RFPolicy 2.0 - rain forest puppy's policy on notifying vendors and releasing security vulnerabilities.
292c943bdd96a7ec03da8dac3e27832c587f3bcc55001ecabfda4ad18b74786brain forest puppy's investigation of the recent Microsoft IIS remote command execution vulnerability which was first mentioned in a ms00-078. UNICODE character translation on foreign IIS 4.0 and 5.0 servers allows additional ways of encoding '/' and '\', allowing commands to be executed under the IUSR_machine context.
2b1c446965eae66c719dc5275df8c83c036b0c35b914f77fa9b14f18472713f1Microsoft Security Bulletin (MS00-078) - Microsoft has released a patch that eliminates the "Web Server Folder Traversal" vulnerability in IIS 4.0 and 5.0 which allows malicious users to add and remove content or execute code remotely with a malformed URL. Microsoft FAQ on this issue available here.
11cc0a48eeef7590a32423098792c800d48cc565af310381c27a64e069180302PHP/3.0.12, 3.0.15, and 3.0.16 with apache 1.3.12 remote format string exploit for FreeBSD 3.4, Slackware Linux 4.0, and 7.0.
96da427c5e520f508d5095e2ae72b3ea84315600ce6f8c479d2b052c33f7f03fLinux/x86 shellcode which drops a shell in /tmp.
62b4013ad9350cd5bf5b3f480aa7e7674c85ceadd9e23838b494f49582604891NetBSD shellcode which execve's /bin/sh.
90e0b96c209e409e110992acd09eae3877c00d4709b7d658005a8897f07f9fb1BSDI shellcode which execve's /bin/sh.
2908decf21e971872bc8468fa6585bdd6b015b57c7d36da41b12f90c56f46379SCO shellcode which breaks out of a chrooted environment.
2cfae4fea699795efc2dce0eb040c37c7f062cb9db79990b2b22adc82dc7c974Windows NT/2k remote shellcode.
f6ef9514d5e478de3d6cb35966282d86e4d51f4628729a107cb6dd75be30ab3bwwwhack - Automates the process of trying to crack logins/passwds for www sites that use basic HTTP authentication.
089e84d894b907f3532b6d6eb1fbf56479f141961603a31e77c1ce461ce93131Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: PHP 3 and 4 remote format string vulnerabilities, Internet Explorer authentication data retrieval, IE cached web credentials vulerability, Master index directory transversal vulnerability, BOA vulnerabilities, tmpwatch local dos, Extropoa Webstore directory transversal vulnerability, Interactive's web shopper directory transversal vulnerability, Microsoft share level password vulnerability, Mandrake openssh/scp update, HP Jetdirect dos, WebTV dos, Apache mod_rewrite, Debian curl update, Winu 1.0-5.1 backdoor password, debian ypbind local vulnerability, and Netmeeting denial of service. Articles include SUID programs, getting to the root of the problem, Testing for Trojans, How to detect virus hoaxes, and more.
35a897d619152e6fc91c69586c9708eba9f0eea568921cf5160a50cdba159f94SuSE Security Advisory - SuSE's traceroute (nanog) has a completely different local root vulnerability than the one reported last week. A format string bug was discovered in a routine that can be used to terminate a line in traceroute's output to easily embed the program in cgi scripts.
96c1b99142636132b324379d6a844d895deaeb497136fb0856e8974c973cb5b2SuSE Security Advisory - Gnorpm, a graphical user interface to the rpm subsystem for the gnome desktop, handles tempfiles insecurely and can overwrite arbitrary files on the system.
e622695dd71e6bdb9d84ffae1dae2588103bfbaafea9c97d639d626fb1d6841a11logger is a small kernel patch, a module and some userspace tools to add SIGSEGV logging and history capabilities to Linux 2.2.x. 11logger is very useful in security auditing and general debugging.
e374ca5391194d5bb5e96d4fafba1751d08411abc60584e65c0c4e7fa7ae14e2Wu-Ftpd is a portable FTP server.
469a37391346e29ae6abfe3615c03ff579cae5d698ff7611604190596e66d291Wingate 4.1 Beta A and below allows users with access to read the logs to read any file on the filesystem by encoding the URL with escape codes, bypassing input validation. Includes wgate41a.c, proof of concept code. Fix available here.
d911de7376362eaa57534d66e1363dca6a222e4eac2a3b3c940f8173fb80d190Crypto-gram for October 15, 2000. In this issue: Semantic Attacks: The Third Wave of Network Attacks, News, Council of Europe Cybercrime Treaty -- Draft, The Doghouse: HSBC, NSA on Security, AES Announced, NSA on AES, and the Privacy Tools Handbook.
7c3f8790fcf1093735c62ec84aa0c538c534313880ca411050db9d2325ac0c88Tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities. Requires Libpcap.
feea77e0e7734c56e23196e2fa8df8984bea08fe5cf699698ddbd514b9ebb51cLibpcap is a portable packet capture library which is used in many packet sniffers, including Tcpdump.
dbc7ce2471a45a29dd2021db29a6b408bcb824055f027d542e1e778134e780a7
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed