A basic backdoor program, but with a couple of neat features that "secure" the backdoor from being widely misused.
ef80817db5632b4c4ce350529db9e9aeb2d87a07cc3242b67845fbac55cef45eSecurity hole in the pop2 daemon packaged with imap-4.4 and earlier releases allows remote attacker to gain shell access as user 'nobody'. Solution: Upgrade to imap-4.5.
cfadeca3ce1251f5c1cfbc32ae8edba06d169aafe6d16eb6620aa93bd8603f9bProof of concept exploit code that effectively demonstrates how the time() system call can be faked via procfs on Solaris. Numerous security implications.
50bb9ae8cef0621856f0a5673ed2191194bccb5e3eb6f4733d0446d5c62db3a9Another Coldfusion exploit scanner, but this version scans entire subnets and is much faster than other Coldfusion exploit scanners. Excellent platform portability and clean, fresh code.
70a641cb517c84495a263eb5c9e291b99beabbb498337dccd5aa11982ebb6b80"Exploiting Windows NT 4 Buffer Overruns - A Case Study: RASMAN.EXE" - excellent paper that details how to exploit Windows NT buffer overflows. Proof of concept exploit code and step-by-step exploit instructions included.
f5fd6b38305845ad79b167c9c4b204b8648c758d5cfc4cf8bb4fc8696262a445Simple, but useful, code snippet that uses ptrace() to intercept and modify the return value of a system call.
4b11cdaa196778252b1a0065d37767750e2789ab54faf5e34f21ef7384382cf5May SANS Security Digest Vol.3 Num.5 - the latest issue of the excellent, comprehensive SANS Security Digest, with information regarding Intrusion Detections and security issues and general info for all major operating systems. SANS
8bc0349eb5f8391bc179497dee82698e4b0aa0e0cc3953c654762aed0fbf68e3Shockwave v1.2 sends random data to random ports on a remote host at a very fast rate, disconnecting targeted remote hosts from ICQ/IRC servers, lagging remote machines, rendering dialup connections useless.
600c57d50583f8bcca2ec68ff8925d828cf9f4593aeb0e146020394ab1667dadShockwave v1.1 is a Denial of Service program that sends random data to random ports on a remote host at a very fast rate. For Windows.
badbb538960c333225da206009cc503dbe1f83d3010900648e4ee735dc4907cfshowcode is a vulnerability scanner that checks for the Microsoft IIS 4.0 showcode.asp vulnerability. Optionally scans entire subnets.
bd7b50a1e093ae9be812832ef7110674f782cce124e9b0d3ebf6971c54869d03Description of SunOS 5.7 rmmount exploit that allows local user to gain root privileges.
1c8000a8338ad043357d3c695a1170b2629a79bceb92c272302b6e929f3fdd8aWhen installed under certain common conditions, a security bug in sshd allows any user to easily gain root access.
ac8ea21086f248fe212f6d9c97bfa9823fade62b29e76bbdfd985b4b3eaa5f36Vulnerabilities in Sun Solaris 2.6 SNMP - excellent whitepaper that details security vulnerabilities in Sun's implementation of SNMP, with several exploit descriptions included. One of those "must read" documents for any Sun/Solaris admin.
af8f02a96f68f3094f81a9bf39872f293d1cbb6c1c5001bf27a468fa2e7f57caBrief description of the lpset buffer overflow present in Solaris 2.6 (x86).
04c7879d68dbf545800fd1bbd80493a87d5865c604492d6e951798961d6b9aadSun Microsystems SunSolve Online knowledge database allows malicious users to access privileged information, such as password files and network configurations, about other customers.
0a3bb64ba2c11c63893be8eee868b3b2a0cc43c09ad361fab4244af9c776c5b9Buffer overflow in tcsh can potentially result in root compromise.
0535f1dababab97e1c288e506c7850d7b4d287dfc34694cfb4fc43249a2d8356tmp-racer is a shell script that exploits programs that make insecure uses of /tmp.
99cd1d1f8067b36cc4cd7c27c668fdbd2663f2f6cef3eba89c8800e7e57fa1bcAnother remote/local root exploit for wu-ftpd [12] through [18]. Featured in b4b0 #7, coded by smiler and cossack.
b07ed8f9491a10012ed3b264479acb7ec53c9e9345a97b05bae7b4a4abdcd060Buffer overflow in SmartDesk WebSuite v2.1 for Windows 98/NT allows remote attacker to execute denial of service attacks, crashing the SDWEBSRV.EXE server.
c2577e6ca6cb18a3a4a24c93809ae56584b86bd9c80cd44a7c13e0a580c8ac61Exploit code and detailed analysis of the Winhlp32.exe buffer overrun. Source code for Windows NT exploit program included.
5ada3409d824fe92b4b7dc8c2680b3a9cca11f1b0c0f7dd5ccdf14368bea1191Buffer overflow in the WinAMP Windows sound player allows remote attacker to launch simple denial of service attacks that crash WinAMP.
fba27144ec67d704c742b4053217af504fcb6f83072958d7848afbf8c4215156Details of the very weak encryption used by Windows applications, and a couple of good tips about ways to increase password security. Probably nothing new here for the veteran NT admin, but well worth reading if you use Win32 at all.
2dd4a057e2dada06f9bd4c26aacc631051dcfd6afc0aa8b18419ca6e86779733Compiled exploit code for Windows NT Winhlp32.exe buffer overrun condition.
391e552b0213d8963f9635fa9350a9e550fcd58814c6d5ebf5e15ba2f8115bd2The Freedom privacy software by Zero-Knowledge Systems is vulnerable to a practical attack, described by Wei Dai, that reveals the supposedly anonymous routes used by the ZKS Freedom software user. In other words, the use of only link padding (ZKS uses no end-to-end padding) means that ZKS Freedom actually provides no security or privacy at all for the end user.
58a9db313bfce345ac548311bcc9790cd8014f0802cf762b4dc7e4eb6128f4b7New Denial of Service suite that utilizes Back Orifice servers to launch very effective "spoofed" smurf-like attacks with malformed packets and a very impressive amplification ratio.
f7734d4876141f17b8d3a8d7cb53270036699186d63d4f46c2f3eb2a40b3585b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed