Vigilante Advisory #12 - Mdaemon 3.1.1 for Windows NT includes Webconfig and Worldclient which listen to TCP port 3000 and 3001. They both are vulnerable to a heap overflow vulnerability which could be used to execute arbitrary code. Fix available here.
9633e5d15d8fbf21e8c07e68f5b9143eb0b13c96a75fdb436fc56cddf57db245Red Hat Security Advisory - Various format string vulnerabilities have been found in syslogd and klogd. When exploiting these vulnerabilities, it could be possible for local users to gain root access.
a17cc7d59867c8802e43bf80a0d76c739e447191dbf864f926f349cc4519cd8fTorn Kit is a linux rootkit which has been optimized for linux/x86 mass installation. It is the first rootkit which uses precompiled binaries yet still allows a user defined password. This code is being widely used to automatically compromise hosts which have the wu.ftpd and rpc.statd vulnerabilities, and was mentioned in CERT's recent Incident Note IN-2000-10 advisory.
5c48ccb7e9f41685772e735a35e40fd8a61535f255a9d4f6968b8a1e150e3bf9Oblivion Magazine Issue #7 - Contains articles on Voice over IP, An Introduction to IPSec, Virtual Router Redundancy Protocol (VRRP), ADSL, Firewall-1 + Firewalls Rant, and security news.
239423a563095461e8e129994dc051c5bbc250df2ec79cac461d7dc74dbdc4b9Namezero apparently allows people to change other peoples pages. Simple exploit details included in this Microsoft Word document.
29d67d18049722910a42447b9ed6bae0708aa8a2a57c409b4bac1e1bc914acc5This regedit registry patch will tighten down security on a Microsoft NT v4.0 (sp3 and sp6 or 6a) machine. Changes about 55 registry entries.
17ecace1825394820a936146cb0eebe1dd734581c3df84d03e1c809bf5376982SAINT (Security Administrator's Integrated Network Tool) is a security assessment tool based on SATAN. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.
32a410d596287b65aa4e082b5c138bab0d3ed71501701c72be8059c2cd126d61Pdump is a sniffer written in perl which dumps, greps, monitors, creates, and modifies traffic on a network. It combines features from tcpdump, tcpkill, ngrep, tcptrace, dsniff (and its webspy and urlsnarf), pfilt, macof, and xpy. It is able to do passive operating system detection/fingerprinting and can also watch packet streams and then create it's own spoofed packets to hijack or kill TCP connections. It understands tcpdump-like and perl-like syntax and allows easy modifications via a plug-in system. The packet display is easily configurable. Readme available here.
f7f15865466b04de11b1198577c231f9dcf94f81aebc0940a4af43dc6221164bBitchX is the premiere IRC (Internet Relay Chat) client. It is a modified clone of the popular ircII client, and is available for almost all UNIX OS's as well as Win95/NT and OS/2.
ce1eec9dec4d0c0a708130ea5485eb58106a9299d138723126ebc272776d71d7HardenNT (Beta 0917) is a tool created to automate the task of securing one or more Microsoft Windows based computers. It is specifically aimed at securing Windows NT 4.0 machines, although some of the functionality could also be used on Windows 9x or even Windows 2000 networks. HardenNT is not a tool that is to be installed or even run on a computer that one wants to secure. It merely creates a number of batch files that run standard NT (and NT resource kit) tools. This means that the batch files created by HardenNT are to be copied and run on the host you want to secure. Updates frequently, newest version available here.
e09153373619655c9b68e3a686e86477e1edddfdcf54c5a3091b59e0612c11aaStealth IP Stack is a kernel patch for Linux 2.2.17 which makes your machine almost invisable on the network without impeding normal network operation. Many denial of service attacks, such as stream, are much less effective with this patch installed, and port scanners slow to a crawl. It works by restricting TCP RST packets (no "Connection Refused"), restricting ICMP_UNREACH on udp (Prevents UDP portscans), restricting all ICMP and IGMP requests. A sysctl interface is used so these features can be turned on ande off on the fly.
cb7f36d76783cdabab99611890b6f8df14437d9b0ace7474dadd6a02480461e8Ploits.c v1.95 integrates stuff.c, ath0.c, and banner.c into one attack tool.
755a2a39dd379973cf20b9d77886a0e3abe6c9404233bc780362699329fca097Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Screenshot available here.
e130ff3e71ade3b4b5048c7b6bb5d9972db5f1446368d158d27bdb1d8ec1cf87vnx4.c is a VNC attack program ported to Windows. Features cracking of the password in the registry, online brute force against VNC server or cracking a sniffed challange/response handshake.
a507db549f33869781e20c6631dc821d6eba0651c0cbad494ae78e1b0e831359Snort Panel is a front-end control panel for the win32 port of snort. It allows you to set command-line options via dialog box settings and it monitors the alerts file for new alerts.
e50f793cd53f455b32a5190829ea97353bf9ea47977f36f0c8d4fe5d3b6a32ad
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed