Twenty Year Anniversary
Showing 1 - 25 of 30 RSS Feed

Files Date: 2000-10-15

ipchains-firewall-1.7.2.tar.gz
Posted Oct 15, 2000
Authored by Ian Hall-Beyer | Site ipchains.nerdherd.net

ipchains-firewall is an easily-configurable shell script to establish masquerading and firewalling rules using ipchains. The package contains a script to establish firewalling for a single machine connected to the network without masquerading, a script to establish firewalling for a system acting as a router routing to non-private IP space, a script to establish firewalling and masquerading for a system acting as a router routing to private IP address space, and one to establish firewalling and masquerading for a system acting as a router, routing to multiple RFC1918 subnets over multiple interfaces. The distribution also includes a copy of midentd v1.6, to enable identd over the masqueraded network.

Changes: Some minor bugfixes and the LPD port is now blocked due to recent vulnerabilities.
tags | tool, shell, firewall
systems | linux
MD5 | 9f7236fa067eb2246dbc355838568537
iptables-firewall-0.99-beta.tar.gz
Posted Oct 15, 2000
Site firewall.langistix.com

iptables-firewall, like its older cousin ipchains-firewall, is an easily-configurable shell script to establish NAT and firewalling rules using iptables. The script self-configures out of the box for IP addresses, netmasks, and interfaces. All that is needed is a commandline specification of external and internal interface names. It automatically determines type of firewall to set up (standalone, routing, or NAT) based on interface IP addresses. The distribution also includes a copy of midentd, to enable identd over the masqueraded network.

tags | tool, shell, firewall
systems | linux
MD5 | 10d88f1b80b54347f3763a0d9d70eee7
snoopy-1.2.tar.gz
Posted Oct 15, 2000
Authored by Mike Baker

Snoopy is designed to log all commands executed by providing a transparent wrapper around calls to execve() via LD_PRELOAD. Logging is done via syslogd and written to authpriv, allowing secure offsite logging of activity.

Changes: A fix for a very manacing bug.
systems | linux
MD5 | 4013da8d2d80503ce7c9c4923adacbe9
apache_1.3.14.tar.gz
Posted Oct 15, 2000
Site apache.org

Apache is the most popular webserver on the internet.

Changes: Mod_rewrite security fix, tightened up the syntax checking of Host: headers to fix a security bug in some mass virtual hosting configurations that can allow a remote attacker to retrieve some files on the system that should be inaccessible, uses "accept filtering" on recent versions of FreeBSD if the kernel is configured to support them, bug fixes and more portability.
systems | unix
MD5 | 34803e3d83a0a9ed981b571657b33109
openports-0.2.tar.gz
Posted Oct 15, 2000
Authored by Sven Darkman Michaels

OpenPorts is a simple script which can be run as a cron job every 5 minutes, checking the open and listening ports on the local system with netstat. If there is a difference since the last time it was run, an e-mail is sent to the system administrator containing the list of new open ports.

Changes: Better log analysis, and printing of only the changes.
tags | tool, local, intrusion detection
systems | unix
MD5 | 76384d12f67d37cb17e9d0088d2ee771
Linux IPTables Firewall
Posted Oct 15, 2000
Authored by Netfilter Core Team | Site iptables.org

Iptables is built on top of netfilter: the new packet alteration framework for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects.

Changes: Matches are now compared in forwards order, IPv6 support was added. Bug fixes for Sparc and PPC.
tags | tool, firewall
systems | linux
MD5 | a7c6adeffb21dfcb2a79b0f5825cf547
11logger-0.1.2.tar.gz
Posted Oct 15, 2000
Authored by Antirez | Site kyuzz.org

11logger is a small kernel patch, a module and some userspace tools to add SIGSEGV logging and history capabilities to Linux 2.2.x. 11logger is very useful in security auditing and general debugging.

tags | kernel
systems | linux
MD5 | 97cb589fc62c6686a733897e1eea8076
Slx2k001.txt
Posted Oct 15, 2000
Authored by Slash | Site securologix.com

Hacker Resource #1 - Hacking UNIX for beginners.

tags | paper
systems | unix
MD5 | 3c45ca057ea8156d4172403f650586cf
axsploit.pl
Posted Oct 15, 2000
Authored by Xcript | Site rhs-ck.com

AnalogX 1.1 contains remotely exploitable buffer overflows, as reported in USSR Advisory #29. This perl script will crash the server.

tags | denial of service, overflow, perl
MD5 | 803ece7f7beaa8e3df6ccf7e9fb5f40d
gdmurder.txt
Posted Oct 15, 2000
Site dragon.hack.tc

GDM local root and/or denial of service attack, tested on Red Hat 6.2. Requires console access.

tags | exploit, denial of service, local, root
systems | linux, redhat
MD5 | 66a92436e635f0235a94d49b88ece2d7
srm-1.2.0.tar.gz
Posted Oct 15, 2000
Authored by Matthew Gauthier | Site srm.sourceforge.net

secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.

Changes: This should be a final stable release unless more bugs are found.
systems | unix
MD5 | 3a70cce3f54b66d509c26ee6136c557e
Unverified_Fields_1.0.pdf
Posted Oct 15, 2000
Authored by Ofir Arkin | Site sys-security.com

The following problem (as discussed in this paper) has not yet been identified. Certain firewalls today, will not authenticate the validity of certain protocol fields within the packet they are processing. The risk is exposure of information, mainly unique patterns of behavior produced by the probed machines answering our crafted queries. Those patterns will help a malicious computer attacker to identify the operating systems in use. Postscript version available here.

tags | paper, protocol
MD5 | 1cbb363d9d632889d80b6632248e326e
debian.php4.txt
Posted Oct 15, 2000
Site debian.org

Debian Security Advisory - In versions of the PHP 4 packages before version 4.0.3, several format string bugs could allow properly crafted requests to execute code as the user running PHP scripts on the web server.

tags | web, php
systems | linux, debian
MD5 | 2283301130af7e6d0a0b53bf93cb998c
debian.php3.txt
Posted Oct 15, 2000
Site debian.org

Debian Security Advisory - In versions of the PHP 3 packages before version 3.0.17, several format string bugs could allow properly crafted requests to execute code as the user running PHP scripts on the web server, particularly if error logging was enabled.

tags | web, php
systems | linux, debian
MD5 | 18253553df53dfe8b1817fbb1267eb33
debian.nis.txt
Posted Oct 15, 2000

The nis package that was distributed with Debian GNU/Linux 2.1 has a couple of problems which have been fixed in version 3.5-2. We recommend you upgrade your nis package immediately. Debian security homepage here.

systems | linux, debian
MD5 | c9d538d6e96ae072ee7d1fc8e8771778
ms00-077
Posted Oct 15, 2000

Microsoft Security Bulletin (MS00-077) - Microsoft has released a patch that eliminates a security vulnerability in NetMeeting, an application that ships with Windows 2000 and is also available for Windows NT 4.0. The vulnerability allows a malicious user to deny service to a NetMeeting server. Microsoft FAQ on this issue available here.

systems | windows, 2k, nt
MD5 | dce5c8e5ebbd542db891b5509904717b
debian.curl.txt
Posted Oct 15, 2000
Site debian.org

Debian Security Advisory - The version of curl as distributed with Debian GNU/Linux 2.2 had a bug in the error logging code: when it created an error message it failed to check the size of the buffer allocated for storing the message. This could be exploited by the remote machine by returning an invalid response to a request from curl which overflows the error buffer and trick curl into executing arbitrary code.

tags | remote, overflow, arbitrary
systems | linux, debian
MD5 | 690aa377305ba10a4e37111b66366214
FreeBSD Security Advisory 2000.57
Posted Oct 15, 2000
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-00:57 - The muh port, an IRC bouncer, versions 2.05c and below contains a vulnerability which allows remote users to gain the privileges of the user running muh. This is accomplished by sending a carefully crafted exploit string containing string format operators to a user using muh but who is not connected. When the user reconnects and executes '/muh read', muh will allow the remote attacker to execute arbitrary code as the local user.

tags | remote, arbitrary, local
systems | freebsd
MD5 | 710c922d3f65b56d4e94495eab24f2ed
FreeBSD Security Advisory 2000.56
Posted Oct 15, 2000
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-00:56 - The LPRng port, versions prior to 3.6.24, contains a vulnerability in syslog() which allows remote and local root compromise.

tags | remote, local, root
systems | freebsd
MD5 | c387831aa8d27504228aab3db76546a5
FreeBSD Security Advisory 2000.55
Posted Oct 15, 2000
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-00:55 - The xpdf port, a PDF viewer for X, contains a race condition which allows local users to overwrite arbitrary files as the user running xpdf. Additionally no shell metacharacter checking is done when visiting URLs.

tags | arbitrary, shell, local
systems | freebsd
MD5 | 91850965055515bbc3ea2fbc11dc172f
FreeBSD Security Advisory 2000.54
Posted Oct 15, 2000
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-00:54 - Shortly before the release of FreeBSD 4.1.1, code was added to finger(1) intended to allow the utility to send the contents of administrator-specified files in response to a finger request. However the code incorrectly allowed users to specify a filename directly, the contents of which would be returned to the user.

systems | freebsd
MD5 | 7431849a15ead61f2f7214d61d6f9e97
debian.traceroute.txt
Posted Oct 15, 2000
Site debian.org

Debian Security Advisory - In versions of the traceroute package before 1.4a5-3, it is possible for a local user to gain root access by exploiting an argument parsing error.

tags | local, root
systems | linux, debian
MD5 | c6af07ea08e04bf1d2b059a9520087f5
ms00-076
Posted Oct 15, 2000

Microsoft Security Bulletin (MS00-076) - Microsoft has released a patch that eliminates the "Cached Web Credentials" security vulnerability in Internet Explorer, which allows malicious users to obtain another user's userid and password to a web site. Microsoft FAQ on this issue available here.

tags | web
MD5 | 3a91917a5e6421e32f04d5100afa37a9
SLA-17.Anaconda.txt
Posted Oct 15, 2000
Authored by synnergy, Kostas Petrakis | Site synnergy.net

Synnergy Laboratories Advisory SLA-2000-17 - A flaw in Linux/UNIX Anaconda Foundation Directory, a yahoo style search engine based on the Open Directory Project allows remote users to traverse the webservers filesystem, allowing arbitary files to be read by appending a trailing NULL byte in URL encoded format. Exploit URL included.

tags | exploit, remote
systems | linux, unix
MD5 | 4473a774da7c24d3ddf462e13bfbf37e
GMCreator-v0.2.zip
Posted Oct 15, 2000
Authored by 6 Inch Taint

Godmessage Creator allows you to implement the Godmessage IV activeX attack with any binary you supply. Archive password is set to p4ssw0rd. Use at your own risk.

Changes: Max file size increased to 26000 bytes, Optimized godmessage code, remove unnessisary chars to make file smaller and raise onz.exe size limit, the ability to dynamically create godmessage from user supplied html file.
tags | trojan, activex
MD5 | 4b748ed03bc532fa95b68195cb4d6739
Page 1 of 2
Back12Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    29 Files
  • 20
    Sep 20th
    18 Files
  • 21
    Sep 21st
    5 Files
  • 22
    Sep 22nd
    2 Files
  • 23
    Sep 23rd
    2 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    22 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close