exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2000-07-25

Posted Jul 25, 2000
Authored by Paul L Daniels | Site inflex.co.za

Inflex is an email scanner which scans both incoming and outgoing email without altering your /etc/sendmail.cf file. It can scan for email viruses, unwanted file types (eg., EXE, COM, BMP, MPEG) and file names (eg., stages.exe). It can also be used to scan for text snippets within emails and supports Exim for delivery.

Changes: The outlook date buffer overflow fix is included in this version.
systems | unix
MD5 | 15ed5b6cbe775e2d981e23de80786386
Posted Jul 25, 2000
Authored by Mao

ArpWorks v1.0 is a utility for Windows which sends customized Arp Announce packets over the network. All ARP parameters, including the Ethernet Source MAC address can be changed. Also features an IP to MAC resolver, subnet MAC discovery, host isolation, packets redirection, and IP conflict packets.

systems | windows
MD5 | 61f048ae6dd0bb719ce4bb9d91689c60
Posted Jul 25, 2000
Authored by Robin Keir | Site foundstone.com

Foundstone Security Advisory - AnalogX Proxy v4.04 contains multiple buffer overflows. Includes several proof of concept denial of service examples.

tags | exploit, denial of service, overflow, proof of concept
MD5 | b35dcbfc570f44addb330eee78d4c138
Posted Jul 25, 2000
Authored by Benjamin Thomas | Site linuxsecurity.com

Linux Security Week July 24 - In this issue: Deploying Portsentry, How Buffer Overflow attacks work, Maximizing Apache Server Security, Secure Directory Services for E-Business, IPSec update, RedHat PAM updates available, NFS-utils rpc.statd remote vulnerability, Mandrake usermode vulnerability, LISTSERV web archive remote overflow, Stalker CommuniGate Pro read any file vulnerability, and SuSE Nkitb (ftp) vulnerability.

tags | remote, web, overflow
systems | linux, redhat, suse, mandrake
MD5 | d173b963f9239fa9203d3fcf12fa2eef
Posted Jul 25, 2000
Authored by Simple Nomad | Site razor.bindview.com

Despoof is a utility that tries to determine if a received packet is in fact spoofed by checking the TTL. This command-line utility is intended for near real-time responding (such as being triggered from an IDS). The README explains it all. This utility is based on an idea by Donald McLachlan [don@mainframe.dgrc.crc.ca] (thanks Don!). Despoof runs on most Unix systems (tested on Linux, *BSDs), and requires libnet 1.0 and libpcap 0.4.

tags | spoof
systems | linux, unix
MD5 | 07f2ba923e414e86b0a7dd6aee21d5b6
Posted Jul 25, 2000
Authored by Bindview Vlad Team | Site razor.bindview.com

VLAD the Scanner - A freeware, open-source scanner that checks for common security problems. VLAD checks for the items referenced in the SANS Top Ten list of common security problems, found at http://www.sans.org/topten.htm. While freeware scanners are not neccessarily unique, VLAD is rather unique because of the amount of vulnerable CGI programs it checks for, and its comprehensive account/password checks (seven different protocols).

tags | tool, web, cgi, scanner, protocol
systems | unix
MD5 | bb34c6c0182ba2227f7aefaef46c7080
Posted Jul 25, 2000
Authored by Solar Designer | Site openwall.com

Netscape 4.73 and below remote proof of concept exploit for linux/x86. Includes a test image which crashes Netscape, a JFIF file compiler which exploits the COM marker processing vulnerability, and an unofficial patch for Mozilla M15 and Win32 Netscape.

tags | exploit, remote, x86, proof of concept
systems | linux, windows
MD5 | 05b9879474e6b8988cd3141760e07826
Posted Jul 25, 2000
Authored by Solar Designer | Site openwall.com

Netscape browsers v4.73 and below can be tricked into executing arbitrary assembly code by a malicious web site. In the case of Netscape Mail or News, the attack may be performed via a mail message or a news article, as well. A bug in the way Netscape browsers use the Independent JPEG Group's decoder library can cause the JPEG stream to be read onto the heap. Exploiting this vulnerability into executing arbitrary code is non-trivial, but possible on some platforms.

tags | exploit, web, arbitrary
MD5 | e3075f2ff193830fb17cb6c212c3b75c
Posted Jul 25, 2000
Site wwdsi.com

SAINT (Security Administrator's Integrated Network Tool) is a security assesment tool based on SATAN. It is updated regularly and scans for just about all remotely detectable vulnerabilities. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.

Changes: This release adds vulnerability checks for setproctitle vulnerability in ftpd (added checks for HP-UX, OpenBSD, and ProFTP), Linux statd format string vulnerability, Big Brother (two vulnerabilities), Apache::ASP (source.asp), Poll It, guestbook.cgi, Excite for Web Servers, OmniHTTPD (imagemap.exe), Mini SQL (w3-msql), and the AltaVista search engine.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 05cbe5ca065eab1c49e5ec3fbc15ff67
Posted Jul 25, 2000
Site allaire.com

Allaire Security Bulletin (ASB00-16) - Microsoft has released a patch for a security vulnerability in Microsoft SQL Server 7.0. The vulnerability could allow a malicious user to run a database stored procedure without proper permissions. This is not a problem with ColdFusion Server itself, but it is an issue that can affect ColdFusion users.

MD5 | 370004784395c107509b43fe1a8e7afa
Posted Jul 25, 2000
Site allaire.com

Allaire Security Bulletin (ASB00-17) - Microsoft has released an updated patch that eliminates a security vulnerability in Microsoft(r) SQL Server 7.0. The vulnerability could allow a malicious user to compromise passwords. The updated patch also addresses a related problem with the Enterprise Manager Server registration dialog. This is not a problem with ColdFusion Server itself, but it is an issue that can affect ColdFusion users.

MD5 | da0752a106863377b1af0f4910a1f3d5
Posted Jul 25, 2000
Authored by Kingpin | Site l0pht.com

L0pht Security Advisory - Rainbow Technologies' iKey 1000 contains vulnerabilities which allow an attacker to login as administrator and access all private information stored on the device with no detection by the legitimate user. The attack requires physical access to the device and a EEPROM programmer. Includes a proof of concept tool, iSpy, which retrieves and displays configuration data for the inserted iKey and displays ll public and private data.

tags | vulnerability, proof of concept
MD5 | 067ddab1726a135890936d3da78d624e
Posted Jul 25, 2000
Authored by Brian Carrier | Site l0pht.com

L0pht Security Advisory - Passwords can be easily decrypted by exploiting NetZero's encryption algorithm. Includes proof of concept code to decode the password stored in jnetz.prop.

tags | proof of concept
MD5 | 4f9160ba188abe167da39ce209985986
Posted Jul 25, 2000
Authored by Koos van den Hout, Mark Lastdrager

Instructions for Sendmail and Postfix to stop messages with long Date: headers.

tags | patch
systems | unix
MD5 | 7ed0c8340998a6071f42c7cd6a464fde
Posted Jul 25, 2000
Site redhat.com

Red Hat Security Advisory - The rpc.statd daemon in the nfs-utils package shipped in Red Hat Linux 6.0, 6.1, and 6.2 contains a flaw that could lead to a remote root break-in. Version of the nfs-utils package corrects the problem.

tags | remote, root
systems | linux, redhat
MD5 | f82117265e0181ecbf9e34630e862171
Posted Jul 25, 2000
Authored by Razvan Peteanu

Best Practices for Secure Web Development is intended as a guideline for developing secure web based applications. Includes basic web security practices, cross-site scripting, PKI, code review, and more.

tags | paper, web, xss
MD5 | 736c63fa9a66be98f011f41405f6d365
Page 1 of 1

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    13 Files
  • 28
    May 28th
    18 Files
  • 29
    May 29th
    17 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By