Hextodec.java is a simple hex ip to dec ip converter which can be useful for many things, among them is finding the ips of users on java chats similar to the one on www.ircnet.com.
b5b882ab25a1150a4d183e519a87dd5f9c1b71feb6698daacae9fed65245966bFreeBSD Security Advisory FreeBSD-SA-03:02 Version 1.1 - OpenSSL v0.9.6h and below contains a timing-based vulnerability in CBC ciphersuites in SSL and TLS which can recover fixed plaintext blocks, like a password.
7634649866247240fdacffa5096769ff57f23a2bb2ad63558ba33b0f1213c8dbMacstumber is an application for Mac OS X which scans and detects wireless networks using an Airport card. No driver installation needed.
77093352f128ba6601b815aab93df2e88fd369894e507628a9afeae016df61faFreeBSD Security Advisory FreeBSD-SA-03:03 - The FreeBSD syncookie implementation uses keys that are only 32 bits in length, allowing remote attackers to recover the ISN, which can be valid for up to four seconds, allowing ACL's to be bypassed and TCP connections forged. syncookies may be disabled using the 'net.inet.tcp.syncookies' sysctl(8) by running the following command as root: "sysctl net.inet.tcp.syncookies=0".
f1a19443f25751c44cb233a1222d580467975bb2b27cfee7560380c7d12c6f71Linux x86 shellcode, 41 bytes. Does a setresuid(0,0,0); execve /bin/sh; exit;.
98952e5990d418491e730aefa55ce16c1cb00bfc01b9bb1a64fba9f1234999b4Sircd v0.4.0 and below and v0.4.4 from CVS before 04/02-03 contains buffer overflow vulnerabilities which allow remote users to execute arbitrary code. Exploit available here.
e6cd4e6b3ed5a50f2058983327655cd6782b4cf9f1554404cf8127b30d18f04cMoxftp v2.2 and below contains buffer overflow vulnerabilities which allow remote code execution. Includes exploit code which sends a shell.
54be2adad039f538737f860941fe34b2b93d3ad224244b1cd758a91759d8f841KRIPP is a simple and light-weight network passwords sniffer written in Perl, which uses tcpdump to intercept traffic. Can sniff and display ICQ, FTP and POP3 passwords.
c00c1dd1deea2ecb607c30e4694de7f76962b0645febd987e69de4dc19239a6dA timing based attack has been discovered in OpenSSL v0.9.6h and below which allows SSL/TLS encrypted passwords to be recovered by analyzing the timing of the responses to invalid plaintext.
b1ed1ca04af4fe1e6f92f49d5e3c992d946702a52d11817f84b2a60f0ab85f2eHPUX local buffer overflow exploit for stmkfont which attempts to spawn a gid=bin shell. Tested on HPUX B11.11.
cb3cda59c47ee977fe8004ec47bb58b34e2ca538f7e6f2573d4b7e8b6ebd05b3Remote CGI exploit for Cpanel 5 in perl.
c864b0f0ff7784fee33ce3195ab44af772d87e433277a615d8f1501004dd408eCartoon.c converts ELF binaries to shellcode.
edd78f7120b523d108f4d89712bdfa6ff4f779d5ffcd02a305d0915f7798d3e3This paper investigates combining Misuse and Anomaly based IDS into one system. Misuse detection consists of defining malicious network traffic and monitoring for it. Anomaly detection consists of defining normal or typical network traffic and then detecting anything else. The perl source code for a prototype NIDS is included (requires TCPDump).
11979759e8cc51327726d9093cf27a33ea30c7326a3a1af9c7df46940e61c1fcSecurity Corporation Security Advisory [SCSA-005]: Proxomitron Universal Web Filter, version 4.4 and below, is vulnerable to a denial of service when being given a parameter over the length of 1024 bytes.
f88a50da4c3cc775d3517f57fcc25525d5375f35ea97d33b6ce9d470135ba850Coding a TCP Connect Port Scanner Using VLSM - Handbook three in a series. An in-depth beginners tutorial written to explain incorporation of VLSM and CIDR capabilities into a network scanner.
37beb0c660c6d22bad13b4a8d700e977e49e7010171643b7a25dbf35c1cb6012CERT Advisory CA-2003-06 - Numerous vulnerabilities have been reported in multiple vendor implementations of the Session Initiation Protocol, or SIP, which may allow an attacker to gain unauthorized privileged access, cause denial-of-service attacks, or cause unstable system behavior.
92239b658525dff1c27f48b457af32ebc807d65b174c7082d08fb4a6bf2a2743CERT Advisory CA-2003-05 - Systems running Oracle8 Database v 8.0.6, 8.1.7, Oracle9i Database (Release 1 and 2), and Oracle9i Application Server (Release 9.0.2 and 9.0.3) contain multiple remote vulnerabilities which can lead to the execution of arbitrary code, allow users to modify database records, or cause a denial of service, breaking the database.
04154bd5e08374b34f8d73fc2f8574a7028fe99b031c5c78ae866b696bdb989eCpanel 5 and below remote exploit which allows users to view any file or execute remote commands due to an insecure open call in guestbook.cgi. Local root vulnerabilities also exist.
872dc79f37bab68ceed000840eafddb4a2ece4fdb910242de487ea4a95d25073Nethack v3.4.0 local buffer overflow exploit which spawns a shell as uid=games. Runs /usr/games/lib/nethackdir/nethack.
d36c9676766104ed6f0e30024d355ec827f58589e60d86e963361827c6ef5db0Cpanel + Openwebmail local root exploit in perl which affects Cpanel 5 and below. Attempts to copy a suid root zsh into /tmp by exploiting /usr/local/cpanel/base/openwebmail/oom.
b8529d38cfef755d74cff0d812d2ae5a837fb4a77d433c676607eab5980c5ef1PHP Security Advisory - PHP 4.3.0 contains a bug that allows direct access to the PHP binary via the CGI SAPI which allows remote attackers to trick the server into executing arbitrary PHP code. PHP 4.3.1 fixes the vulnerability.
21cbf19fe4a85a2248c6ff1bd76047da3c8253975dfcee6e5099cbb61651d08aBisonFTP v4r2 is a FTP daemon used on Microsoft Windows 9x/NT systems which has a remote denial of service vulnerability if sent long FTP commands, and can be tricked into revealing information about files outside the ftp root. It's not possible to get in contact with the people at https://www.bisonftp.com anymore. I guess a new version will never be released.
4787f651afaf0dc5c002b1ae7fb801b816220ee83fcb6ed6d91fbd0895b33bf9Parameter validation bugs exist in Emumail v5.x which allow remote denial of service and allow remote users to view any account history.
cec95ac394f94a6a107b3b73afcbbd0745d9caee836bd489e7c7cee5e292d689Gobbler is a tool designed to audit various aspects of DHCP networks, from detecting if DHCP is running on a network to performing a denial of service attack. Gobbler also exploits DHCP and ethernet, to allow distributed spoofed port scanning with the added bonus of being able to sniff the reply from a spoofed host. This tool is based on proof of concept code "DHCP Gobbler" available from networkpenetration.com and the DHCP flaws paper.
e67b7b0aaba893b9e0f5b0ff284ff00dc90a09e9061ead2c895a3ad085d770d8BisonFTP v4.r2 remote denial of service exploit in perl. Tested against Windows 98.
97d8de62192a0625ac18734043ac9b63b6773448e623ae0e3bef47baf8a7cf53
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed