all things security
Showing 1 - 25 of 302 RSS Feed

Files Date: 2000-07-01 to 2000-07-31

cgichk_2.41.tar.gz
Posted Jul 30, 2000
Authored by Toby Deshane | Site sourceforge.net

Cgichk is a web vulnerability scanner which automatically searches for a series of interesting directories and files on a given site. Instead of focusing on vulnerable CGI scripts, it looks for interesting and/or hidden directories such as logs, testing, secret, scripts, stats, restricted, code, robots.txt, etc.

Changes: Fixed a bug which caused it to scan Network Solutions instead, added some more directories to look for.
tags | web, cgi
systems | unix
MD5 | 2e8161bbe9a642054d7dead986f992b1
fuzz-0.5.1.tar.gz
Posted Jul 30, 2000
Authored by Ben Woodard | Site fuzz.sourceforge.net

Fuzz searches for new security vulnerabilities by generating random garbage which can be passed in several ways to programs to see if they can be made to crash or hang.

tags | vulnerability
systems | unix
MD5 | e62b883a6de87efd11950e357a2aa0c6
FS-072800-9-BEA.txt
Posted Jul 30, 2000
Authored by Saumil Shah | Site foundstone.com

Foundstone Security Advisory - Two show code vulnerabilities exist with BEA's WebLogic 5.1.0 allowing an attacker to view the source code of any file within the web document root of the web server. Depending on web application and directory structure attacker can access and view unauthorized files. Proof of concept URL's included.

tags | exploit, web, root, vulnerability, proof of concept
MD5 | eabfb1cb192fae14880ee2af89f74ca8
etherape-0.5.6.tar.gz
Posted Jul 30, 2000
Authored by Juan Toledo | Site etherape.sourceforge.net

Etherape is an etherman clone which displays network activity graphically. Active hosts are shown as circles of varying size, and traffic among them is shown as lines of varying width. It is GNOME and pcap based. Screenshot here.

Changes: Bug fixes and enhancments.
tags | tool, sniffer
MD5 | 250a12ac90a3ce63438ea83ebd45fd44
anomy-sanitizer-1.22.tar.gz
Posted Jul 30, 2000
Authored by Bjarni R. Einarsson | Site mailtools.anomy.net

The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.

Changes: A fix for a bug in the configuration file parser, which could cause problems with policy definitions.
tags | trojan, perl, javascript, virus
systems | unix
MD5 | 0379d85154c44be3be994eb4e91c7d03
StJude_LKM-0.02.tar.gz
Posted Jul 29, 2000
Authored by Tim Lawless

Saint Jude LKM is a Linux Kernel Module for the 2.2.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occuring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: Fixed bug which would prevent the setreuid syscal from being restored upon exit.
tags | remote, kernel, local, root
systems | linux
MD5 | 4bd7eeca77d479a36df73c38d7cff517
jolt2mod.c
Posted Jul 29, 2000
Authored by Stealth_C

Jolt2mod sends a jolt2 attack without lagging the sending network connection nearly as much due to a rate limiting feature.

tags | denial of service
MD5 | f777ecf09b92fb7728f7ee0d703200be
00Sub7_20.zip
Posted Jul 29, 2000
Authored by Jeff Capes | Site rendo.dekooi.nl

00[Sub]7 - The Ultimate SubSeven Logging Tool. Sets up a fake sub7 server on the default port which can send all sorts of false information to the client. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
MD5 | fb96e1948e584127321d4232bf10992f
atalaya-1.2.tar.gz
Posted Jul 29, 2000
Authored by Riseman | Site sod-interactive.turincon.com

Atalaya notifies an administrator of incoming connections using /etc/hosts.allow. Includes support for Festival for speech.

tags | system logging
systems | unix
MD5 | 05bd6a826ce4549a1cf29c2f7998abfb
ms00-052
Posted Jul 29, 2000

Microsoft Security Bulletin (MS00-052) - Microsoft has released a patch for the "Relative Shell Path" vulnerability in Microsoft Windows NT 4.0 and Windows 2000. The vulnerability enables a malicious user to cause code of his choice to run when another user subsequently logged onto the same machine. Microsoft FAQ on this issue available here.

tags | shell
systems | windows, 2k, nt
MD5 | 2fa31a91c9c32a49b1d4f795b333ce6b
COVERT-2000-09.netbios
Posted Jul 28, 2000
Authored by Covert Labs | Site nai.com

Network Associates COVERT Labs Security Advisory - The Microsoft Windows implementation of NetBIOS allows an unsolicited UDP datagram to remotely deny access to services offered by registered NetBIOS names. An attacker can remotely shut down all Domain Logins, the ability to access SMB shares, and NetBIOS name resolution services. Vulnerable systems include all versions of Microsoft Windows 95, 98, NT and 2000.

tags | udp
systems | windows, 9x
MD5 | a78582c296f1b1c6a467efce197c7b7e
cvs-1.10.8.txt
Posted Jul 28, 2000
Authored by Tanaka Akira

CVS v1.10.8 allows users to execute any binary on the server using CVS/Checkin.prog or CVS/Update.prog.

tags | exploit
MD5 | f51d22de8758d323545e1452dac4d417
pm-exploit.c
Posted Jul 28, 2000
Authored by Headflux | Site synnergy.net

Plusmail remote exploit - plusmail fails to check authenticity before creating new accounts.

tags | exploit, remote
MD5 | cb45bd9c9b86c81b068cef1ce3f8b5f9
bxexpl.c
Posted Jul 28, 2000
Authored by Flea

BitchX-75p3 local exploit, Redhat 6.2 x86.

tags | exploit, x86, local
systems | linux, redhat
MD5 | 3107c544958dc3c7abc51124de021bea
d-link.di-701.txt
Posted Jul 28, 2000
Authored by Brant Hale

The D-Link DI-701 Residential Gateway has an open port which allows brute force password guessing, and has a factory set default password.

tags | exploit
MD5 | d96b5c738ace00b9ee7a62a0b8b478ed
debian.dhcp.txt
Posted Jul 28, 2000
Site debian.org

Debian Security Advisory - The versions of the ISC DHCP client in Debian 2.1 are vulnerable to a root exploit. A previous Debian security advisory addressed this issue with package versions 2.0b1pl6-0.3 and 2.0-3potato1, but ISC has released a newer patch since the original advisory. You should install the latest packages even if you upgraded when the last advisory was released.

tags | root
systems | linux, debian
MD5 | 95e1ed9433a62ac57ffa2f3eef8a72ff
cgichk_2.40.tar.gz
Posted Jul 28, 2000
Authored by Toby Deshane | Site sourceforge.net

Cgichk is a web vulnerability scanner which automatically searches for a series of interesting directories and files on a given site. Instead of focusing on vulnerable CGI scripts, it looks for interesting and/or hidden directories such as logs, testing, secret, scripts, stats, restricted, code, robots.txt, etc.

Changes: Tidied up the code.
tags | web, cgi
systems | unix
MD5 | e365ef587ce82a295fa0f6aaac3ef5f7
nview10.zip
Posted Jul 28, 2000
Authored by M Adams | Site rawlogic.com

NetView Scanner is a suite of three security tools for the system administrator or home user. NetView scans IP addresses for available Windows File & Print Sharing resources, PortScan scans IP addresses for listening TCP ports, and WebBrute scans web directories that are protected with HTTP authentication, testing the strength of the users' passwords. This suite is freeware penetration analysis software that will run on your Windows workstation.

tags | web, tcp
systems | windows
MD5 | f6f6c15022d6554af17d53bf40a58e51
ippersonality-20000727-2.4.0-test4.tar.gz
Posted Jul 28, 2000
Authored by Gael Roualland | Site ippersonality.sourceforge.net

The Linux IP Personality patch fools OS detection by changing some characteristics of the network traffic. Among the things that can be changed are the TCP Initial Sequence Number (ISN), TCP initial window size, TCP options (their types, but also their order in the packet), answers to some pathological TCP packets, and answers to some UDP packets.

tags | udp, tcp
systems | linux
MD5 | 00fe261a0a8609e014e586d7f22b77b0
ms00-047
Posted Jul 28, 2000

Microsoft Security Bulletin (MS00-047) - Patch Available for "NetBIOS Name Server Protocol Spoofing" vulnerability, which could be used to cause a machine to refuse to respond to requests for service via udp port 137. Windows NT and 2000 are affected. Microsoft FAQ on this issue available here.

tags | udp, spoof, protocol
systems | windows, nt
MD5 | 6c88b1069076ac3174c25e25b58f2a2e
igmpofdeath.c
Posted Jul 27, 2000
Authored by Stealth_C

igmpofdeath.c is a modification of trash2.c which also sends out random type 2 igmp packets, as seen in pimp and pimp2.

tags | denial of service
MD5 | ca977915a063df11dd660e24f76d9663
winamp.m3u.txt
Posted Jul 27, 2000
Authored by Pauli Ojanpera

Winamp contains a buffer overflow in its M3U playlist parser. It is possible to execute arbitrary code on a remote computer via a malicious playlist. Proof of concept playlist included.

tags | exploit, remote, overflow, arbitrary, proof of concept
MD5 | e4df2a791d526904b5ed2ac47c2e2cf7
sps39.acrobat.txt
Posted Jul 27, 2000
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

Shadowpenguin Security Advisory #39 - Adobe Acrobat Series PDF File buffer overflow. Many versions of Acrobat for Windows95/98/NT/2000 overflows when reading the PDF file which has long Registry or Ordering. The EIP can be controled and arbitrary code can be executed on the machine which views the PDF file. Patches available here.

tags | overflow, arbitrary, registry
MD5 | 4d24ea755d6dc347ec13d981db9ba98c
rhsa.2000-045-01.gpm
Posted Jul 27, 2000
Site redhat.com

Red Hat Security Advisory - gpm as shipped in Red Hat Linux 5.2 and 6.x contains a number of security problems. Additionally, a denial of service attack via /dev/gpmctl is possible. The newest gpm packages fix both these vulnerabilities.

tags | denial of service, vulnerability
systems | linux, redhat
MD5 | cfb4fc2862c05d26b5d4dceddce7220b
icmpstrike.c
Posted Jul 27, 2000
Authored by Stealth_C

icmpstrike.c is a modified trash.c with spoofed source addresses. Trash.c sends ICMP packets with random error codes which lag or freeze Windows98/95/2000/NT machines.

tags | denial of service, spoof
MD5 | 6d364a10dd51aaf21e0dd177bde4b8a0
Page 1 of 13
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close