Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News

Hacking & Security News

Page: 12... 168 169 170 171 172 173 174 175 out of 175

GoAhead Web Server vulnerability | 2001-02-02 22:00:56
Sergey Nenashev has found bug in GoAhead web server 2.0/1. This vulnerability is exploited by sending malformed url attacker can view any file on remote server where web server is installed.
Securityfocus

Solaris ximp40 Library Buffer Overflow Vulnerability | 2001-02-02 19:13:43
A problem in the ximp40 library packaged with Openwin could allow a user to gain elevated privileges. Due to a problem with the handling of input by the programs linked against ximp40.so.2, it is possible to supply a long string, approximately 272 bytes, to the arg0 of the command, which will overwrite stack variables, including the return address of the program......

AOL hit with password-stealing virus | 2001-02-02 10:37:12
Members of America Online (AOL) were warned Thursday to be on the lookout for a trojan horse virus that can steal their passwords, potentially allowing a hacker to access their e-mail and other personal information......

FreeBSD Security Advisory FreeBSD-SA-01:18 | 2001-02-01 20:15:56
FreeBSD Security Advisory FreeBSD-SA-01:18 - An overflowable buffer related to the processing of transaction signatures (TSIG) exists in all versions of BIND prior to 8.2.3-RELEASE.....

Download

Bind-tsig trojan | 2001-02-01 20:10:51
Bind-tsig.c is a trojan which pretends to be a Bind 8 exploit, but actually attacks dns1.nai.com.

Download

Update | 2001-02-01 20:08:31
Downloads section is filling up (32 files so far and counting), so check it out often. I will add some Icq Tools, as my friend suggested.

Progress Database Server v8.x and 9.x local vulnerability | 2001-02-01 00:05:17
The Progress Database Server v8.x and 9.x for Unix has several locally exploitable buffer overflows which can allow arbitrary code to run as root. Proof of concept exploit attached. by By Krfinisterre

Exploit

Multiple Issues with Cisco Arrowpoint Switches | 2001-01-31 23:39:41
Cisco Arrowpoint switches suffer from a number of vulnerabilities once terminal access to the CLI (Command Line Interface) has been granted. The first vulnerability results in a temporary loss of service on the switch as it will cause the switch to automatically restart without warning. Once the restart is completed, the switch will also perform a 'Check Disk' on reload and thus extend the outage for another 5 minutes or so. The second vulnerability allows a user that does not have access to certain files to gain read access to them if the location is known in relation to the scripts directory.

@Stake

Newsletter | 2001-01-31 01:44:36
Well, finally started got to work and made some adjustmenst on the site, most important is the newsletter, named "Secure". Subscribing information is here.

ISC Bind 8 Transaction Signatures Buffer Overflow Vulnerability | 2001-01-30 22:53:20
BIND is a server program that implements the domain name service protocol. It is in extremely wide use on the Internet. Versions 8.2 and above of BIND contain a 'single byte' stack overflow that may be exploitable by remote attackers...

ISC Bind 8 Transaction Signatures Heap Overflow Vulnerability | 2001-01-30 22:49:22
BIND is a server program that implements the domain name service protocol. It is in extremely wide use on the Internet. Versions 8.2 and above of BIND contain a heap-corruption vulnerability that may be exploitable by remote attackers...

AT&T WinVNC Client Buffer Overflow Vulnerability | 2001-01-30 22:38:23
VNC is the Virtual Network Computing package, a freely available remote administration package designed to allow access to a remote system desktop. It is distributed and maintained by AT&T...

Hackers force Hasbro to shut website | 2001-01-30 00:17:13
Hackers were so amazed by Atari.com's lack of security that they taunted the company with graffiti referring to its vulnerability and uploaded soft porn images onto the site.....

SecurityFocus down for upgrade | 2001-01-30 00:14:39
Famous security portal is down for upgrade. Their say : "Please be advised that the SecurityFocus.com site will be shut down this coming weekend, from 1:00 pm (Pacific time) Friday, January 26, until approximately 12:00 am (Pacific time) on Sunday, January 28, for a major facilities upgrade." but today is 30th of January and they still didn't get their servers up. Let's hope they will in the next day.

ettercap 0.1.0 | 2001-01-29 23:57:55
Ettercap is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts....

/usr/bin/write overflow | 2001-01-28 19:09:47
/usr/bin/write overflow proof of concept exploit - Tested against Solaris 7 x86. By Pablo Sor

Exploit

Glibc local vulnerability | 2001-01-28 18:49:28
Glibc prior to v2.1.9x allows local users to read any file. This shell script exploits this bug using the Openssh-2.3.0p1 binary. Tested against Debian 2.3 and Redhat 7.0.

Exploit

Microsoft Security Bulletin MS01-002 | 2001-01-28 18:24:29
A serious vulnerability in Microsoft Powerpoint allows remote code execution....

In progress.... | 2001-01-27 03:08:12
Well, after a while Xatrix Staff decided to make the following changes:

  • 1. New Theme
  • 2. More updates :))
  • 3. Weekly updated newsletter - covering all news that were posted on the site in a period of one week
  • 4. Sponsors
  • 5. Expanding the whole site
  • 6. New images for every topic
  • 7. Banner and button artists wanted desperatly

    If you are interested to contribute or help in any of the issues stated above then mail to this address.

    - Phiber, founder of Xatrix Security

  • SplitVT v1.6.4 and below local format string exploit | 2001-01-26 23:47:57
    SplitVT v1.6.4 and below local format string exploit which overflows the -rcfile command line flag.
    Homepage

    Exploit for Cisco Catalyst ssh protocol | 2001-01-25 17:30:22
    Thong.pl is a perl script which exploits several vulnerabilities found in Cisco products. Includes the Cisco Catalyst ssh Protocol Mismatch dos, Cisco 675 Web Administration dos, Cisco Catalyst 3500 XL command execution, and the Cisco IOS Software HTTP Request dos. Made by Hypoclear.

    Newest additions | 2001-01-23 23:25:18
    Integrit, Lomac, LSOF, Cst and Wgetwin. To see the descriptions on what these are, hover with your mouse pointer over the image left of the file name and you will see the description of that filename and download counter.

    LocalWEB2000 1.1 vulnerability | 2001-01-23 20:30:06
    With localWEB2000 1.1 http server, some malicious attacker can view any file on that server. By submitting something like 'http://target/../../../autoexec.bat' we can see autoexec.bat or anything we want to see.
    Solution: wait for next release of that http server :)

    Micq 0.4.6 bug | 2001-01-23 20:28:54
    tHE rECIdjVO form PKcrew has discoverd overflow in micq-0.4.6. This can be remote and local overflow, local overflow is not too much dangerous because it may not be suid, but with remote you can get shell ...
    Advisory

    Fastream FTP++ Server 2.0 | 2001-01-23 20:27:17
    Fastream 2.0 can be DoS-ed by sending malformed argument, composed of 2048 bytes or more,that will cause server to freez and stop working.
    Solution: Upgrade to new version ...

    Page: 12... 168 169 170 171 172 173 174 175 out of 175

    Newsletter signup

    Signup to our monthly newsletter and stay in touch with IT news!

    Free E-books

    We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

    Contact

    Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

    Contact us »