exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2000-07-25

inflex-0.1.5c.tar.gz
Posted Jul 25, 2000
Authored by Paul L Daniels | Site inflex.co.za

Inflex is an email scanner which scans both incoming and outgoing email without altering your /etc/sendmail.cf file. It can scan for email viruses, unwanted file types (eg., EXE, COM, BMP, MPEG) and file names (eg., stages.exe). It can also be used to scan for text snippets within emails and supports Exim for delivery.

Changes: The outlook date buffer overflow fix is included in this version.
systems | unix
MD5 | 15ed5b6cbe775e2d981e23de80786386
ArpWorks10.EXE
Posted Jul 25, 2000
Authored by Mao

ArpWorks v1.0 is a utility for Windows which sends customized Arp Announce packets over the network. All ARP parameters, including the Ethernet Source MAC address can be changed. Also features an IP to MAC resolver, subnet MAC discovery, host isolation, packets redirection, and IP conflict packets.

systems | windows
MD5 | 61f048ae6dd0bb719ce4bb9d91689c60
FS-072500-7-ANA.txt
Posted Jul 25, 2000
Authored by Robin Keir | Site foundstone.com

Foundstone Security Advisory - AnalogX Proxy v4.04 contains multiple buffer overflows. Includes several proof of concept denial of service examples.

tags | exploit, denial of service, overflow, proof of concept
MD5 | b35dcbfc570f44addb330eee78d4c138
linux-security.1-13.txt
Posted Jul 25, 2000
Authored by Benjamin Thomas | Site linuxsecurity.com

Linux Security Week July 24 - In this issue: Deploying Portsentry, How Buffer Overflow attacks work, Maximizing Apache Server Security, Secure Directory Services for E-Business, IPSec update, RedHat PAM updates available, NFS-utils rpc.statd remote vulnerability, Mandrake usermode vulnerability, LISTSERV web archive remote overflow, Stalker CommuniGate Pro read any file vulnerability, and SuSE Nkitb (ftp) vulnerability.

tags | remote, web, overflow
systems | linux, redhat, suse, mandrake
MD5 | d173b963f9239fa9203d3fcf12fa2eef
despoof-0.9.tgz
Posted Jul 25, 2000
Authored by Simple Nomad | Site razor.bindview.com

Despoof is a utility that tries to determine if a received packet is in fact spoofed by checking the TTL. This command-line utility is intended for near real-time responding (such as being triggered from an IDS). The README explains it all. This utility is based on an idea by Donald McLachlan [don@mainframe.dgrc.crc.ca] (thanks Don!). Despoof runs on most Unix systems (tested on Linux, *BSDs), and requires libnet 1.0 and libpcap 0.4.

tags | spoof
systems | linux, unix
MD5 | 07f2ba923e414e86b0a7dd6aee21d5b6
vlad-0.7.tgz
Posted Jul 25, 2000
Authored by Bindview Vlad Team | Site razor.bindview.com

VLAD the Scanner - A freeware, open-source scanner that checks for common security problems. VLAD checks for the items referenced in the SANS Top Ten list of common security problems, found at http://www.sans.org/topten.htm. While freeware scanners are not neccessarily unique, VLAD is rather unique because of the amount of vulnerable CGI programs it checks for, and its comprehensive account/password checks (seven different protocols).

tags | tool, web, cgi, scanner, protocol
systems | unix
MD5 | bb34c6c0182ba2227f7aefaef46c7080
OW-002-netscape-jpeg-r1.tar.gz
Posted Jul 25, 2000
Authored by Solar Designer | Site openwall.com

Netscape 4.73 and below remote proof of concept exploit for linux/x86. Includes a test image which crashes Netscape, a JFIF file compiler which exploits the COM marker processing vulnerability, and an unofficial patch for Mozilla M15 and Win32 Netscape.

tags | exploit, remote, x86, proof of concept
systems | linux, windows
MD5 | 05b9879474e6b8988cd3141760e07826
netscape.jpg-marker.txt
Posted Jul 25, 2000
Authored by Solar Designer | Site openwall.com

Netscape browsers v4.73 and below can be tricked into executing arbitrary assembly code by a malicious web site. In the case of Netscape Mail or News, the attack may be performed via a mail message or a news article, as well. A bug in the way Netscape browsers use the Independent JPEG Group's decoder library can cause the JPEG stream to be read onto the heap. Exploiting this vulnerability into executing arbitrary code is non-trivial, but possible on some platforms.

tags | exploit, web, arbitrary
MD5 | e3075f2ff193830fb17cb6c212c3b75c
saint-2.1.2.beta1.tar.gz
Posted Jul 25, 2000
Site wwdsi.com

SAINT (Security Administrator's Integrated Network Tool) is a security assesment tool based on SATAN. It is updated regularly and scans for just about all remotely detectable vulnerabilities. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.

Changes: This release adds vulnerability checks for setproctitle vulnerability in ftpd (added checks for HP-UX, OpenBSD, and ProFTP), Linux statd format string vulnerability, Big Brother (two vulnerabilities), Apache::ASP (source.asp), Poll It, guestbook.cgi, Excite for Web Servers, OmniHTTPD (imagemap.exe), Mini SQL (w3-msql), and the AltaVista search engine.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 05cbe5ca065eab1c49e5ec3fbc15ff67
asb00-16.storedperm
Posted Jul 25, 2000
Site allaire.com

Allaire Security Bulletin (ASB00-16) - Microsoft has released a patch for a security vulnerability in Microsoft SQL Server 7.0. The vulnerability could allow a malicious user to run a database stored procedure without proper permissions. This is not a problem with ColdFusion Server itself, but it is an issue that can affect ColdFusion users.

MD5 | 370004784395c107509b43fe1a8e7afa
asb00-17.dts.password
Posted Jul 25, 2000
Site allaire.com

Allaire Security Bulletin (ASB00-17) - Microsoft has released an updated patch that eliminates a security vulnerability in Microsoft(r) SQL Server 7.0. The vulnerability could allow a malicious user to compromise passwords. The updated patch also addresses a related problem with the Enterprise Manager Server registration dialog. This is not a problem with ColdFusion Server itself, but it is an issue that can affect ColdFusion users.

MD5 | da0752a106863377b1af0f4910a1f3d5
l0pht.00-07-20.ikey
Posted Jul 25, 2000
Authored by Kingpin | Site l0pht.com

L0pht Security Advisory - Rainbow Technologies' iKey 1000 contains vulnerabilities which allow an attacker to login as administrator and access all private information stored on the device with no detection by the legitimate user. The attack requires physical access to the device and a EEPROM programmer. Includes a proof of concept tool, iSpy, which retrieves and displays configuration data for the inserted iKey and displays ll public and private data.

tags | vulnerability, proof of concept
MD5 | 067ddab1726a135890936d3da78d624e
l0pht.00-07-18.netzero
Posted Jul 25, 2000
Authored by Brian Carrier | Site l0pht.com

L0pht Security Advisory - Passwords can be easily decrypted by exploiting NetZero's encryption algorithm. Includes proof of concept code to decode the password stored in jnetz.prop.

tags | proof of concept
MD5 | 4f9160ba188abe167da39ce209985986
longdate.fix.txt
Posted Jul 25, 2000
Authored by Koos van den Hout, Mark Lastdrager

Instructions for Sendmail and Postfix to stop messages with long Date: headers.

tags | patch
systems | unix
MD5 | 7ed0c8340998a6071f42c7cd6a464fde
rhsa.2000-043-01.statd
Posted Jul 25, 2000
Site redhat.com

Red Hat Security Advisory - The rpc.statd daemon in the nfs-utils package shipped in Red Hat Linux 6.0, 6.1, and 6.2 contains a flaw that could lead to a remote root break-in. Version 0.1.9.1 of the nfs-utils package corrects the problem.

tags | remote, root
systems | linux, redhat
MD5 | f82117265e0181ecbf9e34630e862171
Secure-Web-Development.pdf
Posted Jul 25, 2000
Authored by Razvan Peteanu

Best Practices for Secure Web Development is intended as a guideline for developing secure web based applications. Includes basic web security practices, cross-site scripting, PKI, code review, and more.

tags | paper, web, xss
MD5 | 736c63fa9a66be98f011f41405f6d365
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    10 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close