Local vulnerability in Solaris mailtool(1) - /usr/openwin/bin/mailtool on Solaris 8 (x86 and sparc) contains a local buffer overflow vulnerability. By specifying a long environment buffer containing machine executable code, it is possible to execute arbitrary command(s) as gid mail.
28123a605ca63233f3753280128acfc9dae8cb526852a55c509794079049a661FreeBSD 3.5.1 and 4.2 ja-elvis and ko-helvis (ports packages) local root exploit. Both come with a utility called elvrec that is installed suid root by default.
7c88100f599842056224afe39698572f91d9ba0b60da1ce3bee4d4c02ae4b7e3FreeBSD X key lock (xklock) v2.7.1 and below local root exploit - Tested on FreeBSD ports collection v3.5.1 and v4.2.
c4dd124149e7e5bf8e081992f5222838ea736a6a2d2fb554c015d78b41490b57Dc20ctrlex.perl is a FreeBSD 3.x/4.X /usr/local/bin/dc20ctrl local exploit which gives egid=dialer or root on non-freebsd systems. Tested against FreeBSD 4.2.
0ee7eafa568512a4b7334811bc84051fe517eb7fd32f411ca85392498b9a8296Advanced Host Detection - Techniques To Validate Host-Connectivity. Security Engineers spend a tireless amount of effort to block and filter packet anomalies in an internetwork connected environment. Advanced host mapping bypasses many forms of intrusion detection systems, filters, and routers, essentially enabling an attacker to map and discover previously unknown firewalled hosts. Also available in TXT form.
bcd0ca5e08abcf9b92576d7bbdfe79270109a9dc5685889090c874ac94464ac1Advanced Host Detection - Techniques To Validate Host-Connectivity. (PDF) Security Engineers spend a tireless amount of effort to block and filter packet anomalies in an internetwork connected environment. Advanced host mapping bypasses many forms of intrusion detection systems, filters, and routers, essentially enabling an attacker to map and discover previously unknown firewalled hosts. Also available in DOC form.
6dddf484c6959f1f4a3b6533132356f04a4ea4c299828360d6ea8137831b6ef4Advanced Host Detection - Techniques To Validate Host-Connectivity. Security Engineers spend a tireless amount of effort to block and filter packet anomalies in an internetwork connected environment. Advanced host mapping bypasses many forms of intrusion detection systems, filters, and routers, essentially enabling an attacker to map and discover previously unknown firewalled hosts. Also available in DOC form.
c637cd2c806c90bbcf3e707e1c72035f73fcc09ee0e3815a1797cf12bc6a9636Examining port scan methods - Analyzing Audible Techniques. This paper attempts to enumerate a variety of ways to discover and map internal/external networks using signature-based packet replies and known protocol responses when scanning. Specifically, this document presents all known techniques used to determine open/closed ports on a host and ways an attacker may identify the network services running on arbitrary servers. Text version available here.
22abdfcab10f441e0501420efec15d503b45b165a5be82400b3e1e96c014b32cExamining port scan methods - Analyzing Audible Techniques. This paper attempts to enumerate a variety of ways to discover and map internal/external networks using signature-based packet replies and known protocol responses when scanning. Specifically, this document presents all known techniques used to determine open/closed ports on a host and ways an attacker may identify the network services running on arbitrary servers.
4fd4b2bbef21c64d1c9c2fdebd6a48b8ea628ca311becdf898a6cf1dbfc00282The Importance of Bug Testing - Includes discussion of alpha / beta releases, the importance of bug testing, software development goals, software testing strategies, functional prototypes, designing test sets, defect testing, acceptance testing, and structural prototypes.
8bc6adbc535cfdd7f4e996480e70c7cd1a8990ed92f93b47763a32b051f2ba6eSynnergy Laboratories Advisory SLA-2000-14 - The BSD/Linux telnet client has a stack overflow which is not usually a security problem, except in the case of a restricted shell environment which allows users to set environment variables and run telnet. Perl proof of concept exploit included.
edc44b44131a6f19bee4f950cce7723477469f167ee3406d25923487214db406Sambar Server 4.4 Beta 3 and below for WinNT, Win95 OSR2, (possibly Linux affected) contains a vulnerability which allows remote users to browse the filesystem of the webserver. Fix available here.
682efe87f41f4ff59f349e51db891761fcbe069277019c774fc845c93fc2a01dTYPSoft FTP Server 0.78 for Windows 9X and WinNT is vulnerable to a denial of service attack. Sending a long user or pass commands causes the server to hang and increase system resources. Perl exploit included.
6290ed9092ce73d9e92df721518efe218bf3ccf081ac7b79d93e84f30cccd104Darxite, a daemon that retrieves files via FTP or HTTP, has several vulnerabilities throughout the code that allow a local/remote user to crash the servers, as well as a passwd authentication remote overflow, allowing remote shell access as the uid of the darxite daemon. Exploit and advisory included. Tested against Linux x86 systems.
2c5a17a7af5e62b8c35d708754842d9f6d13efbcd99d19896e60c3d9ca6f3760Local exploit for Linux Mandrake 7.0's wmcdplay 1.0 beta 1. Unlike the Teso exploit for wmcdplay, this code exploits the -position argument.
eed00eb19c97858a9e3a92302523c50bd3259f79d45239243286e9ab1b43681fDelegate 5.9.0 remote exploit for FreeBSD 3.2.
c8b15f8cc3129759828d662578ab2d94ba4d1d03a02a5fce93716cbfba60a526
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed