Linux Security Magazine May 22 - In this issue: Slackware users, upgrade lynx!, Netscape 4.73 fixes SSL bugs, Many buffer overruns in Kerberos, Several problems in xemacs, gnapster/knapster - remote users to view local files, Lynx ports contain numerous buffer overflows, SUSE Kernel Vulnerability in the udp and ftp masquerading code, OpenLDAP 1.2.9 and earlier Vulnerability, An Introduction to IP Masquerading, Watching Your Logs by Lance Spitzner, Security Scanners for Linux, New DDoS tools developed, and much more.
b40de288e76e74e1d413613ac66dc1aa8ff276cc6af1c95bc09702d89772afa7Guide to Anonymity with MS-Windows. This little tutorial will explain step by step how to add support for socks chains to all your windows programs like telnet, ftp, irc, http, portscanners... (even if they don't support socks).
85308b2f270d88709f59694d106453e931539131e8c90481eecf4eaf7cd32881sscan was given to buffer0verfl0w security by jsbach for the project to be continued for jsbach. From now on sscan will go as sscan2k. sscan2k now has updated vulnerability checks along with all the other great features it had before, improved OS detection (user can update the fingerprints by editing Osdefs.ms [which comes in sscan2k scripting language]), etc.
a6f61002b67b260dd9f801c9a629380896d815e51bf747ee8b98e09a42b77705Pirch98 irc client ident/fserve daemon DoS overflow attack. Ported to Windows by Digital Monkey.
a1a158686a2877d6f2ffce956e41e66fcf83f693988305ba95026f257df4ab67Exile 2000 International Coding Team. Documentation about native raw socket programming.
ca82664b05cae82e6ef3f5ce15318146d5dd3596467fc2c0dd90043411341f95kshux.c -- krshd remote root exploit. This program exploits a vulnerability in the 'krshd' daemon included with the MIT Kerberos distribution. All versions are apparently vulnerable. This exploit is for Linux/x86 with Kerberos version 1.0.
21dbac49e32798d882c9cc979e90d774e5d8ce9558b1930028784d9a54094e1bjoe v2.8 stack overflow. joe overflows when trying to open() $HOME/.joerc. This is simply proof of concept code, hopefully to get the bug fixed. It will attempt to spawn a rootshell.
92174114b15928ccc797f3ac28878ca4c0229150414ef0e2334636a47b1b6e21ksux.c -- ksu exploit. This program exploits a vulnerability in the 'ksu' utility included with the MIT Kerberos distribution. Versions prior to 1.1.1 are vulnerable. This exploit is for Linux/x86 with Kerberos version 1.0. Exploits for other operating systems and versions of Kerberos should also work.
575f9b9cd458226ac2f5b33532684894fb83b67d2d03b4ba8441db5ccbd69505CGI vulnerability scanner version 2.40. Checks for 407 CGI vulnerabilities.
e93bcd7ea10d2170002c754b4c1eb5c945196a68fad653c1c73a618cb6ad4e65Arping is an arp level ping utility which broadcasts a who-has ARP packet on the network and prints answers. Very useful when you are trying to pick an unused IP for a net that you don't yet have routing to.
ec870aee43c49d786ce5f080e2112c4f8ebd38dc95bfdf51cf403a87ed19caa4HEH! Magazine Issue #2 (In Spanish). Textos incluidos: Introduccion a programacion orientada a objetos, TPMt (Telefonos Publicos Modulares by Telescum), DIV Games Studio, Screen Saver de HEH, Avisos Clasificados! o Yerbas! What ever!, Despedida!
4258a19c3d336a13a99e4915cdea38a4af435ae3ee944c92e198118c50e9361fJava port Scanner is a comman line port scanner writte in Java 1.3. Use this program in Linux, Windows, AIX, AS/400 or any environment you choose.
87afd17b6619646aea07d54333ff555c40f13b7e8c6803b4b1c9a140eb508cb8PR09.txt.zip
9996a1594ee69bb668a1744749d3f577ed5deae37acaa60790a092bb44c7594ePR08.txt.zip
36b80c6c10bd2225e2e17e81d9b987f04bf37bea78c18fa4fb6374b3e511b38fPR07.txt.zip
36e8db0e6b74cb9f0375d215491338ca8198e3f7ae0285fadb8acb796e543fd5PR06.txt.zip
a29664967c27b2c474cda8ba345817718e4c6cb0568ae95f11059ae4357c7062PR05.txt.zip
1cef4a1d48902fc90a4be4486a6719ecdcae3b1d1f7b9f45f4c68dc9519156a6PR04.txt.zip
3a85b727313c6cd98b7757560927b10cefa23e57950d2c5f2bb864718e5f90a0PR03.txt.zip
c904099ed19028ed4302a8a950f7498e470268abdd7423fd4c2a0854aaac7263PR02.txt.zip
c7508682ed0b699d6ba7628664c6162bf24fa9ec605baa5b16aa0eb9001a8e01PR01.txt.zip
1fd799081a3722ba2b6a8de69f30c1b9cf3c4cf472fd5a67fa9d54a839eeaa1eRemote cisco DoS attack.
b291d0215efe2342445151c41c0dd9e7584a458042e98e5c3e036023ac132214Whois - flexible whois client that automatically finds requested info in the 4 predefined databases and able to search in user-defined databases also. Supports easy linked navigation in the database, data saving, interface customization and holds the list of old requests.
dc0ce785d69ee88d2643a38f66b5c44dd689c86be59f414e0bfb1056db3b0bc2shellhit.c - TESO Hellkit contains a buffer overflow - exploit is just meant to be funny. To all scriptkiddies: You won't get root from this, go and find something more useful.
a3e149bc4123017c3cbb604fcda0c4db3c04f6e279d5b9a75f8c0c48fe6dd47fMicrosoft Security Bulletin (MS00-029) - Microsoft has released a patch for a denial of service vulnerability in Microsoft Windows 95, Windows 98, WindowsNT 4.0 and Windows 2000. The affected systems contain a flaw in the code that performs IP fragment reassembly. If a continuous stream of fragmented IP datagrams with a particular malformation were sent to an affected machine, it could be made to devote most or all of its CPU availability to processing them. Microsoft FAQ on this issue available here.
3dd10f7e1279390739f02205ead303b9d109bd601bc2131536b5796d19dc0144
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed