Files ≈ Packet Storm

Files ≈ Packet Storm Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 11:57:35 GMT Packet Storm 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1089977857&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fgroups%2Fshadowpenguin%2Funix-exploits%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1089977857.1338206255.1338206255.1338206255.1%3B%2B__utmz%3D32867617.1338206255.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) ex_inc.c http://packetstormsecurity.org/files/11378/ex_inc.c http://packetstormsecurity.org/files/11378/ex_inc.c http://packetstormsecurity.org/files/11378/ex_inc.c.html Thu, 25 Nov 1999 03:05:08 GMT ex_inc.c exploits a bounds checking error in /usr/jp/bin/mh/inc which was distributed with the mh-6.8.3 package. Local root compromise. ex_bbc.c http://packetstormsecurity.org/files/11379/ex_bbc.c http://packetstormsecurity.org/files/11379/ex_bbc.c http://packetstormsecurity.org/files/11379/ex_bbc.c.html Thu, 25 Nov 1999 03:00:00 GMT ex_bbc.c exploits a bounds checking error in /usr/jp/bin/mh/bbc which was distributed with the mh-6.8.3 package. Local root compromise. ex_kcms_configure86.c http://packetstormsecurity.org/files/11355/ex_kcms_configure86.c http://packetstormsecurity.org/files/11355/ex_kcms_configure86.c http://packetstormsecurity.org/files/11355/ex_kcms_configure86.c.html Thu, 25 Nov 1999 03:00:00 GMT kcms_configure has a overflow bug with "-P" option and it has been reported(107339-01). But this program has another hole. This hole has not been not reported, and the paches are not published at this time. kcms_configure overflows if long string is specified in NETPATH environment, and it is exploitable. I have included an exploit for Solaris7 intel edition to obtain root privilege. ex_kcms_configuresp.c http://packetstormsecurity.org/files/11290/ex_kcms_configuresp.c http://packetstormsecurity.org/files/11290/ex_kcms_configuresp.c http://packetstormsecurity.org/files/11290/ex_kcms_configuresp.c.html Thu, 25 Nov 1999 03:00:00 GMT The vulnerability in kcms_configure also exists in Solaris 2.6 and 2.7 sparc edition. Exploit included. ex_mailtool.c http://packetstormsecurity.org/files/11354/ex_mailtool.c http://packetstormsecurity.org/files/11354/ex_mailtool.c http://packetstormsecurity.org/files/11354/ex_mailtool.c.html Thu, 25 Nov 1999 03:00:00 GMT The mailer programs (mailtool and dtmail) and mail message print filter (dtmailpr) which are installed on Solaris7 have exploitable buffer overflow bugs. These programs are sgid (mail group) programs, local user can obtain mail group. The mail files are generated with 660 permission, so any user can read/write other user's mail files. I coded the exploits to get mail gid(egid=6). There are for Intel Solaris7. There are same kind of problems on Sparc Solaris7 and Solaris2.6 (Intel,Sparc). ex_admintool.c http://packetstormsecurity.org/files/16350/ex_admintool.c http://packetstormsecurity.org/files/16350/ex_admintool.c http://packetstormsecurity.org/files/16350/ex_admintool.c.html Fri, 05 Nov 1999 22:24:09 GMT Admintool local root exploit for Solaris2.6/7 Sparc machines. ex_canuum.c http://packetstormsecurity.org/files/16354/ex_canuum.c http://packetstormsecurity.org/files/16354/ex_canuum.c http://packetstormsecurity.org/files/16354/ex_canuum.c.html Fri, 05 Nov 1999 22:24:09 GMT Local root exploit code for buffer overflow in canuum for Japanese Linux. ex_libc.c http://packetstormsecurity.org/files/16351/ex_libc.c http://packetstormsecurity.org/files/16351/ex_libc.c http://packetstormsecurity.org/files/16351/ex_libc.c.html Fri, 05 Nov 1999 22:24:09 GMT Exploit code for Solaris 2.6, 2.7 (sparc) libc/LC_MESSAGES buffer overflow that results in root compromise. ex_sdtcm_convert.c http://packetstormsecurity.org/files/16352/ex_sdtcm_convert.c http://packetstormsecurity.org/files/16352/ex_sdtcm_convert.c http://packetstormsecurity.org/files/16352/ex_sdtcm_convert.c.html Fri, 05 Nov 1999 22:24:09 GMT Local root exploit for buffer overflow condition in sdtcm_convert, for Solaris Sparc machines. ex_sdtcm_convert86.c http://packetstormsecurity.org/files/16353/ex_sdtcm_convert86.c http://packetstormsecurity.org/files/16353/ex_sdtcm_convert86.c http://packetstormsecurity.org/files/16353/ex_sdtcm_convert86.c.html Fri, 05 Nov 1999 22:24:09 GMT Local root exploit for buffer overflow condition in sdtcm_convert, for Solaris x86 machines. ex_uum.c http://packetstormsecurity.org/files/16355/ex_uum.c http://packetstormsecurity.org/files/16355/ex_uum.c http://packetstormsecurity.org/files/16355/ex_uum.c.html Fri, 05 Nov 1999 22:24:09 GMT Local root exploit code for buffer overflow in uum for Japanese Linux.