what you don't know can hurt you
Showing 1 - 20 of 20 RSS Feed

Files Date: 2000-10-11

Posted Oct 11, 2000
Site nsfocus.com

NSFOCUS Security Advisory(SA2000-03) - A denial of service vulnerability has been found in the IPX/SPX protocol implementation. When a WIN9x host receives a IPX NMPI packet that has the same source and destination machine name of its own, it will be lead to an infinite loop of sending and receiving packets. This attack will consume a large sum of CPU resource of attacked host, causing it to crash.

tags | exploit, denial of service, protocol
systems | windows
MD5 | 11d18e4a89382f346544d7c1e7dcdf64
Posted Oct 11, 2000
Authored by Sam Kline | Site wwdsi.com

SAINT (Security Administrator's Integrated Network Tool) is a security assessment tool based on SATAN. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.

Changes: Added a check for new variations of the SubSeven backdoor, fixed a Red Hat 7 and Solaris compilation problem, now checks for format string vulnerability in scohelphttpd, file read vulnerability in FreeBSD 4.1.1 fingerd, and vulnerabilities in thttpd ssi, Web+, CFEngine, and CyberOffice shopping cart.
tags | tool, scanner
systems | unix
MD5 | 55dd6403a54e19ab3c468f048c354e11
Posted Oct 11, 2000
Site kerneli.org

The idea of the International Kernel Patch is to collect all crypto patches so that using crypto in the kernel will be easier than today. The patch includes a number of crypto patches including a crypto API including Blowfish, CAST-128, DES, DFC, IDEA, MARS, RC6, Rijndael, Safer, Serpent, and Twofish, an encrypted filesystem loopback device using the crypto API, CIPE VPN and EnSKIP patches.

Changes: Support for kernel 2.2.17, bug fixes.
tags | kernel, encryption, crypto
systems | linux
MD5 | 2d1d001fadda767ddc7fe2d55df36a36
Posted Oct 11, 2000
Authored by Balazs Scheidler | Site balabit.hu

Zorp is a new-generation modular proxy firewall suite to finetune proxy decisions with its built in script language, fully analyze complex protocols (like SSH with several forwarded TCP connections), and utilize outband authentication techniques (unlike common practices where proxy authentication had to be hacked into the protocol).

Changes: Bug fixes.
tags | tool, tcp, firewall, protocol
systems | unix
MD5 | 6164af94cb73d36ae45bba88a81519e0
Posted Oct 11, 2000
Site suse.de

SuSE Security Advisory - GNU cfengine, an abstract programming language for system administrators of large networks, has several local root format string vulnerabilities.

tags | local, root, vulnerability
systems | linux, suse
MD5 | 85ee7b373fd8abc6822dd2a30677b47a
Posted Oct 11, 2000
Site suse.de

SuSE Security Advisory - esound, a daemon program for the Gnome desktop, has a race condition which allows local attackers to change the permissions on any file on the filesystem.

tags | local
systems | linux, suse
MD5 | 60933dcfa82cfb5248c3379e24fde8aa
Posted Oct 11, 2000
Authored by Venglin

FreeBSD 4.X local /usr/bin/systat exploit. Gives a sgid kmem shell by exploiting the .terminfo bug in ncurses.

tags | exploit, shell, local
systems | freebsd
MD5 | 814c885a5a67051785ba29eee6076b4b
Posted Oct 11, 2000
Site xforce.iss.net

ISS Security Advisory - The tmpwatch utility used in Red Hat Linux to remove temporary files does not handle arguments securely, allowing an attacker to execute arbitrary commands as root.

tags | arbitrary, root
systems | linux, redhat
MD5 | ed4ec0e408f69fd5d1160da3d934580f
Posted Oct 11, 2000
Authored by Yevgeny V.Yourkhov

DNSflood.pl floods a DNS server with spoofed DNS requests.

tags | denial of service, spoof
MD5 | 4eb7f691ed2798cf7d81f8fa0d853ae7
Posted Oct 11, 2000
Authored by 6 Inch Taint

Godmessage Creator allows you to implement the Godmessage IV activeX attack with any binary you supply. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan, activex
MD5 | 93b884b0772508149075759e104c4346
Posted Oct 11, 2000
Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: A bug in sys_utime was fixed which prevents users from changing the inode attribute.
tags | kernel, root
systems | linux
MD5 | 0747a1baefee35350297d86662b94121
Posted Oct 11, 2000

Microsoft Security Bulletin (MS00-072) - Microsoft has released a patch that eliminates the "Share Level Password" vulnerability in Windows 95, 98, 98SE, and Me. Microsoft Windows 9x/Me provides a password protection feature referred to as (share level access) for the File and Print Sharing service. However, due to the way the password feature is currently implemented, a file share can be compromised, by a malicious user who used a special client utility, without that user knowing the entire password required to access that share. Microsoft FAQ on this issue available here.

systems | windows, 9x
MD5 | 4890998a89c81b5b2fc5ba4d837345c7
Posted Oct 11, 2000
Site redhat.com

Red Hat Security Advisory - tmpwatch as shipped in Red Hat Linux 6.1, 6.2, and 7.0 uses fork() to recursively process subdirectories, enabling a local user to perform a denial of service attack. Tmpwatch from Red Hat Linux 6.2 and 7.0 also contains an option to allow it to use the fuser command to check for open files before removal. It executed fuser in an insecure fashion, allowing a local root exploit.

tags | denial of service, local, root
systems | linux, redhat
MD5 | 9e98ade5ab523b709aa7579cfd041a70
Posted Oct 11, 2000
Authored by synnergy, Kostas Petrakis | Site synnergy.net

Synnergy Laboratories Advisory SLA-2000-16 - Synnergy Labs has found a flaw within Master Index for Linux/UNIX that allows a user to successfully traverse the filesystem on a remote host, allowing arbitary files/folders to be read. Exploit URL included. Fix available here.

tags | exploit, remote
systems | linux, unix
MD5 | a00a442f87ac62e4716afc3cc58d0c62
Posted Oct 11, 2000
Site redhat.com

Red Hat Security Advisory - The usermode package contains a binary (/usr/bin/userhelper), which is used to control access to programs which are to be executed as root. Because programs invoked by userhelper are not actually running setuid-root, security measures built into recent versions of glibc are not active. If one of these programs supports internationalized text messages, a malicious user can use the LANG or LC_ALL environment variables (which are inherited by userhelper and, in turn, any programs it runs) to create a format-string exploit in these programs.

tags | root
systems | linux, redhat
MD5 | b4e3da67db042a29c71ff5931e704793
Posted Oct 11, 2000
Authored by Jouko Pynnonen | Site klikki.fi

The ncurses library v4.2 and 5.0 contains exploitable buffer overflows which can be used to gain additional priveledge if there are SUID programs which use ncurses and the library implementation supports ~/.terminfo. Vulnerable programs found so far include Red Hat and SuSE cda, FreeBSD /usr/bin/systat, and OpenBSD /usr/bin/systat.

tags | exploit, overflow
systems | linux, redhat, freebsd, suse, openbsd
MD5 | c3b548c12a83e24f6f0c3e86a37ac41c
Posted Oct 11, 2000
Authored by Jazz

wuscan.sh is a bash shell script which scans machines for wu-ftpd v2.60.

tags | tool, shell, scanner, bash
systems | unix
MD5 | 97f1884682f21febb7bb6fc9d90bcdc9
Posted Oct 11, 2000
Site xforce.iss.net

ISS Security Alert Summary for October 10, 2000. 91 new vulnerablities were reported this month. This document has links to more information and full advisories on each. Includes: apache-rewrite-view-files, win2k-simplified-chinese-ime, xinitrc-bypass-xauthority, slashcode-default-admin-passwords, quotaadvisor-quota-bypass, hinet-ipphone-get-bo, netscape-ie-password-dos, traceroute-heap-overflow, glibc-unset-symlink, lpr-checkremote-format-string, netscape-messaging-list-dos, palm-weak-encryption, mediaplayer-outlook-dos, unixware-scohelp-format, ie-getobject-expose-files, webplus-example-script, lprng-format-string, openview-nmm-snmp-bo, alabanza-unauthorized-access, pine-check-mail-bo, ciscosecure-tacacs-dos, suse-installed-packages-exposed, ciscosecure-csadmin-bo, ciscosecure-ldap-bypass-authentication, rbs-isp-directory-traversal, wincom-lpd-dos, webplus-reveal-path, webplus-expose-internal-ip, webplus-reveal-source-code, du-kdebugd-write-access, glint-symlink, mdaemon-url-dos, browsegate-http-dos, klogd-format-string, office-dll-execution, cisco-pix-smtp-filtering, horde-imp-sendmail-command, exchange-store-dos, doublevision-dvtermtype-bo, sambar-search-view-folder, camshot-password-bo, websphere-header-dos, win2k-telnet-ntlm-authentication, http-cgi-multihtml, hp-openview-nnm-scripts, freebsd-eject-port, webtv-udp-dos, imp-attach-file, fastream-ftp-dos, fur-get-dos, 602prolan-telnet-dos, 602prolan-smtp-dos, as400-firewall-dos, eftp-bo, eftp-newline-dos, sco-help-view-files, win2k-rpc-dos, mailform-attach-file, linux-mod-perl, pam-authentication-bo, siteminder-bypass-authentication, mailto-piped-address, winsmtp-helo-bo, yabb-file-access, linux-tmpwatch-fork-dos, muh-log-dos, documentdirect-username-bo, documentdirect-get-bo, documentdirect-user-agent-bo, interbase-query-dos, suse-apache-cgi-source-code, phpphoto-dir-traverse, apache-webdav-directory-listings, eudora-path-disclosure, phpphotoalbum-getalbum-directory-traversal, lpplus-permissions-dos, lpplus-process-perms-dos, lpplus-dccscan-file-read, xmail-long-apop-bo, xmail-long-user-bo, w2k-still-image-service, irc-trinity, wftpd-long-string-dos, wftpd-path-disclosure, iis-invald-url-dos, screen-format-string, ntmail-incomplete-http-requests, wavelink-authentication, php-file-upload, unix-locale-format-string, and aix-clear-netstat.

tags | web, overflow, cgi, udp, perl, php
systems | cisco, linux, windows, unix, freebsd, suse, aix, unixware
MD5 | a882c06a29970b3a08ed0f0820022597
Posted Oct 11, 2000
Authored by Vigilante | Site vigilante.com

Vigilante Advisory #14 - HP Jetdirect print servers have multiple vulnerabilities which have effects ranging from the service crashing to the printer initiating a firmware upgrade based on random garbage in the memory, and in some cases powercycling won't fix the crash. It requires a new firmware burn by eg. HP to restore the Jetdirect card. The FTP, Telnet, and LPD services contain buffer overflows, and spoofed malformed packets can crash the printer. Fix available here.

tags | exploit, overflow, spoof, vulnerability
MD5 | 35948d8b96459d6e8b6ef062e0c36b2b
Posted Oct 11, 2000
Site net-security.org

Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: Cached_feed.cgi vulnerability, Gnorpm /tmp vulnerability, Cyberoffice Shopping cart flaw, Wingate 4.0.1 dos, Xfce 3.5.1 local vulnerability, Thttpd 2.19 ssi vulnerability, Pegasus mail file reading vulnerability, GNU Groff problem, IIS 5.0 unauthorized directory listings, AOL Instant Messanger DOS, Another IE5.5/outlook vulnerability, Traceroute local root vulnerability, esound vulnerability, tmpwatch vulnerabilities, and the PHPix 1.0.X vulnerability. In news: Media's guide to talking to hackers, using conservation of flow as a security mechanism in network protocols, securing a default linux instalation, Bush Campeign mounts email assult, Softseek infects users with Netbus, OpenBSD plugs security hole, Secprog mail list, Cybercrime outpacing security spending, Interview with Mark Abene, Linux virus scanners, and more.

tags | local, cgi, root, vulnerability, protocol, virus
systems | linux, openbsd
MD5 | 47f91f03a9cde3221a24910563af478e
Page 1 of 1

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    13 Files
  • 28
    May 28th
    18 Files
  • 29
    May 29th
    17 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By