what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2000-12-07

CSA-200012.txt
Posted Dec 7, 2000
Site chinansl.com

CHINANSL Security Advisory(CSA-200012) - Ultraseek Server 3.0 Vulnerability allows malicious users to see the full pathnames of server addons.

tags | exploit
SHA-256 | a93ef1f7c85039e6f7a88a25020b181c801b9ea32a699a2b5f122ec16a96ce51
cisco.00-12-06.memleak
Posted Dec 7, 2000
Site cisco.com

Cisco Security Advisory - Catalyst Memory Leak Vulnerability. A series of failed telnet authentication attempts to the switch can cause the Catalyst Switch to fail to pass traffic or accept management connections until the system is rebooted or a power cycle is performed. All types of telnet authentication are affected, including Kerberized telnet, and AAA authentication.

tags | memory leak
systems | cisco
SHA-256 | f78e1da717f41cb8bc980acf491fc47ff430a1f0ad3b5d1aa403d9b8a3328338
bf-code.c
Posted Dec 7, 2000
Authored by Asynchro | Site pkcrew.org

Bftpd 1.0.12 contains a remote buffer overflow. Denial of service exploit included.

tags | exploit, remote, denial of service, overflow
SHA-256 | b53b1d6e97dd2c13613462f15448517d0b51dbb7d806ce05e13b0e2e9494dbfc
tcpspy-1.4.tar.gz
Posted Dec 7, 2000
Authored by Tim J Robbins | Site box3n.gumbynet.org

tcpspy is a linux administrator's tool that logs information about incoming and outgoing TCP/IP connections: local address, remote address and, probably the most useful feature, the user name. The current version allows you to include and exclude certain users from logging - this may be useful if you suspect one of the users on your system is up to no good but do not want to violate the privacy of the other users.

Changes: Can now log the filename of the executable that created or accepted connections. Assorted bug fixes and code cleanups.
tags | remote, local, tcp
systems | linux
SHA-256 | df2d9e51e0cbb95e6490e075f38e11213d18a7f1a702fce011210d9d6a5a7112
Log02Package.zip
Posted Dec 7, 2000
Site twilightminds.com

The Twilight Minds Extensible Logging Package is intended to provide a basis for efficient logging of sequential output. It helps get the groundwork of logging done and out of the way. It also removes the processes associated with recording log entries and managing logs from the main thread of execution. TwilightMinds.Log allows for one-line logging to any end-point within a common framework, and allows for potentially complex but easily managed logging setups.

tags | system logging
systems | unix
SHA-256 | 7bac1500510cc8a4b406a517db77142bd84457f1bc75a635fa607fe575e68ad2
SRADV00007.txt
Posted Dec 7, 2000
Authored by Secure Reality | Site securereality.com.au

Secure Reality Pty Ltd. Security Advisory #7 - MarkVision is a printer administration package from Lexmark. Versions previous to v4.4 contain local root buffer overflow vulnerabilities. Fix available here.

tags | exploit, overflow, local, root, vulnerability
SHA-256 | 3e763f2a074ead41c407459903496036ba90d70aba5782927022137c103963ec
SRADV00006.txt
Posted Dec 7, 2000
Authored by Secure Reality | Site securereality.com.au

Secure Reality Pty Ltd. Security Advisory #6 - phpGroupWare is a multi-user web based groupware suite written in PHP. Versions below 0.9.7 under Unix make insecure calls to the include() function of PHP which can allow the inclusion of remote files, and thereby the execution of arbitrary commands on the remote web server with the permissions of the web server user, usually 'nobody'. Fix available here.

tags | exploit, remote, web, arbitrary, php
systems | unix
SHA-256 | 6726f2b4b34f81a4e34dba7e545c1d74926ef384ea62801eb1b9a0aae10a731a
SRADV00005.txt
Posted Dec 7, 2000
Authored by Secure Reality | Site securereality.com.au

Secure Reality Pty Ltd. Security Advisory #5 - All 3.x versions of MailMan Webmail below v3.0.26 contain remote command execution vulnerabilities. The code contains several insecure calls to open() containing user specified data. These calls can be used to execute commands on the remote server with the permissions of the user that runs CGI scripts, usually the web server user which is in most cases 'nobody'. Fix available here.

tags | exploit, remote, web, cgi, vulnerability
SHA-256 | b4dcc0b0843d1cb7fc27df32abe4794efcdd89522f9d488aea343af2e5078e74
ncat-0.1.tar.gz
Posted Dec 7, 2000
Site ncat.sourceforge.net

ncat is a network config Audit Tool for IOS (and other) configs. ncat reads a master config file (default ./ncat.conf) and checks one or more config files specified on the command line against rules found in the master. Rules specify that a particular chunk of text is either required or forbidden. Once all rules have been checked, a report is output listing violations.

systems | cisco
SHA-256 | 85615dadc4ee83f8faf51ab4c2c37e71451176a055a158b811664ebd8e732dae
BWL-00-04.txt
Posted Dec 7, 2000
Authored by Black Watch Labs | Site perfectotech.com

Black Watch Labs Security Advisory #00-04 (April 6, 2000) - BizDB is a database and search engine software by Cnctek. Part of the installation is a CGI script, ?bizdb-search.cgi? which is used to search the bizdb database. This script is vulnerable to modification of its paramater, in such way that causes it to run user provided shell commands on the server. Exploit URL's included. These issues have been resolved in newer versions of this software, make sure to upgrade!

tags | shell, cgi
SHA-256 | 24a4ed5c6abb15a3bce91a5494875ecada0d11f6a7bde42b93605a2e1bbe0bd7
f8-120500-vpnet.txt
Posted Dec 7, 2000
Authored by Loki, f8labs | Site f8labs.com

VPNet Technologies VSU VPN appliances have serious remote vulnerabilities. A source routing flaw in VSU allows for unauthenticated connections to a target host on protected LAN of VPN, and a flaw in NOS bridging code causes VSU to pass spoofed private address packets from it's public interface to the private network.

tags | remote, spoof, vulnerability
SHA-256 | 0cb8674acbf084b5918dab3149caf09b90482e6bca33a3214386bb64286cb150
qaudit.pl
Posted Dec 7, 2000
Authored by vade79, realhalo | Site realhalo.org

Qaudit.pl is a script for quickly auditing .c and .cc source files for stack and heap overflows, format bugs, exec calls, environment variables, and misc functions which often have security issues.

tags | overflow
systems | unix
SHA-256 | 6b50f0f26fca5b87424305765aca11e97a6f5b1fdcca2bb00b3a1259f8d8dbb6
ms00-096
Posted Dec 7, 2000

Microsoft Security Bulletin (MS00-096) - Microsoft has released a tool that corrects the permissions on several registry values in Windows 2000. The default permissions allow malicious users to monitor or reconfigure some network devices by displaying the SNMP community name and management station identifiers. Microsoft FAQ on this issue available here

tags | registry
systems | windows
SHA-256 | d2e91906cab571f0ef26eb21c3fb73c2fffb4477c47da3c46a5ba001fda6bf67
ms00-095
Posted Dec 7, 2000

Microsoft Security Bulletin (MS00-095) - Microsoft has released a tool that corrects the permissions on several registry values in Microsoft Windows NT 4.0. The default permissions allow malicious users to gain additional privileges on affected machines. Affected keys include the SNMP Parameters key, the RAS Administration key, and the MTS Package Administration key. Microsoft FAQ on this issue available here.

tags | registry
systems | windows
SHA-256 | 05886460d5a8310f027090b6cdd67524d92b48f2b41fbd1a164ffd36c7a78d8b
tessa.c
Posted Dec 7, 2000
Authored by Incubus | Site securax.org

Remote denial of service exploit for Microsoft Exchange 5.5 SP3 Internet Mail Service and Information Store. The bug is in the handling of a line containing Content="".

tags | exploit, remote, denial of service
SHA-256 | 0c9cfdbafe736d4492e5824460e8cf1c11123d2a6f395721ed470ff9d5905c32
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close