what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2000-12-07

CSA-200012.txt
Posted Dec 7, 2000
Site chinansl.com

CHINANSL Security Advisory(CSA-200012) - Ultraseek Server 3.0 Vulnerability allows malicious users to see the full pathnames of server addons.

tags | exploit
SHA-256 | a93ef1f7c85039e6f7a88a25020b181c801b9ea32a699a2b5f122ec16a96ce51
cisco.00-12-06.memleak
Posted Dec 7, 2000
Site cisco.com

Cisco Security Advisory - Catalyst Memory Leak Vulnerability. A series of failed telnet authentication attempts to the switch can cause the Catalyst Switch to fail to pass traffic or accept management connections until the system is rebooted or a power cycle is performed. All types of telnet authentication are affected, including Kerberized telnet, and AAA authentication.

tags | memory leak
systems | cisco
SHA-256 | f78e1da717f41cb8bc980acf491fc47ff430a1f0ad3b5d1aa403d9b8a3328338
bf-code.c
Posted Dec 7, 2000
Authored by Asynchro | Site pkcrew.org

Bftpd 1.0.12 contains a remote buffer overflow. Denial of service exploit included.

tags | exploit, remote, denial of service, overflow
SHA-256 | b53b1d6e97dd2c13613462f15448517d0b51dbb7d806ce05e13b0e2e9494dbfc
tcpspy-1.4.tar.gz
Posted Dec 7, 2000
Authored by Tim J Robbins | Site box3n.gumbynet.org

tcpspy is a linux administrator's tool that logs information about incoming and outgoing TCP/IP connections: local address, remote address and, probably the most useful feature, the user name. The current version allows you to include and exclude certain users from logging - this may be useful if you suspect one of the users on your system is up to no good but do not want to violate the privacy of the other users.

Changes: Can now log the filename of the executable that created or accepted connections. Assorted bug fixes and code cleanups.
tags | remote, local, tcp
systems | linux
SHA-256 | df2d9e51e0cbb95e6490e075f38e11213d18a7f1a702fce011210d9d6a5a7112
Log02Package.zip
Posted Dec 7, 2000
Site twilightminds.com

The Twilight Minds Extensible Logging Package is intended to provide a basis for efficient logging of sequential output. It helps get the groundwork of logging done and out of the way. It also removes the processes associated with recording log entries and managing logs from the main thread of execution. TwilightMinds.Log allows for one-line logging to any end-point within a common framework, and allows for potentially complex but easily managed logging setups.

tags | system logging
systems | unix
SHA-256 | 7bac1500510cc8a4b406a517db77142bd84457f1bc75a635fa607fe575e68ad2
SRADV00007.txt
Posted Dec 7, 2000
Authored by Secure Reality | Site securereality.com.au

Secure Reality Pty Ltd. Security Advisory #7 - MarkVision is a printer administration package from Lexmark. Versions previous to v4.4 contain local root buffer overflow vulnerabilities. Fix available here.

tags | exploit, overflow, local, root, vulnerability
SHA-256 | 3e763f2a074ead41c407459903496036ba90d70aba5782927022137c103963ec
SRADV00006.txt
Posted Dec 7, 2000
Authored by Secure Reality | Site securereality.com.au

Secure Reality Pty Ltd. Security Advisory #6 - phpGroupWare is a multi-user web based groupware suite written in PHP. Versions below 0.9.7 under Unix make insecure calls to the include() function of PHP which can allow the inclusion of remote files, and thereby the execution of arbitrary commands on the remote web server with the permissions of the web server user, usually 'nobody'. Fix available here.

tags | exploit, remote, web, arbitrary, php
systems | unix
SHA-256 | 6726f2b4b34f81a4e34dba7e545c1d74926ef384ea62801eb1b9a0aae10a731a
SRADV00005.txt
Posted Dec 7, 2000
Authored by Secure Reality | Site securereality.com.au

Secure Reality Pty Ltd. Security Advisory #5 - All 3.x versions of MailMan Webmail below v3.0.26 contain remote command execution vulnerabilities. The code contains several insecure calls to open() containing user specified data. These calls can be used to execute commands on the remote server with the permissions of the user that runs CGI scripts, usually the web server user which is in most cases 'nobody'. Fix available here.

tags | exploit, remote, web, cgi, vulnerability
SHA-256 | b4dcc0b0843d1cb7fc27df32abe4794efcdd89522f9d488aea343af2e5078e74
ncat-0.1.tar.gz
Posted Dec 7, 2000
Site ncat.sourceforge.net

ncat is a network config Audit Tool for IOS (and other) configs. ncat reads a master config file (default ./ncat.conf) and checks one or more config files specified on the command line against rules found in the master. Rules specify that a particular chunk of text is either required or forbidden. Once all rules have been checked, a report is output listing violations.

systems | cisco
SHA-256 | 85615dadc4ee83f8faf51ab4c2c37e71451176a055a158b811664ebd8e732dae
BWL-00-04.txt
Posted Dec 7, 2000
Authored by Black Watch Labs | Site perfectotech.com

Black Watch Labs Security Advisory #00-04 (April 6, 2000) - BizDB is a database and search engine software by Cnctek. Part of the installation is a CGI script, ?bizdb-search.cgi? which is used to search the bizdb database. This script is vulnerable to modification of its paramater, in such way that causes it to run user provided shell commands on the server. Exploit URL's included. These issues have been resolved in newer versions of this software, make sure to upgrade!

tags | shell, cgi
SHA-256 | 24a4ed5c6abb15a3bce91a5494875ecada0d11f6a7bde42b93605a2e1bbe0bd7
f8-120500-vpnet.txt
Posted Dec 7, 2000
Authored by Loki, f8labs | Site f8labs.com

VPNet Technologies VSU VPN appliances have serious remote vulnerabilities. A source routing flaw in VSU allows for unauthenticated connections to a target host on protected LAN of VPN, and a flaw in NOS bridging code causes VSU to pass spoofed private address packets from it's public interface to the private network.

tags | remote, spoof, vulnerability
SHA-256 | 0cb8674acbf084b5918dab3149caf09b90482e6bca33a3214386bb64286cb150
qaudit.pl
Posted Dec 7, 2000
Authored by vade79, realhalo | Site realhalo.org

Qaudit.pl is a script for quickly auditing .c and .cc source files for stack and heap overflows, format bugs, exec calls, environment variables, and misc functions which often have security issues.

tags | overflow
systems | unix
SHA-256 | 6b50f0f26fca5b87424305765aca11e97a6f5b1fdcca2bb00b3a1259f8d8dbb6
ms00-096
Posted Dec 7, 2000

Microsoft Security Bulletin (MS00-096) - Microsoft has released a tool that corrects the permissions on several registry values in Windows 2000. The default permissions allow malicious users to monitor or reconfigure some network devices by displaying the SNMP community name and management station identifiers. Microsoft FAQ on this issue available here

tags | registry
systems | windows
SHA-256 | d2e91906cab571f0ef26eb21c3fb73c2fffb4477c47da3c46a5ba001fda6bf67
ms00-095
Posted Dec 7, 2000

Microsoft Security Bulletin (MS00-095) - Microsoft has released a tool that corrects the permissions on several registry values in Microsoft Windows NT 4.0. The default permissions allow malicious users to gain additional privileges on affected machines. Affected keys include the SNMP Parameters key, the RAS Administration key, and the MTS Package Administration key. Microsoft FAQ on this issue available here.

tags | registry
systems | windows
SHA-256 | 05886460d5a8310f027090b6cdd67524d92b48f2b41fbd1a164ffd36c7a78d8b
tessa.c
Posted Dec 7, 2000
Authored by Incubus | Site securax.org

Remote denial of service exploit for Microsoft Exchange 5.5 SP3 Internet Mail Service and Information Store. The bug is in the handling of a line containing Content="".

tags | exploit, remote, denial of service
SHA-256 | 0c9cfdbafe736d4492e5824460e8cf1c11123d2a6f395721ed470ff9d5905c32
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close