what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files Date: 2003-07-09 to 2003-07-10

DSR-listproc.pl
Posted Jul 9, 2003
Authored by dsr, Knud Erik Hojgaard | Site dtors.net

Local root exploit for listproc 8.2.09 written for FreeBSD.

tags | exploit, local, root
systems | freebsd
SHA-256 | 32d29d4604081ef12675fd665f8f0a35be36d443ef66bfee3dd3ba7a3b41693d
MaelstromX.c
Posted Jul 9, 2003
Authored by Knight420

Maelstrom local exploit that gives gid of games and makes use of the overflows found in the -player and -server switch.

tags | exploit, overflow, local
SHA-256 | 14887f12b07716692074ef4aaf28e25d942c4291ca0d8463e0ee978fed22bf34
ccbillx.c
Posted Jul 9, 2003
Authored by Knight420

CCBill remote exploit that spawns a shell with netcat and attempts to connect into the server on port 6666 to gain access of the webserver uid.

tags | exploit, remote, shell
SHA-256 | 66f3965cf4bbf7fe122e5da69fc37f2fb3c3ffe2b7aa6836d0778511c9c29de7
Atstake Security Advisory 03-07-08.1
Posted Jul 9, 2003
Authored by Atstake, Andreas Junestam | Site atstake.com

Atstake Security Advisory A070803-1 - By specifying the name of a named pipe instead of a file, as an argument to Microsoft SQL Server's xp_fileexist extended stored procedure, one can impersonate the user account Microsoft SQL Server is running under. This is due to the behavior of the CreateFile system call and Windows named pipe impersonation. This is not limited to Microsoft SQL Server, but a system wide problem.

tags | advisory
systems | windows
SHA-256 | a0e2cd066322faccbeda17b525edc1bfe19a840681e371d62018efeea6586415
Verity-K2Toolkit-Eng.txt
Posted Jul 9, 2003
Authored by STG Security | Site stgsecurity.com

STG Security Advisory SSA-20030701-02: Verity's K2 Toolkit has a cross site scripting vulnerability in its Query Builder.

tags | exploit, xss
SHA-256 | f983dd385873de4c2d4c4a5383709b519f4ea35bf8c668d5515205021db89086
CSSoft-EZTRansI-Eng.txt
Posted Jul 9, 2003
Authored by STG Security | Site stgsecurity.com

STG Security Advisory SSA-20030701-03: ezTrans Server, the popular portal software used throughout Korea, lacks input validation in the file download module. Due to this, a remote attacker can download any file on the system that the webserver uid can access.

tags | exploit, remote
SHA-256 | d492993f68980b4e668ff2b3131e085ae25dd8e90d2b29a666435ba1b92fbcf3
adobeflaw.txt
Posted Jul 9, 2003
Authored by ElcomSoft Co.Ltd. | Site elcomsoft.com

In 2001, Elcomsoft discovered serious security flaws in Adobe Acrobat where pdf files could load malicious plug-ins and have Acrobat believe they were digitally signed. A plug-in loaded in this manner can perform any file operations on the system. Adobe slacked on doing anything about this until CERT released an advisory on it in March of 2003. With the new releases from Adobe, these issues were supposed to be addressed but vulnerabilities still remain.

tags | advisory, vulnerability
SHA-256 | 97736473454a303c89f45f58b292c5e56504cf1a2f5382462a575fa2f759cfc4
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close