ïw¤ÎBlog

来源: BlogBus 原始链接: http://www.blogbus.com:80/blogbus/blog/index.php?blogid=16980&pg=17&cat= 存档链接: https://web.archive.org/web/20041124065511id_/http://www.blogbus.com:80/blogbus/blog/index.php?blogid=16980&pg=17&cat=

ïw¤ÎBlog ÃÎ£¬·ÉÆðµÄµØ·½ diary (33) article (45) exploit (57) 2004 Äê 11 ÔÂ Sun Mon Tue Wen Thu Fri Sat 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 ×îÐÂÎÄÕÂ SLmail 5.x POP3 Remote Pass Buffer Overflow Exploit Apache <= 2.0.52 HTTP GET Remote Denial of Service Exploit Ç÷ÊÆ¿Æ¼¼½«·¢²¼ÐÂ¿îÇ÷ÊÆ¿Æ¼¼ÍøÂç²¡¶¾Ç½ VeriSign³Æ£º90%ÍøÂç¹¥»÷À´×ÔÃÀ¹ú¿í´øÓÃ»§ UBB.Threads 6.2.-6.3. one char bruteforce Exploit Multiple Antivirus Products Virus Detection Bypass PoC Exploit Eudora 6.2 Remote Attachment Spoofing Proof of Concept IPSwitch-IMail 8.13 Delete Command stack overflow Exploit Kerio Personal Firewall Multiple IP Options Denial of Service PoC NetNote Server v2.2 build 230 ×îÐÂÆÀÂÛ ¹Â¹â½£Òþ : Ö÷°åÏÔ¿¨»úÏä»»¡£. ¹Â¹â½£Òþ : ºÇºÇ¡£¡£B4½Ãñ£¬. alvashev : Í¬ÀÖÍ¬ÀÖ . Á´½Ó 56TECH ÄÏÒþÊÀ¼Ò Ã·ÁÖÐ¡í¬ ÍøÂç¼¼ÊõÁªÃË °µµØÇ±Á÷ ´æµµ 2004/05/31/-2004/05/31 2004/06/01/-2004/06/04 2004/06/05/-2004/06/28 2004/06/29/-2004/10/27 2004/10/28/-2004/11/05 2004/11/06/-2004/11/13 2004-06-03 15:20 - [ exploit ] /* * Exploit for /bin/mkdir Unix V7 PDP-11. * mkdir has a buffer overflow when checking if the directory * in /arg/with/slashes/fname exists. * * This will run /bin/sh with euid 0, but not uid 0. Since * the shell doesn't do anything special about this, we don't * really care. If you care, run&nb.............. ÔÄ¶ÁÈ«ÎÄ | ÆÀÂÛ(0) | ÒýÓÃ(0) bamb00 @ 2004-06-03 15:20 | ±à¼ 2004-06-03 11:34 - [ article ] ÈËÉúÒ»ÊÀ,µÃÊ§ÄÑÁÏ,Ö»ÐëÄãÓÃÕæÐÄ,È¥°ÑÎÕ,È¥Éú»î,ÓÃÕæÇàÈ¥Æ·Î»,µÃµ½ÁËÃÀÀö,Ê§È¥ÁËÒ²Í¬ÑùÃÀÀö,µÃµ½²»Ò»¶¨¾ÍÊÇÓÀºãµÄÓµÓÐ,Ê§È¥Ò²²»Ò»¶¨²»ÄÜ³ÉÎªÒ»ÖÖµÃµ½, Òò´Ë,±»Ì«¿ÁÇó,±ðÌ«¼«¶Ë,µÃµÃÊ§Ê§,¶¼ÊÇË³Æä×ÔÈ»µÄºÃ! ..........ÈËÉú±¾ÎÞÏç,ÐÄ°²ÊÇ¹é´¦. .............. ÔÄ¶ÁÈ«ÎÄ | ÆÀÂÛ(0) | ÒýÓÃ(0) bamb00 @ 2004-06-03 11:34 | ±à¼ 2004-06-03 11:28 - [ article ] »ØÊ×,ºçµÄ±³ºó,ÐÄ¾²ÈçË®. ·ÅÖð×Ô¼º,»Ø¹é×Ô¼º,Ò²ÐíÉúÃüµÄ¸ººÉÖð½¥±»ÊÀË×¸¯×¤ºÍ°þÏ÷,Ò²ÐíÃÎÖÐµÄµÆËþ×îÖÕ±»·ç±©´Ý²ÐµÄ±éÌåÁÛÉË,Ò²ÐíÃ»ÓÐÀáË®µÄ±¯ÉËÖ»ÊÇÒ»ÖÖÍ½ÀÍµÄ·¢Ð¹,µ«ÎÒÒÀ¾ÉÖ´×Å,ØËÊØÐÄµ×Àï×î³õµÄ´¿Õæ ·çÓêµÄºç,ºÜÓÐÔÏÎ¶ Ì«ÑôÊÇÓÀºãµÄ ºçÊÇÓÀºãµÄ!.............. ÔÄ¶ÁÈ«ÎÄ | ÆÀÂÛ(0) | ÒýÓÃ(0) bamb00 @ 2004-06-03 11:28 | ±à¼ 2004-06-03 11:25 - [ exploit ] SUMMARY=======

The krb5_aname_to_localname() library function contains multiplebuffer overflows which could be exploited to gain unauthorized rootaccess. Exploitation of these flaws requires an unusual combinationof factors, including successful authentication to a vulnerableservice and a non-default configuration on t.............. ÔÄ¶ÁÈ«ÎÄ | ÆÀÂÛ(0) | ÒýÓÃ(0) bamb00 @ 2004-06-03 11:25 | ±à¼ 2004-06-03 11:21 - [ exploit ] i found a nice email... with some strange code, i'm not a hacker but i think this is what some people call a 0-day exploit... :)

i think you can use this .............. ÔÄ¶ÁÈ«ÎÄ | ÆÀÂÛ(0) | ÒýÓÃ(0) bamb00 @ 2004-06-03 11:21 | ±à¼ 2004-06-03 09:51 - [ diary ] 6ÔÂ2ÈÕ£¬Ò¹£¬Óê£¬²»´ó£¬ÊÇÎÒÏ²»¶µÄÄÇÖÖ11µã£¬¸úÍù³£Ò»Ñù£¬Í£µçÁË£¬Ò²¸úÍù³£Ò»Ñù£¬ÌÉÔÚÁË´²ÉÏ¡£Ëæ±ã²¦ÁË¼¸¸öµç»°£¬ºÇºÇ~²»ÖªµÀÊ²Ã´Ê±ºòÆð£¬Ë¯¾õÇ°´ò¼¸¸öÉ§ÈÅµç»°³ÉÁËÏ°¹ßÁË£¬·¢ÁË¸ö¶ÌÐÅ£¬Ã»»Ø£¡¿ìË¯×ÅµÄÊ±ºò£¬µç»°ÏìÁË£¬²Å¿´£¬Í£ÁË£¬ÖªµÀÊÇÊ²Ã´µç»°ÁË°É---É§ÈÅ°¡£¡ÏëÀÏÃÃÁË£¬»ØÑ§Ð£ÄÇÌì£¬À´ÁË¸öµç»°£¬Ê²Ã´¶¼Ã»Ëµ£¡¹ÖÎÒ×Ü¾õµÃ²»ÖªµÀÄÇ³öÎÊÌâÁË£¬±¾À´Ïë·¢¸ö¶ÌÐÅ¹ýÈ¥£ºÒª²»Òª¸øÎÒ·¢¸ö¶ÌÐÅ£¿¹þ¹þ£¬Õæ²»ÖªµÀ×Ô¼º.............. ÔÄ¶ÁÈ«ÎÄ | ÆÀÂÛ(0) | ÒýÓÃ(0) bamb00 @ 2004-06-03 09:51 | ±à¼ ·ÖÒ³: µÚÒ»Ò³ [11] [12] [13] [14] [15] [16] [17] [18] [19] [20] [21] [22] [23] ×îºóÒ³ Ä£°åÉè¼Æ£º zhou