The TRACKtheCLICK script is vulnerable to an injection attack due to the User-Agent and Referer variables not being filtered in click.cgi, allowing a malicious attacker to spoof incorrect information and when admin.cgi is opened, the injected code will be executed by the victim's browser.
1aaaed1d3addfb60459fea9d4ac3a4bcb3f996fedc2ddabc1ff833147a5a8a84Information regarding the fact that the Microsoft Windows patch that supposedly fixed the RPC DCOM vulnerability has failed miserably and patched machines are still vulnerable to attack.
e0b7dc71442f34a04b0f99c6e9d07e5c50a1353b46abd96c56ada4b763e14fd8mIRC version 6.1 and below on Windows 2000 is susceptible to a buffer overflow attack. If a user is tricked into loading a malicious URL that launches the mirc.exe binary, a remote attacker can overwrite the saved instruction pointer and control the program's execution.
a9e13f3872f59f087d58dfa968fdb1427a8f3b76ebe7323d121f741d301735d1Ph4nt0m Security Advisory #2003-9-9 - mah-jong versions 1.6 and below are susceptible to a remote denial of service attack.
9f7ebf87e359ccad366264bb0a277e015fb72bb0f3f9f57fae88ca20d2a63c19MBEnum is a tool that queries the master browser for whatever has been registered. Helpful in giving an overall view of a Microsoft Window environment.
ef49d7ad4f2bfb7361dd415307b2f9db43c6239d1964e1800018d563289adc7bVenom is a tool to run dictionary password attacks against Windows accounts by using the Windows Management Instrumentation (WMI) service. This can be useful in those cases where the server service has been disabled. The tool is written in VB6 and might require some additional runtime libraries to run. Attack speeds vary, but tend to be around 45-50 guesses/sec.
b86c14f3bec622de8ffcfd699d429be04ab2876efa03a8cbfc6b0e97f63b4e8cSFPDisable is a utility that disable Microsoft Windows' File Protection by patching sfc.dll under Windows 2000 and sfc_os.dll in Windows XP. This allows a remote attacker to delete, manipulate, and backdoor any file on the system without Windows noticing upon reboot.
24605e3feea0bdf775d9c1ce2ac24e839a5e8effde6a87883b62062b173e2fcaRemote root exploit for ProFTPd 1.2.7-1.2.8.
237386f1bbbe4763fb37224b815cedc1bf10ec040c780c7b84f4873ef8f11ac1Remote root exploit for ProFTPd versions 1.2.7 - 1.2.9rc2 that breaks the chroot and uses brute force. Tested against SuSE 8.0/8.1 and RedHat 7.2/8.0.
e1b8169e56e2b24443a163f1d695b621b114d4358c11fe13d71fa81194edffd3Linux x86 shellcode that binds a shell to port 7512 and has a size of 123 bytes.
446f8b26d46953947345898cf7cb71847960df0cffc32e68b8a82a2a3d321273Victimizer 1.0 is a mass-ip glue tool used to implement network system calls and fork out processes. Provides a framework to scan and use a lot of machines at once in a quick manner. Works well with things like nbaudit, rpcinfo, etc.
50f84fc435f9f2491990dd8dc1090c3905ce284a4fd52676d068a4d9f7a51f6e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed