Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Sun, 27 May 2012 23:07:26 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1547596050&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0210-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1547596050.1338160046.1338160046.1338160046.1%3B%2B__utmz%3D32867617.1338160046.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/29854/massrooterfinal.tar.gz http://packetstormsecurity.org/files/29854/massrooterfinal.tar.gz http://packetstormsecurity.org/files/29854/massrooterfinal.tar.gz.html Wed, 13 Nov 2002 15:43:19 GMT Massrooter takes advantage of remote vulnerabilities in bind, PHP, lpd, rpc, wuftpd, null httpd, telnet, mail, ssl, and ssh on multiple systems. http://packetstormsecurity.org/files/29983/0210-exploits.tgz http://packetstormsecurity.org/files/29983/0210-exploits.tgz http://packetstormsecurity.org/files/29983/0210-exploits.tgz.html Fri, 01 Nov 2002 08:49:18 GMT Packet Storm new exploits for October, 2002. http://packetstormsecurity.org/files/29969/sambar.5.1.pl http://packetstormsecurity.org/files/29969/sambar.5.1.pl http://packetstormsecurity.org/files/29969/sambar.5.1.pl.html Thu, 31 Oct 2002 05:09:52 GMT Sambar Webserver v5.1 for Windows Pbcgi.exe remote denial of service exploit in perl. http://packetstormsecurity.org/files/29958/Oracle9iAS.dos.pl http://packetstormsecurity.org/files/29958/Oracle9iAS.dos.pl http://packetstormsecurity.org/files/29958/Oracle9iAS.dos.pl.html Wed, 30 Oct 2002 07:52:04 GMT Oracle9iAS Web Cache Denial of Service exploit in perl, as described in Atstake advisory a102802-1. http://packetstormsecurity.org/files/29956/solarhell http://packetstormsecurity.org/files/29956/solarhell http://packetstormsecurity.org/files/29956/solarhell.html Tue, 29 Oct 2002 13:49:29 GMT Solarhell is a remote root exploit shell script which abuses the Solaris /bin/login bug by using telnet. Solaris 2.6, 2.7 and 2.8 (7.0 and 8.0) is vulnerable. More information available here. http://packetstormsecurity.org/files/29944/tftp.dos.pl http://packetstormsecurity.org/files/29944/tftp.dos.pl http://packetstormsecurity.org/files/29944/tftp.dos.pl.html Fri, 25 Oct 2002 05:27:22 GMT Solarwinds TFTP server v5.0.55 and below remote denial of service exploit in perl. http://packetstormsecurity.org/files/29938/virgil.txt http://packetstormsecurity.org/files/29938/virgil.txt http://packetstormsecurity.org/files/29938/virgil.txt.html Fri, 25 Oct 2002 04:41:37 GMT Virgil CGI Scanner by Mark Ruef has a vulnerability where user input is trusted without being sanitized and is actually populating bash variables which end up getting executed. Simple exploit examples are included. http://packetstormsecurity.org/files/29934/gm012-more-ie.txt http://packetstormsecurity.org/files/29934/gm012-more-ie.txt http://packetstormsecurity.org/files/29934/gm012-more-ie.txt.html Fri, 25 Oct 2002 04:22:39 GMT Microsoft Internet Explorer versions 5.5 and 6.0 are susceptible to 9 attacks involving object caching. When communicating between windows, security checks ensure that both pages are in the same security zone and on the same domain. These crucial security checks wrongly assume that certain methods and objects are only going to be called through their respective window. This assumption enables some cached methods and objects to provide interoperability between otherwise separated documents. http://packetstormsecurity.org/files/29933/wc.tar.gz http://packetstormsecurity.org/files/29933/wc.tar.gz http://packetstormsecurity.org/files/29933/wc.tar.gz.html Fri, 25 Oct 2002 03:58:22 GMT Two modified versions of the slapper worm exploit made more user-friendly with simple interaction to define what host and port will be hit with the exploit. http://packetstormsecurity.org/files/29917/l-zonealarm.c http://packetstormsecurity.org/files/29917/l-zonealarm.c http://packetstormsecurity.org/files/29917/l-zonealarm.c.html Wed, 23 Oct 2002 06:43:22 GMT Zone-Labs ZoneAlarm Pro 3.1.291 and 3.0 remote denial of service exploit which consumes all available CPU via synflooding. To fix, update to the newest zonealarm and run windows update. http://packetstormsecurity.org/files/29927/anhttpd141c_exploit.java http://packetstormsecurity.org/files/29927/anhttpd141c_exploit.java http://packetstormsecurity.org/files/29927/anhttpd141c_exploit.java.html Tue, 22 Oct 2002 07:07:13 GMT AN HTTPD v1.30 to 1.41c remote heap overflow exploit written in java for Japanese Windows 2000 Pro (SP2). http://packetstormsecurity.org/files/29924/sendmail-8-11-x.c http://packetstormsecurity.org/files/29924/sendmail-8-11-x.c http://packetstormsecurity.org/files/29924/sendmail-8-11-x.c.html Tue, 22 Oct 2002 07:01:13 GMT Sendmail 8.11.x linux/x86 local root exploit. Uses gdb to find offsets. http://packetstormsecurity.org/files/29921/web602dos.pl http://packetstormsecurity.org/files/29921/web602dos.pl http://packetstormsecurity.org/files/29921/web602dos.pl.html Tue, 22 Oct 2002 06:52:53 GMT Web602 webserver remote denial of service exploit which uses the com1 windows flaw. http://packetstormsecurity.org/files/29920/web602dir.pl http://packetstormsecurity.org/files/29920/web602dir.pl http://packetstormsecurity.org/files/29920/web602dir.pl.html Tue, 22 Oct 2002 06:51:59 GMT Web602 (Czech version) directory tree exploit. http://packetstormsecurity.org/files/29897/bop.pl http://packetstormsecurity.org/files/29897/bop.pl http://packetstormsecurity.org/files/29897/bop.pl.html Mon, 21 Oct 2002 05:58:26 GMT PlanetDNS v1.14 remote buffer overflow exploit which sends 6K of data to port 80 of PlanetWeb. http://packetstormsecurity.org/files/29885/tomcat.dos.sh http://packetstormsecurity.org/files/29885/tomcat.dos.sh http://packetstormsecurity.org/files/29885/tomcat.dos.sh.html Thu, 17 Oct 2002 05:52:33 GMT Apache Tomcat 3.3 and 4.0.4 for Windows NT and 2000 remote denial of service exploit. Uses device names like AUX, LPT1, CON, and PRN to crash the server. http://packetstormsecurity.org/files/29884/kitkat.pl http://packetstormsecurity.org/files/29884/kitkat.pl http://packetstormsecurity.org/files/29884/kitkat.pl.html Thu, 17 Oct 2002 05:46:39 GMT Kitkat.pl exploits a directory traversal bug in webMathematica v1.0.0 and 1.0.0.1. http://packetstormsecurity.org/files/29872/GetAd.c http://packetstormsecurity.org/files/29872/GetAd.c http://packetstormsecurity.org/files/29872/GetAd.c.html Thu, 17 Oct 2002 02:51:13 GMT GetAd.c is a new Windows 2000 local exploit which gains Local System rights on Win2k SP1-3 be taking advantage of the NetDDE window of winlogon with a shatter attack. Binaries available here. http://packetstormsecurity.org/files/29866/gm011-ie.txt http://packetstormsecurity.org/files/29866/gm011-ie.txt http://packetstormsecurity.org/files/29866/gm011-ie.txt.html Thu, 17 Oct 2002 02:24:10 GMT Internet Explorer 5.5 SP2 and Internet Explorer 6 allow the oIFrameElement.Document reference to return a document with no security restrictions, allowing remote attackers to steal cookies from any site, gain access to content in sites (forging content), read local files and execute arbitrary programs on the client's machine. Exploit HTML included which reads the client's google.com cookie. IE6 SP1 is not affected. Four demonstration exploits are available here. http://packetstormsecurity.org/files/29864/neuter.c http://packetstormsecurity.org/files/29864/neuter.c http://packetstormsecurity.org/files/29864/neuter.c.html Tue, 15 Oct 2002 12:39:38 GMT Remote denial of service exploit that can be used against systems running Apache Tomcat (versions prior to 4.1.10) combined with IIS. http://packetstormsecurity.org/files/29861/analogx-socks4a.sballo.pl http://packetstormsecurity.org/files/29861/analogx-socks4a.sballo.pl http://packetstormsecurity.org/files/29861/analogx-socks4a.sballo.pl.html Mon, 14 Oct 2002 14:51:26 GMT This is an exploit for AnalogX Proxy 4.10 configurations running on Windows 2000 Pro (SP2). The exploit binds a shell to port 8008 TCP. http://packetstormsecurity.org/files/29852/mod_ssl-toolkit.tar.gz http://packetstormsecurity.org/files/29852/mod_ssl-toolkit.tar.gz http://packetstormsecurity.org/files/29852/mod_ssl-toolkit.tar.gz.html Thu, 10 Oct 2002 02:59:41 GMT Mod_ssl off-by-one bug exploitation toolkit for OpenBSD. Creates a malicious .htaccess file which replaces the apache server process with an included HTTP server. http://packetstormsecurity.org/files/29850/euxploit.zip http://packetstormsecurity.org/files/29850/euxploit.zip http://packetstormsecurity.org/files/29850/euxploit.zip.html Thu, 10 Oct 2002 02:51:04 GMT Remote exploit for the Eudora v5.x boundary buffer overflow. Works against Eudora v5.1 and 5.1.1 and is independent of Windows version. http://packetstormsecurity.org/files/29844/ChmOverflow.zip http://packetstormsecurity.org/files/29844/ChmOverflow.zip http://packetstormsecurity.org/files/29844/ChmOverflow.zip.html Thu, 10 Oct 2002 02:41:06 GMT Windows Help Buffer Overflow proof of concept remote exploit in Visual Basic 6. Starts a cmd.exe shell on Microsoft Windows XP Kernel Version 5.1.2600.0. Includes source. http://packetstormsecurity.org/files/29843/sortrace.c http://packetstormsecurity.org/files/29843/sortrace.c http://packetstormsecurity.org/files/29843/sortrace.c.html Thu, 10 Oct 2002 02:39:55 GMT Linux Traceroute v1.4a5 and below local root exploit which takes advantage of a malloc chunk vulnerability. Uses gdb to find offsets.