exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2004-11-13 to 2004-11-14

101_netn.cpp
Posted Nov 13, 2004
Authored by class101

NetNote Server version 2.2 build 230 crafted string vulnerability exploit that crashes the server.

tags | exploit
SHA-256 | 7c6dc403c38101273cb023408861ce7734dd9c375fdbf92d16d88321a1e85197
afick-2.5-0.tgz
Posted Nov 13, 2004
Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Minor bug fixes and improvements.
tags | tool, integrity
systems | windows, unix
SHA-256 | 733ee495b9979603e102afbec061968d3ded59e088c0985156b9b853efb19951
phpbb2.txt
Posted Nov 13, 2004
Authored by How Dark | Site howdark.com

PHPBB version 2.0.x - 2.0.10 is susceptible to a SQL injection attack.

tags | advisory, sql injection
SHA-256 | 4f053ca2bbaab78236728fbce72ffbc174d33b87706583f643af3eea32ae60cb
phpbugtraq.txt
Posted Nov 13, 2004
Authored by How Dark | Site howdark.com

PHP Bug Traq 0.9.1 is susceptible to SQL injection attacks.

tags | exploit, php, sql injection
SHA-256 | 45b549cb770039550a7badbf33fbf71cebed496975d3c1ae265c705d6e195c0f
Shadow_Software_Attack.pdf
Posted Nov 13, 2004
Authored by Angelo Rosiello, rosiello | Site rosiello.org

Whitepaper written to demonstrate that a shadow software attack is still possible. Winner of the ISW contest.

SHA-256 | ac162a8e79af20c3b9196fab6fd12f64ea40f0f7fb57bedb4d9b9efa8d383bce
twiki.txt
Posted Nov 13, 2004
Authored by Florian Weimer, Markus Goetz, Joerg Hoh, Michael Holzt, Florian Laws, Hans Ulrich Niedermann, Andreas Thienemann, Peter Thoeny

Remote attackers are able to execute arbitrary commands in the context of the TWiki process for TWiki versions 20030201 and possibly in other versions as well. This flaw is due to a lack of proper sanitization of user input.

tags | advisory, remote, arbitrary
SHA-256 | ac52112bc5ecb5d1c0b1b78be42869a3a5320137a2621f2fc66722fa6a94c04c
secure142.txt
Posted Nov 13, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Secure Network Messenger versions 1.4.2 and below suffer from a remote denial of service vulnerability.

tags | advisory, remote, denial of service
SHA-256 | b377941d0d36b5ed895485dbb5fd65db7ff06a1742ee0d1054119a629f139007
alcateladsl.txt
Posted Nov 13, 2004
Authored by Gregory Duchemin

The Alcatel/Thomson Speed Touch Pro ADSL modem suffers two security flaws allowing an insider to poison the intranet zone configured in the modem's embedded DNS server.

tags | advisory
SHA-256 | 9bbdb6331e0c1c32a010de746600968e00b87e55d153201e72c3355b25408791
newsudo.txt
Posted Nov 13, 2004
Site sudo.ws

Sudo version 1.6.8, patchlevel 2 is now available. It includes a fix for a security flaw in sudo's environment cleaning that could give a malicious user with sudo access to a bash script the ability to run arbitrary commands.

tags | advisory, arbitrary, bash
SHA-256 | ae15d1dca83013b781fad2452080e5a499a8900efc4c6eaf12c3d0b18223c869
apprecon_src_1_0_0.zip
Posted Nov 13, 2004
Site cqure.net

AppRecon is small java tool that tries to identify applications by sending appropriate discovery broadcast packets. It currently finds PcDUO, SQL servers, and PCAnywhere. Source version.

tags | tool, java, scanner
systems | unix
SHA-256 | 96da068b9983635836978b40a0c279b98d04bddc777672204d57dbf0a2371d12
apprecon_bin_1_0_0.zip
Posted Nov 13, 2004
Site cqure.net

AppRecon is small java tool that tries to identify applications by sending appropriate discovery broadcast packets. It currently finds PcDUO, SQL servers, and PCAnywhere. Binary version.

tags | tool, java, scanner
systems | unix
SHA-256 | f4c7a1c06e12ec17e811639cd56271e818a10ece9c8a944861fa3d971f4ab34f
grams.html
Posted Nov 13, 2004
Authored by Joe Stewart | Site lurhq.com

Full analysis of the Win32.Grams trojan. It differs from previous E-Gold phishing trojans in that it does not steal credentials instead uses the victim's own browser to siphon all the E-Gold directly from their account to another E-Gold account, using OLE automation. This would completely bypass all the new authentication methods financial institutions are using to thwart keystroke loggers/password stealers, because the trojan simply lets the user do the authentication, then takes over from there.

tags | paper, trojan, virus
systems | windows
SHA-256 | a7c9529c4a026a4b4e4bdc5504bca409a177465b073217315de3f57e6b4fec18
oscanner_src_1_0_0.zip
Posted Nov 13, 2004
Site cqure.net

Oscanner is an Oracle assessment framework developed in Java. It has a plugin-based architecture and comes with a couple of plugins that currently do: Sid Enumeration, passwords tests (common and dictionary), enumeration of Oracle version, account roles, account privileges, account hashes, audit information, password policies, database links. Source version.

tags | tool, java, scanner
systems | unix
SHA-256 | ff82a3702f41f76dc68c3001663e5b2abeed11b39c29bd9695c60f499d431b83
oscanner_bin_1_0_0.zip
Posted Nov 13, 2004
Site cqure.net

Oscanner is an Oracle assessment framework developed in Java. It has a plugin-based architecture and comes with a couple of plugins that currently do: Sid Enumeration, passwords tests (common and dictionary), enumeration of Oracle version, account roles, account privileges, account hashes, audit information, password policies, database links. Binary version.

tags | tool, java, scanner
systems | unix
SHA-256 | 568c87e8ec57fcf37039bb2ea2fae79f326b566146e67659b846809bede4fb77
Secunia Security Advisory 13177
Posted Nov 13, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in UNARJ, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the handling of long filenames in archives. This can be exploited to cause a buffer overflow by tricking a user into opening a malicious archive with a specially crafted path.

tags | advisory, overflow
SHA-256 | 1b24393f6cc4b6c4ca04e89be845c1da2f1efb313196b5f887f342b10cadbf96
Tenshi Log Monitoring Program
Posted Nov 13, 2004
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: Added X-tenshi-version, X-tenshi-hostname, X-tenshi-report-start headers, various bug fixes and enhancements.
tags | system logging
systems | unix
SHA-256 | e2f26f3846de20178516424d49eb1349c6e9cf88956b078515ebd781394c5fa9
lkbackdoor.tar.gz
Posted Nov 13, 2004
Authored by Michal Stys

Small paper describing how to add a quick backdoor into the setuid code for the Linux 2.4 kernel series.

tags | paper, kernel
systems | linux
SHA-256 | d6a0b3435bc1259c10ef9e200f0493134aa6cc54884d849d2d3fd905ee01a0ee
hppsc2510.txt
Posted Nov 13, 2004
Authored by Justin Rush

The HP PSC 2510 runs an FTP daemon that is not configurable and allows anyone to upload a file to be printed without any authentication.

tags | exploit
SHA-256 | bf18f5acc8b050331a601891143389bed2576254e0deb4d4b227d1305ea658a9
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close