what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2000-01-07

Posted Jan 7, 2000
Authored by Dildog

pamslam - vulnerability in Redhat Linux 6.1 and PAM pam_start. both 'pam' and 'userhelper' (a setuid binary that comes with the 'usermode-1.15' rpm) follow .. paths. Since pam_start calls down to _pam_add_handler(), we can get it to dlopen any file on disk. 'userhelper' being setuid means we can get root.

tags | exploit, root
systems | linux, redhat
SHA-256 | 876d2b15886f77f2239b7035380b86da4d9dfe5f103e08ee9eb8b83e04aee5dd
Posted Jan 7, 2000
Authored by Jason Jordan | Site technotronic.com

Windows NT Buffer Overflows From Start to Finish. Includes lots of demonstration code.

tags | paper, overflow
systems | windows
SHA-256 | 24f1b5ab6762872c581ac2f273ba52c8374ab4bafe780a5bd58cd489511fc7fe
Posted Jan 7, 2000
Authored by Rohit Singh | Site rexgrep.tripod.com

Fork Bomb Defuser is an easily loadable kernel module for Linux which detects, logs, and disables "fork bombs". It allows you to configure max_forks_per_second and max_tasks_per_user parameters at module load time. Any possible fork bomb that attempts to spawn a huge number of processes simultaneously is detected in real time, and the fork bomb is disabled.

Changes: Support for defusing clone() and vfork() bombs, a major code clean-up and optimizations, improved documentation and better-commented code, and a website mirror at Geocities to solve download problems encountered in Tripod.
tags | kernel
systems | linux
SHA-256 | 4e38ec25f214897c48a9f2b85b099b885d03c1bff045a48e9306aeb6f0458c7d
Posted Jan 7, 2000
Authored by S

RedHat PAM/userhelper(8) exploit.

tags | exploit
systems | linux, redhat
SHA-256 | f18b4f73e5694842dfc5ecb7c1e365ae978f921c21ef0a6785f79e7e781884a2
Posted Jan 7, 2000
Authored by Vendicator | Site angelfire.com

Stack Shield - A "stack smashing" technique protection tool for Linux. The "stack smashing" technique is the most common way used in exploits to break the security of programs. Stack Shield is a tool for adding protection to programs from this kind of attacks at compile time whitout changing a line of code. Stack Shield uses a more secure protection system than other tool like Immunix Stack Guard. Stack Shield is designed to support the GCC under a Linux Intel 386 class platform.

systems | linux
SHA-256 | 62eb5bd3d9edb1e1d962929ee055cdd1c005ef0aeed825e71b2a75ac51129062
Posted Jan 7, 2000
Authored by Mickael Feledyn | Site cybermediation.com

JFwadmin is a Java 2 high-level X11 tool for ipchains. The GUI displays easy-to-understand services. Features include boot scripts generation, firewall save and restore, automatic interface and IP address and routes detection, and current firewall configuration display.

Changes: In version 0.7, too restrictive firewall rules for input services did not permit masquerading to work properly. To fix this important problem, an option has been added in the input service creation dialog box, which permits the creation of input services used with masquerading.
tags | java
SHA-256 | 897d3d66b9d7b6a42a3beefed2e2f531c79e8c137c0ed5dffa92ab16e5ad239d
Posted Jan 7, 2000
Authored by Anarchy

Possible overflow in perl/kernel/vm (dont know which). Strace included. Appears to cause root owned processes to die if run by a normal user (under linux-2.2.13).

tags | exploit, overflow, kernel, root, perl
systems | linux
SHA-256 | c2174ec2103a8825661a45e14b104751f7ee267a6efc671552489b6cc0518089
Posted Jan 7, 2000
Authored by Philip Tellis | Site sourceforge.net

httptype reads a list of http hosts and optionally the port number for each of these. It queries each host, displaying the type of HTTP server running on that host, if any. It reads the http_proxy and no_proxy environment variables to determine whether to use a proxy or not. These options may also be specified through the command line.

tags | web
SHA-256 | 34125f3eea2d9cba2d77c1202e4e86ae2d9cc66e479ab013ebcd40dbddcfa7af
Posted Jan 7, 2000
Authored by Corvus Latinoamerica | Site prismaopentech.com

KGateway is a frontend to configure IPChains & IPMasquerade. It is develop using Python, Qt, and KDE libraries. You can configure firewalls, In/Out/Forward rules, and IP Masquerading using an easy GUI interface. KGateway detects your language configuration and KDE enviroment, and installs nicely into KDE Network options.

tags | tool, firewall, python
systems | linux
SHA-256 | 5667de698dc83a740a99c8e12f5ef62437c23ded2813b554363f3e8386dbcaec
Posted Jan 7, 2000
Authored by Raven | Site blacksun.box.sk

ICQ Security Tutorial, version 1.5 - Includes information on bombing, flooding, hijacking, spoofing, getting the ICQ password, gaining access through ICQ webpages, getting IPs and ports, getting information about other ICQ users, adding users without their authorization nor without sending them a "you've been added" message, learning and playing with the ICQ protocol and what not. EVERYTHING you need to know about ICQ security.

tags | spoof, protocol
SHA-256 | 330cffc80092dcd2786857c3dcbe17eeb5d624dd5a48add6aab38b67704d739a
Posted Jan 7, 2000
Authored by Phil Jones | Site firepool.com

weedlog is a packet logger designed to help in debugging network connections on non-router systems. It currently supports the ICMP, IGMP, TCP, and UDP protocols. weedlog supports sending output to stdout, a file, or to syslog.

Changes: POSIX thread support, Options for disabling host and port name lookups and various speed-ups and bug fixes.
tags | tool, udp, sniffer, tcp, protocol
SHA-256 | 4c3e8e4e7007b16ffadb4d6069feb8c99bd4134565202aa64a92d3ed68b9d610
Posted Jan 7, 2000
Authored by Spikeman

Spikeman's DoS Attack Tool - Revision 5. 31 denial of service attacks at once.

Changes: Minor fixes and class C Attack added, other nice stuff.
tags | denial of service
SHA-256 | b8f1d5a6052c56c9a8d901137689af835bdd346151bea25cb6f1c7ea75a77204
Posted Jan 7, 2000
Authored by Andrew Kay

A simple distributed port scanner that uses many computers to conduct a port scan which should make it harder to trace the source. This release of dscan has many improvements of the last release, for a full list see the HISTORY file in the archive. Dscan started off as proof of concept code and has now turned into a project for testing new techniques such as linked lists. This release does not come with UDP port scanning support but a patch file should be available in a few days time to add UDP support.

tags | denial of service, udp, proof of concept
SHA-256 | 8d832f686211ed9ba06ec745785bdef3ee34d4df5993d6ce6b1f33405b0e1099
Posted Jan 7, 2000
Authored by heh | Site digitalrebel.net

HEH! Magazine Issue #1 (In Spanish). Includes information on socket programming, GSM, making a port scanner, programming you own log zapper, file permissions, a begginer guide to Exploits, and file compression theory.

tags | magazine
SHA-256 | 481d03e2b09b2e03cd4b6a8313c4fa78eb03c3bb81f20fac866a638a4975dbdb
Posted Jan 7, 2000
Authored by Tom Vier | Site wipe.sourceforge.net

ya-wipe is a tool that effectively degauses the surface of a hard disk, making it virtually impossible to retrieve the data that was stored on it. This tool is designed to make sure sensitive data is completely erased from magnetic media.

Changes: Fixes for serious hash IO bugs, new Debian package scripts, minor block devices fixes (still untested), an updated man page, and simplified debug builds.
systems | unix
SHA-256 | 46242c3c4fb3a1376435a4205abd9bdeb220dc7b89c18a099cc2790ff2b6b83f
Posted Jan 7, 2000
Authored by Narrow

Narrow Security Scanner 2000 searches for 260 remote vulnerabilities. Written in perl, tested on Redhat, FreeBSD, and OpenBSD, Slackware, and SuSE.

Changes: New plugin added "Rootshell", Updated plugins: httpd, pop3, cgi, rootshell and trojan, some peace of code changed in *ALL* plugins, and should scan faster now.
tags | tool, remote, scanner, perl, vulnerability
systems | linux, redhat, unix, freebsd, suse, slackware, openbsd
SHA-256 | aa993a4b4cf059332704b80e63df86ae5bbe19970211c8617efcb38ff0b96df5
Posted Jan 7, 2000
Authored by Georgi Guninski | Site nat.bg

Hotmail allows executing JavaScript code in email messages using "@import url(javascript:...)", which may compromise user's Hotmail mailbox when viewed with Internet Explorer. Includes exploit code.

tags | exploit, javascript
SHA-256 | 87e9188eea6526dfe86fad7cdab334a6f17ec62990d027c1008bebab3e19f26b
Posted Jan 7, 2000
Authored by Jfs

Phorum 3.07 web discussion software contains several remotely exploitable bugs. Exploit descriptions included.

tags | exploit, web
SHA-256 | cf490e7895b940713553a4fd62059908660ec4bb33612ba41f669aa211443eed
Posted Jan 7, 2000
Authored by Darkplan | Site indigo.ie

A stack based buffer overflow in Winamp 2.10 for Win 98 has been found. The attack is carried out through .pls files which winamp uses for playlists. This is unnerving as it is a feasible plan to trade playlists on irc during a mp3 trading session with someone. Exploit code included.

tags | exploit, overflow
SHA-256 | a099d3e48b9efa61caaa40bccf35453182eb1f1f5afdb4bfc0b7ad5f10b7e4c3
Posted Jan 7, 2000
Authored by Missinglnk | Site tribune.intranova.net

Daemon that sits on a port and waits for a connection, once found, it sends an ident request. Demonstrates use of syslogd functions and fork().

systems | unix
SHA-256 | d3582d599a2efa226f1a781330ededa68e9215243eceed781f2d855a0d8777e3
Posted Jan 7, 2000
Authored by Bodo Sgattoni

List of trojans and the ports they run on. Word 97 format. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
SHA-256 | ec05b008ddbd0c65b9214db0c538789e0ac8b38564acfc7f60f0b55711389ae3
Posted Jan 7, 2000
Authored by Missinglnk | Site tribune.intranova.net

Surgery is a CGI-based UTMP modifier/cleaner.

tags | cgi
systems | unix
SHA-256 | a0eade81e6bdaa3b0ae78f6ea945686a45db2aa39b28e880ebd865b2e89b9ee0
Posted Jan 7, 2000

Microsoft has released a patch for a vulnerability in the Microsoft Commercial Internet System (MCIS) Mail server. The vulnerability allows a malicious user to remotely cause services on the server to fail, or cause arbitrary code to run on the server. Microsoft FAQ on this issue here.

tags | arbitrary
SHA-256 | e1a99ee570964dbf80400c0b004a3134e7efc30d90ee1448398586902e4ffd41
Posted Jan 7, 2000
Authored by Underground Security Systems Research

Local / Remote D.o.S vulnerability has been discovered in IMail IMONITOR Server for WinNT Version 5.08. The status.cgi script takes up too much CPU time, if you run status.cgi lots of times, the server will crash.

tags | exploit, remote, local, cgi
systems | windows
SHA-256 | 52d60a89d0c044f3abb0b05f296e310bf0ea9e620ccebc9175f98e0ed5783307
Page 1 of 1

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By