exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

Files Date: 2000-07-12

Posted Jul 12, 2000
Authored by Mao | Site oxid.it

Cain and Abel is a password recovery tool for Windows 95/98 operating systems. It allows easy recovery of Logon passwords, Share passwords (local and remote), Screen Saver passwords, Access Database passwords, DialUp passwords, Link passwords and any other application defined password cached in your system or in external .PWL and registry files. SMB passwords (MD4 hashed passwords) can also be recovered with a powerful distributed SMB sniffer. Warning: McAffee falsely detects this as a virus because it is free and cracks passwords. Archive password is set to p4ssw0rd. Use at your own risk.

tags | remote, local, trojan, registry, virus
systems | windows
SHA-256 | 2ad214b1781bd46564e79979d9d163a5f661737c204358c15222ce5173a1d2d6
FreeBSD Security Advisory 2000.26
Posted Jul 12, 2000
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD-SA-00:26 - The popper port, version 2.53 and earlier, incorrectly parses string formatting operators included in part of the email message header. A remote attacker can send a malicious email message to a local user which can cause arbitrary code to be executed on the server when a POP client retrieves the message using the UIDL command. The code is executed as the user who is retrieving mail: thus if root reads email via POP3 this can lead to a root compromise.

tags | remote, arbitrary, local, root
systems | freebsd
SHA-256 | 7805e554d84ca0867143ca1acddfa28152891c433df64b183b257ce27d1b467a
FreeBSD Security Advisory 2000.31
Posted Jul 12, 2000
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD-SA-00:31 - The Canna server, which is not installed by default, contains an overflowable buffer which may be exploited by a remote user to execute arbitrary code on the local system as user 'bin'.

tags | remote, overflow, arbitrary, local
systems | freebsd
SHA-256 | a5c72623b3c311e90c72f4b47d9722fac689db56ba5ef144be25900514208d35
FreeBSD Security Advisory 2000.29
Posted Jul 12, 2000
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD-SA-00:29 - The wu-ftpd port, versions 2.6.0 and below, contains a vulnerability which allows remote anonymous FTP users to execute arbitrary code as root on the local machine, by inserting string-formatting operators into command input, which are incorrectly parsed by the FTP server.

tags | remote, arbitrary, local, root
systems | freebsd
SHA-256 | bd79217c21c14fb58f503398bbd1738af72e6d6b50c3fa9c2bc3c38460cad46e
Posted Jul 12, 2000
Authored by Tim Niemueller | Site niemueller.de

The IPchains firewall module for Webbin lets you graphically create ipchains firewall scripts. Nearly all of the IPchains options are supported.

Changes: Ability to import the current system settings and move rules up and down in chains, changes to the way insert and append are handled, and the usual cleanups and bugfixes.
tags | tool, firewall
systems | linux
SHA-256 | e9e4ca8ee5f5cf23ecbd6ec157cf5a2fbdc3c7b70222a8c4d8146233b4d5a1e2
Posted Jul 12, 2000
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Bug fixes.
tags | encryption
systems | linux, openbsd
SHA-256 | 7dd9dff24e6037faf7edb54f4aa1d397ba8c0d8dbd219a1e687d2693b363d74f
Posted Jul 12, 2000
Authored by National Institute of Standards and Technology | Site csrc.nist.gov

Finding Holes in Your PBX Before Someone Else Does. Covers switching algorithms, susceptibility to tapping, conferencing, remote access, maintenance feature vulnerabilities, line testing capabilities, undocumented maintenance features, software loading and update tampering, tamper and error detection, crash-restart attacks, live microphone vulnerabilities, embedded login IDs and passwords, alarms and audit trails, silent monitoring, override (intrude), voice mail security, and denial of service.

tags | paper, remote, denial of service, vulnerability
SHA-256 | b6a45e7fe26d88d33f6721a1d6230eca3c90adec5d7102210d6b0c826ca87093
Posted Jul 12, 2000
Authored by vade79, realhalo | Site realhalo.org

Tetrinet v0.6 for linux denial of service exploit. If a user on the local network sends an encrypted string and disconnects before the login is completed, the Tetrinet server exits with a broken pipe.

tags | exploit, denial of service, local
systems | linux
SHA-256 | eade1092a1446a89cdd3abe32e722299cf310cac965b8038dcba3b09b7b7ca8f
Posted Jul 12, 2000
Authored by Michael Davis | Site datanerds.net

Snort ported to Windows - This is a working port of Snort to Windows NT/2000/9x. Changes include interface names, filenames, and syslog changes. Source available here.

tags | tool, sniffer
systems | windows
SHA-256 | 9f853454f4330a398ff17c7d7961ca2d15d41680e45ecc3e2d3db6c48320f32f
Posted Jul 12, 2000
Authored by Coretez Giovanni | Site 8thport.com

This paper re-examines the denial-of-service issue. It looks at the techniques used to accomplish denial of service including process recovery, resource destruction (crash), and resource overload. Looking at how DOS functions allows for the design of other DOS attacks aimed at the processes used by the operating system, the network protocols and the users.

tags | paper, denial of service, protocol
SHA-256 | a9ad3a5877fc1dae59b4e631b8e55e3f39c02254ab7704ea871612315b0770e4
Posted Jul 12, 2000

keepalive.c is a program which keeps your TCP connection alive. It sends null characters at an interval, keeping your connection from timing out. It is transparent to the user.

tags | tcp
systems | unix
SHA-256 | df09ebf6757775e0c6fd15aae4838cc8a09f356ada4ac2c983c7b73089c277b6
Posted Jul 12, 2000

Microsoft Security Bulletin (MS00-041) - Microsoft has released a patch for the "DTS Password" vulnerability in a component that ships with Microsoft SQL Server 7.0. If the Data Transformation Service (DTS) packages are in use, the password can be retrieved by programmatically interrogating the package's Properties dialogue. Microsofts FAQ on this issue is available here.

SHA-256 | c26bbe82b902991c970291aeebc8a484a534f0f0330e3a3f1894e63d8ba4ef1e
Posted Jul 12, 2000
Authored by Jim Forster | Site snort.org

False snort rules last updated 06/08/2000. Detects Yahoo pager data, AOL chat data, SNMP, SMB queries, etc.

tags | tool, sniffer
SHA-256 | e0cc37cf4a21ee024fcd1f4811062eb6344ecd5ccc67f4d3f42512e62ec32562
Posted Jul 12, 2000
Authored by Jim Forster | Site snort.org

Updated snort rules to detect backdoors last updated 06/08/2000.

tags | tool, sniffer
SHA-256 | f3315df3c4af8b6c1423b26b3e8a49b4234f17ab007ee5f6486e46b8511b5bd6
Posted Jul 12, 2000
Authored by Jim Forster | Site snort.org

Full set of updated snort rules using using 'any' instead of "$HOME_NET" variables. Last updated 07/06/2000.

Changes: Fix for quote problems causing false alerts and non-detection, lots more rules.
tags | tool, sniffer
SHA-256 | 5907c0a852e13e6fdfc0d193bd84932d7e82af352b2e2db8215bf03c0807b37d
Posted Jul 12, 2000
Authored by Jim Forster | Site snort.org

Full set of updated snort rules last updated 07/06/2000.

Changes: Fix for quote problems causing false alerts and non-detection, lots more rules.
tags | tool, sniffer
SHA-256 | 8f2f5be918905c16c2ea7fef322ac37cfda25eddaee72a7bfe96436f01547010
Posted Jul 12, 2000
Authored by Stuart Staniford | Site silicondefense.com

SnortSnarf is a Perl program to take files of alerts from the free Snort Intrusion Detection System, and produce HTML output intended for diagnostic inspection and tracking down problems. The model is that one is using a cron job or similar to produce a daily/hourly/whatever file of snort alerts. This script can be run on each such file to produce a convenient HTML breakout of all the alerts.

tags | tool, perl, sniffer
SHA-256 | df3b100d9597e4b7779ae77a7a940a9a1600461d5ef6f0bd4f62fb09de55d264
Posted Jul 12, 2000
Authored by Lars Brinhoff | Site nocrew.org

httptunnel creates a bidirectional data channel through an HTTP proxy, from your isolated computer behind a restrictive firewall, to a system on the Internet you have access to.

Changes: This release adds support for poorly-configured proxies which ignore the no-cache directive and a few minor bugfixes.
tags | web
systems | unix
SHA-256 | fa94137cdf3c452d021d119de04f604855720305fd21a4be637a35a40973e87a
Posted Jul 12, 2000
Authored by Averk | Site nscan.hypermart.net

Advanced DIG is a TCP-based DNS client for Windows that supports most of the available options, including AXFR zone transfer. It features an extended mode which utilizes a TCP connection to acquire any info that can be supplied by server and supports 20 different queries to nameserver.

tags | tcp
systems | windows
SHA-256 | 05abb1699e8459fd87c20edc3198396b1829b838b9c14076681af59876d592ec
Posted Jul 12, 2000
Authored by Averk | Site nscan.hypermart.net

Traceroute - specially for quick network route discovery (1-2 secounds to find the route). Unlike standard traceroute it traces all the way to host at once, therefore saving time. Also measures the time neccesary for packet to return and looks up all intermediate routers. Unlike Windows tracert it's based on UDP protocol, therefore allowing to trace networks where incoming ICMP messages are filtered.

tags | udp, protocol
systems | windows
SHA-256 | c238c4aaeb3149070eeeea575b95ade9bae711edca6673c50217bceacdf602ca
Posted Jul 12, 2000
Authored by Alan DeKok | Site striker.ottawa.on.ca

Pscan checks C source code for problematic uses of printf style functions such as "sprintf(buffer, variable)", which have been the source of many security holes. It does not check for buffer overflows or other misuse of function parameters.

tags | overflow
systems | unix
SHA-256 | c6beb8eac16a70536e72db9caef8391c0211c691fbe1f60769b326232ad168e7
Posted Jul 12, 2000
Authored by Dianne Skoll | Site roaringpenguin.com

MIME Defanger is a flexible MIME e-mail scanner designed to protect Windows clients from viruses. It works with Sendmail 8.10. and will alter or delete various parts of a MIME message according to a flexible configuration file, making it much more flexable than procmail-based approaches.

Changes: Mail filter can more reliably determine attachment names, and extra logging via syslog.
systems | windows, unix
SHA-256 | 060e05bb1f912fcf23f1cf9cdc835dc17c3c00d26c2214978397831fe97fa71e
Posted Jul 12, 2000
Authored by Toby Deshane | Site sourceforge.net

Cgichk is a web vulnerability scanner which automatically searches for a series of interesting directories and files on a given site. Instead of focusing on vulnerable CGI scripts, it looks for interesting and/or hidden directories such as logs, testing, secret, scripts, stats, restricted, code, robots.txt, etc.

tags | web, cgi
systems | unix
SHA-256 | 00f728b8d463d4ea4ae90a6b6889e0e1180310ca172ab39a1e41c54fbc690abc
Posted Jul 12, 2000
Authored by Daniel Wischnewski

Ralf Chat 1.2, a free CGI based chat system has remote vulnerabilities. User passwords can be retrieved in plain text and the default admin password is rarely changed.

tags | exploit, remote, cgi, vulnerability
SHA-256 | 21496428c515d4f09bbdd9f2637fed3eefe3cd485f5e1fdd028a2f105210de2f
Posted Jul 12, 2000
Authored by Benjamin Thomas | Site linuxsecurity.com

Linux Security Week July 10 - In this issue: Securing Sendmail, Understanding the Diffie-Hellman Key Exchange, PGP patch, BitchX dos vulnerability, man vulnerability (makewhatis /tmp bug), multiple freebsd patches, OpenSSH uselogin vulnerability, weekly security news, and much more.

tags | denial of service
systems | linux, freebsd
SHA-256 | 5bf9f698ffac215b3b0414186453110003cc34c633afda3c9caa8af9944d10af
Page 1 of 2

File Archive:

November 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    1 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    0 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    219 Files
  • 14
    Nov 14th
    19 Files
  • 15
    Nov 15th
    66 Files
  • 16
    Nov 16th
    38 Files
  • 17
    Nov 17th
    9 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    11 Files
  • 22
    Nov 22nd
    56 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    36 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    14 Files
  • 28
    Nov 28th
    30 Files
  • 29
    Nov 29th
    35 Files
  • 30
    Nov 30th
    25 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By