exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2000-12-21

Posted Dec 21, 2000
Authored by Malicious Code | Site teamvirus.net

OpenBSD ftpd unofficial patch - The patch released to remedy the problem with the 1 byte overflow problem was junk, to remedy i recoded the original ftpd.c file with the fix. This takes the bite out of fixing this problem. Replace the original ftpd.c with this and recompile.

tags | overflow, patch
systems | unix, openbsd
SHA-256 | f19e7b22d424c83f3307f0c01b0a5fb8088df00d3f3e6247a3a9fa902f059d43
Posted Dec 21, 2000

Microsoft Security Bulletin (MS00-098) - Microsoft has released a patch that eliminates a security vulnerability in Windows 2000 which allows malicious web site operators to learn the names and properties of files and folders on the machine of a visiting user. An ActiveX control that ships as part of Indexing Service is incorrectly marked as safe for scripting, thereby enabling it to be executed by web site applications. Microsoft FAQ on this issue available here.

tags | web, activex
systems | windows
SHA-256 | dea039b3a54461433703185993d68742ed9c4f44655892b6dc44d7ef1927f45b
Posted Dec 21, 2000
Authored by Philip Stoev | Site phiphi.hypermart.net

The ELZA is a scripting language aimed at automating requests on web pages. Scripts written in ELZA are capable of mimicking browser behavior almost perfectly, making it extremely difficult for remote servers to distinguish their activity from the activity generated by ordinary users and browsers. This gives those scripts the opportunity to act upon servers that will not respond to requests generated using netcat, rebol, telnet or similar tool. As a result, one can hijack heavily protected HTML forms, perform dictionary attacks on login forms, and do sophisticated CGI scanning.

Changes: Beta release - Includes some new features.
tags | remote, web, cgi
SHA-256 | 368dd7c59b8d936b9255f164b4c02a0d05b0c90083e4be01c3d66ae90fdd80dc
Posted Dec 21, 2000
Site digizen-security.com

Achilles is a tool designed for testing the security of web applications. Achilles is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical HTTP proxy will relay packets to and from a client browser and a web server. Achilles will intercept an HTTP sessions data in either direction and give the user the ability to alter the data before transmission. When in intercept mode, Achilles will pretend to be the server and negotiate two SSL sessions, one with the client browser and another with the web server. As data is transmitted between the two nodes, Achilles decrypts the data and gives the user the ability to alter and/or log the data in clear text before transmission.

tags | web
SHA-256 | 8d37fae5ec3403f353e17f27ec4f0ec69532b5c9cee582430c45452c1abbe21d
Posted Dec 21, 2000

Microsoft Security Bulletin (MS00-099) - Microsoft has released a patch that eliminates a security vulnerability affecting Windows 2000 domain controllers. If the Configure Your Server tool was used when the machine was originally promoted to domain controller, the Directory Service Restore Mode would be left blank, allowing malicious users to log onto the machine in Directory Service Restore Mode. Once logged on, the malicious user could alter system components or install bogus ones that would execute when a bona fide administrator subsequently logged onto the machine. Microsoft FAQ on this issue available here.

systems | windows
SHA-256 | 097a2291b5054d4ff9e849dfa437e881e60c5ee292001b490388bc935ad40744
FreeBSD Security Advisory 2000.81
Posted Dec 21, 2000
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory - The ethereal port, versions prior to 0.8.14, contains buffer overflows which allow a remote attacker to crash ethereal or execute arbitrary code on the local system as the user running ethereal, typically the root user. These vulnerabilities are identical to those described in advisory 00:61 relating to tcpdump.

tags | remote, overflow, arbitrary, local, root, vulnerability
systems | freebsd
SHA-256 | 828d9cfad5c76c7fc333df6b49ded0d2f3b1ea88ab3e81fd1bddf8577f739383
FreeBSD Security Advisory 2000.80
Posted Dec 21, 2000
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory - The halflifeserver port, versions prior to, contains local and remote vulnerabilities through buffer overflows and format string vulnerabilities which allow remote users to execute arbitrary code as the user running halflifeserver.

tags | remote, overflow, arbitrary, local, vulnerability
systems | freebsd
SHA-256 | 27876be2ead88fd843b314f7f73a541d4c1743b24d63ebd0aa8adc22052508b3
FreeBSD Security Advisory 2000.79
Posted Dec 21, 2000
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory - The oops port, versions prior to 1.5.2, contains remote vulnerabilities through buffer and stack overflows in the HTML parsing code. These vulnerabilities may allow remote users to execute arbitrary code as the user running oops.

tags | remote, overflow, arbitrary, vulnerability
systems | freebsd
SHA-256 | 6b5297110c94a870cd6dd4a7328fcc42fc3c830171f96973fba0b7a54701dd6a
Posted Dec 21, 2000
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: Internal thread synchronization code was added. Bugs were fixed.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
SHA-256 | 5e30575cc63be30df6b4b637dd5e05ab0836a7fa95e367d067e9467d7e46bca6
Posted Dec 21, 2000
Authored by Stefan Ondrejicka | Site nscache.sourceforge.net

nscache is a simple program to browse the Netscape cache directory with a GTK UI. It shows the contents of the browser cache in a three level hierarchy of files: protocols, servers and documents or in sorted list. nscache permits you to view files from the cache, remove files, or gather various information about specific files.

Changes: This release adds the ability to reorder columns in the list and tree views, a dialog for searching strings in cached files, and the ability to have assigned multiple URL and file viewers for one MIME type. It is now possible to specify MIME types for viewers with wildcard patterns, and there are now several assigned autoconfigured viewers for some MIME types.
tags | tool, protocol
systems | unix
SHA-256 | df651862c22c4c0976cf3c5ee5ae6b2034297d5b5d99e50765a28d834f4c4ad9
Posted Dec 21, 2000
Authored by Mike Baker

Snoopy is designed to log all commands executed by providing a transparent wrapper around calls to execve() via LD_PRELOAD. Logging is done via syslogd and written to authpriv, allowing secure offsite logging of activity.

Changes: Integrity checking, a new method of logging, and faster logging.
systems | linux
SHA-256 | 265ef6d504ae0845cc74ac8071dd13d2d566681f45a60cdcf482172aaee828e5
Page 1 of 1

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By