what you don't know can hurt you
Showing 1 - 20 of 20 RSS Feed

Files Date: 2000-02-24

Posted Feb 24, 2000
Authored by Underground Security Systems Research

USSR Advisory #34 - Local/Remote D.o.S Attack in InterAccess Telnet Server Release 4.0 (All Builds) Windows95/98/WinNT. The code that handles the Terminal client configurations to the Telnet server in the connection procedure contains a buffer overflow, causing Telnetd to crash.

tags | remote, overflow, local
systems | windows
MD5 | bb5bc854bda426299e0c6345acc7fe8c
Posted Feb 24, 2000
Site adiscon.com

EvntSlog v3.2 takes NT system logs and sends them out in syslog format over the syslog UDP port so all the logs from your NT and unix boxes can be stored on the same unix box.

tags | udp
systems | unix
MD5 | 6ba413c1ef3369703fc6f12f4999a4b8
Posted Feb 24, 2000
Authored by Omachonu Ogali | Site tribune.intranova.net

FreeBSD is vulnerable to a DoS vulnerability involving high speed pinging with packets over 8184 bytes. Unofficial patch included.

tags | exploit, denial of service
systems | freebsd
MD5 | 4cb95ddec281aff341cb23f56666a720
Posted Feb 24, 2000

Updated NetBSD Security Advisory - Procfs local root vulnerability. Systems which have procfs configured in the kernel, but not mounted normally, are still vulnerable because user processes may mount procfs. This includes most default NetBSD installations. NetBSD security page here.

tags | kernel, local, root
systems | netbsd
MD5 | e4b60de1e2d1abb89865925ffbb2e209
Posted Feb 24, 2000
Authored by Fernando P. Schapachnik

Distributed Deniel Of Service attacks - A proposal based on routing. This paper describes a technique that -hopefully- can be used to defeat the recent DDOS attacks. The solution presented here is bases on routing. It requires a certain amount of extra network infrastructure.

tags | denial of service
MD5 | 9734ca3162ae425dbf0a657ff855d34b
Posted Feb 24, 2000
Authored by John Viega | Site rstcorp.com

ITS4 is a command-line tool for statically scanning C and C++ source code for security vulnerabilities. ITS4 scans through source code for potentially dangerous function calls that are stored in a database. Anything that is in the database gets flagged. ITS4 tries to automate a lot of the grepping usually done by hand when performing security audits.

Changes: Added support for Visual C++ 5.0 and later, Added GNU getopt to the distribution, license changes, portability fixes.
tags | vulnerability
systems | unix
MD5 | 659c18b10012a4ae6f71073bc578e088
Posted Feb 24, 2000
Authored by Neonlenz | Site mha1.8m.com

Describes what you need to Spoof/Hijack/Predict sequence numbers. Meant for newbies who don't know what to use to execute those kind of attacks often seen in TCP/IP Security Documents.

tags | paper, spoof, tcp, protocol
MD5 | 180651521dbb0b5abe9c56ea5fd4231b
Posted Feb 24, 2000
Authored by AdamH | Site opensores.thebunker.net

The stunnel program is designed to work as SSL encryption wrapper between remote client and local (inetd-startable) or remote server. The concept is that having non-SSL aware daemons running on your system you can easily setup to communicate with clients over secure SSL channels. stunnel can be used to add SSL functionality to commonly used inetd daemons like POP-2, POP-3 and IMAP servers as well as standalone daemons like NNTP, SMTP and HTTP without changes to the source code.

Changes: Bug fixes, compile fixes.
tags | remote, web, local, encryption, imap
MD5 | f84f3698b50f7028c94340e546acaa01
Posted Feb 24, 2000
Authored by Matt Miller | Site afro-productions.com

Decimate removes files in an ext2 filesystem so they are not recoverable. Includes some cool examples of how regular rming can be recovered.

tags | tool
systems | unix
MD5 | b6de6d9a6c53c96e5f427e3ab99da67f
Posted Feb 24, 2000
Authored by The Schmoo Group | Site schmoo.com

Osiris catalogs specified directories of files, including MD5 hashes, modification dates, and file attributes into a specified database and/or to STDOUT as directed. The second program, scale, compares two such databases against each other. It will output, either to a file or STDOUT, any differences it finds between the two catalogs including missing or additional files, differing MD5 hashes, modification dates, and file attributes. Together, the two programs give an administrator the tools to follow changes in files on a server or workstation. This keeps an administrator apprised of possible attacks and/or nasty little trojans.

Changes: MacOSX support, addition of Haval and SHA hashes, a counter to let you know how far along osiris is when indexing files.
tags | tool, trojan, integrity
MD5 | 785b69419e6c49448fbaa7f1c8aa0aae
Posted Feb 24, 2000
Authored by Georgi Chorbadzhiyski

All versions of Sambar server running under Windows NT and 2000 (95/98 not vulnerable) have vulnerabilities which allow remote command execution.

tags | exploit, remote, vulnerability
systems | windows, nt
MD5 | cf1f6d345a3e18943dfe838e923143c3
Posted Feb 24, 2000
Authored by Georgi Guninski | Site nat.bg

Georgi Guninski security advisory #7 - There is a vulnerability in Wordpad which allows executing arbitrary programs without warning the user after activating an embedded or linked object. This may be also exploited in IE for Win9x. Demonstration which starts AUTOEXEC.BAT available here.

tags | exploit, arbitrary
systems | windows
MD5 | 20450982bcb5b6b9eed0336d9d040afa
Posted Feb 24, 2000
Authored by Eiji Ohki

Sun iPlanet Web Server, Enterprise Edition 4.1 on Linux is vulnerable to a remote DoS attack. Many GET requests cause a kernel panic.

tags | exploit, remote, web, kernel
systems | linux
MD5 | 47106fd1346778536e0a4a3b7eb9f0a5
Posted Feb 24, 2000
Site nai.com

Network Associates Security Advisory - Remote Vulnerability in the MMDF SMTP Daemon. A bug in MMDF allows anyone to obtain mail management privileges via the SMTP daemon, and then root. All versions of MMDF prior to 2.43 are vulnerable, including the version included with SCO Openserver.

tags | remote, root
MD5 | ff594df66e7715fbbc276f372244ab93
Posted Feb 24, 2000
Authored by Mike Frantzen | Site expert.cc.purdue.edu

ISIC - 0.05 (IP Stack Integrity Check). Crafts random packets and launches them. Can fix or randomize source/dest IP's and Ports. You can specify the percentage of packets to fragment, to have IP options, to have bad IP versions.... Just about every field can be automagically twiddled. It contains distinct programs for TCP, UDP, ICMP, IP with a randomized protocol field and a program for randomized raw ethernet frames. Compiles and should work using Libnet under OpenBSD, Solaris, Linux and FreeBSD.

tags | udp, tcp, protocol
systems | linux, unix, solaris, freebsd, openbsd
MD5 | da75f4ff2b78477396b0ab30fbdbb616
Posted Feb 24, 2000
Authored by Dvst8er

Dvst8er.bx version 3.5 - BitchX module to encrypt IRC conversations.

MD5 | f2e5d1dbac7fe9b547a3d52c53559668
Posted Feb 24, 2000
Authored by winsd | Site win2000mag.com

Windows Security Alert - Two new risks were reported today: Microsoft reported a problem with its Systems Management Server 2.0 that allows an intruder to gain elevated privileges on the system and network, and Georgi Guninski reported a problem with WordPad that may allow unwanted code to execute on the desktop. According to the report, an exploit can be launched using a Web page and IE. Microsoft is aware of the problem, however no official response was known at the time of this writing.

tags | web, magazine
systems | windows
MD5 | 7ca61bb1f004b1be5b670beec1078ac1
Posted Feb 24, 2000
Authored by winsd | Site win2000mag.com

Windows Security Update - February 23, 2000. In this issue: Internet Information Server 4.0 Denial of Service, Windows Autorun.inf Vulnerability, Site Server Commerce User Input Unvalidated, Microsoft Java Virtual Machine Exposes User Files, Windows 2000 Professional Exposes System During Installation, Internet Explorer Exposes Users' Files, Zombie Zapper Helps Shut Down DDoS Attacks, How to Defend Against DoS Attacks, Novell Firewall for NT, SurfinShield Censors Hostile Code, Security for E-Business Documents, Malicious Code Protection Software, and Why Intruders Control Internet Insurance.

tags | java, denial of service, magazine
systems | windows, 2k
MD5 | 079deffe60a3458c83c6778c78d2cde6
Posted Feb 24, 2000

Microsoft has released a patch for a vulnerability in Windows Media Services. The vulnerability allows denial of service attacks against a streaming media server. Microsoft FAQ on this issue available here.

tags | denial of service
systems | windows
MD5 | ac6bb319ff951a59f0432251d7d5f295
Posted Feb 24, 2000
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.

Changes: Added timing/delay command line option, Corrected minor bugs on the SARA menu, and proper credit is now given.
tags | tool, cgi, scanner
systems | unix
MD5 | 4e0d43975f0a004907b7ada072866000
Page 1 of 1

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2019 Packet Storm. All rights reserved.

Security Services
Hosting By