exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2000-11-13

Posted Nov 13, 2000
Site redhat.com

Red Hat Security Advisory - A remote denial of service attack is possible with bind versions prior to 8.2.2_P7.

tags | remote, denial of service
systems | linux, redhat
SHA-256 | 230026a4ceabecb9b80e8daf329e37d2916897959e5ee27d66dc9ccc9a0cbfd4
Posted Nov 13, 2000
Authored by Z33d

Many systems have the SUID bit set on cons.saver (/usr/lib/mc/bin/cons.saver), part of the Midnight Commander package. A denial of service vulnerability has been found which allows local users to overwrite a null character to any symlinkable file. Includes proof of concept exploit and a patch for cons.saver.

tags | exploit, denial of service, local, proof of concept
SHA-256 | 65e644ff14594df49724ef14d399326c53243a989d5213911a2bd76b3885227c
Posted Nov 13, 2000
Authored by Simple Nomad | Site razor.bindview.com

NCPQuery is an open source tool that allows probing of a Novell Netware 5.0/5.1 server running IP. It uses TCP port 524 to enumerate objects with public read access, disclosing such information as account names, server services, and other various objects. A remote attacker can gather the equivalent information provided by the console command "display servers" and the DOS client command "cx /t /a /r" without authentication.

tags | remote, tcp
SHA-256 | 97f05208a1c028a90715780ea2c8dea387e4888c2aff9bf2d8ce53286f2f65ce
Posted Nov 13, 2000
Authored by Mixter | Site mixter.warrior2k.com

This paper discusses full disclosure, the necessity of legitimate network scanning, and the results of criminalizing security research and information. Overreactions to harmless activities not crossing legal boundaries are leading to a scenario where anyone acquiring basic information about a system needs to be afraid about potential consequences.

tags | paper
SHA-256 | e221f988e97f22109eda8c7087b9b887b9ed8deda208b3f903f4f85474a6bd52
Posted Nov 13, 2000
Authored by Tim J Robbins | Site box3n.gumbynet.org

sping sends ICMP ECHO requests to network hosts to determine whether they are 'alive'. It is a small and hopefully secure implementation of the common ping utility that offers far less control over the packet options that may be specified (packet size, delay between packets, etc.) - this is a feature, for both security and bandwidth reasons. sping has been tested on Linux 2.4.0-test8 but should work on other operating systems.

tags | tool
systems | linux, unix
SHA-256 | 52e646017a626a2389a46f8af16b089194a24df5ab3b347cd25c4472aaca769a
Posted Nov 13, 2000
Authored by Tim J Robbins | Site box3n.gumbynet.org

tcpspy is a linux administrator's tool that logs information about incoming and outgoing TCP/IP connections: local address, remote address and, probably the most useful feature, the user name. The current version allows you to include and exclude certain users from logging - this may be useful if you suspect one of the users on your system is up to no good but do not want to violate the privacy of the other users.

tags | remote, local, tcp
systems | linux
SHA-256 | be42a858d82aa8bc9eed613022377744edf6de8fe109da302c4dd48d5d059325
Posted Nov 13, 2000
Authored by Tim J Robbins | Site box3n.gumbynet.org

libformat is a library for the Linux operating system that intercepts, among others, calls to the printf() family of functions to prevent format string attacks, in which a possibly malicious user supplied format string is used. This is a programming error, but has recently been used to break computer security. This library can be used to protect against compromises due to yet undiscovered vulnerabilities in privileged programs. libformat checks for format strings containing the %n format specifier in writable parts of a process' address space, and if found, the process is terminated with the KILL signal.

tags | vulnerability
systems | linux
SHA-256 | 6f6b78a44959aef3e5a36b00f50a4946b6cc269063b016bb01f17e77fcb01cae
Posted Nov 13, 2000
Authored by Ivo Timmermans | Site tinc-vpn.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: This version fixes the security hole in all previous versions of tinc. Support for multiple subnets was added. OpenSSL is now used, as well as public/private key cryptography.
tags | encryption
SHA-256 | 3192d3d8e0c1ecca4c6b8331bf6458eb6a3b3b4379f1d3c85f452c098537a1db
Posted Nov 13, 2000
Site suse.de

SuSE Security Announcement - Newer versions of /sbin/modprobe can be tricked into executing commands as root if setuid programs which can trigger the loading of modules are installed.

tags | root
systems | linux, suse
SHA-256 | 600ed3a3cac000cdeae2f9e19fa707d65d6b882e05aa67d20e04dbc68db5a864
Posted Nov 13, 2000
Authored by Robert Osterlund | Site pikt.uchicago.edu

PIKT is a cross-platform, multi-functional toolkit for monitoring systems, reporting and fixing problems, security managment, and updating system configurations. PIKT comprises an embedded scripting language with unique, labor-saving features. Binaries available here.

Changes: This release includes secret key host authentication (similar to what ssh and openssh use), piktc-to-piktc_svc data encryption for file and command output transfers, improved diagnostic and security logging, and many bug fixes.
tags | tool
systems | unix
SHA-256 | 3a3f14641f881b3b319134edc1ab5df3ce97303f9e4de4219044947072651fb7
Posted Nov 13, 2000
Authored by Eric Rescorla | Site rtfm.com

sldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic. Tested on Linux, Solaris, FreeBSD, and HP/UX.

tags | tool, sniffer, tcp, protocol
systems | linux, solaris, freebsd, hpux
SHA-256 | c35edc6a47dd9ec731693a1d92c22a6c43c64129490deb94e6fc6df430bb97e5
Posted Nov 13, 2000
Site debian.org

Debian Security Advisory - Versions of BIND prior to 8.2.2p7-1 are vulnerable to a denial of service attack which causes the nameserver to crash after accessing an uninitialized pointer.

tags | denial of service
systems | linux, debian
SHA-256 | 536c3d922dd395eb83a854e077ee0dd94b4857e267412af555f3c2f9e9429050
Posted Nov 13, 2000
Authored by Tom Pycke | Site linuxave.net

Recover is a tool to help undelete files in linux by automating some steps as described in the ext2-undeletion howto. It indexes all the deleted inodes with debugfs, then asks a series of questions about the deleted file. All deleted files which match your criteria are dumped to a directory.

Changes: Device scanning was added, and the code was coverted from C++ to plain C.
tags | tool
systems | linux, unix
SHA-256 | 9ce95fa6175ec5ff1e426564e366c4202e8163723685f8e751cda309bde17a3f
Posted Nov 13, 2000
Authored by Jamie Zawinski | Site jwz.org

XScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. It is also more stable than xlock.

Changes: Enabled checkboxes have been added to the list of hacks in xscreensaver-demo, making it easier to see which modes are turned on. The new modes hyperball, xrayswarm, and gflux have been added. New versions of nerverot, galaxy, and hypercube were added.
tags | root
systems | unix
SHA-256 | d9f4897347410dd26f57447bb414b678e3fa3a8a5564b9edf6f94267bc8eaa49
Posted Nov 13, 2000
Authored by Boris Wesslowski | Site kyb.uni-stuttgart.de

fwlogwatch analyzes the ipchains, netfilter, or iptables packet filter logfiles and generates text and HTML summaries. Features realtime anomaly alerting capability, an interactive report generator, and the ability to cut off attacks by adding firewall rules.

Changes: Support for Cisco logfiles.
tags | tool, firewall
systems | unix
SHA-256 | 65bc397bea1525fde5091a45199b7aed82073ea348b5e8573ebc9e5ff5f5a9af
Posted Nov 13, 2000
Authored by Solar Designer | Site openwall.com

Scanlogd v2.1 is a TCP port scan detection tool for linux, originally designed to illustrate various attacks an IDS developer has to deal with, for a here.

Changes: Support for Libnids 1.14, bug fixes.
tags | tcp
systems | linux, unix
SHA-256 | e257be420e3aab29821f6d513bcf720c764fb611dbd9f6a187f9dd52fb809b37
Page 1 of 1

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By