Links to local files can be used to subvert restricted access Windows machines which have access to a web browser. Executable program loggers and restrictions are defeated by using .CPLs. Large problems for network administrators could arise if students and employees, whose access was restricted, start to use the links provided on the document. This one can be used for Windows NT as well.
234de534de460ff560d2c4e10ffc29836b4a4bf3e212c709391e5f346aad8352HAVOC is a random ARP traffic generator which will temporarily hose your ethernet segment.
e5c6da7e285549a3ca48d9c4a8ebfc7703a5fe454264966591225bdb240edc17This makes the same thing with "kiss of death". It crashes TCP stack of win98 boxes. An essential tool for all. Now it cames with parameter support and better performance with multi-thread system. Windows based executable for IGMP DoS attack.
81d6d49b1b77cbe5fcbb5b9901c647fe01da65305f93a654c0afe9fb4f64bea2Remote vulnerabilies in the popular free email software Outblaze
5df78eeac0f105290b292936d7e3625d27b887b8dc7cbd37aa936f63bb2db1d7Easy to understarnd text file explaining the TCP flags.
1c030f8e8e4c7160a326685f5b35462c47bc4ebc8fda48ecb0cd8500baa9ac8dEthFw is an ethernet firewall for the FreeBSD kernel. It consists of a kernel patch and a console application for configuring rules. It can be used to accept or deny mac addresses.
0206854d01f72c2e010a9ed9a4029cbdd0d35fa013cbc4ff035a646510647e15Debian 2.1 local exploit - A vulnerability exists in the apcd package shipped with Debian 2.1.
20e0a1a9330cb3eb2152bce084249704d36e1eadd4f26b6d3b357b6c99c71410An optional third-party port distributed with FreeBSD (Delegate) contains numerous remotely-exploitable buffer overflows which allow an attacker to execute arbitrary commands on the local system, typically as the 'nobody' user.
2349a26a318c7b3033748205014c57ea922b76e6da69a25737073b424924a0e0Two optional third-party ports distributed with FreeBSD (Asmon/Ascpu) can be used to execute commands with elevated privileges, specifically setgid kmem privileges. This may lead to a local root compromise.
2b675c143290527b89a549402414df4e6071bfdc3af5dd1a27f5c99d9440c401Windows Security Digest Update - Two risks were discovered: Microsoft reported a problem with its Internet Explorer version 4.x and 5.x that may expose files on a user's system with their permission, and a problem with Win2K Professional that may allow an intruder to gain Administrator access to the system in a particular window of time during the installation process.
9f9ab027f4b3eadea188d3b79b4b9f96c5bcbd0b91aa9a7a06d1aa4d132f2c6bView RAS passwords (locally) on a Win 9X box.
a9db317d2f40d7b939832ae65878c53366c226fd9548dda416333efe0f13d6f9Paper explaining man-in-the-middle attacks, using a secure web connection as an example.
e133e7778ec82962f986820746e4d99c549bec2941a5f9f34c67ad18059944a3slipwire.pl is a filesystem integrity checker. It compares the SHA-1 hashes of files to an initial state and alerts the user of any changes. slipwire also records extensive file information such as inode number, last-modified date, filesize, uid, gid, etc, and can also report changes in any of these.
ec9858bdaf36e5e60ef17b7ed94935257559bad4767aa8e9115fdc554b149fceasmon.sh - A vulnerability exists in both the ascpu and asmon ports to FreeBSD. Local root overflow. FreeBSD 3.4, 3.3, 3.2, 3.1, and 3.0 are affected.
911f207a0f8d6a25d7a509d2f1e665dc06ececed17e36c50b885d1c48567b0d3Solaris (x86/7.0/2.6) local exploit for Sun's WorkShop 5.0 compilers and other products which use the FlexLM license management system.
36f48483c510695fffacc84e31f2a1eb85905b9dce7b7b3fd7e17098fbb11263Microsoft has released a patch for a vulnerability in an installation routine associated with Microsoft Systems Management Server (SMS). The vulnerability allows a user to gain elevated privileges on the local machine. Microsoft FAQ on this issue here.
46397ae9044894ea6dd2a0ed3e42942ee9a30ebf6bcd52009563b5d7bc758584A little mail-like 'smurf' that uses mail relays instead of broadcasts.
126ffdb072440ea199f8c3cf4a9f678df92c6ea8c85fdced2af0b70874d3668bSome code I put together to do some testing on the POP3 daemons on some machines installed at work. Attempts to overflow user/password variables.
66d36de7633bd79a74baa7b18fea4a59b9256c0aeee7c3c1b4c4794f411d831bAlpha patch for FreeBSD that randomizes the sequence numbers sent by TCP to circumvent connection hijacking and/or spoofed connections (3-way handshake acheived by guessing sequence numbers).
ab5c71478fa83d7120ef65390ec11a21f1ec6c3dee83be9dcba8edf4dd6bf895Microsoft has released a patch for a vulnerability in web applications associated with Microsoft Site Server 3.0, Commerce Edition. These applications are provided as samples and generated by wizards, who have unwisely allowed inappropriate access to a database on the site. Microsoft FAQ on this issue here.
f0ea22e2f6fcdb79f7f031cffdb3d616b72c3db091aa09ad12853c262adf569bTalonDynDNS is a Dynamic DNS client allowing you to use JustLinux.com's free DNS service under windows.
47a73586aa71760395fde9325796d00c3c5e5cc452e222e447f8e41954680f63Microsoft has released a patch for a vulnerability in Microsoft VM. The vulnerability allows a malicious web site operator to read files from the computer of a person who visited his site or read web content from inside an intranet if the malicious site is visited by a computer from within that intranet, provided the full pathname is known. Microsoft FAQ on this issue here.
45f78ff85a497b769b32bbc5a4d880b9fc1c26fdbfcd6eaa0c9b5ca5aeae1852Madscan scans for sites which do not block broadcast IP addresses. Based on broadscan, but 4 times faster, and supports scanning a full class A address space.
8a263b5fd823f5cd845ca898388b2e9d3103fb7666d850bb4e46c68150490c19The make package as shipped in Debian GNU/Linux 2.1 is vulnerable to a race condition that can be exploited with a symlink attack. Debian security homepage here.
b69aaf3aa0798c606d84b6b3aa4b2ee5637bab4fd96f99f9aaf3bdec071ee96fMany Windows programs (word, excel, wordpad, etc) allow you to break out of a restricted environment, using common sense hacks.
39be7595afd6f8bb040897a7580b5bffd80cae67e08c97fa642f17c59c8ff9ef
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed