distribution which gathers together several dos attack tools.

tags | denial of service
SHA-256 | 9ed890c9f4b21f2b4bdae0d6d797e63e0aa0346ed6b108c1e4fe1ef19ef579e3
tcpip_lib3.zip
Posted Feb 2, 2001
Authored by Barak Weichselbaum | Site komodia.com

Tcpip_lib V3 is a library for Windows 2000 which allows constructing IP's, IP spoofing, attacks, and more. It uses sockets 2 and opens up a raw socket, allowing you to send raw IP headers, do IP spoofing, and play with the nuts and bolts of networking protocols.

Changes: Redesigned most of the OOD, added more functionality and samples. (traceroute,ping,sniffer,ipconfig,TCP server, UDP server, Stealth TCP scanner, UDP scanner), all the samples comes with a complete source code.
tags | spoof, protocol
systems | windows
SHA-256 | 9319d57bca9d9a158d419793bfced89ea59bffc1885fada4649bd78f60fcc82f
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close