Gooey chatversion 1.0 and 2.0beta uses a very weak encryption scheme to store the password in the registry.
905a63679ad1cfb3cd6902343a90d46f6b10051dfbe4b118014a11d2fb1cb414NetMon is a LAN-wide process monitor (a kind of "top" for Linux networks) using GTK widgets.
f0cc8795b63547f920b490f99964b96998dd9673cf8c45678737cfb24e1641e7New exploits for October, 1999.
f36c0681b3c2bb6aa5d6c5458d942f533cfcc1598e2275904cc28b03901f95c6We found the overflow bug of Skyfull Mail Server 1.1.4. It overflows when that receives the long MAIL FROM: in SMTP handling.If the host recives the packet which contains the exploit code, the host has been cracked by any instructions which are coded in the exploit code. This example sends the exploit code that executes any command on the host which is running the Skyfull Mail Server 1.1.4. This exploit is coded for Windows98, but if you change some parameters written in the sample exploit program, it will may works on Windows95 and WindowsNT.
7b7022754837ef1e8ca7d71ecc76392c26517feaabdc614ac4155671941716faWe found the overflow bug of ZOM-MAIL 1.09. It overflows when that receives the long attachment file name. If ZOM-MAIL 1.09 recives the e-mail which contains the exploit code, the host has been cracked by any instructions which are coded in the exploit code. This program can send the e-mail to any e-mail address, which is contained an exploit code that removes a "c:\windows\test.txt" file on the host. This exploit is coded for Windows98, but if you change some parameters written in the sample exploit program, it will may works on Windows95 and WindowsNT.
07c753c59049fe7d66801fff3603cda1c34eb8c92c4971daaff04990e6c69ffaMidi-Plugin program "YAMAHA MidiPlug 1.10b" for Windows IE4/5 contains the buffer overflow bug. If the long "TEXT" variable is specified in EMBED tag, the buffer overflow occurs. If attacker sets the exploit on the webpage, visitor's host will be cracked by the any instructions written in the "TEXT" variable. here is a demo site which is generated by this exploit as demonstration. if this plugin is installed and the setting of ActiveX is default, "c:\windows\welcome.exe" will be executed(it's for Japanese Windows98 only).
a6cf3ee027eb2c8f278d2963fcdd2e0a73c63b1b3c2ff8487db82c7b3155e54cnsat is a bulk security scanner designed for recoverable long-time scans, optimized for speed and stability, that scans and audits about 60 different services and 170 cgis. Version 1.09.
d0876dbad5fe3d16911a30598145a1c24c3911bd6854a69914abe48377f3e678MSADC/RDS exploit script version 2.
a24edf16f5e5055b6474324b0bffe2534dbf1db3fd73eb604a0b5591fb1a750dwhisker is what I've dubbed a 'next generation' CGI scanner. It is Scriptable. It's a programming-ish language that is tailored to do lots of flexible web scanning. Very stealthy. I've implemented anti-IDS checks into the scan. Whatmore, I've tested it...and let's just say I haven't seen an IDS so far catch a scan when all the IDS evasion switches are used. ;) Includes over 130 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support.
e3c18aa0b2882ee55dd870b64b7718820c0d6ccb6f21f1c1dd574f1ea506fe7fPMFirewall is an Ipchains Firewall and Masquerading Configuration Utility for Linux. It is designed to allow a beginner to to build a custom firewall with little or no ipchains experience. This firewall should work for most Workstations, Servers, and Dual NIC routers using either a dialup or LAN setup. It is restrictive to outside attacks while still being as transparent as possible to those inside. Currently only Redhat 6.x and Mandrake 6.x are supported, but support for other distributions is being developed.
90bad3e9923366d037b694a4c7f4a8e1cda10be3c0f508f8aae543fa02ce7734Log monitor is a small application that let you see four logs all at once. It's easy to use, since it works under X-Window and uses GTK as the main library.
2843fba8b2ab7c95efa88b2cd436e65ea912723bbdb528603c4b21fbbe8322cdThe Nessus security scanner is a free, open-sourced and easy-to-use security auditing tool for Linux, BSD and some other systems. It is multithreaded, plugin based, has a nice X11 interface and performs over 250 remote security checks.
4e01dfe47a5a82eb2b6a586f618d4467c0053eae578f3bc144f50f19d3425bbcPasmon is a graphical passive network monitor. It provides statistics on every host and TCP connection heard on the specified interface[s], probes the system to find valid devices and provides a toolbar button which activates monitoring each device. Currently stable, but with missing features. Screenshot here.
725a13f888b0e3e93fea0d0ae38ef2e087b7b4541f518dcb688005fc5db03476ExpressFS 2.x FTP Server and earlier are vulnerable to a remotely exploitable buffer overflow. This can result in a denial of service and at worst in arbitrary code being executed on the system. Tested in: Windows 98 / Windows NT.
ef670aff4721b61d33e9150439e69a075c8af72c662fd95f14923b787b313ee2CMail SMTP server version 2.4 has a remotely exploitable buffer overflow (long MAIL FROM:). This vulnerability may allow an attacker to execute arbitrary code on the target server.
e1cf9337c528bd59df7240024a25e3863f80758db15fd18bebe6c4423d289677The Amanda backup package has a several vulnerabilities which will allow any user to gain root privs. Includes exploit for FreeBSD. Other OS's that are probably vulnerable include RedHat ?.?, TurboLinux, PowerTools CD, and SuSE 6.2.
cd4b43d16583bbc925d634ec7e84deded1e5b3df2fcd67705805e29ebc0e2505Avirt mail server 3.3a remote exploit and 3.5 DoS. Win98 executable.
35081ed3ec7bf1a53dd6cec458c72d9dad3496f1f9a9e460fcccd4cfe18d0d6bWe found a remotely exploitable buffer overflow in the Avirt Mail Server 3.3a and a D.o.S in the version 3.5, that may allow an attacker to execute arbitrary code on the target server. Binary or source code for a 3.3a win98 remote exploit and a 3.5 DoS here.
51ca3fb5e60c5f9ee67bda26396df3358278daa98391e954cd3995be4dcd084d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed