what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2002-02-05

lotus.domino.bypass.txt
Posted Feb 5, 2002
Authored by Gabriel Maggiotti | Site qb0x.net

Lotus Domino web server prior to v5.0.9 allows password protected features to be accessed without the password by sending a malformed URL.

tags | exploit, web
SHA-256 | 341aaccaace7b4578c0a8e33e943b60798194133ad005fdf50c6a57861cef67d
NetBSD-SA2001-018.txt.asc
Posted Feb 5, 2002
Site netbsd.org

NetBSD Security Advisory 2001-018 - A remote buffer overflow in BSD derived Line Printer Daemons can lead to a remote root compromise. This vulnerability affects NetBSD current, 1.5, 1.5.1 and 1.5.2.

tags | remote, overflow, root
systems | netbsd, bsd
SHA-256 | b589390a59a8227dbdee0c06ef0e0f5ace6b72b971cd71a9fbf5cd832adc1ed3
NetBSD-SA2001-017.txt.asc
Posted Feb 5, 2002
Site netbsd.org

NetBSD Security Advisory 2001-017 - Sendmail's incorrect command line argument check can lead to a local root privilege compromise. This vulnerability affects all sendmail versions between 8.10.0 to 8.11.5.

tags | local, root
systems | netbsd
SHA-256 | c1d946cc82df64dd75efc0311699d13db94d85dfddc1469a505f55afa5c3f41a
hd_winter_2002.pdf
Posted Feb 5, 2002
Authored by John Thornton, hackersdigest | Site hackersdigest.com

The Winter issue of Hacker's Digest - In this issue: Microsoft The Soup Nazis, Hacker's Digest Focus - The Honeynet Project, Changing Your IP With @Home Service Without the aid of Tech Support, A Mobile Phone ANI Diversion Technique, An Analysis of the RADIUS Authentication Protocol, A Detailed Look Into Prison Phone Systems, Fingerprinting Port 80 Attacks - A look into web server, and web application, attack signatures, Letters!, Windows 2000 and XP Terminal Service IP Address Spoofing, An Insightful Look at the GOVnet Network, iDEFENSE Labs Analyzes Feasibility of Distributed Attacks using SubSeven, Full Disclosure of Vulnerabilities - pros/cons and fake arguments, and Microsoft Passport Account Hijack Attack.

tags | web, spoof, vulnerability, protocol, magazine
systems | windows
SHA-256 | 561b44ae4abba35c92535f6a350886a372fe1938c53b253a8422d394a1ef833f
NetBSD-SA2001-016.txt.asc
Posted Feb 5, 2002
Site netbsd.org

NetBSD Security Advisory 2001-016 - The fts functions are provided for traversing UNIX file hierarchies. The NetBSD fts implementation can be tricked to follow symbolic links and can therefore be abused by local users. All NetBSD releases prior to July 9, 2001 are affected by this vulnerability.

tags | local
systems | netbsd, unix
SHA-256 | f57f124958aad1172bfa011eb3991d0cb4f8265a45e2b79e6e2404b5bb702613
NetBSD-SA2001-015.txt.asc
Posted Feb 5, 2002
Site netbsd.org

NetBSD Security Advisory 2001-015 - Several buffer overflows found in the NetBSD kernel can enable local users to crash the system or gain superuser privileges. This vulnerability affects NetBSD-current, 1.4.*, 1.5, and 1.5.1.

tags | overflow, kernel, local
systems | netbsd
SHA-256 | 4100e22d5d95db64c64e1eea57538c4244bb28b9aa2f17e30a3b540f5f1c60a0
teso-advisory-012.txt
Posted Feb 5, 2002
Authored by teso | Site team-teso.net

TESO Security Advisory - LIDS Linux Intrusion Detection System vulnerability. The "Linux Intrusion Detection System" security patch for the Linux kernel creates a security vulnerability. Exploitation is easy and local users may be able to gain unrestricted root privileges.

