what you don't know can hurt you
Showing 1 - 25 of 248 RSS Feed

Files Date: 2000-12-01 to 2000-12-31

Posted Dec 28, 2000
Authored by Loophole, hhp | Site hhp-programming.net

STonX v0.6.5 and v0.6.7 local root exploit. Tested on Slackware 7.0.

tags | exploit, local, root
systems | linux, slackware
MD5 | 8a1770d7784c6541840ba4ee8c888446
Posted Dec 27, 2000
Site net-security.org

Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the News the past week. In this issue: Laptop encryption and international travel, and much more.

MD5 | f0f8d94e525483d290469ce60f12681a
Posted Dec 27, 2000
Authored by Nelson Murilo

chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, Solaris, and OpenBSD.

Changes: Ambient's Rootkit for Linux (ARK) detection, OpenBSD support, xinetd support, new command line options, and bug fixes.
tags | tool, integrity, rootkit
systems | linux, unix, solaris, freebsd, openbsd
MD5 | b8557bcfc5dae6d0c3579783596fe450
Posted Dec 27, 2000
Site debian.org

Debian Security Advisory - There is a problem in the way gpg checks detached signatures which can lead to false positives. Also it was discovered that gpg would import secret keys from key-servers, circumventing the web of trust. GnuPG homepage here.

tags | web
systems | linux, debian
MD5 | c310fad9afc780a8461621c247cb6e24
Posted Dec 27, 2000
Authored by heh | Site dtmf.com.ar

HEH! Magazine Issue #5 (In Spanish). In this issue: Free Calling in Argentina, Accessing Milicom Modems (Breeze Com), Wireless info, 6 year old cryptography, Semipublic Telephones, Disturbing a StarTac, Hacking Cuspide, and more.

tags | telephony, magazine
MD5 | 7cc554cd4d3cf2db41b8bd50ba7aedf2
Posted Dec 27, 2000
Site ussrback.com

USSR Advisory #58 - The 1st Up Mail Server v4.1 contains a buffer overflow in a long "mail from:" tag which can result in denial of service. Fix available here.

tags | denial of service, overflow
MD5 | c9ef8f54b753f84c0e129653d746aa46
Posted Dec 27, 2000

SpoofW.c "spoofs" messages from any user on the system (can only be used as root, or as normal user on very old systems). Re-written by Root-Dude

tags | root, spoof
systems | unix
MD5 | 97498b3f4e82cf6bf3b94a0a0efbfd4a
Posted Dec 27, 2000
Authored by Incubus, R00T-dude | Site securax.org

ummmm.c v2.1 is a URL obfuscation tool which converts something like /cgi-bin/some.cgi into %2f%63%67%69%2d%62%69%6e%2f%73%6f%6d%65%2e%63%67%69. It might be used in cgi scanners which require an input file with cgi requests.

tags | cgi
systems | unix
MD5 | b4046289bf986622f664bc3081dbca6e
Posted Dec 26, 2000
Authored by vade79, realhalo | Site realhalo.org

Linux xconq v7.4.1 local exploit - Gives a gid=games shell by exploiting the -L parameter. Tested on Slackware.

tags | exploit, shell, local
systems | linux, slackware
MD5 | f418606627aaac0b33630928c6e7278d
Posted Dec 26, 2000
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: A fix for a new problem with zombies, an attempt to be integer-size independent, and a new SIGHUP handler.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | 950b08220c12588e490dcb0609b7d668
Posted Dec 26, 2000
Authored by Mike Ricketts | Site earth.li

SendIP is a commandline tool to send arbitrary IP packets. It has a large number of command line options to specify the content of every header of a TCP, UDP, ICMP, or raw IP packet. It also allows any data to be added to the packet. Checksums can be calculated automatically, but if you wish to send out wrong checksums, that is supported too.

Changes: A wake-on-lan script, a default RIP option, and some minor bugfixes.
tags | tool, arbitrary, udp, tcp
systems | unix
MD5 | f5b2a15d30e7d8359be25dcacdff663c
Posted Dec 26, 2000
Authored by Samy Kamkar | Site pdump.org

Pdump is a sniffer written in perl which dumps, greps, monitors, creates, and modifies traffic on a network. It combines features from tcpdump, tcpkill, ngrep, tcptrace, dsniff (and its webspy and urlsnarf), pfilt, macof, and xpy. It is able to do passive operating system detection/fingerprinting and can also watch packet streams and then create it's own spoofed packets to hijack or kill TCP connections. It understands tcpdump-like and perl-like syntax and allows easy modifications via a plug-in system. The packet display is easily configurable. Man page available here.

Changes: New stable release! Added almost 600 new fingerprints for the -x option, much better password sniffing library along with new password sniffing plugs for the web, fixed a few bugs, added new protocol sniffing, added advancements to other protocols, and added new methods for decoding packets.
tags | tool, perl, spoof, sniffer, tcp
MD5 | 0a082794faf434efbf0859ef624e4d21
Posted Dec 26, 2000
Authored by Pilot | Site search.iland.co.kr

TWWWscan is a Windows based www vulnerability scanner which looks for 300 www/cgi vulnerabilities . Displays http header, server info, and tries for accurate results. Now features anti-IDS url encoding and passive mode scan. Tested on win95 osr2 win98,win98se,win nt4,win 2k/Me.

Changes: Includes NT/2000 IIS detailed patch information, CVE information support, and report support.
tags | web, cgi, vulnerability
systems | windows, 9x, unix
MD5 | 0883ee41c038940fa7658a29397d5722
Posted Dec 25, 2000
Site debian.org

Debian Security Advisory - Stunnel has a format string vulnerability, random number problems, symlink vulnerabilities, and insecure syslog() calls. These are fixed in v3.10.

tags | vulnerability
systems | linux, debian
MD5 | 81cafcf92517700a3f1e7200b0ee8869
Posted Dec 25, 2000
Site debian.org

Debian Security Advisory - Dialog creates lock files insecurely, making it susceptible to a symlink attack.

systems | linux, debian
MD5 | 90cae4bddc6fa6de0e87a248e6e138e2
Posted Dec 24, 2000
Site kapheine.hypa.net

Authforce is a brute force www password strength testing tool.

Changes: This release features a new, more powerful method for handling password files, memwatch support, fewer memory leaks, and some bugfixes.
tags | cracker
MD5 | c1c0477d3ae7b4d107009838e5669db6
Posted Dec 24, 2000
Authored by synnergy, Scrippie | Site synnergy.net

OpenBSD v2.6 and 2.7 ftpd remote root exploit.

tags | exploit, remote, root
systems | openbsd
MD5 | 851ecd7cde4ff528736a6f54e5ea9649
Posted Dec 24, 2000
Authored by venomous | Site rdcrew.com.ar

How to exploit format string vulnerabilities - In Spanish.

tags | paper, vulnerability
systems | unix
MD5 | 2e2786b05184aebe0803a534b6636612
Posted Dec 24, 2000
Authored by Root-dude

SuSE identd remote denial of service attack - Uses a long sting to set a pointer to NULL.

tags | exploit, remote, denial of service
systems | linux, suse
MD5 | 0ddf9677ef65b2ce004d04d7db4613de
Posted Dec 23, 2000
Site suse.de

SuSE Security Announcement - openssh is an implementation of the secure shell protocol, available under the BSD license, primarily maintained by the OpenBSD Project. Many vulnerabilities have been found in the openssh package: An openssh client (the ssh program) can accept X11- or ssh-agent forwarding requests even though these forwarding capabilities have not been requested by the client side after successful authentication. Using these weaknesses, an attacker could gain access to the authentication agent which may hold multiple user-owned authentication identities, or to the X-server on the client side as if requested by the user.

tags | shell, vulnerability, protocol
systems | linux, suse, bsd, openbsd
MD5 | 7f97be0212f0dff802a15f9082d28125
Posted Dec 23, 2000
Authored by FX | Site phenoelit.de

This paper describes a possible way to attack hosts with RFC1918 IP addresses behind GRE Tunnels over the Internet.

tags | paper, protocol
MD5 | 74238e97542ad3e67f91ef9f872afd20
Posted Dec 23, 2000
Site nsfocus.com

NSFOCUS Security Advisory (SA2000-07) - A serious flaw in Microsoft IIS 4.0 and 5.0 when handling CGI filenames allows any file on the system to be read and remote command execution, as described in here.

tags | remote, cgi
MD5 | ea015026bde97bb7ea1ff31fc8929458
Posted Dec 23, 2000

Pluto.c is a SOCK_RAW flooder which attempts to hide from conseal and ipchains.

tags | denial of service
MD5 | 3e3bdc125cc76c64ece722d3a34e1aa4
Posted Dec 23, 2000
Authored by Larry W. Cashdollar | Site vapid.betteros.org

Solaris 2.7/2.8 /usr/bin/catman allows local users to clobber root owned files by symlinking temporary files. Includes catman-race.pl and ctman-race2.pl for proof of concept.

tags | exploit, local, root, proof of concept
systems | solaris
MD5 | bdf08aefd1a27a54c4ac57903f9613a6
Posted Dec 23, 2000

Microsoft Security Bulletin (MS00-100) - Microsoft has released a patch that eliminates the "Malformed Web Form Submission" security vulnerability in a component that ships as part of Microsoft Internet Information Server. The FrontPage Server Extensions (FPSE) which ship with and are installed by default as part of IIS 4.0 and 5.0 have a vulnerability which crashes IIS when a malformed form submission is sent. Microsoft FAQ on this issue available here.

tags | web
MD5 | 72f2966a7350e4f6fa1dbc7408526cf7
Page 1 of 10

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By