Grinder.zip is an executable and perl script which uses the SID tools to enumerate usernames from an NT Server.
a1d083693d92738e60e67d14da41cd78e510101d290b18792f28617f1b128eaeUnicode_shell.pl is an exploit for the IIS unicode bug which allows you to enter commands as if in a cmd.exe shell and uses 20 different URL's to check for the vulnerability.
57da8160e9ecbc76af59dca02d8c09165aad0ed553e94c04920c4911d63f868bMuloscan.pl is a simple perl scanner that uses IO::Socket to check to see if some well known ports are open.
2fcef98ac1a2a7957ee581cb21e6d0d1f3817c30d4630bb3fdef33ed00322797Infiltrator is a unix trojan creation program.
f538703019e4a991af5d5a97ce7ca5743e75d0f6ba39ee62c4426093a2f86309Microsoft Security Advisory MS01-015 - A vulnerability in IE allows web server operators to discover the full path of items in the IE cache, allowing remote execution of binaries via a web site or email message. The recommended patch fixes 3 more security problems. Microsoft FAQ on this issue available here.
de01a0dff05dc9a62d7caaf101b9b28e5016868b5d92793e6f1265e99827edf3TalkBack.cgi directory traversal remote exploit.
396c1d51895015c18e8733df3f237702266c9de2fd99fca89addccdee7fc09e6SuSE Security Advisory SuSE-SA:2001:15 - Hfaxd v4.1 contains format string local root vulnerabilities.
3cf8862d583d947dadda3785192ae779b2089fde342767b61a93665c00da2287FreeBSD Security Advisory FreeBSD-SA-01:33 - The glob() function contains buffer overflows that are exploitable through the FTP daemon. If a directory with a name of a certain length is present, a remote user specifying a pathname using globbing characters may cause arbitrary code to be executed on the FTP server as user running ftpd, usually root. Additionally, when given a path containing numerous globbing characters, the glob() functions may consume significant system resources when expanding the path. This can be controlled by setting user limits via /etc/login.conf and setting limits on globbing expansion.
8aea5ad4592fa0042500e15dc47d91bc6db21f66c3891d0fd68df72d09b94fe3FreeBSD Security Advisory FreeBSD-SA-01:32.ipfilter - When matching a packet fragment, insufficient checks were performed to ensure the fragment is valid. In addition, the fragment cache is checked before any rules are checked. Even if all fragments are blocked with a rule, fragment cache entries can be created by packets that match currently held state information. Because of these discrepancies, certain packets may bypass filtering rules. All versions of FreeBSD prior to the correction date, including FreeBSD 3.5.1 and 4.2, contain this problem.
676d7b34644214514010b70aa759e96c9a540b745e87d5da8d0d7e0854b95fb7Magic String Pimp is a commandline tool that allows you to construct buffer overflow strings and use them in various ways. It is mainly meant as a tool for Proof Of Concept exploit coders which simplifies the tedious task of writing exploits just to prove simple overflows exploitable.
059e51747e5d9a55f3f3151d9989cd73cc51333089b8ec0ddfbb39b9b9ca1950Cfingerd prior to v1.4.2 remote root format string exploit. Includes information on finding offsets. Tested against Debian cfingerd v1.3.2, 1.4.0, 1.4.1, and RedHat 7.0 cfingerd 1.3.2.
27d6d03e401bbc5d64121d7bf098b55babef4798dff575768d01cd2abac1b648SuSE Security Advisory SuSE-SA:2001:14 - When printing a whole text or selected parts of a text, nedit(1) creates a temporary file in an insecure manner. This behavior could be exploited to gain access to other users privileges, even root.
c321f2d2c6822aa4ca64718a94a057c55f327826eacf875bc043b241a27cdcbdSuSE Security Advisory SuSE-SA:2001:13 - sudo(8) previous to version 1.6.3p6 is vulnerable by a buffer overflow in it's logging code, which could lead to local root compromise.
c883baed233c59823a1115733acb1dfedd991234d9bbb44b25141a1a7ae609ab
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed