Apache is the most popular webserver on the Internet, quite possibly the best in terms of security, functionality, efficiency, and speed.
18b004ddef8bec8a90cf91fc3bf1826c7b224f4da3406653db62417e4b68b0f7Prelude is a Network Intrusion Detection system which captures packets and performs data analysis and reporting. Important and current features of Prelude include an IP defragmentation stack and detection plugins with persistent state.
1bcc19e68e14b708413f9da768c55ffc6991940d1134e29017b7145086ed9a4bNetwork Associates Security Advisory COVERT-2001-01 - BIND v8.2.2 to 8.2.3-T9B contains buffer overflows that allows a remote attacker to execute arbitrary code. The overflow is in the initial processing of a DNS request and therefore does not require an attacker to control an authoritative DNS server. This vulnerability not dependent upon configuration options and affects both recursive and non-recursive servers. Additional remote format string and buffer overflows affect v8.2 through 8.2.3-T9B and v4.9.3 to v4.9.7. ISC's description of the problems available here.
0dc7c588880d158bf0463b6985c16a22f3debb3dc8fa15807d452573395d7286Ettercap is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining the connection alive! Integrated into a easy-to-use and powerful ncurses interface.
75e9ed76ed87ee168bfadf51f09daf2d5b63d47c164ad820c11d5cca60ce0e7bS.A.F.E.R. Security Bulletin 010125.DOS.1.5 - Remote users can crash Netscape Enterprise Server by sending "REVLOG / HTTP/1.0".
bcbac6b73e719d6616d1e1851da6d457f568a7ce545c3c6e33a6048ce1c0aceeNaptha v1.1 is a denial of service attack against many OS's which uses established TCP connections to create a resource starvation attack. Includes three tools - bogusarp makes a bogus entry in the router's arp cache so it actually puts packets with our faked source address on the Ethernet, synsend, and srvr which replaces ackfin from Naptha 1.0. Tested against Windows 95, 98 and NT4 and more. Compiles on Linux 2.2.x, OpenBSD 2.7, FreeBSD 4.0.
5e9a1ecb83ce88598a70eb891593de41f1d521c357bb903418539c2af1203ad1Glibc prior to v2.1.9x allows local users to read any file. This shell script exploits this bug using the Openssh-2.3.0p1 binary. Tested against Debian 2.3 and Redhat 7.0.
2d457aea08bb212a673eba42f38cd71b80a69cfa337478e974be158a3d4ea4f9/usr/bin/write overflow proof of concept exploit - Tested against Solaris 7 x86.
c16ac5bdc4e051947b73224fd9ce4ee3520b8642faad979a56aa2d408efed275Due to a various race conditions in the init level editing script /sbin/rctab it is possible for any local user to overwrite any system's file with arbitrary data. This may result in denial of service attack, local or even remote root compromise, if root runs the /sbin/rctab script. Tested against SuSE 7.0.
fc19e225e62f6f5c2e025ec29e9a8a3f1627d65e3092f30765ef013a8834d294SCO OpenServer v5.0.5 /usr/bin/mscreen local exploit.
46e2112f1ac589a1dd162f6987291786829b758ff1f0dcfb9a92ed98a4c809baTru64 (OSF/1) /usr/bin/su local exploit - Works if executable stack is on.
f67306c7d5e8a80b0d9dd9ec31f5862dc99315e27b96ffd753df2a04197de25eMicrosoft Security Advisory MS01-003 - Users who have interactive logon access to a Microsoft Windows NT 4.0 server can deny network access by running a program which monopolizes the Winsock mutex, which has its permissions set too weak. The machines most likely to be affected would be terminal servers. Microsoft FAQ on this issue available here.
f835a158f02a1920755bb70d072f95e75099c6e1d36135452a20cc448b2b4cb7FreeBSD ipfw+ECE proof of concept code - Using FreeBSD divert rule, all outgoing traffic will have the ECE flag added to it, bypassing ipfw if it passes established connections.
3b3c1522f51acfd836de24641b6920925238d5ad476f2116a2c8a01ab169e4e2Netscape Enterprise Server 4.0 remote root exploit - Tested against Sparc SunOS 5.7.
5962857e51380ddd9c8779fffaabc0d7d0b7a29097786414f377c5d1d18e92dbDebian Security Advisory DSA-021-1 - The mod_rewrite module for Apache has a remote vulnerability which may allow a remote attacker to gain access to arbitrary files. Users of the mod_rewrite module are advised to upgrade. In addition, htdigest and htpasswd use tempfiles insecurely. Since they are not setuid, impact is minimal.
88043368fb96878494320a4cb29b4290b5feb054f3162285d350b690c3d9ea00Ipaudit records and displays network activity. It is useful for identifying high bandwidth users, intrusive telnet sessions, denial of service attacks, and scans. Ipaudit stores counts of bytes and packets for every combination of host/port pairs and protocol. It also includes scripts which automatically generate webified reports, CGI scripts which organize web presentation, and the utilities "total" and "ipstrings" which can be used to investigate network traffic records from the command line.
82c47fba296e93ee50b0a033e0689d4c3fbc08ebd6e1026dcd7f069a05d0e872SuSE Security Announcement SuSE-SA:2001:01 - The runtime-linker as used in the SuSE distributions ignores the content of the critical environment variables, allowing local users to link against user-specified libraries and obtain the privilege level of a setuid binary. To eliminate these problems, we provide update packages that completely disregard the LD_* variables upon runtime-linking of a binary that has an effective uid different from the caller's userid.
c959686d9a258fb810d00f98affd0b148445bc3d843faa9b12731301bca404d7Debian Security Advisory DSA-022-1 - Exmh v2.2 and below used /tmp for storing temporary files. No checks were made to ensure that nobody placed a symlink with the same name in /tmp in the meantime and thus was vulnerable to a symlink attack.
aea54c62b3f77b38eb1f92542228e6465d99c6c6e6dd638298b2675ebadd3162Debian Security Advisory DSA-020-1 - A vulnerability has been found in PHP4 v4.0.4 and below which crashes PHP and sends the source to the client instead of executing it.
bb0ed2ba4c284395b52730828736431794ec9352c0784596acc41bf18e23fae5Debian Security Advisory DSA-019-1 - A tempfile bug has been found in Squid v2.3stable4 when it sends out email messages about updates.
528ff25b24bdc6993113820494616eb155ace0b5d0d31fabcb99e2b9e745a833Red Hat Security Advisory RHSA-2001:005-03 - New micq packages are available which fix a buffer overflow vulnerability in micq v0.4.6.
91fa11d7bbaf73cf8be4bec6a8afdbcaa2e61cf6c55d10f0320ef90720ab2c5ciSSL is a library offering a minimal cryptographical API that uses the ciphers RSA and AES to establish SSL-alike, secure encrypted communications between two peers communicating through a network socket, including session key generation and public key exchange.
c7b076983ae443493c28658e3f700e1ee7cb1fe373f4da1f97a31184309e9977Stacheldraht v1.666 + antigl + yps distributed denial of service tool.
3968f24900971c19c5ef5de6a214e0dcd9b32eff57d3a4771c9bd01d8246d735SecureStack 1.0 s capable of protecting Windows NT/2000 systems from buffer overflow attacks.
544598b8597a183f6f5f68b0e409bc76c4532fbdc5d78d9440ebea6ae18d775aFreeBSD Security Advisory FreeBSD-SA-01:09 - Crontab contains a vulnerability which allows local users to read any file on the system which conforms to a valid cron syntax. This allows other users crontab files to be read, in addition to any file which has every line commented out.
fd92735a188ed65d858f555a094b40c039f37116c9cb3dd904afe640d0b04a59
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed