Twenty Year Anniversary
Showing 1 - 24 of 24 RSS Feed

Files Date: 2000-09-06

linux-security.1-18.txt
Posted Sep 6, 2000
Authored by Benjamin Thomas | Site linuxsecurity.com

Linux Security Week September 4 - In this issue: Our feature this week, "Setting up a Linux Log Server to enhance System Security," provides clear step-by-step information on how to setup a log server. Also includes papers on Intrusion Detection Level Analysis of Nmap and Queso, PAM - Pluggable Authentication Modules, Anyone with a Screwdriver Can Break In (physical linux security), Inexpensive measures to solve security problems, Attacking Linux, Firewalls - Placement, The Emotional Side of Cryptography, Ain't no network strong enough, Encryption Could Starve Carnivore, The next era for Internet security, Review of Debian 2.2 Security, Justice shops for Carnivore review, Interview with Lance Spitzner, and much more.

systems | linux, debian
MD5 | 31df971348fd6490b9d4b01a0ff2044f
RNmap 0.4 Beta
Posted Sep 6, 2000
Authored by Tuomo Makinen | Site sourceforge.net

Remote Nmap is a python client/server package which allows many clients to connect to a centralized nmap server to do their port scanning. This could be useful for security companies who want to have all thier scans come from a dedicated machine.

Changes: Now includes command-line rnmap client. Also code cleanups and new server loggin form.
tags | tool, remote, nmap, python
systems | unix
MD5 | 08dd77a672d5008b4c83d095becd2006
auction.weaver.pl
Posted Sep 6, 2000
Authored by Telehor | Site teleh0r.cjb.net

Auction Weaver 1.02 Lite remote proof of concept exploit. Spawns an xterm by exploiting an insecure open() call.

tags | exploit, remote, proof of concept
MD5 | ae24849f8d924869e91ff82ba910ad80
icq.greeting-card.txt
Posted Sep 6, 2000
Authored by Meliksah Ozoral | Site meliksah.net

The ICQ Greeting Card service allows HTML commands to be sent to the target user. Any malicious HTML such as file:///c:/con/con can crash the system or exploit other HTML based vulnerabilities.

tags | exploit, vulnerability
MD5 | 91d97ab6956757b6e2e2caa2176cb5ad
unix.txt
Posted Sep 6, 2000
Authored by Trashmonk | Site h3ll.cjb.net

unix.txt is a unix reference guide and learners manual. Useful for beginning unix users, people who want to participate in "Hacker Wargames" or windows users who are concidering makeing the switch to unix.

tags | paper
systems | windows, unix
MD5 | d1417c52a7087ef3de1dbe7f2f641397
sara-3.1.8.tar.gz
Posted Sep 6, 2000
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.

Changes: Improved tutorials for http and smb, Added multi tasking support, Fixed error reporting date in daemon mode, Fixed errors in html.pl introduced in 3.1.7, Added test for IRIX telnetd vulnerability, Fixed a problem importing SARA Report data into Office 2000, and Fixed problem with get_targets (FW vs non FW).
tags | tool, cgi, scanner
systems | unix
MD5 | 033ea789e61f77df9bfd97434dff735a
VIGILANTE-2000008.txt
Posted Sep 6, 2000
Authored by Vigilante | Site vigilante.com

Vigilante Advisory #8 - NTMail Configuration Service v5 & v6 denial of service. The web configuration running on TCP port 8000 does not flush incomplete HTTP requests, and thus it is possible to use up all the server ressources within a very short time.

tags | exploit, web, denial of service, tcp
MD5 | 27c9190c1e8ea1fa6610c1fed7b1c059
cpmdaemon.txt
Posted Sep 6, 2000
Authored by El Nahual | Site s0d.org

cpmdaemon is a program that runs as a daemon or a cgi which allows changing of passwords. It allows brute force dictionary attacks against user passwords without any logging. Includes exp_cpmdaemon.c proof of concept code.

tags | exploit, cgi, proof of concept
MD5 | 2cee74adc38f27a0987c0761daee7d36
debian.screen.txt
Posted Sep 6, 2000
Site debian.org

Debian Security Advisory - A format string bug was recently discovered in screen which allows local users to obtain root access if screen is setuid. This is fixed in version 3.7.4-9.1 and 3.9.5-9.

tags | local, root
systems | linux, debian
MD5 | 68e60099188baca4cca9424730989d5c
nt-sid.txt
Posted Sep 6, 2000
Authored by NT Wako | Site legions.org

Windows NT allows remote users to find out the SID remotely if certain conditions are met. The logs need to be viewable remotely, auditing must be enabled, and policies must block the account after a certain failure count.

tags | remote
systems | windows, nt
MD5 | c07d5857c9508cf4ba534a2c81c92a99
AnalogX.pl
Posted Sep 6, 2000
Authored by Neon-Lenz

Analogx.pl is a Local / Remote GET Buffer Overflow dos exploit for AnalogX SimpleServer:WWW HTTP Server v1.1. Based on USSR Advisory #29.

tags | remote, web, overflow, local
MD5 | 8c96c7c57e3dffd4c72a43bd2894485b
twwwscan05.zip
Posted Sep 6, 2000
Authored by TSS | Site search.iland.co.kr

TWWWscan is a Windows based www vulnerability scanner which looks for 227 www/cgi vulnerabilities . Displays http header, server info, and tries for accurate results. Now features anti-IDS url encoding and passive mode scan. Tested on win95 osr2 win98,win98se,win nt4,win 2k/Me.

Changes: Web Server Detection Improved, added http_port, addded info option, and bugs were fixed.
tags | web, cgi, vulnerability
systems | windows, 9x, unix
MD5 | f78a3197f7f3d25c4d244b0be4645a32
pikt-1.11.0.tar.gz
Posted Sep 6, 2000
Authored by Robert Osterlund | Site pikt.uchicago.edu

PIKT is a multi-functional tool for monitoring systems, reporting and fixing problems, and managing system configurations. PIKT is quickly gathering potential as a serious security management system. PIKT comprises an embedded scripting language with unique, labor-saving features. Binaries available here.

Changes: Added new 'piktc -m#' option for doing checksum compares (file integrity checking). Speeded up associative array processing. Fixed a serious memory leak in the script parser, also several other bugs and new features.
tags | tool
systems | unix
MD5 | cc683428aa755467ed46eef14a797e30
wftpd241-12-2.txt
Posted Sep 6, 2000
Authored by Blue Panda | Site bluepanda.box.sk

WFTPD/WFTPD Pro 2.41 RC12 devulges sensitive information by revealing the full path of the current directory. This is fixed in WFTPD/WFTPD Pro 2.41 RC13. Exploit details included.

tags | exploit
MD5 | c194b70de1a0821e70ae086138d2206b
wftpd241-12.txt
Posted Sep 6, 2000
Authored by Blue Panda | Site bluepanda.box.sk

WFTPD/WFTPD Pro 2.41 RC12 contains a remote denial of service vulnerability which does not require a valid login/password. Perl exploit code included.

tags | exploit, remote, denial of service, perl
MD5 | d9ffc0e536459e510de6dc4d4526a47c
Nmap Scanning Utility 2.54 BETA 4
Posted Sep 6, 2000
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Screenshot available here.

Changes: Fingerprint adjustments for better windows box detection, Fixed a SYN scan problem that could cause a major slowdown on some busy networks, Added an "SInfo" line to most printed fingerprints, Fixed RPCGrind (-sR) scan, Upgraded to the very latest Libpcap version, and various other small fixes/improvements.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
MD5 | d8ef19e84b6238685004616482ef63c6
initd_.tar.gz
Posted Sep 6, 2000
Authored by Initd_

initd_.sh is a tool which automatically attacks local linux binaries and attempts to exploit buffer overflows in command line switches.

tags | overflow, local
systems | linux, unix
MD5 | a2bb4b981f448f18cceae76361c2f958
bird.pl
Posted Sep 6, 2000
Authored by Zorgon

bird.pl is a source code scanner which uses regular expressions to search for 12 common insecure C calls and 8 common insecure perl functions.

tags | perl
systems | unix
MD5 | eed466047c1775f5831cc825c8de9bee
debian.glibc.txt
Posted Sep 6, 2000
Site debian.org

Debian Security Advisory - Recently two local vulnerabilities have been found in the glibc suite, which could be used to trick setuid applications to run arbitrary code.

tags | arbitrary, local, vulnerability
systems | linux, debian
MD5 | 937c29c6008182445465a9e00b781bf2
telnetfp_0.1.0.tar.gz
Posted Sep 6, 2000
Authored by teso, Palmers | Site team-teso.net

Telnetfp is an OS detection tool which uses do / dont requests via telnet to determine remote OS type. Contains 23 OS fingerprints.

tags | remote
MD5 | 826448f8419c26b5eb603ee19b4dd532
iss.09-05-00.trinity
Posted Sep 6, 2000
Site xforce.iss.net

ISS Security Alert - A new Distributed Denial of Service tool, "Trinity v3", has been reported. Each client joins an undernet IRC channel to take commands. A bindshell is usually installed on TCP port 33270.

tags | denial of service, tcp
MD5 | bf31b109e8c23a901996de22d6471e8d
linux-2.2.17-stealth1.diff
Posted Sep 6, 2000
Authored by Sean Trifero | Site innu.org

Patch for linux kernel 2.2.17 to discard packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags.

Changes: Now works with kernel v2.2.17.
tags | kernel, tcp
systems | linux
MD5 | 53833b817e53285259d8e0a1426920f4
fileutils-4.0-lm.tar.gz
Posted Sep 6, 2000
Authored by Sean Trifero | Site innu.org

Landmine Fileutils is a modified fileutils package for Linux which logs the arguments used for execution to syslog. Includes patched copies of chmod, chgrp, chown, cp, dir, ln, ls, mkdir, mv, rm, rmdir, and touch.

tags | tool, intrusion detection
systems | linux, unix
MD5 | f21184a3e76e3758813651b77d1c092e
saint-2.2.tar.gz
Posted Sep 6, 2000
Site wwdsi.com

SAINT (Security Administrator's Integrated Network Tool) is a security assessment tool based on SATAN. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.

Changes: This version features a check for the newly discovered distributed denial-of-service tool, Trinity, the bboard vulnerability in Sun Java Web Server, netauth.cgi, htgrep (cgi), root accounts with empty passwords, guest and administrator accounts with empty passwords, and writable Netbios shares.
tags | tool, scanner
systems | unix
MD5 | 2db4216e8d465ce524396cf5c2d23096
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    7 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    40 Files
  • 23
    May 23rd
    64 Files
  • 24
    May 24th
    55 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close