Ultimate Bulletin Board

Here is a message I just popped off to infopop about their Ultimate Bulletin Board v5 product. It's not really meant for someone not used to their product. -------------------------------------------------------------------------------- If a user has info stored in a cookie, replies to a message...

Pine (Local Message Grabber) Exploit

Exploit for linux platform in category local exploits ==================================== Pine Local Message Grabber Exploit ==================================== !/bin/sh Grab local pine messages Usage: ./monpine.sh victim pine must use following settings email protected http://hacksware.com x...

Re:

Доброе время суток Учёный Кот!!! Ситуация воспроизводиться следующим образом. Включается NetXray на отловку пакетов желательно настроенно только на атакуемую машину и при обычной попытки зайти на компбютер жертвы ловиться пакет тип NetBIOS,расшифровка в NetXray: Session Request-Called Name: Cyber...

napster.path-disclosure.txt

-------------------------------------------------- time 1:30 am date 9-18-00 affected systems: any system running napster client hasn't been tested for the gnapster client -------------------------------------------------- ADVISORY: here goes...... hi lindsay, pat, jason , and t-rex After running...

Win2k Telnet.exe malicious server vulnerability

/ NTLM telnetD v0.8 Snarfs NTLM challenge/response by convincing w2k telnet client to auto-authenticate. Outputs auth-data in LophtCrack sniff format on stdout. compile: gcc -o w2kteld ntlmtelnetd.c run: ./w2kteld Then wait for w2k to telnet to you. for the impatient, there are always ways of...

Minicom 1.82/1.83 - Capture-file Group Ownership

source: https://www.securityfocus.com/bid/1599/info Minicom is a unix terminal program often used for communication between computers with modems. It is often installed setgid uucp, as this access is required for regular users to use certain devices on the system. Through specifying a capture-fil...

Minicom 1.821.83 - Capture-file Group Ownership

Minicom 1.821.83 - Capture-file Group Ownership source: https://www.securityfocus.com/bid/1599/info Minicom is a unix terminal program often used for communication between computers with modems. It is often installed setgid uucp, as this access is required for regular users to use certain devices...

anonymous SMBwriteX DoS

a new concept had to be invented for this one: "the BSOD". a problem that causes an nt5 server's screen to go black. here is a harmless SMB request, prepared earlier from a netmon capture: SMB C write & X, FID = 0x1801, Write 0x73 at 0x00000000 SMB: C write & X, FID = 0x1801, Write 0x73 at...

CVE-1999-0469

Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web site and capture information from the client...

sl0scan.pl

Date: Tue, 9 Feb 1999 20:53:34 -0500 From: miff To: [email protected] Subject: sl0scan ambiguous source portscanner hello all, I hear that maybe nmap does something similar to this, but I'm posting it anyway to see if there is enough interest for me to continue developing it. This is based on...

valueclick-cgi.txt

Date: Sat, 19 Dec 1998 17:19:34 +0200 From: Philip Stoev Reply-To: Bugtraq List To: [email protected] Subject: ValueClick CGI Vulnerability The following text is in the "KOI8-R" character set. Your display is set for the "US-ASCII" character set. Some characters may be displayed incorrectly. T...

ftp-spoof.pl

This is a simple tcp server that listens on port 21 unless another is specified. The possible uses of this are; Ftp has no encryption for passwords and they are sent in plain text under the right conditions. Most ftp programs have a text file called .ini which will store the info like site-name,...

PT-1999-1615 · Ethereal · Ethereal

Name of the Vulnerable Software and Affected Versions: Ethereal affected versions not specified Description: The issue allows local users to overwrite arbitrary files via a symlink attack on the packet capture file. Recommendations: At the moment, there is no information about a newer version tha...

Security update 1970-01-01

...