Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 08:20:24 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1045074330&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F9906-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1045074330.1338193224.1338193224.1338193224.1%3B%2B__utmz%3D32867617.1338193224.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/11769/cognos.powerplay.txt http://packetstormsecurity.org/files/11769/cognos.powerplay.txt http://packetstormsecurity.org/files/11769/cognos.powerplay.txt.html Tue, 17 Aug 1999 00:00:40 GMT Cognos PowerPlay Web Edition software for Microsoft NT Server contains a security vulnerability in which unauthenticated web users can access cube data. Negative vendor response. 8.688 kb. http://packetstormsecurity.org/files/11780/h-thief.txt http://packetstormsecurity.org/files/11780/h-thief.txt http://packetstormsecurity.org/files/11780/h-thief.txt.html Tue, 17 Aug 1999 00:00:40 GMT Security vulnerability in the customer web interface at hustler.com allows malicious attacker to hijack any user accounts, and gain access to credit card and personal information. HTML exploit template included. 1.730 kb. http://packetstormsecurity.org/files/11756/hackasite1.zip http://packetstormsecurity.org/files/11756/hackasite1.zip http://packetstormsecurity.org/files/11756/hackasite1.zip.html Tue, 17 Aug 1999 00:00:40 GMT Hack-A-Site I. A detailed kit on how to hack an Microsft IIS Server using the eEye exploit. http://packetstormsecurity.org/files/11781/hhp-pine_adv0004.txt http://packetstormsecurity.org/files/11781/hhp-pine_adv0004.txt http://packetstormsecurity.org/files/11781/hhp-pine_adv0004.txt.html Tue, 17 Aug 1999 00:00:40 GMT The Pine MUA up to and including v4.10 contains a security hole that allows a malicious remote attacker to potentially execute arbitrary code, resulting in possibility of root compromise. Exploit code included. http://packetstormsecurity.org/files/11788/ipop2d.txt http://packetstormsecurity.org/files/11788/ipop2d.txt http://packetstormsecurity.org/files/11788/ipop2d.txt.html Tue, 17 Aug 1999 00:00:40 GMT exploit for ipop2 daemons shipped with the imap-4.4 package; remote attackers can spawn a shell with uid of user "nobody". 3.060 kb. http://packetstormsecurity.org/files/11791/killmod-0.69.lsm http://packetstormsecurity.org/files/11791/killmod-0.69.lsm http://packetstormsecurity.org/files/11791/killmod-0.69.lsm.html Tue, 17 Aug 1999 00:00:40 GMT LSM to kill modems using +++ATH0. http://packetstormsecurity.org/files/11792/killmod-0.69.tar.gz http://packetstormsecurity.org/files/11792/killmod-0.69.tar.gz http://packetstormsecurity.org/files/11792/killmod-0.69.tar.gz.html Tue, 17 Aug 1999 00:00:40 GMT killmod.php3 is a php front end that calls a simple shell script (killmod.sh) that allows you to use the +++ath0 bug to hang up older modems. http://packetstormsecurity.org/files/11793/ksrt.accelerated-x.bof.txt http://packetstormsecurity.org/files/11793/ksrt.accelerated-x.bof.txt http://packetstormsecurity.org/files/11793/ksrt.accelerated-x.bof.txt.html Tue, 17 Aug 1999 00:00:40 GMT Security vulnerability in Xi Graphics, Inc.'s Accelerated-X Server 4.x, 5.x (and possibly earlier versions) allows local users to gain administrative privileges by exploiting multiple buffer overflows in the Accelerated-X X server. http://packetstormsecurity.org/files/11797/ls0f.c http://packetstormsecurity.org/files/11797/ls0f.c http://packetstormsecurity.org/files/11797/ls0f.c.html Tue, 17 Aug 1999 00:00:40 GMT lsof 4.40 exploit, local root compromise. 0.901 kb. http://packetstormsecurity.org/files/11804/ms.outlook.DoS.txt http://packetstormsecurity.org/files/11804/ms.outlook.DoS.txt http://packetstormsecurity.org/files/11804/ms.outlook.DoS.txt.html Tue, 17 Aug 1999 00:00:40 GMT Microsoft Outlook (all versions) does not properly handle X-UIDL: headers in email, resulting in the potential for denial of service attacks against MS Outlook users. Exploit details and patch included. http://packetstormsecurity.org/files/11813/netscape.js.table.dos.txt http://packetstormsecurity.org/files/11813/netscape.js.table.dos.txt http://packetstormsecurity.org/files/11813/netscape.js.table.dos.txt.html Tue, 17 Aug 1999 00:00:40 GMT HTML parsing bug in all versions of Netscape Communicator 4.x allows malicious web master to crash your browser using JavaScript. 1.269 kb. http://packetstormsecurity.org/files/11828/retina.vs.iis4-round2-the.brain.txt http://packetstormsecurity.org/files/11828/retina.vs.iis4-round2-the.brain.txt http://packetstormsecurity.org/files/11828/retina.vs.iis4-round2-the.brain.txt.html Tue, 17 Aug 1999 00:00:40 GMT Detailed description of the Brain File used to uncover the eEye NT4+IIS4 URL buffer overflow remote exploit. http://packetstormsecurity.org/files/11829/retina.vs.iis4-round2-the.exploit.txt http://packetstormsecurity.org/files/11829/retina.vs.iis4-round2-the.exploit.txt http://packetstormsecurity.org/files/11829/retina.vs.iis4-round2-the.exploit.txt.html Tue, 17 Aug 1999 00:00:40 GMT Details about how and why the eEye NT4+IIS4 URL buffer overflow remote exploit hole was exploited and released. http://packetstormsecurity.org/files/11830/retina.vs.iis4-round2.txt http://packetstormsecurity.org/files/11830/retina.vs.iis4-round2.txt http://packetstormsecurity.org/files/11830/retina.vs.iis4-round2.txt.html Tue, 17 Aug 1999 00:00:40 GMT General description of the eEye NT4+IIS4 URL buffer overflow remote exploit. http://packetstormsecurity.org/files/11831/rpc.statd.automountd.bounce.txt http://packetstormsecurity.org/files/11831/rpc.statd.automountd.bounce.txt http://packetstormsecurity.org/files/11831/rpc.statd.automountd.bounce.txt.html Tue, 17 Aug 1999 00:00:40 GMT Older versions of rpc.statd and automountd for various platforms allow remote attackers to execute arbitrary commands and gain root privileges. Sun patches available. http://packetstormsecurity.org/files/11757/SDI-pop2.c http://packetstormsecurity.org/files/11757/SDI-pop2.c http://packetstormsecurity.org/files/11757/SDI-pop2.c.html Tue, 17 Aug 1999 00:00:40 GMT Exploit code for remote ipop2d security vulnerability that gives attacker a shell as user 'nobody'. http://packetstormsecurity.org/files/11832/shadow.passwds.txt http://packetstormsecurity.org/files/11832/shadow.passwds.txt http://packetstormsecurity.org/files/11832/shadow.passwds.txt.html Tue, 17 Aug 1999 00:00:40 GMT shadow-980724 contains a security bug when used with '-p passwd' option, such that passwords are not encrypted. Solution: upgrade to shadow-19990607 or later. http://packetstormsecurity.org/files/11833/shadow.root.uid.65536.txt http://packetstormsecurity.org/files/11833/shadow.root.uid.65536.txt http://packetstormsecurity.org/files/11833/shadow.root.uid.65536.txt.html Tue, 17 Aug 1999 00:00:40 GMT shadow-19990307 contains security bug that allows new user with UID 65536 to gain root access, without being logged at all, and with ability to bypass /etc/securetty restrictions. http://packetstormsecurity.org/files/11834/smbval.library.bof.txt http://packetstormsecurity.org/files/11834/smbval.library.bof.txt http://packetstormsecurity.org/files/11834/smbval.library.bof.txt.html Tue, 17 Aug 1999 00:00:40 GMT Exploitable buffer overflows in the smbval library leave numerous systems open to local and remote attacks that can potentially result in root compromise. http://packetstormsecurity.org/files/11836/solaris.2.5.su.expect.txt http://packetstormsecurity.org/files/11836/solaris.2.5.su.expect.txt http://packetstormsecurity.org/files/11836/solaris.2.5.su.expect.txt.html Tue, 17 Aug 1999 00:00:40 GMT Sun Solaris 2.5 and earlier contain security hole in the 'su' program that allows scripted brute force attacks on the superuser password without the attacker being logged. Exploit script (coded in Expect) and detailed description included. http://packetstormsecurity.org/files/11835/ssh-2.0.12.brute.force.txt http://packetstormsecurity.org/files/11835/ssh-2.0.12.brute.force.txt http://packetstormsecurity.org/files/11835/ssh-2.0.12.brute.force.txt.html Tue, 17 Aug 1999 00:00:40 GMT ssh-2.0.12 allows remote attacker to verify userids. http://packetstormsecurity.org/files/11837/su%2Bpam.redhat.txt http://packetstormsecurity.org/files/11837/su%2Bpam.redhat.txt http://packetstormsecurity.org/files/11837/su-pam.redhat.txt.html Tue, 17 Aug 1999 00:00:40 GMT Red Hat PAM version of the 'su' utility allows any local user to easily brute force the superuser (root) password with fast scripted (automated) attacks, avoiding all logging via syslog too. http://packetstormsecurity.org/files/11838/sudo.info.txt http://packetstormsecurity.org/files/11838/sudo.info.txt http://packetstormsecurity.org/files/11838/sudo.info.txt.html Tue, 17 Aug 1999 00:00:40 GMT Sudo v1.5.6p2-2, a program that provides limited superuser privileges, does not properly handle improper file access attempts, revealing information about file existence. http://packetstormsecurity.org/files/11839/sun.cc.compiler.txt http://packetstormsecurity.org/files/11839/sun.cc.compiler.txt http://packetstormsecurity.org/files/11839/sun.cc.compiler.txt.html Tue, 17 Aug 1999 00:00:40 GMT "Big Brother" feature that sends lists of your C compiler commands to "ut-cc@sunpro.Eng.Sun.COM" exists in alpha and beta versions of Sun's SUNWspro C compiler package. http://packetstormsecurity.org/files/11840/sun.sendmail.security.txt http://packetstormsecurity.org/files/11840/sun.sendmail.security.txt http://packetstormsecurity.org/files/11840/sun.sendmail.security.txt.html Tue, 17 Aug 1999 00:00:40 GMT Time to upgrade your Sun 5.5.1 and 5.6 sendmail software to version 8.8.8. Sun describes it as "taking advantage of new security enhancements"; I call it "plugging all the security holes in v8.6.9". :)