Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Sun, 27 May 2012 22:33:01 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1528226169&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0010-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1528226169.1338157981.1338157981.1338157981.1%3B%2B__utmz%3D32867617.1338157981.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/30045/7350cowboy.c http://packetstormsecurity.org/files/30045/7350cowboy.c http://packetstormsecurity.org/files/30045/7350cowboy.c.html Sun, 17 Nov 2002 14:04:24 GMT 7350cowboy.c is supposedly a PHP/3.0.12, 3.0.15, and 3.0.16 with apache 1.3.12 remote format string exploit for FreeBSD 3.4, Slackware Linux 4.0, and 7.0. Very similar to http://packetstormsecurity.org/0010-exploits/phploit.c. http://packetstormsecurity.org/files/23406/locale_sol.txt http://packetstormsecurity.org/files/23406/locale_sol.txt http://packetstormsecurity.org/files/23406/locale_sol.txt.html Thu, 22 Nov 2001 09:32:11 GMT This paper describes in detail the exploitation of the libc locale format string vulnerability on Solaris/SPARC. The full source code for the exploit is presented and some details of the implementation are discussed. http://packetstormsecurity.org/files/25379/macosxsetuidroot.txt http://packetstormsecurity.org/files/25379/macosxsetuidroot.txt http://packetstormsecurity.org/files/25379/macosxsetuidroot.txt.html Wed, 24 Oct 2001 02:42:52 GMT Mac OS X v10.1 and below contains a local root vulnerability which allows logged in users to get a root shell by running a specific series of applications. More info here. http://packetstormsecurity.org/files/23489/0010-exploits.tgz http://packetstormsecurity.org/files/23489/0010-exploits.tgz http://packetstormsecurity.org/files/23489/0010-exploits.tgz.html Thu, 02 Nov 2000 09:22:03 GMT Packet Storm new exploits for October, 2000. http://packetstormsecurity.org/files/23458/guninski26.txt http://packetstormsecurity.org/files/23458/guninski26.txt http://packetstormsecurity.org/files/23458/guninski26.txt.html Tue, 31 Oct 2000 00:21:02 GMT Georgi Guninski security advisory #26 - Using specially designed URLs, IIS 5.0 may return user specified content to the browser. This poses great security risk, especially if the browser is JavaScript enabled and the problem is greater in IE. By clicking on links, just visiting hostile web pages or opening HTML email the target IIS sever may return user defined malicous active content. This is a bug in IIS 5.0, but it affects end users and is exploited with a browser. A typical exploit scenario is stealing cookies which may contain sensitive information. http://packetstormsecurity.org/files/23443/utilmind-maillist-exploit.pl http://packetstormsecurity.org/files/23443/utilmind-maillist-exploit.pl http://packetstormsecurity.org/files/23443/utilmind-maillist-exploit.pl.html Sat, 28 Oct 2000 20:30:21 GMT Mailing List & News Version 1.7 remote exploit - takes advantage of insecure mail handling to spawn a shell on tcp port 60179. http://packetstormsecurity.org/files/23442/listmail-exploit.pl http://packetstormsecurity.org/files/23442/listmail-exploit.pl http://packetstormsecurity.org/files/23442/listmail-exploit.pl.html Sat, 28 Oct 2000 20:27:59 GMT Listmail v112 remote exploit which spawns a shell on tcp port 60179. Takes advantage of an insecure open call. http://packetstormsecurity.org/files/23441/formnow-exploit.pl http://packetstormsecurity.org/files/23441/formnow-exploit.pl http://packetstormsecurity.org/files/23441/formnow-exploit.pl.html Sat, 28 Oct 2000 20:23:39 GMT FormNow CGI script v1.0 remote exploit - Takes advantage of an insecure sendmail call to bind a shell to tcp port 60179. http://packetstormsecurity.org/files/23440/newsexp.tar.gz http://packetstormsecurity.org/files/23440/newsexp.tar.gz http://packetstormsecurity.org/files/23440/newsexp.tar.gz.html Sat, 28 Oct 2000 11:01:33 GMT News Update 1.1 advisory / remote exploit which allows changing the passwords for the cgi program without knowing the former password, allowing malicious users to modify your news-page. http://packetstormsecurity.org/files/23439/hostexp.c http://packetstormsecurity.org/files/23439/hostexp.c http://packetstormsecurity.org/files/23439/hostexp.c.html Sat, 28 Oct 2000 10:55:51 GMT Older version of the host command contains a remotely exploitable buffer overflow. The host command is used to perform the AXFR request to obtain the zone transfer information, and can be caused to execute arbitrary code when connecting to a fake DNS server, a netcat process listening on port 53. http://packetstormsecurity.org/files/23436/hl-advisory.asc http://packetstormsecurity.org/files/23436/hl-advisory.asc http://packetstormsecurity.org/files/23436/hl-advisory.asc.html Sat, 28 Oct 2000 08:40:35 GMT The Half-life Dedicated Server for Linux contains remotely exploitable buffer overflow vulnerabilities. Includes remote buffer overflow exploit hl-rcon.c which has been tested against v3.1.0.x for Linux x86. http://packetstormsecurity.org/files/23435/pqwak2.zip http://packetstormsecurity.org/files/23435/pqwak2.zip http://packetstormsecurity.org/files/23435/pqwak2.zip.html Sat, 28 Oct 2000 08:31:09 GMT This program exploits a flaw in the share level password authentication of MS windows 95/98/ME in its CIFS protocol to find the password of a given share on one of these machines, as discussed in ms00-072. http://packetstormsecurity.org/files/23434/unicodexecute2.pl http://packetstormsecurity.org/files/23434/unicodexecute2.pl http://packetstormsecurity.org/files/23434/unicodexecute2.pl.html Sat, 28 Oct 2000 08:23:21 GMT Unicodexecute2 is a simple perl script to execute commands on vulnerable IIS servers w/ Unicode, as described in this article. http://packetstormsecurity.org/files/23286/godmessageIV.zip http://packetstormsecurity.org/files/23286/godmessageIV.zip http://packetstormsecurity.org/files/23286/godmessageIV.zip.html Fri, 27 Oct 2000 08:00:42 GMT Godmessage 4 Revision 5 is an implementation of Georgi Guninski's recent ActiveX exploit for Internet Explorer which attempts to install a trojan on any machine which views the included HTML. http://packetstormsecurity.org/files/23425/inbusdos.c http://packetstormsecurity.org/files/23425/inbusdos.c http://packetstormsecurity.org/files/23425/inbusdos.c.html Fri, 27 Oct 2000 07:59:09 GMT Denial of Service attack against an Intel InBusiness eMail Station. Will send a 630 char buffer to the pop server as argument of a USER command. The little box needs to be "powered off" and -on again. http://packetstormsecurity.org/files/23423/ntop-w-exp.c http://packetstormsecurity.org/files/23423/ntop-w-exp.c http://packetstormsecurity.org/files/23423/ntop-w-exp.c.html Fri, 27 Oct 2000 07:39:09 GMT Ntop -w v1.2a1 remote stack overflow exploit. Ntop in web mode (-w) contains an overflow when a long filename is requested. Fix available here. http://packetstormsecurity.org/files/23413/hp-ux.crontab.sh http://packetstormsecurity.org/files/23413/hp-ux.crontab.sh http://packetstormsecurity.org/files/23413/hp-ux.crontab.sh.html Tue, 24 Oct 2000 06:59:28 GMT HP/UX crontab local shell script exploit. http://packetstormsecurity.org/files/23408/pqwak.zip http://packetstormsecurity.org/files/23408/pqwak.zip http://packetstormsecurity.org/files/23408/pqwak.zip.html Tue, 24 Oct 2000 02:49:52 GMT This program exploits a flaw in the share level password authentication of MS windows 95/98/ME in its CIFS protocol to find the password of a given share on one of these machines, as discussed in ms00-072. http://packetstormsecurity.org/files/23407/iis.asp.txt http://packetstormsecurity.org/files/23407/iis.asp.txt http://packetstormsecurity.org/files/23407/iis.asp.txt.html Tue, 24 Oct 2000 02:33:52 GMT How to read ASP source code on an IIS 5 server using the recently discovered IIS vulnerability. http://packetstormsecurity.org/files/23405/redhat.lpr.txt http://packetstormsecurity.org/files/23405/redhat.lpr.txt http://packetstormsecurity.org/files/23405/redhat.lpr.txt.html Sat, 21 Oct 2000 10:35:26 GMT Lpr lpr-0.50-4 and below contains vulnerabilities which allow local users to access other accounts, and sometimes root. http://packetstormsecurity.org/files/23399/xzarch.c http://packetstormsecurity.org/files/23399/xzarch.c http://packetstormsecurity.org/files/23399/xzarch.c.html Sat, 21 Oct 2000 07:30:18 GMT Linux /usr/games/zarch v.92 local root buffer overflow exploit. http://packetstormsecurity.org/files/23396/oracle-815.c http://packetstormsecurity.org/files/23396/oracle-815.c http://packetstormsecurity.org/files/23396/oracle-815.c.html Sat, 21 Oct 2000 06:57:41 GMT Oracle 8.1.5 local buffer overflow exploit for Linux. http://packetstormsecurity.org/files/23393/webevent.txt http://packetstormsecurity.org/files/23393/webevent.txt http://packetstormsecurity.org/files/23393/webevent.txt.html Sat, 21 Oct 2000 05:55:53 GMT Webevent v3.3.3 (webevent.pl) is an online calendar which contains a remote cgi vulnerability which allows administrative access. http://packetstormsecurity.org/files/23391/xsplumber.c http://packetstormsecurity.org/files/23391/xsplumber.c http://packetstormsecurity.org/files/23391/xsplumber.c.html Sat, 21 Oct 2000 05:27:00 GMT Linux space plumber (/usr/games/splumber) local buffer overflow exploit. http://packetstormsecurity.org/files/23389/unicode.pl http://packetstormsecurity.org/files/23389/unicode.pl http://packetstormsecurity.org/files/23389/unicode.pl.html Sat, 21 Oct 2000 05:18:39 GMT Unicde.pl exploits vulnerable IIS servers which allow remote command execition, as described in iis-unicode.txt.