Custom Auditing Scripting Language (CASL) implements a packet shell environment for the Custom Auditing Scripting Language that is the basis for the Cybercop(tm) line of products by Network Associates. The CASL environment provides an extremely high performance environment for sending and receiving any normal and/or morbid packet stream to firewalls, networking stacks and network intrusion detection systems as well as being sufficiently rich of a language to write honeypots, virtual firewalls, surfer hotel, phantom networks and jails.
3f66662c44322fa4381d84fc3d0189a19686130564e82d945f41f8ae24123b21A remote password auditing and recovery tool that allows dictionary or complex brute-force scans. Scripting support allows you to define any plaintext login procedure. Optimised WWW basic authentication scanning.
1cb761991dfedbc5e82318ae106090d7a86574a987a476641acabef5072f0ec8Bindview Security Advisory: Denial of Service Vulnerability in Cabletron's SmartSwitch Router (SSR). Remote users can flood the ARP table and stop the processing of packets.
85b52a0144618cc558cd1f34d6755e7f885a84a66d835af7ef076846c52575a7UssrLabs found a Local/Remote DoS Attack in BisonWare FTP Server V3.5. The buffer overflow is caused by a long user name, 2000 characters. Source / Binary for DoS attack here.
b9bf2c6f03b60c09ff76b043f8b7a7aac25a8e062fe0a9217a774ed8d103ddcbUssrLabs found a buffer overflow in WorldClient Server v2.0.0.0 where they do not use proper bounds checking on WorldClient TCP Port 2000. Denial of service exploit available.
3b1c84dc9f0f7149f35a233e5703823a06da161632fee84d723e133ce1a996a5ex_inc.c exploits a bounds checking error in /usr/jp/bin/mh/inc which was distributed with the mh-6.8.3 package. Local root compromise.
64f2aa455cd466403bc433552e384ce9c8e0ca9b98c3b17c61c9298a5606d3eaex_bbc.c exploits a bounds checking error in /usr/jp/bin/mh/bbc which was distributed with the mh-6.8.3 package. Local root compromise.
473ed7b2b606ac73b513d39a31d17c1a0273bb06e15e9331e35c648649c833b8kcms_configure has a overflow bug with "-P" option and it has been reported(107339-01). But this program has another hole. This hole has not been not reported, and the paches are not published at this time. kcms_configure overflows if long string is specified in NETPATH environment, and it is exploitable. I have included an exploit for Solaris7 intel edition to obtain root privilege.
ea0a516a062e19771e9d6d970e1a6bd9a1fc9ee7ecf921fcb1848a66309b1ef1The vulnerability in kcms_configure also exists in Solaris 2.6 and 2.7 sparc edition. Exploit included.
ddad8f87f48eb849bc4bf6f56910e4be16715ce9dec57022ab5c00f69f2c1712The mailer programs (mailtool and dtmail) and mail message print filter (dtmailpr) which are installed on Solaris7 have exploitable buffer overflow bugs. These programs are sgid (mail group) programs, local user can obtain mail group. The mail files are generated with 660 permission, so any user can read/write other user's mail files. I coded the exploits to get mail gid(egid=6). There are for Intel Solaris7. There are same kind of problems on Sparc Solaris7 and Solaris2.6 (Intel,Sparc).
e92d0a93449cedf9a5f2e97de3948d9c6e4f86ade92541e2bae6d0f02e99dcf4WINDOWS NT MAGAZINE SECURITY UPDATE for November 24, 1999. (formerly Windows Security Digest) Includes information on Internet Explorer 5.0 XML Redirects, Vermillion FTP Server Subject to Denial of Service, WordPad Subject to Crash, HP JetDirect Denial of Service, ZetaMail 2.1 Subject to Denial of Service, G6 FTP Server Subject to Denial of Service, Melissa Variant Prilissa on the Loose, The Philosophy of Security - UNIX vs. NT, and 3Com's New 3CR990 Encrypting NIC.
22bdf51ea47ec62aff28e672e877f6d4e56e3031043dc45ebf64d380cc479a36O'Reilly's WebBoard software has some bugs with interesting possibilities. Vulnerabilities include unauthorized paging and arbitrary content insertion.
f599b47fd54cd9044b14d6b79b5aec270c167886138278d2b2fbba16cbe89790Narrow Security Scanner is a perl script which checks for 177 remote vulnerabilities. Tested on Slackware 4.0, Red Hat (4.2, 5.0, 6.0), SuSE 6.1, FreeBSD 3.0 & OpenBSD 2.5.
bcfcef616792517641299fd43ca370f4f6f22a3aef22eb0162f42cd8c46751de
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed