what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2000-07-25

Posted Jul 25, 2000
Authored by Paul L Daniels | Site inflex.co.za

Inflex is an email scanner which scans both incoming and outgoing email without altering your /etc/sendmail.cf file. It can scan for email viruses, unwanted file types (eg., EXE, COM, BMP, MPEG) and file names (eg., stages.exe). It can also be used to scan for text snippets within emails and supports Exim for delivery.

Changes: The outlook date buffer overflow fix is included in this version.
systems | unix
SHA-256 | 85fa2f9c2b8369230288e9f7cf073805efccc86377c09b313db5e571fed4d4d3
Posted Jul 25, 2000
Authored by Mao

ArpWorks v1.0 is a utility for Windows which sends customized Arp Announce packets over the network. All ARP parameters, including the Ethernet Source MAC address can be changed. Also features an IP to MAC resolver, subnet MAC discovery, host isolation, packets redirection, and IP conflict packets.

systems | windows
SHA-256 | df3e09312979c44353c8a13e2ceb4b4589fe5eaa06e606564b2b7fe90d1f991e
Posted Jul 25, 2000
Authored by Robin Keir | Site foundstone.com

Foundstone Security Advisory - AnalogX Proxy v4.04 contains multiple buffer overflows. Includes several proof of concept denial of service examples.

tags | exploit, denial of service, overflow, proof of concept
SHA-256 | ecf9025d8fb2c5b91e285bf9f4839c34b7b4005d1ba80cb67d41d7edd59381de
Posted Jul 25, 2000
Authored by Benjamin Thomas | Site linuxsecurity.com

Linux Security Week July 24 - In this issue: Deploying Portsentry, How Buffer Overflow attacks work, Maximizing Apache Server Security, Secure Directory Services for E-Business, IPSec update, RedHat PAM updates available, NFS-utils rpc.statd remote vulnerability, Mandrake usermode vulnerability, LISTSERV web archive remote overflow, Stalker CommuniGate Pro read any file vulnerability, and SuSE Nkitb (ftp) vulnerability.

tags | remote, web, overflow
systems | linux, redhat, suse, mandrake
SHA-256 | 1c45fd9d5af9418bd4bddfa5bf221ac7287916786a10a0e4fb8921ca55a31796
Posted Jul 25, 2000
Authored by Simple Nomad | Site razor.bindview.com

Despoof is a utility that tries to determine if a received packet is in fact spoofed by checking the TTL. This command-line utility is intended for near real-time responding (such as being triggered from an IDS). The README explains it all. This utility is based on an idea by Donald McLachlan [don@mainframe.dgrc.crc.ca] (thanks Don!). Despoof runs on most Unix systems (tested on Linux, *BSDs), and requires libnet 1.0 and libpcap 0.4.

tags | spoof
systems | linux, unix
SHA-256 | c730656dba9ef4d9ad86dcb864c528f945e8c29c056ccfe8f82664ec9d4a1e39
Posted Jul 25, 2000
Authored by Bindview Vlad Team | Site razor.bindview.com

VLAD the Scanner - A freeware, open-source scanner that checks for common security problems. VLAD checks for the items referenced in the SANS Top Ten list of common security problems, found at http://www.sans.org/topten.htm. While freeware scanners are not neccessarily unique, VLAD is rather unique because of the amount of vulnerable CGI programs it checks for, and its comprehensive account/password checks (seven different protocols).

tags | tool, web, cgi, scanner, protocol
systems | unix
SHA-256 | 49ddff7020a60b1c526937b09cc43271544f09c21165da5716352440d7338b63
Posted Jul 25, 2000
Authored by Solar Designer | Site openwall.com

Netscape 4.73 and below remote proof of concept exploit for linux/x86. Includes a test image which crashes Netscape, a JFIF file compiler which exploits the COM marker processing vulnerability, and an unofficial patch for Mozilla M15 and Win32 Netscape.

tags | exploit, remote, x86, proof of concept
systems | linux, windows
SHA-256 | 0f05859c7ef597bbacc6e8eca02d88950d83123ded5db560eac573fc6dc8107f
Posted Jul 25, 2000
Authored by Solar Designer | Site openwall.com

Netscape browsers v4.73 and below can be tricked into executing arbitrary assembly code by a malicious web site. In the case of Netscape Mail or News, the attack may be performed via a mail message or a news article, as well. A bug in the way Netscape browsers use the Independent JPEG Group's decoder library can cause the JPEG stream to be read onto the heap. Exploiting this vulnerability into executing arbitrary code is non-trivial, but possible on some platforms.

tags | exploit, web, arbitrary
SHA-256 | 6c13825689c162377d5aef906252e6f595a0015f46abc25bdb05bed5645897b5
Posted Jul 25, 2000
Site wwdsi.com

SAINT (Security Administrator's Integrated Network Tool) is a security assesment tool based on SATAN. It is updated regularly and scans for just about all remotely detectable vulnerabilities. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.

Changes: This release adds vulnerability checks for setproctitle vulnerability in ftpd (added checks for HP-UX, OpenBSD, and ProFTP), Linux statd format string vulnerability, Big Brother (two vulnerabilities), Apache::ASP (source.asp), Poll It, guestbook.cgi, Excite for Web Servers, OmniHTTPD (imagemap.exe), Mini SQL (w3-msql), and the AltaVista search engine.
tags | tool, scanner, vulnerability
systems | unix
SHA-256 | 22dffd2cea4bbd35a1c23deabc9e5c7b7ae85a1c0737e137c52e514c539a1353
Posted Jul 25, 2000
Site allaire.com

Allaire Security Bulletin (ASB00-16) - Microsoft has released a patch for a security vulnerability in Microsoft SQL Server 7.0. The vulnerability could allow a malicious user to run a database stored procedure without proper permissions. This is not a problem with ColdFusion Server itself, but it is an issue that can affect ColdFusion users.

SHA-256 | c09e5fa63dd1b5c76a1b94a54a56022ab41e099dbb5740045e1926ea083d38b7
Posted Jul 25, 2000
Site allaire.com

Allaire Security Bulletin (ASB00-17) - Microsoft has released an updated patch that eliminates a security vulnerability in Microsoft(r) SQL Server 7.0. The vulnerability could allow a malicious user to compromise passwords. The updated patch also addresses a related problem with the Enterprise Manager Server registration dialog. This is not a problem with ColdFusion Server itself, but it is an issue that can affect ColdFusion users.

SHA-256 | 45bdfbf288ce1e1b06c8bbe8ccaaebc5b0132ebd6d4186bd64a18981ea7c1281
Posted Jul 25, 2000
Authored by Kingpin | Site l0pht.com

L0pht Security Advisory - Rainbow Technologies' iKey 1000 contains vulnerabilities which allow an attacker to login as administrator and access all private information stored on the device with no detection by the legitimate user. The attack requires physical access to the device and a EEPROM programmer. Includes a proof of concept tool, iSpy, which retrieves and displays configuration data for the inserted iKey and displays ll public and private data.

tags | vulnerability, proof of concept
SHA-256 | b09f4d1b30cd7023b8dba22307ee8935b43313f10168392ba0b354ee1febc1d5
Posted Jul 25, 2000
Authored by Brian Carrier | Site l0pht.com

L0pht Security Advisory - Passwords can be easily decrypted by exploiting NetZero's encryption algorithm. Includes proof of concept code to decode the password stored in jnetz.prop.

tags | proof of concept
SHA-256 | 18ccbc25607e0b2335bd76b829e896cac1e0716922f3dfbdd160e52c8cc11c82
Posted Jul 25, 2000
Authored by Koos van den Hout, Mark Lastdrager

Instructions for Sendmail and Postfix to stop messages with long Date: headers.

tags | patch
systems | unix
SHA-256 | 0a78732b5488a64a94bdb50e95db3aa08911ecb7b7737f1988d5d3fc12311f30
Posted Jul 25, 2000
Site redhat.com

Red Hat Security Advisory - The rpc.statd daemon in the nfs-utils package shipped in Red Hat Linux 6.0, 6.1, and 6.2 contains a flaw that could lead to a remote root break-in. Version of the nfs-utils package corrects the problem.

tags | remote, root
systems | linux, redhat
SHA-256 | 653a35dcfe3d06dfd62cbe3afd4bedf3c6d4ac497815a8a2e19ee973990845d4
Posted Jul 25, 2000
Authored by Razvan Peteanu

Best Practices for Secure Web Development is intended as a guideline for developing secure web based applications. Includes basic web security practices, cross-site scripting, PKI, code review, and more.

tags | paper, web, xss
SHA-256 | 7c1777b2da1020b5231acda0e2c833637f7afda2f1a49469e972503425b1bc6c
Page 1 of 1

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By