Packet Storm new exploits for May, 2000.
c855b45b4efb3e69651181ff39c4b5e46fb8b715542eaae404ecebef1fa8c2e7wu-scan.c scans for vulnerable wu-ftpd v2.6.0 machines running Redhat 6.2.
1861170cfc4308aeb28bcc2254c1d26054df8ccb29aef0cf6d5b7126179833f4Big Brother up to version 1.4H2 contains a remote vulnerability which allows remote users to create a filename with an arbitrary extension. Since the file is droped into a directory accessible via the web server, any file extension that is parsed server side can be abused and commands can be executed remotely.
771adb86ccd349d820abaebd27a901d8ba6eee6a182b4b57c6b7d29e955e2aebExcel 2000 serious vulnerability - Excel 2000/Windows 98 (other versions too) allows executing programs when opening an Excel Workbook (.xls file). This may be also be exploited thru IE or Outlook. This can easily lead to taking full control over user's computer. Demonstration available here.
00d755a71d377e63143d88bb87001c19403d83540df8f8eecd62246132cfe637WEBactive HTTP Server 1.00 contains a remote denial of service vulnerability.
ca5a37e29e841a8b18f78b3913ad716c1f7d2dbc7b9f677c7884e51fc83856d8Packet Storm new exploits for June, 2000.
b9beb14bb1630d1c47ede46f314307cec981f00cfcfcef042e7f7f4cfe6940cePollit, a cgi application, has a vulnerability which allows remote users to read any file on the system. A URL such as /cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/etc/passwd%00 will spit out /etc/passwd.
cfd0406b5db5817df07a68c68d4111291d8a6ac57433df9dcf9de84feb337952Small HTTP Server v1.212 DoS Proof of Concept Code.
cb4a6809115cfc0604ed1278aa8e9759b0cd0e267d4afcd0f53e2e8e9fc7d4bfwingate.pl is a remote dos exploit for Qbik Wingate 3.0.
daaa900a3a785b81dbfd48e547450217239ac07ddc77f76f757da46713d5e7d9Mailstudio 2000 scanner - Finds vulnerable mailstudio2000 webservers running.
0990728d39596a22fb9137f46248ade4b53621944907f799e76640970f0c8014Exploits ported to Windows with the Cygnus compiler. Includes fuck_them.exe, gdm-exploit.exe, inndx.exe, orgams.exe, portn.exe, rwhokill.exe, tentacle.exe, wingatecrash.exe, and winnuke.exe.
faac7f196fb783d71bf9db8df1fdd3a59d1b4de1279c15ed2ee2681c97906271Malice v2 scans for over 150 cgi vulnerabilities and uses anti-IDS tactics as discussed in RFP's famous whitepaper. Written in perl.
f589f53839581a3b411cc4cf7e9490c78005c1d2451c46e022f3fd6328b68388Pscan3 is a simple tcp port scanner.
929b9403329467a87e7c37f21463a42f40fb36faddfaeb9419647a607144eab9NetWare 5.0 with SP 5 has a remote denial of service vulnerability. By sending random data to tcp port 40193, a buffer is overflowed and the server issues a memory allocation error and eventually crashes.
a178b6c280e61e03ccd96968dc1ad83b3364b0fcf2f974596e38b4209aec1780NetBSD Security Advisory 2000-010 - wu-ftpd versions prior to 2.6.1 contain known security holes which allow unauthorized remote users to gain root access.
cd93cf79b743ebe4c8fadd4db3ac3ba2d12280f7e28999ab3115b93f37840dd2NetBSD Security Advisory 2000-009 - An improper use of the setproctitle() library function by ftpd may allow a malicious remote ftp client to subvert an FTP server, including possibly getting remote root access to a system.
e738d5814b569a7ca3be40277de7b98cd3a21bb900e8613c115bf34d5e3d85c4NetBSD Security Advisory 2000-008 - The DHCP client program, dhclient(8), did not correctly handle DHCP options it receives in DHCP response messages, possibly permitting a rogue dhcp server to send maliciously formed options which resulted in a remote root compromise.
689eb3394762910611c11587282a13367c62d78411f6906114508c189e19670eSecurity Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
4fd49bce50fdaef522760d6b998dd1817cfef23867124b17276c004efabcbe42Internet Security Systems (ISS) X-Force has identified a vulnerability in the makewhatis Bourne shell script that ships with many Linux distributions
1b64f135dfbec4e3b58cd4a39a867d2095425a2d0a7ce099fefc4ef401e688f6Security Advisory ( netscape.ad.00-07 ) - Netscape Administration Server Password Disclosure. Netscape SuiteSpot running on Netscape webservers has a password file which in the default configuration is readable by remote users. All platforms are affected.
fc8ced0cf42485c9c5449d2871d4e468f97c98348842598afee7f8f1b5693c16FreeBSD-SA-00:33 - Vulnerabilities in the MIT Kerberos 5 port were the subject of an earlier FreeBSD Security Advisory (SA-00:20). At the time it was believed that the implementation of Kerberos distributed with FreeBSD was not vulnerable to these problems, but it was later discovered that FreeBSD 3.x contained an older version of KTH Kerberos 4 which is in fact vulnerable to at least some of these vulnerabilities. FreeBSD 4.0-RELEASE and later are unaffected by this problem, although FreeBSD 3.5-RELEASE is vulnerable.
e072d2724cad65ec47ada96c741fce598aee03be503ae532586cff6b6b3f76b4Infosec Security Vulnerability Report - The web server for remote access to e-mail in WorldClient 2.1 for Windows NT is vulnerable for root dot dot. It is possible to read any file if the full path is known.
4b6111684464d2485841716e01f025838a5a1cc677a347910d4fa9e8beba9b29The Sun Java Web Server for Solaris and Windows NT allows a remote attacker to execute arbitrary commands on the target system. Proof of concept included.
bd8c338c7d97b0e98dd027394f8a93f703fd4e4cbad9bb9bf3ad8b24525f2c99Big Brother Scanner - scans for /cgi-bin/bb-hostsvc.sh which allows reading of any file on the system running Big Brother prior to version 1.4h.
5b760b555749e0bc228d293b9b05df55bbf2a42dcb3ab1727c7907a857069a84Big Brother v1.4g and below contains a vulnerability which allows a remote attacker to view any file on the system.
f086e5bac79245e68ebce8c7eec3573aba8b9aae6fa0bc93db2738b30a313fb2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed