Shell script to scan a domain for open windows shares using samba. Tested on slackware, red hat, SuSE. Requires smb client.
aa897cb01895e470ffc69ea88d3d8aa218b9d21900a286afbf5b78fded94e1fcCERT Advisory CA-99-16 - Buffer Overflow in solaris sadmind. The sadmind program is installed by default in Solaris 2.5, 2.6, and 7.
91e3ccb53dada317e1d9eb7fb117db045ea4dab85eb4219206c1ebfaece31491Dword.pl - This will convert a given IP address into it's dword equiv, as described in "How to Obscure Any URL", available here.
3f31fd5b39902ebcc095a352a0538509fc005b0f033a0d5aae798016f30131c7Explanation of how to exploit the rpc.sadmind bug on Solaris.
39930a280c144ab14cfd240d0a929369a2f7e68dfed059b8f4c01fda84a4ba71Hotmail is vulnerable to yet another serious security problem involving javascript. Windows, MacOS, and Linux users are affected. Filters may be bypassed by putting line feeds in the middle of the javascript code, the browser will remove the line feeds and execute it.
38d619755398daddb4094c74d9e46a705ebf54917924ac7f57da9be93f94b110Veritas Volume Manager 3.0.x for Solaris contains a security hole which can, under specific circumstances, allow local users to gain root access. Exploit description included.
fd2319ff0e16f1c6e713fa56b2101950213939c45121c340cc789350ca38aee3This paper describes in detail the exploitation of the libc locale format string vulnerability on Solaris/SPARC. The full source code for the exploit is presented and some details of the implementation are discussed.
7b17fe99c5995c3700f946e8abe827d958a46295cd8e9068e1a590b08b7ef993Xitami WEB/FTP Server for Windows 95/98/NT/2k v2.5b4 has remote vulnerabilities which allow users to view sensitive system information via testcgi.exe. Passwords are stored in plain text. Denial of service is possible.
963cbf8d5f403c450c746e48d4a87ee002babfa21848572bbe2f6ac1680a715fWorking Solaris x86 /usr/bin/mail exploit
a711668cc0d9690ee75eb24dd2d018bd428e023e5b49e67478bbd7fdca690496A vulnerability exists in Oracle 8.1.5 for UN*X which may allow any user to obtain root privileges. Local root exploit shell script included.
17d374afd2a8378ded9bbbbbe17182f77ee586f2c4da4eb247fb052a192da311The Sambar web server version 4.3 Beta 2 is vulnerable to remote buffer overflow. Dos example included.
e480e4ea52df200307b608978e22215ea04221336cc1ca0297728e71575dd718Netscape Navigator/Communicator 4.5 buffer overflow advisory - I recently uncovered a stack based buffer overflow in NN which allowed me to execute arbitrary code. Exploit included. Tested with Netscape Navigator 4.5 using Windows98.
8ae2a6160c963cdc89d7ce97dcfa06db4b47da886d8c54227c1f6ca9cec3bdadPlogd v2 - syn/udp/icmp packet logger (freebsd version).
6c7d6a373bf27fc4fe88c764bdf5b002ece8a6296bef7632474fc0eaa5c56233Backdoor shell script to be run from cron monthly.
4a51bcecc880b78e5845e0c1ac80f9ec82f41bd9dad31c57256aed344a399b3cRemoteHit searches for a computer on a remote network, in a given IP Range, using NetBIOS protocol. The program is fully multi-threaded. RemoteHit has MS "Find: Computer" like interface.
db0de589bc6f540188e5838ce03d6e87817cab5274689fdee8c1f91cb44f7ca0NSI Rwhoisd v1.5 through 1.5.7.2 contains a remotely exploitable format string vulnerability if use-syslog: is on, which is the default.
4caaf3484ee97afe74157fd65fa4dad6415e2f47eebe489b3f4b240baea110ffPhpNuke v5.1 allows remote users to steal the admin password, which is Base 64 encoded. The password is in a cookie which needs to be stolen from the admin by asking him to visit a link.
7af6df4201e5053dd29cb236178603fdb4a5bda31c8042192edb2f568326c3d9CgiXp.exe is a remote exploit for Webcart v8.4 (bugtraq id 3453) and several unicode vulnerabilities (bugtraq id 1806). Tested against Windows NT Server 2000 / IIS 5.0 and Linux Red Hat 7.2 / Apache 1.3.22 +webcart.cgi. Gui based, requires Visual Basic 5.0 .OCX files in your system directory (richtext ocx, msinet dll).
bfb17b9ce107c0b63e002bf9a232a47c3933a3eba05ece3d08aebbad41d5c025Apache-SSL is a set of patches for Apache to create a secure Webserver, based on SSLeay/OpenSSL. It is designed to be small, secure, and efficient.
91d9326eb3feff14935b0fae89ce6b59cba7e70e4491826037ccce5f82f1ec78Berkeley finger.cgi has a remote command execution vulnerability because it does not strip out newlines.
9522938f90cc239769620d06fc8cdd679f71ea497be3e18b34ec0cfceaaf02f6RegistryBrowser is a utility which demonstrates problems associated with stolen windows passwords by remotely browsing remote system registries using a specified user account. Tested on Windows NT and 2000.
754befcbca706cd9b4ff37c98092c6a93a03c9734298d1ab59b156a982dc7d9bUni.pl checks a host for the recent IIS unicode vulnerability in 14 different ways.
32bd5f34a95c46295f57976cfbf6555ee9b99614f669f3c03817d94d1fb5c99dThe Flicks Titan application firewall for IIS has a vulnerability in the url inspection allowing it to be easily bypassed.
c9ae3c7cec218aa4c0a512ca5aab4dada76da541b52fcc647bd0702fc4ea36a6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed