Yahoo! Instant Messenger (YIM) vulnerabilities. Affects Yahoo! Messenger v(5, 0, 0, 1061) for all Windows versions. Includes buffer overflow information and how to hijack another IM client.
560f2f1480e78404b85ae116917fa30a3d36064a7073a97a2a19d1fc7fcd8d6cSmall ICMP backdoor which works under BSD, Linux, and Solaris. Because you can define the icmp_code to use it is able simulate an echo_request <-> echo_reply conversation so it looks like a normal ping with bigger packets. It also includes a session_id to detect the right packets (which is also done by certain icmp_id's).
c5d1d2f14dc78955f096cfc08bfdb32b256ef436bedec6b364edc399707d82bfMicrosoft Security Advisory MS02-025 - A malformed mail can cause Exchange 2000 to eat up all CPU resources. Microsoft patch available here.
546c090a70c00b2036913bb05ad745d06cf703b3e5b7ec0473f1e49d6b1a0f95Macromedia JRun v3.1 for IIS 4/5 on WinNT 4/Win2K contains buffer overflow which allows remote code execution as the local system account.
2bd79d12f83316af1256e8abf3f82e65b0e812edc901f4c331319be81254b1eeFreeBSD Security Advisory FreeBSD-SA-02:27 - The FreeBSD rc scripts allow users may remove the contents of arbitrary directories if the /tmp/.X11-unix directory does not already exist and the system can be enticed to reboot.
b4fbc7e2551b07468072eacaa7f05cac8d58f5064909295857e01e3c876cba04FreeBSD Security Advisory FreeBSD-SA-02:26 - FreeBSD kernels compiled with accept() filters are vulnerable to a denial of service condition.
e19aca6cdf3a6b5d5e66fddf7410b68eacc39a4a11c4f26df42fe24f15409ddfIvon is an encrypted shellcode generator. It uses 32bits key to perform a XOR. Polymorphic shellcode are very easy to create. They are very useful to pass through IDS for remote exploits. There is only 26 constant bytes in the encrypted shellcode.
47f81f5477410909b6009700938be83609ce631f0b5f9d35856dfe25b7f9393dWpoison (May 28 snapshot) is a tool which attempts to find any SQL-injection vulnerabilities on a remote web document, finding bugs in dynamic content such as php and asp. Readme available here.
225c08e936991cd9c386f8f8ebfa69f04ab4771646447ca275873eff8de20127CERT Quarterly Summary CS-2002-02 - Recent attack trends include exploitation of vulnerabilities in Microsoft SQL Server, Buffer Overflow in Microsoft's MSN Chat ActiveX Control, Heap Overflow in Cachefs Daemon (cachefsd), IIS, Oracle, and more.
efde773bb7f56efc13cc4392691a982f51eb2484cc804e6e711e96318a3be2823CDaemon FTP Server v2.0 buffer overflow dos exploit.
d0bb8165e0bcac7204de3d63e1564b55afe72a5111b6aed167cf88b2697764d8IIS 5.0 .asp buffer overrun remote exploit which runs cmd.exe. The .asp overflow is documented in ms02-018.
666b2cf056c8a68d889f9a532157b8522f2cb61c48f94e39001224f4a29e815aImap4 prior to v2001a remote exploit for Linux. Requires user account, includes offsets for Slackware 7.1 and Redhat 7.2.
e3d4caaea2b25eed9bb16c6915f9acac7dcca8886f577518fc678d5f31d4874aTrojodaemon is a simple tool which allows you to start a process at boot.
b1fcc4788983fd70ebc08005a5413768ba7bc47799379e6b828fa0c31c48f9ebWarFTPd v1.65 for Win2k remote buffer overflow exploit in win32 perl. Included shellcode pops up a message box.
4d51ac1438509a6db6d42e889b5f2204a336e230d13d61319f50f9395026bad2Secura is an open source cross platform java crypto package. Jar available here.
acf7db722cae09a47aea5da574ec7b5987a73d183e902e4cc9da92e568481ee0The Falcon Web Server v2.0 for Windows 2000 allows remote users to gain read access of known password protected files residing on a Falcon Web Server.
a16db8592601cc92d0e16282473fe839385c6245b47e4a65a486a7b596cdc3d3Frapes is a Windows backdoor with many features, including the ability to edit the registry. Includes source for a unix client. Archive password is set to p4ssw0rd. Use at your own risk.
11881b515e470b98908156f8117df01b7bf95d84cd811eec569df562dd5fded6The IP Personality project is a patch to Linux 2.4 kernels that adds netfilter features: it enables the emulation of other OSes at network level, thus fooling remote OS detection tools such as nmap that rely on network fingerprinting. The characteristics that can be changed are TCP Initial Sequence Number (ISN), TCP initial window size, TCP options (their types, values and order in the packet), IP ID numbers, answers to some pathological TCP packets, and answers to some UDP packets.
90088028aa86eb60a087cfa23e8fdbdfa040df2bac97865cf554e00049d70c86Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.
e14cf365038e3721d3bd54233921777299724de0333f64d9953c009fe8fe0887Red Hat Security Advisory RHSA-2002:092-11 - A buffer overflow vulnerability has been found in the WU-IMAP daemon prior to v2001a which can be used to remotely execute code via malformed requests if the attacker has a valid IMAP account. This affects Red Hat 6.2, 7.0, 7.1 and 7.2.
8d45247f59e45aa7710cc18e1b02e6c3ff3cbb8aaa5b104fbe33cc6357f3cdd0Conectiva Security Advisory CLA-2002:489 - A cross-site scripting vulnerability found in Mailman v2.0.11 affects Conectiva Linux versions 6.0, 7.0 and 8.
c312b52df2014bfc1612eda13a4fcd1f748a4c1c2e9f72655b4463a62f58ab9fLocal exploit for the Sendmail 8.12.3 and below flock denial of service vulnerability.
bbaf654cf0fc0e59bbd9e31ec8803d66b440dda134c4511d4ff41af8c42ac323Sendmail v8.12.3 and below contains a local denial of service vulnerability in the file locking functions. Corrected in sendmail v8.12.4.
e64298819b62733db3180865cab4773b25d136f7d83b128e11755507d1949304Cisco Security Advisory - A vulnerability found in the web interface that comes with the Cisco ATA 186 Analog Telephone Adaptor be used to remotely disclose passwords by retrieving the router config via a specially crafted POST request.
055867c0b6b1881f66a086900cbd9d16bf99338974b67736d20018ad873f9255Cisco Security Advisory - Three new denial of service vulnerabilities involving large packets have been found in Cisco routers that are running the CBOS software. This affects the following Cisco devices: 605, 626, 627, 633, 673, 675, 675e, 676, 677, 677i and 678.
90f3170e3df5235aeed1ca9f10ff1951dc46a2724378626d35c4f953ce6b98bc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed