Files from Xpl017Elz ≈ Packet Storm

Channel: Files from Xpl017Elz ≈ Packet Storm

a-WsMPdvuln.txt

May 23, 2003, 2:00 am

INetCop Security Advisory #2003-0x82-017.a - WsMP3d, a web server that streams MP3s much like shoutcast but is GPL, suffers from a directory traversal vulnerability that not only allows viewing of...

View Article

b-WsMP3dvuln.txt

May 23, 2003, 2:06 am

INetCop Security Advisory #2003-0x82-017.b - New versions of WsMP3d are not patched against an old remote heap corruption overflow vulnerability. Remote exploit and advisory included.

View Article

bufferpaper.txt

June 10, 2003, 11:32 pm

This paper goes into great detail describing how to utilize format string attacks with limited buffer space.

View Article

0x82-GNATS_own.c

June 21, 2003, 5:00 pm

Local root exploit against GNATS v3.2 that makes use of the heap overflow found in the -d switch. Related advisory found here. Tested against RedHat Linux versions 6-9.

View Article

0x82-GNATS_sux.c

June 21, 2003, 5:03 pm

Local root exploit against GNATS v3.113.x that makes use of a heap based environment variable overflow vulnerability. Related advisory found here. Tested against RedHat Linux versions 6-9.

View Article

INetCop Security Advisory #2003-0x82-018 - The GNU bug tracking system GNATS has two bugs that exist in the pr-edit (Problem report editor) program. There is a heap based overflow when a user uses the...

View Article

0x82-dcomrpc_usemgret.c

August 5, 2003, 9:32 am

New version of the DCOM remote exploit that uses a magic return address.

View Article

0x82-wu262.c

August 5, 2003, 10:53 am

wuftpd version 2.6.2 remote root exploit that makes use of the off-by-one vulnerability discussed here.

View Article

wu262.zip

August 6, 2003, 8:05 am

wuftpd version 2.6.2 remote root exploit that makes use of the off-by-one vulnerability discussed here. Win32 version included that requires cygwin1.dll.

View Article

0x82-WOOoouHappy_new.c

August 11, 2003, 10:04 am

wuftpd version 2.6.2 remote root exploit that makes use of the off-by-one vulnerability discussed here.

View Article

sh-httpd.txt

October 29, 2003, 9:59 pm

Sh-httpd v0.3 and 0.4 contain a remote directory traversal vulnerability involving a wildcard character which allows attackers to read any file on the system and execute CGI's. Patch included.

View Article

Trustix Secure Linux Security Advisory 2005.0

April 18, 2005, 1:26 am

INetCop Security Advisory #2005-0x82-026 - Multiple buffer overflows and a format string vulnerability live in GLD versions 1.4 and below.

View Article

0x82-meOw_linuxer_forever.c

April 18, 2005, 1:28 am

GLD 1.4 remote overflow format string exploit that binds a shell to port 36864.

View Article

snmppd_dos.txt

May 7, 2005, 7:43 am

Snmppd format string vulnerability. Snmppd (used by / with Nagios) may contain a format-string vulnerability in unsafe syslog() calls.

View Article

Trustix Secure Linux Security Advisory 2005.0

June 15, 2005, 11:06 pm

Snmppd is susceptible to a format string vulnerability.

View Article

hauri.txt

February 25, 2006, 2:33 pm

Global Hauri Virobot is susceptible to an authentication bypass flaw.

View Article

Trustix Secure Linux Security Advisory 2006.0

March 12, 2006, 4:01 pm

Zeroboard version 4.1 pl 7 is susceptible to cross site scripting attacks.

View Article

pr0ftpd_modctrls.tgz

April 16, 2007, 9:35 pm

ProFTPD versions 1.3.0 and 1.3.0a local overflow exploit.

View Article

execshield.tgz

April 18, 2007, 9:24 pm

Whitepaper titled 'Advanced Exploitation In Exec-Shield: Fedora Core Case Study". This is an excellent paper and is in both PDF and text formats. Please check it out.

View Article