A new denial of service The Allaire ColdFusion Web Application Server contains a denial of service vulnerability in all ColdFusion versions up through and including 4.5.1. A very large password at the ColdFusion Administrator login page can bring the system to a halt.
42daef2c136accb3c2736c9630c8560472e737cbfa6d93ed211648d25c436216ICQ Web Front DOS Exploit - guestbook.cgi, part of ICQ web front, is vulnerable to a remote denial of service attack. This shell script exploit generates a malformed POST request and uses netcat to send it to port 80 of the victim host.
b8e9e0819dfa1cd572dcf565fd2d91d1830fea0eb549bcc41414b0da7e85f832/usr/bin/cdrecord local exploit for x86 linux - gives gid=80 shell. Tested on Mandrake 7.0.
8c45b8eeaaa72e51223e3ac9a61b3c58d5f14a3ff1e33a32566ccd253e0be59d/usr/bin/kdesud has DISPLAY enviroment variable overflow - exploit gives gid=0, tested on Mandrake 7.02.
8b85d8dcf4d727c24bbbc0ac3bf68dc420f4d2860eb3301427c685428fe26a91Solaris /usr/vmsys/bin/chkperm overflow - A long HOME environment variable can be used to provide a UID=bin shell.
40eca362e3afebe709d31273f915b144f1f648521921fe036f9461f0d0657adcSnort 1.6 ported to Windows - This is a working port of Snort to Windows NT/2000/9x. (Includes source and binaries). Changes include interface names, filenames, syslog changes.
ff9d6331b885789ffeb9729434a74185db36464c478ae5e923c591b0f9c1761dDesign and Implementation Flaws in SessionWall-3 - SessionWall-3 (more recently known as e-Trust IDS) is a graphically controlled sniffer and network monitor / network censor for the Windows platform. The SessionWall-3 machine can be detected and identified remotely by a single ICMP packet. The password is stored in the registry with very simple XOR encryption. Includes sample code which decrypts the admin password, passive SW-3 detection, and active SW-3 detection & reply packet forger.
945236d2873af232b1208d9e5269794fa3947377e1a1f2f3f67b66264af1cf8aTSScgi.sh is a shell script which scans for vulnerable cgi scripts with the help of netcat.
66bd2915c38a890ba8c7d2a3ab7606b858d64e2c6618d0afe8f6502f11efa8e4tidcmp.c is an ICMP Source Quench attack. Sends spoofed ICMP type 4 packets to the victims router. Includes references to the relevant RFC's.
db223fd1d7252c5896709ec8d2d3cbedb3dafe880cb6106b6b57cdcd5ec79ff6SuSE Security Advisory - Qpop 2.53 does not check the mail header for invalid input, allowing an attacker could send a mail with a malicously formated mail header to a person, that reveives it's mail via qpop 2.53, to execute code with the privileges of user 'mail' at the qpop server.
664c98fc21db37c8fd0c437a504953f31e4c132062a73cbcd08e8ee68479edccThis is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
0d922710303edf9ec492735875962c500768037a155e29ea0d72cb0230b7ee18The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.
032bdf2efc15a80b3b5bf4d51957cf0fe1b609b3ba1626819cdbf74b7334a124SAINT (Security Administrator's Integrated Network Tool) is a security assesment tool based on SATAN. It is updated regularly and scans for just about all remotely detectable vulnerabilities. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.
dcb3256f9258a048fa146de6ed2e9289aadb856cfdae0226bc68e5e05ab2e61cThe IPchains firewall module for Webbin lets you graphically create ipchains firewall scripts. Nearly all of the IPchains options are supported.
c8bab9389fdaa80391c1aab8f4d271dfaf05cb0ec06db1279d9fe21cb432adcdMicrosoft Security Bulletin (MS00-040) - Microsoft has released a patch for the "Remote Registry Access Authentication" vulnerability in Microsoft Windows NT 4.0. An authenticated user can send malformed data to a Remote Registry server, causing it to fail. Because the Remote Registry server is contained within the winlogon.exe system process on Windows NT 4.0, a failure in that process would cause the entire system to fail. Microsoft FAQ on this issue available here.
0e095bd97bb8ae6c8408fe34cb4a4331a94db438df634bec291cb9d41fc1be43Zebedee is a simple program to establish an encrypted and compressed TCP/IP tunnel between two systems. This allows TCP-based traffic such as telnet, FTP and X to be protected from snooping as well as potentially gaining performance over slow networks from compression. The main goals for Zebedee are to provide full client and server functionality under both UNIX and Windows 95/98/NT, to be easy to install, use and maintain with little or no configuration required, to have a small footprint, low wire protocol overhead and give significant traffic reduction by the use of compression and to use only algorithms that are either unpatented or for which the patent has expired.
91e2ccc24768303b4c8247d2c3fd42e5fbbe961b1db4047f4fcfec6dd9c0912fFreeBSD-SA-00:22 - A patch added to the FreeBSD SSH port on 2000-01-14 incorrectly configured the SSH daemon to listen on an additional network port, 722, in addition to the usual port 22. This may cause a violation of security policy if the additional port is not subjected to the same access-controls (e.g. firewallling) as the standard SSH port.
33c72447d93fde7131a8d8212c02092b4f3850d030c64554377c8b18f6be713dFreeBSD-SA-00:22 - The apsfilter port, versions 5.4.1 and below, contain a vulnerability which allow local users to execute arbitrary commands as the user running lpd, user root in a default FreeBSD installation.
ebfe79af11d363c60595bcdc3353668e6393f13c9aefc881f75f10e098545841Caldera Security Advisory - There is a serious vulnerability in Linux kernel 2.2.x that allows local users to obtain root privilege by exploiting certain setuid root applications.
50bf47ab9f6222903d0dab17ef1fd0dcebe194c6bc4c9195b6080a9b053ece5dBastille Linux aims to be the most comprehensive, flexible, and educational Security Hardening Program for Red Hat Linux 6.0/6.1. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.
6489c59a6ec3660d48b259bf64695df2662f30d7091518b8943147ab0ae19232dspspy is a sound recording utility for spying. dspspy waits until a sound is detected (input via /dev/dsp) and then it records it to a unique file. dspspy records sounds from the microphone to raw sound files. This can be used as a surveillance system.
4d9470a3b476e33cc156234a215ca19e3c07d65c81916abf6925c7b0f9212bb8The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.
0bdd1434eb13e3566cc545262804f0480ae9f9a58ce1d8a591a8cd805126c42f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed