what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2001-01-26

Posted Jan 26, 2001
Site suse.de

SuSE Security Announcement SuSE-SA:2001:01 - The runtime-linker as used in the SuSE distributions ignores the content of the critical environment variables, allowing local users to link against user-specified libraries and obtain the privilege level of a setuid binary. To eliminate these problems, we provide update packages that completely disregard the LD_* variables upon runtime-linking of a binary that has an effective uid different from the caller's userid.

tags | local
systems | linux, suse
SHA-256 | c959686d9a258fb810d00f98affd0b148445bc3d843faa9b12731301bca404d7
Posted Jan 26, 2001
Site debian.org

Debian Security Advisory DSA-022-1 - Exmh v2.2 and below used /tmp for storing temporary files. No checks were made to ensure that nobody placed a symlink with the same name in /tmp in the meantime and thus was vulnerable to a symlink attack.

systems | linux, debian
SHA-256 | aea54c62b3f77b38eb1f92542228e6465d99c6c6e6dd638298b2675ebadd3162
Posted Jan 26, 2001
Site debian.org

Debian Security Advisory DSA-020-1 - A vulnerability has been found in PHP4 v4.0.4 and below which crashes PHP and sends the source to the client instead of executing it.

tags | denial of service, php
systems | linux, debian
SHA-256 | bb0ed2ba4c284395b52730828736431794ec9352c0784596acc41bf18e23fae5
Posted Jan 26, 2001
Site debian.org

Debian Security Advisory DSA-019-1 - A tempfile bug has been found in Squid v2.3stable4 when it sends out email messages about updates.

systems | linux, debian
SHA-256 | 528ff25b24bdc6993113820494616eb155ace0b5d0d31fabcb99e2b9e745a833
Posted Jan 26, 2001
Site redhat.com

Red Hat Security Advisory RHSA-2001:005-03 - New micq packages are available which fix a buffer overflow vulnerability in micq v0.4.6.

tags | overflow
systems | linux, redhat
SHA-256 | 91fa11d7bbaf73cf8be4bec6a8afdbcaa2e61cf6c55d10f0320ef90720ab2c5c
Posted Jan 26, 2001
Authored by Mixter | Site mixter.void.ru

iSSL is a library offering a minimal cryptographical API that uses the ciphers RSA and AES to establish SSL-alike, secure encrypted communications between two peers communicating through a network socket, including session key generation and public key exchange.

SHA-256 | c7b076983ae443493c28658e3f700e1ee7cb1fe373f4da1f97a31184309e9977
Posted Jan 26, 2001
Authored by Psychoid, Randomizer

Stacheldraht v1.666 + antigl + yps distributed denial of service tool.

tags | denial of service
SHA-256 | 3968f24900971c19c5ef5de6a214e0dcd9b32eff57d3a4771c9bd01d8246d735
Posted Jan 26, 2001
Site securityfocus.com

SecureStack 1.0 s capable of protecting Windows NT/2000 systems from buffer overflow attacks.

tags | overflow
systems | windows
SHA-256 | 544598b8597a183f6f5f68b0e409bc76c4532fbdc5d78d9440ebea6ae18d775a
FreeBSD Security Advisory 2001.9
Posted Jan 26, 2001
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:09 - Crontab contains a vulnerability which allows local users to read any file on the system which conforms to a valid cron syntax. This allows other users crontab files to be read, in addition to any file which has every line commented out.

tags | local
systems | freebsd
SHA-256 | fd92735a188ed65d858f555a094b40c039f37116c9cb3dd904afe640d0b04a59
Posted Jan 26, 2001

Microsoft Security Bulletin MS01-002 - A serious vulnerability in Microsoft Powerpoint allows remote code execution when a user is enticed into visiting a malicious website, viewing a specially crafted email message, or opening a malformed PowerPoint 2000 file. A parsing routine executed when PowerPoint 2000 opens files contains a buffer overflow vulnerability which allows attackers to crash or cause arbitrary code to run on the user's machine. Microsoft FAQ on this issue available here.

tags | remote, overflow, arbitrary, code execution
SHA-256 | 01c54da2fbcf20212d99f8f315627f0b72ecbe4d335a180d1785676c2723b7d8
Posted Jan 26, 2001
Authored by Dan Farmer, Wietse Venema | Site porcupine.org

TCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, Solaris, and SunOS. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.

Changes: Fixes for the grave robber, added more switches, SunOS support added, and lots more misc fixes!
tags | tool
systems | linux, unix, solaris, bsd
SHA-256 | e4438d2f382400b4536a7defbae70fd2a6c1e333051c013b1c5bebb0630a46cd
Posted Jan 26, 2001
Site ebiz-tech.com

Pwdump3 combines the functionality of pwdump by Jeremy Allison and pwdump2 by Todd Sabin. It is capable of extracting the password hashes from a remote Windows NT 4.0 or 2000 box whether or not syskey has been installed. This is accomplished by injecting a process onto the remote system, extracting the hashes, then copying the hashes back to the local system. This is a useful tool for checking password strength.

tags | remote, local, cracker
systems | windows
SHA-256 | e131651d88bd0a5dde39f2b83e0a0f5ad713930148b2a5effc6cb2288f53b5af
Posted Jan 26, 2001
Site members.tripod.com

Tcpbroker does TCP port forwarding with a twist - it connects two incoming sockets together. Tcpbroker allows you to telnet out from behind a firewall to another system also behind a firewall via a proxy host running the broker. All you need to do is remote command the far system to make the outgoing connection to the broker. Tcpbroker includes a secure authentication mechanism via Tiny SRP. A version without authentication is also included.

Changes: A fix for a broken Makefile.
tags | tool, remote, tcp
systems | unix
SHA-256 | bb01a2350398d36711df365103717a05d1a97a3d9f35d80b971b6c6da5308b3d
Page 1 of 1

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By