tags | kernel, local, root
systems | linux
SHA-256 | 8db59c973f0a09a893a58ab51abf452ad932286369e021ea1f5d4515063ef9d4
NetBSD-SA2001-014.txt.asc
Posted Feb 5, 2002
Site netbsd.org

NetBSD Security Advisory 2001-014 - Dump (/sbin/dump), which is setgid tty, does not drop its privileges correctly and can be used to execute commands with setgid tty privileges by using the RCMD_CMD environment variable. This vulnerability affects the NetBSD-1.4, 1.5, 1.5.1 and current branch.

systems | netbsd
SHA-256 | 529f55f5564a602c83f290e0f3090627ee3a03395e7520f50edb110c86697cf7
NetBSD-SA2001-013.txt.asc
Posted Feb 5, 2002
Site netbsd.org

NetBSD Security Advisory 2001-013 - The OpenSSL libcrypto includes a PRNG (pseudo random number generator) implementation. The logic used for PRNG was not strong enough, and allows attackers to guess the internal state of the PRNG. Therefore, attackers can predict future PRNG output. This vulnerability undermines the security level of cryptographic programs such as ssh and pgp.

systems | netbsd
SHA-256 | 264acefa92a1c14959125bb710b0220fa91d956f0c123a93d60a53ec07ffb5b8
NetBSD-SA2001-012.txt.asc
Posted Feb 5, 2002

NetBSD Security Advisory 2001-012 - A remotely exploitable buffer overflow found in BSD derived telnet daemons can be used to execute shell code with root privileges.

tags | overflow, shell, root
systems | netbsd, bsd
SHA-256 | abd588019233fcad4fe67559cd67fe90fa0e9b1db3af226b1c231844e91ea10b
clean-reboot-shellcode.c
Posted Feb 5, 2002
Authored by Zillion | Site safemode.org

Linux x86 shellcode that does a sync(),sync() and then reboot(). Exit() was added in case the previous syscalls fail.

tags | x86, shellcode
systems | linux
SHA-256 | 2a81a00a01fb93b1d0701c442911f09ffe9075a1f32d755a4eefdd63a9c2d8e1
linux-rename.c
Posted Feb 5, 2002
Authored by Zillion | Site safemode.org

Linux x86 shellcode that does a rename() of /bin/motd to /bin/owned.txt.

tags | x86, shellcode
systems | linux
SHA-256 | c08087a9d2b40464bf48bb83e0210b95af5595e13cc818be21c128b45db326ab
reboot-shell.c
Posted Feb 5, 2002
Authored by Zillion | Site safemode.org

Linux x86 shellcode that does a reboot().

tags | x86, shellcode
systems | linux
SHA-256 | a60f971b1b2c77391e3e9d43a47e554227ec63b5cc99a417cf70f5e18f451dc1
execve-tmp-p00p.c
Posted Feb 5, 2002
Authored by Zillion | Site safemode.org

Linux x86 shellcode that does an execve of /bin/sh /tmp/p00p.

tags | x86, shellcode
systems | linux
SHA-256 | a63c3eefd42c563f8c4553b56dde2155a919427d878f9e92c32def321f5074c9
flush-iptables-shell.c
Posted Feb 5, 2002
Authored by Zillion | Site safemode.org

Linux x86 shellcode that does an execve() of /sbin/iptables -F in order to flush activated firewall rules.

tags | x86, shellcode
systems | linux
SHA-256 | 3ce24c6dbb6a4441745c8a1f8f94109161f80d7f25a9e6b22f721f5a034324f1
flush-ipchains-shellcode.c
Posted Feb 5, 2002
Authored by Zillion | Site safemode.org

Linux x86 shell code that does an execve of /sbin/ipchains -F.

tags | shell, x86, shellcode
systems | linux
SHA-256 | cb1122033c6453ca6dd2cd7f3f957f12101d952a92e4069803880036c606f53f
w000t-shell.c
Posted Feb 5, 2002
Authored by Zillion

Linux x86 shellcode that uses execve and echo >> to create a passwordless root account.

tags | x86, root, shellcode
systems | linux
SHA-256 | 476110f24a8fc0d9904743658a7ce6ad2d312ef90df05c1145c481107d84bbd9
shell-mkdir.c
Posted Feb 5, 2002
Authored by Zillion

Linux/x86 shell code that creates the directory 'hacked' (perm 755) using the mkdir() syscall and then does an exit().

tags | shell, x86, shellcode
systems | linux
SHA-256 | a47f49596e69b77ee0502080bd57ac9b793baacb34f6573d5f3f9cc5492e6a0e
wavestumbler-1.0.4.tar.gz
Posted Feb 5, 2002
Authored by Patrik Karlsson | Site cqure.net

WaveStumbler is console based 802.11 network mapper for Linux and supports WEP, ESSID, MAC and more. This package includes a kernel patch (for the wireless nic drivers) which can be applied to the linux-2.4.17 sources and a program called wavestumbler. The program interacts with the patched network drivers to map wireless networks.

tags | tool, kernel, wireless
systems | linux
SHA-256 | 4194bbebe1197ab17393b9b111e5d57f13bd75d916018ecb3a297a88c41dc29c
lcrzo-4.04-src.tgz
Posted Feb 5, 2002
Authored by Laurent Constantin | Site laurentconstantin.com

Lcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex. Windows binaries available here.

Changes: Bugs fixed! Added support for Intel Itanium 64.
tags | udp, spoof, tcp, protocol, library
systems | linux, windows, solaris, freebsd
SHA-256 | f443f1d9b7abac16c75c966c36d01bb92f9ec557d4f39faa05424be913b9c16c
lotus-domino-dos.txt
Posted Feb 5, 2002
Authored by Peter Grundl

Lotus Domino Webserver prior to 5.0.9a on Windows 2000 contains two remote denial of service vulnerabilities which use up all 400 threads.

tags | remote, denial of service, vulnerability
systems | windows
SHA-256 | 74494345d0050afcc9a1b76fbcc1eae4b85b26f913bb9c3d397a1db280296da0
tac_plus.txt
Posted Feb 5, 2002
Authored by Kevin A. Nassery

Tac_plus, an example and unsupported TACACS+ server developed by Cisco, insecurely creates files.

systems | cisco
SHA-256 | 532a9bd3767e46f9487ba52861cdc19f03fea4cfcaee4c0ab3e495d23800007b
gps-0.9.0.tar.gz
Posted Feb 5, 2002
Authored by Whitehat | Site gps.sourceforge.net

Ghost Port Scan is an advanced port scanner and a firewall rule disclosure tool. Uses IP & ARP spoofing, sniffing, stealth scanning, arp poisoning, IP fragmentation, and other techniques to perform stealth and untrackable information collection. GPS is especially efficient in LAN pen-testing, due to its ability to disclose the firewall settings of a host.

Changes: New improved architecture, support for UDP scans, lots of optimizations, faster scan speed, and is more portable.
tags | tool, scanner, spoof
systems | unix
SHA-256 | c7eeeebfed1c96b5e22ed6bd2226f760000b02e06e756a703ac9d728185914b4
ethereal-0.9.1.tar.gz
Posted Feb 5, 2002
Authored by Gerald Combs | Site ethereal.com

Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.

Changes: You can now build display filters on the fly by right-clicking on tree view items. New dissectors include DHCPv6, DLSw, IAPP, SCSI, SPOOLSS RPC, SliMP3, and TSP. Lots more were updated, including AIM, LDAP, NFS, syslog, and TCP.
tags | tool, sniffer, protocol
systems | unix
SHA-256 | 16eb5ad46c842a7752d6e116340f75b6c1c60d3a94f409757e295bf8a671a5bb
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close