exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 52 RSS Feed

Files Date: 2004-08-26

aircrack-1.4.1.tgz
Posted Aug 26, 2004
Authored by Christophe Devine

Aircrack is an 802.11 WEP cracking program that can recover a 40-bit or 104-bit WEP key once enough encrypted packets have been gathered. It implements the standard FMS attack along with some optimizations, thus making the attack much faster compared to other WEP cracking tools.

Changes: Fixed check_wepkey, works with exotic LLC headers. Airodump prints lots of information, Kismet-style.
tags | tool, wireless
SHA-256 | 08ce1933ec71141f052a7f77ac681dda21a4003b158b9f4b74133a6526e981fa
gaucho140poc.cpp.txt
Posted Aug 26, 2004
Authored by Tan Chew Keong | Site security.org.sg

Exploit that simulates POP3 server which sends a specially crafted email to a vulnerable Gaucho email client, triggering an overflow and binding a shell on port 2001. Version 1.4 build 145 is susceptible.

tags | exploit, overflow, shell
SHA-256 | c8e97e6293220ffcd697f03cd1b7f766ea7557076534f67514f931b5f9a45e9f
gaucho140.html
Posted Aug 26, 2004
Authored by Tan Chew Keong | Site security.org.sg

Gaucho version 1.4 Build 145 is vulnerable to a buffer overflow when receiving malformed emails from a POP3 server. This vulnerability is triggered if Gaucho receives from the POP3 server, a specially crafted email that has an abnormally long string in the Content-Type field of the email header. This string will overwrite EIP via SEH, and can be exploited to execute arbitrary code.

tags | advisory, overflow, arbitrary
SHA-256 | bad2f2ceea309c37340f7b2126c6ee4bfceb4e9ad6e52b92245fda99089f03fc
weplab-0.0.8-beta-win32_01.zip
Posted Aug 26, 2004
Authored by topolb | Site sourceforge.net

Weplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. Several attacks are available to help measure the effectiveness and minimum requirements necessary to succeed.

Changes: Windows port. It requires Cygwin1.dll and winpcap dlls.
tags | tool, wireless
SHA-256 | 1f65381465078afd9c615334236d77efec14b05790398ba0e229dea8c97e0cd5
WifiScanner-0.9.5.tar.gz
Posted Aug 26, 2004
Site wifiscanner.sourceforge.net

WifiScanner is an analyzer and detector of 802.11b stations and access points which can listen alternatively on all the 14 channels, write packet information in real time, search access points and associated client stations, and can generate a graphic of the architecture using GraphViz. All network traffic may be saved in the libpcap format for post analysis. It works under Linux with a PrismII card and with the linux-wlan driver.

Changes: No more dependencies. Various support additions.
tags | tool, wireless
systems | linux
SHA-256 | 73e3f236262f4aca005f31b5e7e3545e7fc2dfde57fd26bdd55412c3967175ab
Cisco Security Advisory 20040825-acs.shtml
Posted Aug 26, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory: Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) provide authentication, authorization, and accounting (AAA) services to network devices such as a network access server, Cisco PIX and a router. This advisory documents multiple Denial of Service (DoS) and authentication related vulnerabilities for the ACS Windows and the ACS Solution Engine servers.

tags | advisory, denial of service, vulnerability
systems | cisco, windows
SHA-256 | 6d030f78d216fb45b19f09f3821fa9cf7f724e6ed2a399b433e61b09fafd0dcc
winampExploit.txt
Posted Aug 26, 2004
Site k-otik.com

Exploit that was found in the wild by k-otik.com that makes use of the Winamp vulnerability where insufficient restrictions on Winamp skin zip files (.wsz) allow a malicious attacker to place and execute arbitrary programs on a victim's system.

tags | exploit, arbitrary
SHA-256 | 934ebde8434dd87a7cb361dbd695702d9dcbc47d07cdbc24edc7fa476d234f04
realvncDoS.txt
Posted Aug 26, 2004
Authored by Allan Zhang

RealVNC versions 4.0 and below will crash if more than 60 connections get opened to the server.

tags | denial of service
SHA-256 | 4cbd07d2de61806af50567af1cffc65ae403562ad36a20f536da7a1f9217ff35
iDEFENSE Security Advisory 2004-08-25.2
Posted Aug 26, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 08.25.04-2 - Exploitation of a buffer overflow in the libDtHelp library included with CDE can allow local attackers to gain root privileges. The vulnerability specifically exists due to a lack of bounds checking on the LOGNAME environment variable. Local attackers can specify a long LOGNAME to trigger a buffer overflow in any application linked with libDtHelp. The overflow is activated once the help subsystem is accessed by selecting any option under the Help menu.

tags | advisory, overflow, local, root
advisories | CVE-2003-0834
SHA-256 | 4e0aced12468daa1bd790fda025e6ae00229c6c766c04cbfdc46ea9ccbd789c1
iDEFENSE Security Advisory 2004-08-25.t
Posted Aug 26, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 08.25.04 - Remote exploitation of a buffer overflow vulnerability in Ipswitch Inc.'s WhatsUp Gold allows attackers to execute arbitrary code under the privileges of the user that instantiated the application. The problem specifically exists in the _maincfgret.cgi script accessible through the web server installed by WhatsUp Gold. By posting a long string for the value of 'instancename', a buffer overflow occurs allowing an attacker to redirect the flow of control and eventually execute arbitrary code. Fixed in version 8.03 Hotfix 1.

tags | advisory, remote, web, overflow, arbitrary, cgi
advisories | CVE-2004-0798
SHA-256 | 0ea91303c6cef00a91d278839e653ac5d8f44462a6f9b9b03560ebc10458660d
IRM Security Advisory 10
Posted Aug 26, 2004
Authored by IRM Research | Site irmplc.com

IRM Security Advisory 010 - A bug exists in the Top Layer Attack Mitigator IPS 5500 software. In versions below 3.11.014, it can cause the IPS 5500 device to incorrectly enter an overload protection mode and negatively impact network traffic. In extreme cases, this can cause a denial of service condition. More than 2,000 concurrent HTTP requests can cause this condition to occur.

tags | advisory, web, denial of service
SHA-256 | 5fd5787749f2eb3da4b51617b7ecc4d5d1a285bb60b1a0746a2fcaa7b0f99339
Secunia Security Advisory 12368
Posted Aug 26, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sourvivor has reported a vulnerability in Plesk 7.x, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 4dcd2975870569afa4cadc62d4e5c9f43388c8204eccef813329b8fbf451da5d
gmailSurf.txt
Posted Aug 26, 2004
Authored by Punabi MC

Poor variable sanitization in Google's GMail system allows users to surf anonymously.

tags | exploit
SHA-256 | 355bf8ddaa8226ffb0284f2b492e6d9f615dda011ccb317322ec9e1376e3f79d
Secunia Security Advisory 12379
Posted Aug 26, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ISS X-Force has reported a vulnerability in the NSS library included with various Netscape products, which can be exploited by malicious people to compromise a vulnerable system. Affected systems: Netscape Enterprise Server, Netscape Personalization Engine, Netscape Directory Server, Netscape Certificate Management System. Editor's Note: This advisory was posted because ISS refuses to grant Packet Storm permission to add their advisories.

tags | advisory
SHA-256 | a797eec259e149f15aa9e11995070349552e10f884bb788579738ede2148e430
Secunia Security Advisory 12378
Posted Aug 26, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ISS X-Force has reported a vulnerability in the NSS library included with Sun Java System Web Server, which can be exploited by malicious people to compromise a vulnerable system. System affected: Sun Java System Web Server (Sun ONE/iPlanet) 6.x. Editor's Note: This advisory was posted because ISS refuses to grant Packet Storm permission to add their advisories.

tags | advisory, java, web
SHA-256 | 78ccd3aaf212c484b45d7cb421cd19bccfa5557bd78795ee4c2a562eba4f2d7a
Secunia Security Advisory 12374
Posted Aug 26, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ignitionServer, which can be exploited by malicious people to cause a DoS (Denial of Service) on vulnerable systems. The vulnerability is caused due to insufficient restrictions on the SERVER command. The command is designed for server to server communication, but can be exploited by clients to introduce non-existing servers to the network. This can further be exploited to cause a DoS by introducing multiple servers, which can potentially flood the network. The vulnerability reportedly affect versions 0.1.2 through 0.3.1.

tags | advisory, denial of service
SHA-256 | 5152ff943389a15abfd3eaec1d413ffe8878ade13f23e88ee36889021e6c7d42
md5_cracker.pl
Posted Aug 26, 2004
Authored by bima tampan

Simple md5 hash dictionary cracking utility.

tags | cracker
SHA-256 | 76289551e589f0cee24b57263f994d65a5a95bf42f6cbc01e0e4369506301655
rediffnewreport.txt
Posted Aug 26, 2004
Authored by Gregory R. Panakkal

Multiple filter bypass vulnerabilities have been discovered in rediffmail.com.

tags | advisory, vulnerability
SHA-256 | 60835bc34e6715cb1ccaea02926f87509ad74ac27b49ff275d9a0384cbfbcad7
outlookNoBCC.html
Posted Aug 26, 2004
Site support.microsoft.com

E-mail recipients who are listed in the BCC box can be viewed by e-mail recipients who are listed in the To and CC boxes when you send a multi-part e-mail message by using Outlook Express 6.0

tags | advisory
SHA-256 | a3e2886d907651ad76611dcdbb2ab55198ef903ff5a237fd417cea52d0e01890
networkEverywhere.txt
Posted Aug 26, 2004
Authored by Mathieu Lacroix

NetworkEverywhere router Model NR041 suffers a script injection over DHCP vulnerability. Full exploitation provided.

tags | exploit
SHA-256 | 903895276da12171f8f6bee9fb35c1e69c16fb6918d5717dc4151e19c8021390
Next Generation Security Advisory 2004.7
Posted Aug 26, 2004
Authored by FJ Serna, NGSSoftware | Site ngsec.com

Next Generation Advisory NGSEC-2004-7 - NtRegmon, the Registry monitoring utility for Windows, suffers from an unvalidated pointer referencing. While any privileged user is using NtRegmon, any local and unauthorized user can crash the system. Versions below 6.12 are susceptible.

tags | advisory, local, registry
systems | windows
SHA-256 | 25183dcc3f859b4639c3d21491f15da6b81da0e387b46e9c99dcf6f07cb351fa
entrust-sgs20-readme.txt
Posted Aug 26, 2004

The Model 5400 Series Symantec Gateway Security 2.0 has released hotfixes that address the denial of service attack issue reported against isakmpd.

tags | advisory, denial of service
advisories | CVE-2004-0369
SHA-256 | deffa512afcdbd22f1b06b95302cfb62e4a31cd4a5998bed1edad3270d8d4f09
entrust-sgs10-readme.txt
Posted Aug 26, 2004

Symantec Gateway Security 1.0 has released hotfixes that address the denial of service attack issue reported against isakmpd.

tags | advisory, denial of service
advisories | CVE-2004-0369
SHA-256 | a44b2ae4b9fc7e3ebb3e0ca8d8c5aea506b43f951e09cb26876406012635b62c
entrust-vr15-readme.txt
Posted Aug 26, 2004

Symantec VelociRaptor 1.5 has released hotfixes that address the denial of service attack reported against isakmpd.

tags | advisory, denial of service
advisories | CVE-2004-0369
SHA-256 | 7c12070c1f88045cc5dc5d0c7a4b1f44d0dfcfc6aa7c843223410dd5a8a8ad4c
loginject.c
Posted Aug 26, 2004
Authored by Tal0n

loginject is a Syslog message injector.

tags | system logging
systems | unix
SHA-256 | 83a2a25125e17e3d3927a4705739122d03d904fd4cfd7fe52c0043c06aa369cd
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close