exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2000-10-11

Posted Oct 11, 2000
Site nsfocus.com

NSFOCUS Security Advisory(SA2000-03) - A denial of service vulnerability has been found in the IPX/SPX protocol implementation. When a WIN9x host receives a IPX NMPI packet that has the same source and destination machine name of its own, it will be lead to an infinite loop of sending and receiving packets. This attack will consume a large sum of CPU resource of attacked host, causing it to crash.

tags | exploit, denial of service, protocol
systems | windows
SHA-256 | ee09333c713c3c147526afc9d6f8cea9c39dd915e503348778b1122d7781a015
Posted Oct 11, 2000
Authored by Sam Kline | Site wwdsi.com

SAINT (Security Administrator's Integrated Network Tool) is a security assessment tool based on SATAN. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.

Changes: Added a check for new variations of the SubSeven backdoor, fixed a Red Hat 7 and Solaris compilation problem, now checks for format string vulnerability in scohelphttpd, file read vulnerability in FreeBSD 4.1.1 fingerd, and vulnerabilities in thttpd ssi, Web+, CFEngine, and CyberOffice shopping cart.
tags | tool, scanner
systems | unix
SHA-256 | d4a2fa3f65a7eeae71ab52548598bc5ca4c0c7dbfa771ae2ca5d5761dcd8b08d
Posted Oct 11, 2000
Site kerneli.org

The idea of the International Kernel Patch is to collect all crypto patches so that using crypto in the kernel will be easier than today. The patch includes a number of crypto patches including a crypto API including Blowfish, CAST-128, DES, DFC, IDEA, MARS, RC6, Rijndael, Safer, Serpent, and Twofish, an encrypted filesystem loopback device using the crypto API, CIPE VPN and EnSKIP patches.

Changes: Support for kernel 2.2.17, bug fixes.
tags | kernel, encryption, cryptography
systems | linux
SHA-256 | a53267652597064b7c591ffc8a54035b81f2ddac673e1eec9535e8476818b4ce
Posted Oct 11, 2000
Authored by Balazs Scheidler | Site balabit.hu

Zorp is a new-generation modular proxy firewall suite to finetune proxy decisions with its built in script language, fully analyze complex protocols (like SSH with several forwarded TCP connections), and utilize outband authentication techniques (unlike common practices where proxy authentication had to be hacked into the protocol).

Changes: Bug fixes.
tags | tool, tcp, firewall, protocol
systems | unix
SHA-256 | af4de5fd0b6c4b60da55f824fea6923076484b3b7300ac59488942c058981087
Posted Oct 11, 2000
Site suse.de

SuSE Security Advisory - GNU cfengine, an abstract programming language for system administrators of large networks, has several local root format string vulnerabilities.

tags | local, root, vulnerability
systems | linux, suse
SHA-256 | f52aec0643cadd4f2fb5e2f95f5fd9d3969b607abef7aebde0e82ce715404736
Posted Oct 11, 2000
Site suse.de

SuSE Security Advisory - esound, a daemon program for the Gnome desktop, has a race condition which allows local attackers to change the permissions on any file on the filesystem.

tags | local
systems | linux, suse
SHA-256 | 6c6d344c26218475b41876a24d93ef04e105e8ff868b589b666644cce3691bc5
Posted Oct 11, 2000
Authored by Venglin

FreeBSD 4.X local /usr/bin/systat exploit. Gives a sgid kmem shell by exploiting the .terminfo bug in ncurses.

tags | exploit, shell, local
systems | freebsd
SHA-256 | 74912457abcb06d1b3486b0919890ed721d24f2ed15b58307dd60bb46c085361
Internet Security Systems Security Advisory October 6, 2000
Posted Oct 11, 2000
Site xforce.iss.net

The tmpwatch utility is used in Red Hat Linux to remove temporary files. This utility has an option to call the fuser program, which verifies if a file is currently opened by a process. The fuser program is invoked within tmpwatch by calling the system() library subroutine. Insecure handling of the arguments to this subroutine could potentially allow an attacker to execute arbitrary commands.

tags | arbitrary, root
systems | linux, redhat
SHA-256 | 3a65b520b3913eeaf250c2b7af29ca697b1fcffe8b6368c569d85201f43b3ff9
Posted Oct 11, 2000
Authored by Yevgeny V.Yourkhov

DNSflood.pl floods a DNS server with spoofed DNS requests.

tags | denial of service, spoof
SHA-256 | 789304b58c60ecf4f320d6a047327759676b652f6ecfc0bbfe303fce180a9f7b
Posted Oct 11, 2000
Authored by 6 Inch Taint

Godmessage Creator allows you to implement the Godmessage IV activeX attack with any binary you supply. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan, activex
SHA-256 | b9fd0228ceaa7acd36b390294012c3d5d088fdf1b259c1e0aa24325b927685a2
Posted Oct 11, 2000
Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: A bug in sys_utime was fixed which prevents users from changing the inode attribute.
tags | kernel, root
systems | linux
SHA-256 | 79caba0cc09f4e2260fe8e252037eb8b642e1d548a41a3902bc385a1480da117
Posted Oct 11, 2000

Microsoft Security Bulletin (MS00-072) - Microsoft has released a patch that eliminates the "Share Level Password" vulnerability in Windows 95, 98, 98SE, and Me. Microsoft Windows 9x/Me provides a password protection feature referred to as (share level access) for the File and Print Sharing service. However, due to the way the password feature is currently implemented, a file share can be compromised, by a malicious user who used a special client utility, without that user knowing the entire password required to access that share. Microsoft FAQ on this issue available here.

systems | windows
SHA-256 | ccfedaa9a6012593410b937b115734c1127cb12ea74954b54661749c3acba5c8
Posted Oct 11, 2000
Site redhat.com

Red Hat Security Advisory - tmpwatch as shipped in Red Hat Linux 6.1, 6.2, and 7.0 uses fork() to recursively process subdirectories, enabling a local user to perform a denial of service attack. Tmpwatch from Red Hat Linux 6.2 and 7.0 also contains an option to allow it to use the fuser command to check for open files before removal. It executed fuser in an insecure fashion, allowing a local root exploit.

tags | denial of service, local, root
systems | linux, redhat
SHA-256 | 42ef2e0471b2c65e06529723fdbb062b9bb78eca99bb286d0a4851b14c070154
Posted Oct 11, 2000
Authored by synnergy, Kostas Petrakis | Site synnergy.net

Synnergy Laboratories Advisory SLA-2000-16 - Synnergy Labs has found a flaw within Master Index for Linux/UNIX that allows a user to successfully traverse the filesystem on a remote host, allowing arbitary files/folders to be read. Exploit URL included. Fix available here.

tags | exploit, remote
systems | linux, unix
SHA-256 | a23909da35478f6a2095d6d342fb63d5f4accfbcc2879f4add37f28616e828c3
Posted Oct 11, 2000
Site redhat.com

Red Hat Security Advisory - The usermode package contains a binary (/usr/bin/userhelper), which is used to control access to programs which are to be executed as root. Because programs invoked by userhelper are not actually running setuid-root, security measures built into recent versions of glibc are not active. If one of these programs supports internationalized text messages, a malicious user can use the LANG or LC_ALL environment variables (which are inherited by userhelper and, in turn, any programs it runs) to create a format-string exploit in these programs.

tags | root
systems | linux, redhat
SHA-256 | 9cd98a0ba94bc89f414dfce3803982f4cb2fb5e1b147b65066171642800aa1ed
Posted Oct 11, 2000
Authored by Jouko Pynnonen | Site klikki.fi

The ncurses library v4.2 and 5.0 contains exploitable buffer overflows which can be used to gain additional priveledge if there are SUID programs which use ncurses and the library implementation supports ~/.terminfo. Vulnerable programs found so far include Red Hat and SuSE cda, FreeBSD /usr/bin/systat, and OpenBSD /usr/bin/systat.

tags | exploit, overflow
systems | linux, redhat, freebsd, suse, openbsd
SHA-256 | cd14250aa0648fdf5f3d589e34c08c13e7c735b8731d2b965eb799837ca4e257
Posted Oct 11, 2000
Authored by Jazz

wuscan.sh is a bash shell script which scans machines for wu-ftpd v2.60.

tags | tool, shell, scanner, bash
systems | unix
SHA-256 | f5b9a19716278390d7b712fe73b89ba114271f6f9578779c615e54bfe1eeb2cb
Posted Oct 11, 2000
Site xforce.iss.net

ISS Security Alert Summary for October 10, 2000. 91 new vulnerablities were reported this month. This document has links to more information and full advisories on each. Includes: apache-rewrite-view-files, win2k-simplified-chinese-ime, xinitrc-bypass-xauthority, slashcode-default-admin-passwords, quotaadvisor-quota-bypass, hinet-ipphone-get-bo, netscape-ie-password-dos, traceroute-heap-overflow, glibc-unset-symlink, lpr-checkremote-format-string, netscape-messaging-list-dos, palm-weak-encryption, mediaplayer-outlook-dos, unixware-scohelp-format, ie-getobject-expose-files, webplus-example-script, lprng-format-string, openview-nmm-snmp-bo, alabanza-unauthorized-access, pine-check-mail-bo, ciscosecure-tacacs-dos, suse-installed-packages-exposed, ciscosecure-csadmin-bo, ciscosecure-ldap-bypass-authentication, rbs-isp-directory-traversal, wincom-lpd-dos, webplus-reveal-path, webplus-expose-internal-ip, webplus-reveal-source-code, du-kdebugd-write-access, glint-symlink, mdaemon-url-dos, browsegate-http-dos, klogd-format-string, office-dll-execution, cisco-pix-smtp-filtering, horde-imp-sendmail-command, exchange-store-dos, doublevision-dvtermtype-bo, sambar-search-view-folder, camshot-password-bo, websphere-header-dos, win2k-telnet-ntlm-authentication, http-cgi-multihtml, hp-openview-nnm-scripts, freebsd-eject-port, webtv-udp-dos, imp-attach-file, fastream-ftp-dos, fur-get-dos, 602prolan-telnet-dos, 602prolan-smtp-dos, as400-firewall-dos, eftp-bo, eftp-newline-dos, sco-help-view-files, win2k-rpc-dos, mailform-attach-file, linux-mod-perl, pam-authentication-bo, siteminder-bypass-authentication, mailto-piped-address, winsmtp-helo-bo, yabb-file-access, linux-tmpwatch-fork-dos, muh-log-dos, documentdirect-username-bo, documentdirect-get-bo, documentdirect-user-agent-bo, interbase-query-dos, suse-apache-cgi-source-code, phpphoto-dir-traverse, apache-webdav-directory-listings, eudora-path-disclosure, phpphotoalbum-getalbum-directory-traversal, lpplus-permissions-dos, lpplus-process-perms-dos, lpplus-dccscan-file-read, xmail-long-apop-bo, xmail-long-user-bo, w2k-still-image-service, irc-trinity, wftpd-long-string-dos, wftpd-path-disclosure, iis-invald-url-dos, screen-format-string, ntmail-incomplete-http-requests, wavelink-authentication, php-file-upload, unix-locale-format-string, and aix-clear-netstat.

tags | web, overflow, cgi, udp, perl, php
systems | cisco, linux, windows, unix, freebsd, suse, aix, unixware
SHA-256 | c216ccfd7bb412d411ec6ce30d33d782e379f3b95c50042b517f1d53c6b4cbc5
Posted Oct 11, 2000
Authored by Vigilante | Site vigilante.com

Vigilante Advisory #14 - HP Jetdirect print servers have multiple vulnerabilities which have effects ranging from the service crashing to the printer initiating a firmware upgrade based on random garbage in the memory, and in some cases powercycling won't fix the crash. It requires a new firmware burn by eg. HP to restore the Jetdirect card. The FTP, Telnet, and LPD services contain buffer overflows, and spoofed malformed packets can crash the printer. Fix available here.

tags | exploit, overflow, spoof, vulnerability
SHA-256 | bdca6965e5cc27db16052ee9d2ed6315debed77a62a63aa071a0614cac33ff36
Posted Oct 11, 2000
Site net-security.org

Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: Cached_feed.cgi vulnerability, Gnorpm /tmp vulnerability, Cyberoffice Shopping cart flaw, Wingate 4.0.1 dos, Xfce 3.5.1 local vulnerability, Thttpd 2.19 ssi vulnerability, Pegasus mail file reading vulnerability, GNU Groff problem, IIS 5.0 unauthorized directory listings, AOL Instant Messanger DOS, Another IE5.5/outlook vulnerability, Traceroute local root vulnerability, esound vulnerability, tmpwatch vulnerabilities, and the PHPix 1.0.X vulnerability. In news: Media's guide to talking to hackers, using conservation of flow as a security mechanism in network protocols, securing a default linux instalation, Bush Campeign mounts email assult, Softseek infects users with Netbus, OpenBSD plugs security hole, Secprog mail list, Cybercrime outpacing security spending, Interview with Mark Abene, Linux virus scanners, and more.

tags | local, cgi, root, vulnerability, protocol, virus
systems | linux, openbsd
SHA-256 | a9ecc6e80c436a8c0de9e4f5135fdbbc3cad8cba882b3cb3d51bdc1f725d75e6
Page 1 of 1

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By