what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2000-06-19

intact30.zip
Posted Jun 19, 2000
Site pedestalsoftware.com

Intact Open Use is a host integrity checking system for Windows 95/98. This is only a 30 day trial. Intact can detect change in the filesystem and registry.

tags | registry
systems | windows
SHA-256 | 4cf2810673f6b8e0ec16988e8a63d002e0d5952d90749361e6f2904a5ddf8cef
netsec18.txt
Posted Jun 19, 2000
Site net-security.org

Weekly Newsletter from Help Net Security Issue 18 - 19.06.2000 - Covers weekly roundups of security related events. In this issue: Remote dos attack in NAI pgp certificate server, SmartFTP daemon v0.2 vulnerability, Microsoft revises ms00-035, remote dos attack in AnalogX Simpleserver WWW v1.05, MS00-031 patch re-release, Dragon Server v1.00 and 2.00 remote dos attacks, AOL instant messenger dos. Also linux security techniques, kernel basics, and much more.

tags | remote, kernel
systems | linux
SHA-256 | 370cba453102d1a90e1f04d927c9700faca6b6b3ad60c541ebf6dea08cb96e37
linux-security.1-8.txt
Posted Jun 19, 2000
Authored by Benjamin Thomas | Site linuxsecurity.com

Linux Security Week June 12 - In this issue: Updates are available for the Document Template package, BRU Backup Utility, Kerberos 5, and a bug on FreeBSD/Alpha systems that weakens its encryption. OpenBSD 2.7 is annunced and and the U.S. House gives its "OK" to the digital signature bill.

systems | linux, freebsd, openbsd
SHA-256 | d3af4c437f7224ecb592716f7973e2c5f6eeb9545d977a4490847348ca8cf0e6
motion-1.0.tar.gz
Posted Jun 19, 2000
Authored by Jeroen Vreeken | Site motion.technolust.cx

motion uses a video4linux device as a motion detector. It will make snapshots of the movement it sees, making it usable as an observation or security system. It can send out email, SMS messages, or invoke an external command when detecting motion.

Changes: First stable release! Includes many bug fixes, support for mpeg movies, sanity checks.
systems | linux
SHA-256 | 180eb595eae21df8fc38fa47ed24dc5f4a9ffc4673821d67aa65aeb364992ade
apcd.c
Posted Jun 19, 2000
Authored by WC

Debian 2.1 local root exploit - A vulnerability exists in the apcd package shipped with Debian 2.1.

tags | exploit, local, root
systems | linux, debian
SHA-256 | f7ca16d4ea9299fd7aef4c4a72b95848377702b1feeccf9d2d657e4193b25dbe
userregsp.c
Posted Jun 19, 2000
Authored by Fygrave

MailStudio2000 v2.0 and below userreg.cgi exploit - Executes arbitrary commands on remote host as root.mail.

tags | exploit, remote, arbitrary, cgi, root
SHA-256 | 095872ca533dfd3c5443df88fb3daab10038263b301956bf03770b5a5ac72928
setxconfxploit.c
Posted Jun 19, 2000
Authored by Suid | Site suid.kg

SetXConf local root exploit for Corel linux v1.0 with xconf utils.

tags | exploit, local, root
systems | linux
SHA-256 | db447881a66d9c741450d6d7e316b1bb4edd263812be29422ab468e0194719f4
major2.c
Posted Jun 19, 2000
Authored by Morpheusbd | Site brightdarkness.de

Majordomo local exploit for Suse 6.0 and 6.3. Tested against Majordomo Wrapper <= v1.94.5.

tags | exploit, local
systems | linux, suse
SHA-256 | 312f4fcbf45535494f8a44755293ca6e8bc7842547f4c8e7aa00445f3d859041
SSHWin-2.2.0.exe
Posted Jun 19, 2000
Site ssh.org

SSH (Secure Shell) Windows Port is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.

Changes: Lots of bugfixes, easier access control on the server end, full draft compatibility, interoperability with lsh and openssh without special kluges, more portability, and more.
tags | remote, shell, encryption
systems | windows
SHA-256 | 9086e00c98cc755dca63755c3eb1eb211bfeb07f77b8d7755f4239f67d512ab2
ssh-2.2.0.tar.gz
Posted Jun 19, 2000
Site ssh.org

SSH (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.

Changes: Scp and Sftp were re-written. Server authentication code has undergone major cleanup. This version is much more stable and portable than previous versions, and interoperates with lsh and openssh without kludges. There are many bug fixes and porting improvements.
tags | remote, shell, encryption
SHA-256 | 2eed3b75a12f7cdfaa9f8ea85b5399fc1cd4ac5e88192c9a5784851d93a2950c
vbs-1.0.0.tar.gz
Posted Jun 19, 2000
Authored by Theo Nolte | Site adsl-nolte1.rz.rwth-aachen.de

Vbs is a mail-filter to make attachments unexecutable by replacing the dot in the filename extension of critical attachments with a tilde, so that MUAs won't recognize those attachments anymore as executable. It is implemented as a wrapper for the delivery agent.

systems | unix
SHA-256 | 0e593fdba33fb611f5cd4ce5e761239c474b21be1468684fcbbc7de6349e6bf0
winfingerprint-225.zip
Posted Jun 19, 2000
Authored by Vacuum | Site technotronic.com

Winfingerprint 225: Advanced remote windows OS detection which does not run under Win 9x. Features the ability to enumerate servers, shares, global groups and users, displays active services, scan network neighborhood, establish null IPC$ sessions, and registry query (currently determines Service Pack Level & Applied Hotfixes).

Changes: HTML fixes, added ShellExecute() so default browser will automatically open up results. This is a low priority release.
tags | remote, registry
systems | windows
SHA-256 | ae7ee89927e58ab7a222f65d01cf51ba546ce17889f6adfbfb6d1a3cff3b1eb4
dsniff-2.2.tar.gz
Posted Jun 19, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: New filesnarf program which saves files sniffed from network file system traffic, Rewrote HTTP decoding in dsniff, Alpha platform support, Fixed arp discovery in arpredirect on Linux, Added -m flag to enable automatic protocol detection in dsniff (based on the classic file(1) command), Added TDS (Sybase, Microsoft SQL Server) parsing to dsniff, and Added regular expression matching and POP support to mailsnarf.
tags | tool, local, sniffer, tcp, protocol
SHA-256 | 2c83a22007336345ee4a0b4a690b0df387ca6dc1f1c1ac7eb68f04e8465c341c
pine_bof.c
Posted Jun 19, 2000
Authored by vade79, realhalo

Pine v4.10-21 local buffer overflow - drops a gid=mail shell if /usr/bin/pine is SGID. Tested on Debian slink2.1.

tags | exploit, overflow, shell, local
systems | linux, debian
SHA-256 | 7764b61d5684322567f4c2b7d67debaf0db0e2c30bbcecd3de3c2f2533e14b92
zodiac-0.4.9.tar.gz
Posted Jun 19, 2000
Authored by teso, scut | Site team-teso.net

Zodiac is a portable, extensible and multithreaded DNS tool. It is meant to be used as a DNS packet monitor and DNS protocol test and debuging tool. It's basic features are: sniffing of DNS datagrams on an ethernet device, decoding of all types of DNS packets, including safe decompression (partly finished, SOA record are, for example, not decoded yet), nice display and gui, if you like ncurses and text based frontends, always interactive in all situations through built in command line, threaded and flexible design. Advanced features include: local DNS spoof handler, jizz DNS spoof, exploiting a weakness in old bind implementations, determines jizz-weakness, id-prediction and resolver type remotely, id spoofing, exploiting a weakness in the dns protocol itself, implements some advanced DNS denial of service attacks, including flood, label compression and unres attack, advanced DNS smurf.

Changes: Now runs on *BSD, and fixed some bugs.
tags | denial of service, local, spoof, protocol
systems | unix
SHA-256 | 87f79104df9555ecf18355d034a721bd7327ecf82037e1e480a0752bb07e3a14
Sysctl.sh
Posted Jun 19, 2000
Authored by Brad Spengler

Using the sysctl support in linux to enhance a system security against outside attacks. Includes a script to optimize these settings by echoing values to /proc/sys/net/ipv4/*, turning on kernel security features which lessen the effect of SYN floods, smurf attacks, and turn on source validation by reversed path to add more protection against spoofed packets. Tested on linux 2.2.x.

tags | kernel, spoof
systems | linux
SHA-256 | ecb153fa9297b6558f676c779fca71d43e72cda281fcdba5c8b5c5d910578a74
mexico.mrc
Posted Jun 19, 2000
Authored by Grid | Site members.fortunecity.com

a mIRC script thathacks the current window with a display of mexican nationalism.

SHA-256 | 25af6367785d36145f4ef7cfa80574451b104291a7c9775cada49267be9bc828
sara-3.1.2.tar.gz
Posted Jun 19, 2000
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.

Changes: Added switch to slow the scan to minimize impact to slower networks, Added custom and multiple hosts on GUI (Target Mgt), Added test for INN 2.x.x vulnerability, Improved JetAdmin logic in http.sara, Improved the Custom attack level (see config/sara.cf), Improved printer logic in depends.sara, Fixed ftp.sara to properly report MS FTP status.
tags | tool, cgi, scanner
systems | unix
SHA-256 | 84506ebbcbbe67a4ed331bd2d3446a9fd4e42551ddbea393dacb12a963cc7757
ms00-031
Posted Jun 19, 2000

Microsoft Security Bulletin (MS00-031) - fix Available for "Undelimited .HTR Request" and "File Fragment Reading via .HTR" Vulnerabilities. Microsoft has released a patch for two security vulnerabilities in Microsoft Internet Information Server. The vulnerabilities could, respectively, be used to slow an affected web server's response or to obtain the source code of certain types of files under some conditions. Microsoft FAQ on this issue available here.

tags | web, vulnerability
SHA-256 | 98eca05701fecabe23033301fec85f807448feab8ae6fbf412aef87bdc28cb72
wmnetmon_bof.c
Posted Jun 19, 2000
Authored by vade79, realhalo

Wmnetmon v0.2 buffer overflow exploit for Linux - Provides a euid=0 shell provided /usr/X11R6/bin/wmnetmon is suid root, as it is by default. Includes perl script to try all offsets.

tags | exploit, overflow, shell, root, perl
systems | linux
SHA-256 | 86bef23e564b83a03659996407371bf9b0c8902fe578e15b80db3ca10affd2eb
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close