what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2000-03-16

iss.00-03-14.sql-weak
Posted Mar 16, 2000
Site xforce.iss.net

ISS Security Advisory - Enterprise Manager for Microsoft SQL Server 7.0 uses weak encryption when storing the password in registry. It can be read and decoded by other users.

tags | registry
MD5 | e338d388ec91fe1f25858a97820a809f
freebsd.sa-00.09.lynx
Posted Mar 16, 2000
Site freebsd.org

FreeBSD Security Advisory - The lynx software is written in a very insecure style and contains numerous potential and several proven security vulnerabilities exploitable by a malicious server. No simple fix is available until a full review of lynx is done.

tags | vulnerability
systems | freebsd
MD5 | 6a9211b7872cd98e9ce57404b3db5704
freebsd.sa-00.09.mtr
Posted Mar 16, 2000
Site freebsd.org

FreeBSD Security Advisory - mtr, from the ports collection, fails to correctly drop setuid root privileges during operation, allowing a local root compromise.

tags | local, root
systems | freebsd
MD5 | 2361080ffc72e324024fd83475fa4a3d
freebsd.sa-00.10.orville
Posted Mar 16, 2000
Site freebsd.org

FreeBSD Security Advisory - Orville-write, provided in the ports collection, is a replacement for the write command, which provides improved control over message delivery and other features. One of the commands installed by the port is incorrectly installed with setuid root permissions. The 'huh' command should not have any special privileges since it is intended to be run by the local user to view his saved messages.

tags | local, root
systems | freebsd
MD5 | 3ad1d2c8a7bc7b46102752cf9167e0ea
suse.imap.txt
Posted Mar 16, 2000

SuSE Security Advisory - A security hole was discovered in the SuSE IMAP server which allows remote attackers to receive imap administrator privilige which can be used e.g. to create or delete folders. This is unrelated to the SuSE linux distribution, which is unaffected. SuSE security site here.

tags | remote, imap
systems | linux, suse
MD5 | 612ae41493ffdd2e254ddef335fa00fe
labs36.htm
Posted Mar 16, 2000
Site ussrback.com

USSR Advisory #36 - Remote / local dos attack in MERCUR WebView WebMail-Client 1.0 for Windows 98/NT. UssrLabs found a buffer overflow in MERCUR WebView WebMail-Client 1.0 (port 1080) where they do not use proper bounds checking in the code who handle the GET commands The following all result in a Denial of Service against the service in question.

tags | remote, denial of service, overflow, local
systems | windows, 9x
MD5 | 83a5cb8a8c2faa8d9a1f20b4ec1b3749
labs35.htm
Posted Mar 16, 2000
Site ussrback.com

USSR Advisory #35 - Remote / local dos overflow attack in MERCUR v3.2* Mail server, pop server, and imap server for Windows.

tags | remote, overflow, local, imap
systems | windows
MD5 | c9a3b5b217b6a79583b4382bd1696b1f
ip-fil3.3.12.tar.gz
Posted Mar 16, 2000
Authored by Darren Reed | Site coombs.anu.edu.au

IP Filter is a TCP/IP packet filter suitable for use in a firewall environment. To use, it can either be run as a loadable kernel module (recommended) or incorporated into your UNIX kernel. Scripts are provided to install and patch system files as required.

Changes: Code to address the FTP proxy problem currently being talked about on bugtraq, and the current kernel proxy has been "beefed up".
tags | tool, kernel, tcp, firewall
systems | unix
MD5 | 19461233002ed127d0fbc4a95a673aac
Bastille-1.0.4.pre1.tar.gz
Posted Mar 16, 2000
Authored by Jay Beale | Site bastille-linux.org

Bastille Linux aims to be the most comprehensive, flexible, and educational Security Hardening Program for Red Hat Linux 6.0/6.1. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.

Changes: Redid user interface, use of ssh when downloading, and small bugfixes.
systems | linux, redhat
MD5 | 67883805db94e83ee754df8dfd9c1157
zipcracker-0.1.1.tar.gz
Posted Mar 16, 2000
Authored by Jonas Borgstrom | Site zipcracker.sourceforge.net

Zipcracker for linux cracks password protected zip archives with brute force.

Changes: BeoWulf (PVM) support and a Swedish translation.
tags | cracker
systems | linux
MD5 | 53eff1305484cb1fd08516023e6123fe
crypto-gram-0003.txt
Posted Mar 16, 2000
Authored by Bruce Schneier, crypto-gram | Site counterpane.com

CRYPTO-GRAM March 15, 2000. In this issue: Kerberos and Windows 2000, AES News, Counterpane Internet Security News, Software as a Burglary Tool, The Doghouse: The Virginia Legislature, Software Complexity and Security, Comments from Readers.

tags | crypto, magazine
systems | windows, 2k
MD5 | 4f5fc366881702b2b369c4a40edff603
urlsnuff.c
Posted Mar 16, 2000
Authored by Obecian | Site celerity.bartoli.org

Urlsnuff is a urlsniff dos attack. If urlsniff sees this malformed combination of HTTP Requests.

tags | web, denial of service
MD5 | b4bd3df4c134c5e5b64b15b6ca85da81
hellkit-1.2.tar.gz
Posted Mar 16, 2000
Authored by teso, stealth | Site team-teso.net

Hellkit is a shellcode generator. You write the your shellcode in C, and it gets converted to ASM for use with both heap and stack based overflows. Many examples included.

Changes: Added generic shellcode decoder which can handle shellcode up to 64kb in length containing any bytes, added encoder for this type of decoder, and fixed some signedness issues in array accessment.
tags | overflow, shellcode
MD5 | 1dfa21f029e4fbc903c92734cfe98ca4
adv7.tar.gz
Posted Mar 16, 2000
Authored by teso, S. Krahmer | Site cs.uni-potsdam.de

TESO Security Advisory - A vulnerability within the kreatecd application for Linux has been discovered. An attacker can gain local root-access. Exploit included.

tags | local, root
systems | linux
MD5 | 3196d5b099afc3b97277955392b37069
adv6.tar.gz
Posted Mar 16, 2000
Authored by teso, S. Krahmer | Site cs.uni-potsdam.de

TESO Security Advisory - A vulnerability within the imwheel application for Linux has been discovered. Some of these packages are shipped with an suid-root wrapper-script that invokes the insecure program 'imwheel' with UID 0. Exploit included.

tags | root
systems | linux
MD5 | ba670a03a3b834008c8c0cada3eb9185
Page 1 of 1
Back1Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close