Twenty Year Anniversary
Showing 1 - 25 of 26 RSS Feed

Files Date: 2000-12-15

XATO-122000-01
Posted Dec 15, 2000
Authored by Sozni | Site xato.net

Xato Security Advisory XATO-122000-01 - The majority of the command-line SMTP mailers available for Win32-based systems are vulnerable when used to send mail from a web server. The vulnerabilities found allow remote web users to read and/or write to the servers file system, retrieve files from the server's file system as mail attachments, bounce and/or spoof e-mail messages, spam, flood, mail bomb, or otherwise use a server's resources without authorization, bounce off a server to perform port scans, bounce off a server to perform brute-force attacks to POP and/or SMTP accounts, reroute all the mail through an untrusted mail server by changing mailer options, and launch dos attacks against the server or other systems. Vulnerable mailers include BatMail v1.8d, Blat v1.85h, CGIMail v2.5, CLEMAIL v1.3, Comments v1.7, FormVar v1.61, GBMail v2.02, MailForm v1.96, MailMe! v1.6, MailPost v5.1, MailSend v7.15, MailSend v3.18, NetFormDD v2.9, Postie v6, SendFile v1.0, Stalkerlab's Mailers V1.2, WindMail v3.05, WebMailer Pro v1.2, WebMailer Lite v1.2, and wSendmail v1.5.

tags | remote, web, spoof, vulnerability
systems | windows
MD5 | 9e28095885e712c9b19be4b7252bfabc
rdC-LPRng.c
Posted Dec 15, 2000
Authored by venomous | Site rdcrew.com.ar

LPRng v3.6.24 and below remote root exploit for Linux/x86 which exploits the syslog() format string vulnerability. Tested against the default install of Redhat 7.0 (LPRng-3.6.24-1) and LPRng3.6.22-1 installed on Slackware 7.0.

tags | exploit, remote, x86, root
systems | linux, redhat, slackware
MD5 | a944522a8f3172acd7e04413024847a2
IDMEF-xml-plugin_0.1.tar.gz
Posted Dec 15, 2000
Authored by Joe McAlerney | Site silicondefense.com

Intrusion Detection Message Exchange Format (IDMEF) XML output plugin for Snort - Produces IDMEF messages in response to events triggering Snort rules. It is configured in a standard Snort configuration file, and can run concurrently with existing Snort logging output.

tags | tool, sniffer
MD5 | 8a70dd0d26986bb8f7915e1f3d2935f7
ipfirewall
Posted Dec 15, 2000
Authored by Magda Cien

Ipfirewall v3.1 is a script which configures a Unix firewall. Includes compatibility for ipchains, ipfw, ipfwadm, and natd. Designed for linux or BSD.

tags | tool, firewall
systems | linux, unix, bsd
MD5 | a34ab2d68035ee0e07ee5457e8138bbe
iss.00-12-14.soho.firewall
Posted Dec 15, 2000
Site xforce.iss.net

ISS Security Advisory - Multiple vulnerabilities in the WatchGuard SOHO Firewall v1.6.0 and v2.1.3 allow remote attackers to gain access to the administrative functions of the firewall without authenticating, crash the configuration server, remove the admin password, or cause the device to stop accepting network traffic. Fix available here.

tags | remote, vulnerability
MD5 | 858e1e20925c423a5e88396f15842190
nscan07.exe
Posted Dec 15, 2000
Authored by Averk | Site nscan.hypermart.net

NScan is a very fast portscanner for Windows (up to 200 ports per second) for both hosts and large networks with numerous features: it scans not only address ranges, but also files with host lists (e.g. proxy list, domain zone or old log), writes logs at the different detail levels, has speed limits, pre-defined service sets and so on. It includes a set of additional tools: whois client, that supports automatic information recognition and fetch, has query history and other features; traceroute, that traces all the way to the host at once in one or two seconds, making route discovery tenth times faster; TCP-based DNS client that supports most of the available options, including AXFR zone transfer.

Changes: Bug fixes and updates.
tags | tcp
systems | windows
MD5 | ec931ec7b777632e4fa99e1e37ffeb8f
StJude_LKM-0.05.tar.gz
Posted Dec 15, 2000
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for 2.2.0 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work equally well for both known and unknown exploits.

Changes: Added new response method which will execute an external command to record and deal with the intrusion. It is likely to be noted by an astute individual that this also affords the opportunity to counter-attack the attacker, using their control channel against them.
tags | remote, kernel, local, root
systems | linux
MD5 | d145e9768dc1a83974534bd301b738da
stunnel-3.9.tar.gz
Posted Dec 15, 2000
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: Fixes a security vulnerability in the syslog() function, uses an improved ssl loop to combat the 'random hang' problem of previous releases, and correctly honors client keylength requests. We strongly suggest you upgrade now.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | 00a0cf0f36d15273bc1cb0a05670a194
g2s-0.4.1.tar.gz
Posted Dec 15, 2000
Site jedi.claranet.fr

G2S is a smart, all-in-one frontend between client and server applications. It features portability, a robust super-server (inetd) replacement, TCP-wrappers integrated with paranoid DNS checks and support for broken or fake name servers, handy but detailed log files, support for various protocols (raw IP, ICMP, GGP, TCP, EGP, PUP, UDP, RDP), IPv6 compliance, IPv6 to IPv4 gatewaying, and support for RBL maps for automatic spam filtering.

tags | udp, tcp, protocol
systems | unix
MD5 | 3666acb9813482d123d3e360fa06f4f6
vmail-0.5.6-devel.tar.gz
Posted Dec 15, 2000
Site virtua-web.co.uk

Vorpal Mail is an easily configurable but flexible replacement for sendmail, supporting advanced features such as virus scanning, virtual domains, etc.

tags | virus
systems | unix
MD5 | 8501b682b419d7ff3c6de13721cc2667
securecgi-1.0.tar.gz
Posted Dec 15, 2000
Site jedi.claranet.fr

The Secure CGI Library eases the development of C/C++ Web applications using the CGI interface. It's designed with security in mind and can enforce correct limits to avoid common denial-of-service attacks. It can also handle an unlimited number of variables with unlimited content size, and with very fast parsing and hashed lookups.

tags | web, cgi, library
MD5 | 2cc0c29d85e5074069073ed80ae8de9e
unrm-0.91.tar.gz
Posted Dec 15, 2000
Authored by Octavian Popescu | Site hideout.art.ro

unrm is a small linux utility which can, under some circumstances, recover almost 99% of your erased data (similar to DOS's undelete).

Changes: This release searches through all erased data for the data, allowing for far more accurate recovery.
tags | tool
systems | linux, unix
MD5 | b4acf2ba855c6f0d8ded0ef6c633e20d
Openwall Linux Kernel Patch
Posted Dec 15, 2000
Authored by Solar Designer | Site openwall.com

The Secure-Linux patch adds a few security features to the kernel which, while not a complete method of protection, will stop most of the 'cookbook' buffer overflow exploits cold. It also adds the option of restricting the use of symlinks and named pipes in +t (temp) directories which fixes most tmp-race exploits as well. It can also add a little bit more privacy to the system by restricting access to parts of /proc to root so that users may not see who else is logged on or what they're doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction, and priveledged IP aliases for kernel 2.0.

Changes: Now works on kernel 2.2.18! Also includes workarounds for GNU MailMan and Courier Mail. Readme available <a href="http://www.openwall.com/linux/README"here.</a>
tags | overflow, kernel, root
systems | linux
MD5 | 5e901962c353d8424e51297ff4158b50
anomy-sanitizer-1.33.tar.gz
Posted Dec 15, 2000
Authored by Bjarni R. Einarsson | Site mailtools.anomy.net

The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.

Changes: This release fixes a bug where MIME-boundaries could get corrupted under very specific conditions, thus making one or more attachments illegible.
tags | trojan, perl, javascript, virus
systems | unix
MD5 | cdfb8a65044a4307f68950e574094f79
lids-0.9.11-2.2.18.tar.gz
Posted Dec 15, 2000
Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: This release includes various bugfixes in lidsadm and is compatible with kernel 2.2.18.
tags | kernel, root
systems | linux
MD5 | 85c638f6e5a8d9a4a95e7b9091f587f9
CA-2000-22.lprng
Posted Dec 15, 2000
Site cert.org

CERT Advisory CA-2000-22 - Input Validation Problems in LPRng. A popular replacement software package to the BSD lpd printing service called LPRng contains at least one format string vulnerability in the syslog() function, which allows remote users with access to TCP port 515 to execute arbitrary code on vulnerable systems as root. Fix available here.

tags | remote, arbitrary, root, tcp
systems | bsd
MD5 | f66eaa57326f7eec805db9c183469a6f
icqrin13.zip
Posted Dec 15, 2000
Authored by Moritz Bartl | Site headstrong.de

Icqrinfo is a Windows program which reads information (including passwords, personal information, and deleted contact list information) stored in ICQ.DAT files. ICQ Versions 99a, 99b, 2000a, and 2000b are supported.

Changes: Support for ICQ 2000b and a few bugs have been fixed. It contains a plain routine to extract contact list information to a textfile.
systems | windows
MD5 | 1ea1ea3d74f71994a67bb146faf427e2
attacker.zip
Posted Dec 15, 2000
Site members.home.com

A simple TCP port listener. You provide a list of ports to listen on and the program will notify you when a connection is made to the port(s). Can minimize to the system tray and play an audible alert. This program is intended to act as a guard dog to notify you of attempted probes to your computer via the Internet. 11/19/1998 release.

tags | tcp
MD5 | e5ca4ee8d9a9d075a9272fddbf49fbd7
udpflood.zip
Posted Dec 15, 2000
Authored by Robin Keir | Site foundstone.com

UDPFlood v2.0 is a UDP packet sender. It sends out UDP packets to the specfied IP and port at a controllable rate. Packets can be made from a typed text string, a given number of random bytes or data from a file. This program was written to stress test game servers where I work. It proved to be especially useful for bullet-proofing the packet receiving code, making sure it could deal with various combinations of formatted and random data.

tags | denial of service, udp
MD5 | 07b27c52c3470fe1c6411a000a525a1d
Blast20.zip
Posted Dec 15, 2000
Authored by JD Glaser | Site foundstone.com

Blast v2.0 - A small, quick TCP service stress test tool. Blast does a good amount of work very quickly and can help spot potential weaknesses in your network servers.

tags | tcp
MD5 | 23782dce17859e49f01fb6ecd52477d3
setreuid_1-255.asm
Posted Dec 15, 2000
Authored by vade79, realhalo | Site realhalo.org

Shellcode which does a setreuid before spawning a shell. Allows you to choose which UID / GID to use.

tags | shell, shellcode
systems | unix
MD5 | 5d9b0ef7d963df1eb9b17d4ff5d3f162
killntoe.c
Posted Dec 15, 2000
Authored by vade79, realhalo | Site realhalo.org

Nettoe v1.0.5 denial of service attack - Causes the Nettoe server to use all available CPU cycles and lock the game.

tags | exploit, denial of service
MD5 | 108505e10857fd889bb917108a4827c3
Newbie.txt
Posted Dec 15, 2000
Authored by Ratdance

A serious newbies guide to the underground.

tags | paper
MD5 | 146dab8f3c48b23e5ba651908adf7e30
sa_09.txt
Posted Dec 15, 2000
Site nsfocus.com

NSFOCUS Security Advisory (SA2000-09) - EZshopper v2.0 and v3.0 from AHG contains remote CGI vulnerabilities which allow an attacker to get directory listings and sensitive file contents. Exploit URL's included.

tags | remote, cgi, vulnerability
MD5 | 5744a685e7f488d605567a237e343648
sa_08.txt
Posted Dec 15, 2000
Site nsfocus.com

NSFOCUS Security Advisory (SA2000-08) - Microsoft IIS for Far East Editions File Disclosure Vulnerability. Submitting a malformed URL with a non-ascii character, a different file can be opened and the contents read. Vulnerable versions include IIS 4.0 (Far East Edition) previous to SP6 and IIS 5.0 (Far East Edition). English versions are unaffected. Exploit will be released soon.

MD5 | 42f3c4c4090f2e8ed178eea56f2ccdbc
Page 1 of 2
Back12Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    29 Files
  • 20
    Sep 20th
    18 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close