exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2003-09-16

09.16.MS03-039-exp.c
Posted Sep 16, 2003
Authored by Eyas

Remote Windows exploit for the RPC DCOM long filename heap overflow discovered by NSFOCUS. Upon success, the target will have a user added as the letter e with a password of asd#321.

tags | exploit, remote, overflow
systems | windows
SHA-256 | 8deeb2c01d158751b1bf4ee8adcd15343d9a1beaeded00158eb8c71a0eb8577a
TEXONET-20030902.txt
Posted Sep 16, 2003
Site texonet.com

Texonet Security Advisory 20030902 - SCO OpenServer / Internet Manager (mana) versions 5.0.5 to 5.0.7 are susceptible to escalating a local attacker's privileges due to being tricked into executing the environment variable REMOTE_ADDR when it is set.

tags | exploit, local
SHA-256 | 5046fb8c6f2157de1eeef06f1ff7086a72da814debcc822a30e046b466d87a8d
DominoHunter-0.92.zip
Posted Sep 16, 2003
Authored by Pierre CARON

Domino Hunter 0.92 is a Lotus Domino web server scanner, written in Perl. It attempts to access default NSF databases, as well as crawl user-defined bases. It tries to enumerate the database structure, enumerate available views, available documents, and ACLs set on documents. It also tries to retrieve documents from available views in order to check if ACLs are correctly set to restrict documents and not views. The scanner works in both anonymous mode or privileged mode if user supplied credentials are supplied to then be passed to the default names.nsf/?Login form.

Changes: Various bug fixes, more verbose of output, and a progress bar has been added. Fast ACL enumeration and various bugfixes.
tags | tool, web, scanner, perl
systems | unix
SHA-256 | bfcba564a665d5e5f128c1528b9c6a1d48fcabdf83356083541e4206cad0ecc6
Atstake Security Advisory 03-09-15.1
Posted Sep 16, 2003
Authored by Atstake, Ollie Whitehouse | Site atstake.com

Atstake Security Advisory A091503-1 - The Nokia Electronic Documentation product has three vulnerabilities. A cross-site scripting vulnerability allows an attacker to run malicious code if javascript is enabled. A directory listing of the web root is available by supplying the underlying webserver with a period. NED can also be inadvertently used as an HTTP proxy server.

tags | advisory, web, root, javascript, vulnerability, xss
SHA-256 | 4924ba9b5946a4e3970ccd2e0126327f9de57382c0d428f532349345aa409bd4
09.14.mysql.c
Posted Sep 16, 2003
Authored by Bkbll

Remote exploit for Mysql 3.x versions 3.23.56 and Mysql 4.x versions below 4.0.15. More information available here.

tags | exploit, remote
SHA-256 | 031cb79c22ead773279128cdcad002a6b7cea61a3829c158c874f16857a8ab9e
tsh-0.6.tgz
Posted Sep 16, 2003
Authored by Christophe Devine

Tiny SHell is an open-source UNIX backdoor that compiles on all variants, has full pty support, and uses strong crypto for communication.

tags | tool, shell, cryptography, rootkit
systems | unix
SHA-256 | 6cb0bc541e848ecd40a2623b75688255e001fe3476c765acd037f1906f171a14
sorpine.c
Posted Sep 16, 2003
Authored by Sorbo | Site darkircop.org

Remote Pine exploit for versions 4.56 and below. Makes use of a vulnerability discussed here.Binds a shell to port 6682. Written for Slackware 8.0, 8.1, and 9.0 and works for RedHat as well.

tags | exploit, remote, shell
systems | linux, redhat, slackware
SHA-256 | e851c723d21209a6b26900e885356e35a071b04eb77c23187facc15b5835af99
iDEFENSE Security Advisory 2003-09-16.t
Posted Sep 16, 2003
Authored by iDefense Labs, Mark Zielinski | Site idefense.com

iDEFENSE Security Advisory 09.16.03: An exploit has surfaced that allows remote attackers to execute arbitrary commands with super-user privileges against Solaris hosts running the default RPC authentication scheme in Solstice AdminSuite, sadmind. CVE Related Number: CVE-2003-0722.

tags | advisory, remote, arbitrary
systems | solaris
SHA-256 | 927d8400a78249ccc1f470ef0d7fa5b3ce3bc5fe19fbd3027a63dae9bae28365
minihttp.txt
Posted Sep 16, 2003
Authored by Peter Winter-Smith

Minihttpserver 1.x Host Engine is susceptible to a directory traversal attack and has a login parsing flaw that allows a remote attacker to gain administrative privileges.

tags | exploit, remote
SHA-256 | c3811137432dca7f6b3480030b9e97885c8de1ef80de534902b0ea664f882952
easyfile.txt
Posted Sep 16, 2003
Authored by Dr. Insane

Easy File Sharing Web Server 1.2 is vulnerable to directory traversal bugs, cross site scripting, HTML injection, and password snatching due to them being left in the clear.

tags | exploit, web, xss
SHA-256 | f44612ef4731652eedc76c34971ccef6fbab01c107847e6496e2fa6d924e38f8
buffer.adv
Posted Sep 16, 2003
Site openssh.org

OpenSSH Security Advisory - All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error which results in a remote root vulnerability.

tags | advisory, remote, root
SHA-256 | 64c4c6ec67379208e69b635d6afb17251d748b0a37bf85006230d6525d2a55db
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close