A popular CGI web page acess counter, version 4.0.7 by George Burgyan permits execution of arbitrary commands as a result of unchecked user input. Commands are executed as the same permission of the webserver.
94ace7ee3453cc97474d0f764a764949d5e6287f3e4ff04fcae1b290ca7c34b5oot-Tail v0.0.6 is a program which tails a text file and displays the information directly to the root window of your desktop transparently, which means without window frames or windows. It is an extremely handy program for monitoring /var/log/secure and /var/log/messages while you run X. This program will even trail different files and display them in different colors.
2478abda73cd314182f5e2d0083718db379b0f9ae53ceb39004d4adc2287b22dKSnuffle is a network packet sniffer for KDE. It supports multiple concurrent sniffers, packet filtering (aka tcpdump), event triggers and commands, text and binary logging (and replay), remote sniffing (via a demon process), and dynamically loadable plugins. Network traffic is displayed graphically and in detail; supplied plugins summarise traffic by direction (incoming, outgoing), source, and destination.
a9033b5c56e9381653e48ca7618a3f9b81550031dff190ee10fa20f83f6488dfsyslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.
890f68aa9253e3f8c5a5749cbedc3fa19ca80a9714f27d9e447564a08dfe09e0Lance Spitzners investigation of some mystery packets - contains some good insight by many people in the security field attempting to identify which tool created the packets.
e72c12e1acb37e79161699a3b751dc1477a3d0997d232b544f067e7d9795cbb4seraph.c checks a local system for uid bits, world writable files/directories, floating files, and stores them into logs. Basically a little c program that does some find commands.
a9d0612830fd1e0ab4734a28e28c37e6e8ac345d666d2573e90cc7c32fb77d64CERT Advisory CA-2000-08 - Inconsistent Warning Messages in Netscape Navigator. A flaw exists in Netscape Navigator that could allow an attacker to masquerade as a legitimate web site if the attacker can compromise the validity of certain DNS information. Within one Netscape session, if a user clicks on "continue" in response to a "hostname does not match name in certificate" error, then that certificate is incorrectly validated for future use in the Netscape session, regardless of the hostname or IP address of other servers that use the certificate.
0f92b5f91c8d367d803b053a382ed8d03f57a06c09529a5caeeee1a67dc70fa4Elm v2.5 buffer overflow exploit which provides a gid=12 shell if /usr/bin/elm is SGID. Tested on elm 2.5PL1-3, on Red Hat. Perl script to find offsets included.
de3ca64288f925a9826cafbf271fc6605aa272bb27361e89cf5913320a7c513fElm v2.4 buffer overflow exploit which provides a gid=12 shell if /usr/bin/elm is SGID. Tested on Slackware 3.6, elm 2.4PL25. Perl script to find offsets included.
03d1978ea3b8ab5173fda42c7786dc04993514aae31b5c97466470d36a8dddcfFreeBSD-SA-00:20 - The MIT Kerberos 5 port version 1.1.1 and earlier contains remote and local root vulnerabilities. Note that the implementations of Kerberos shipped in the FreeBSD base system is not the MIT version and not vulnerable to these problems. However, a very old release of FreeBSD dating from 1997 (FreeBSD 2.2.5) did ship with a closely MIT-derived Kerberos implementation ("eBones") and may be vulnerable to attacks of the kind described here.
4f55ecf6320468d66123267409375a0ace13858593f9a6d9bf1e9f89ace29546FreeBSD-SA-00:19 - A bug in the BSD kernel allows local users to cause every process on the system to hang during exiting. An undocumented system call is incorrectly exported from the kernel without access-control checks, allowing for a denial of service attack. Kernel patch included for FreeBSD.
45e3f6b40d7341db9e1de883923c171e91c998be44dc982602439178f3b0113bMicrosoft Security Bulletin (MS00-036) - Patch available for "ResetBrowser Frame" and "HostAnnouncement Flooding" vulnerabilities. Microsoft has released a patch for two security vulnerabilities, one affecting Microsoft Windows NT 4.0 and Windows 2000, and the other affecting Windows NT 4.0 only. The vulnerability allows malicious users to make it difficult or impossible for other users to locate services and computers on a network; in the worst case, it could allow him to provide incorrect information about the same services and computers. The "ResetBrowser Frame" vulnerability allows a malicious user to shut down browsers on his subnet, or, in the worst case, to shut down all browsers and declare his machine the new Master Browser. Microsoft FAQ on this issue available here.
c6fc4716f985dcbf872cadc9bd8ee789148379268cddce015426bbef65d4c28fSuSE Security Advisory - gdm prior to 2.0beta4 allows remote root compromise. Gdm is the GNOME replacment for xdm, handling graphical console and network logins. The gdm code, that process' logins over the network, could be tricked into writing data from the network right into the stack. This condition exists while gdm is running with root privileges and before the user is authenticated. Other distributions are affected as well. SuSE security site here.
b72a3c3c3aa5a34597dc9a0e68ba79f13b25815e8ef3f544fb17b99017973c2eSecurax-SA-03 - Ezboard v5.3.9 remote dos attack via wildcards in URL.
ed822a1fc27e53ef490ca1eaffb4b388a0110ab561a1a5b201ae6e3397654cf5solaris 2.7 lpset local exploit, i386.
82677b09b51b7eeb5f50474a25d70291b3e7b4d5eae939b2f28a8b28490519fa
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed