Twenty Year Anniversary
Showing 1 - 25 of 31 RSS Feed

Files Date: 2001-04-25

Posted Apr 25, 2001
Authored by R. Gregory | Site

Shield is an aggressive, modular firewall script for iptables which features easy configuration through a BSD-style configuration file, optional NAT support, TCP-wrapper-like functionality for service access, port forwarding, routable protection, DMZ support, and more.

Changes: Several run-time options added: gShield can now add clienthosts, highport access clients and blacklisted clients directly to the current ruleset and the permanent configuration. Security warnings added for recent FTP/RELATED issue, NOLOG now quietly drops broadcasts automatically, some kernel-specific ip-sysctl options are now configurable via gShield.conf (including ECN), documentation updated for new run-time options.
tags | tool, tcp, firewall
systems | linux, bsd
MD5 | f5bbd405970898a737a8cc84f457677c
Posted Apr 25, 2001

Serial Line Sniffer is a serial port logging utility. It listens to the specified serial port and logs all data going through this port in both directions.

Changes: Options to timestamp output and to print number of bytes transmitted added.
tags | tool, sniffer
MD5 | 5020a8eb85b96d7ea3f645e29f5f4339
Posted Apr 25, 2001

fwmon is a firewall monitor for Linux which integrates with ipchains to give you realtime notification of firewall events. It has fairly customizable output, allowing you to display a packet summary, hex, and ascii data dumps to stdout, a logfile, or tcpdump-style capture files. It also boasts some simple security features such as the ability to chroot itself, and does not need to run as root.

Changes: Lots of bugfixes were made, as well as some documentation fixes. Plenty of testing was done. This version is stable.
tags | tool, root, firewall
systems | linux
MD5 | 5044b299ece9db7f5689744c8021d769
Posted Apr 25, 2001
Authored by Telehor | Site

Hylafax (/usr/libexec/fax/hfaxd) format string local root exploit. Tested on hylafax-4.0pl2-2.

tags | exploit, local, root
MD5 | 58b40d4fd0e65019435163abc426cf3b
Posted Apr 25, 2001

Sentinel is a fast file integrity checker similar to Tripwire or ViperDB with built in authentication using the RIPEMD 160 bit MAC hashing function. It uses a single database similar to Tripwire, maintains file integrity using the RIPEMD algorithm and also produces secure, signed logfiles. Its main design goal is to detect intruders modifying files. It also prevents intruders with root/superuser permissions from tampering with its log files and database.

Changes: Sentinel-user for individual users has been added. The copyright has been changed to the FSF. This release also contains minor makefile updates.
tags | tool, root, intrusion detection
systems | unix
MD5 | 87a55fcb020303d4d8efe60317948c3a
Posted Apr 25, 2001

This patch integrates SecurID authentication services directly into the OpenSSH daemon, allowing users to use SecurID tokens directly as their passwords instead of relying on the clunky sdshell.

Changes: This release includes fixes for next token handling code. The patch is for OpenSSH 2.5.2p2.
tags | patch
systems | unix
MD5 | 82009d8962cffb0484ca6ba6fb992261
Posted Apr 25, 2001
Authored by John McLeod | Site

IRCR is a collection of tools that gathers and/or analyzes forensic data on a Microsoft Windows system. You can think of this as a snapshot of the system in the past. It is similar to TCT by Dan Farmer and Wietse Venema, as most of the tools are oriented towards data collection rather than analysis. The idea of IRCR is that anyone could run the tool and send the output to a skilled Windows forensic security person for further analysis.

systems | windows
MD5 | 59c334066248e963dc735f43cbbd76dd
Posted Apr 25, 2001
Authored by DarkWizard&Drakaz

IIS Unicode graphical exploit for Windows. This is an updated version of Unisploit1.0-FireLust which has more cool stuff.

tags | exploit
systems | windows
MD5 | 4ca0e18dabb297eb8a393895fadd22ce
Posted Apr 25, 2001
Authored by G0ne | Site

Ubt-Scan is a simple extensible vulnerability scanner written in perl. Includes some external exploits.

tags | tool, scanner, perl
systems | unix
MD5 | 73109ddc04d70e1cfa8a1e4753f014ff
Posted Apr 25, 2001
Authored by ADM


MD5 | 87d71e26f7b5caca49a5f709d10a9fb0
FreeBSD Security Advisory 2001.38
Posted Apr 25, 2001
Authored by The FreeBSD Project | Site

FreeBSD Security Advisory FreeBSD-SA-01:38.sudo - The sudo port, versions prior to sudo-, contains a local command-line buffer overflow allowing local users to gain root privileges on the local system.

tags | overflow, local, root
systems | freebsd
MD5 | 16516985b9f52c388032d3954420c5ff
FreeBSD Security Advisory 2001.37
Posted Apr 25, 2001
Authored by The FreeBSD Project | Site

FreeBSD Security Advisory FreeBSD-SA-01:37.slrn - The slrn port, versions prior to slrn-, contains a buffer overflow in the wrapping/unwrapping functions of message header parsing. If a sufficiently long header is parsed, a buffer may overflow allowing the execution of arbitrary code contained in a message header as the user running the slrn program.

tags | overflow, arbitrary
systems | freebsd
MD5 | 853d7a9ed7e8eed16729277939c48a7b
FreeBSD Security Advisory 2001.36
Posted Apr 25, 2001
Authored by The FreeBSD Project | Site

FreeBSD Security Advisory FreeBSD-SA-01:36.samba - The samba ports, versions prior to samba-2.0.8 and samba-devel-2.2.0, contain /tmp races that may allow local users to cause arbitrary files and devices to be overwritten. Due to easily predictable printer queue cache file names, local users may create symbolic links to any file or device causing it to be corrupted when a remote user accesses a printer. In addition, the file will be left with world writable permission allowing any user to enter their own data.

tags | remote, arbitrary, local
systems | freebsd
MD5 | 6e3ceef276318afeaf178ec18d0d80b2
FreeBSD Security Advisory 2001.35
Posted Apr 25, 2001
Authored by The FreeBSD Project | Site

FreeBSD Security Advisory FreeBSD-SA-01:35.licq - The licq port, versions prior to 1.0.3, contains a vulnerability in URL parsing. URLs received by the licq program are passed to the web browser using the system() function. Since licq performs no sanity checking, a remote attacker will be able to pipe commands contained in the URL causing the client to execute arbitrary commands.

tags | remote, web, arbitrary
systems | freebsd
MD5 | 20a23af63b1ba9a677c8588d31eb368c
FreeBSD Security Advisory 2001.34
Posted Apr 25, 2001
Authored by The FreeBSD Project | Site

FreeBSD Security Advisory FreeBSD-SA-01:34 - The hylafax port, versions prior to hylafax-4.1.b2_2, contains a format string bug in the hfaxd program. A local user may execute the hfaxd program with command-line arguments containing format string characters, gaining root privileges on the local system.

tags | local, root
systems | freebsd
MD5 | 36f4e44196ff626f346ead7a6cccca5b
Posted Apr 25, 2001

NMAP NT - eEye originally developed Nmapnt for Windows NT/2000 and had made it available in the past for download. Recently, eEye security no longer makes this program available and there does not seem to be any mention of anywhere else. No installation needed. Requires packet capture drivers, available here.

tags | tool, nmap
systems | windows, unix, nt
MD5 | 6ab54d3de46863e842a235f300d1460c
Posted Apr 25, 2001

Drivers needed to get Nmap for NT to work.

tags | tool, nmap
systems | unix
MD5 | 5ed1eeb92ec10789d452af9ec1f6d578
Posted Apr 25, 2001

Debian Security Advisory DSA-050-1 - The saft daemon 'sendfiled' dropped privileges incorrectly allowing local users to execute arbitrary code under root privileges.

tags | arbitrary, local, root
systems | linux, debian
MD5 | 9e9bb2e39fe1af7fdc9076e1d579fd62
Posted Apr 25, 2001

Debian Security Advisory DSA 051-1 - The Netscape browser does not escape the GIF file comment in the image information page. This allows javascript execution in the "about:" protocol and can for example be used to upload the History (about:global) to a webserver, thus leaking private information. This problem has been fixed upstream in Netscape 4.77.

tags | javascript, protocol
systems | linux, debian
MD5 | 984c52b183d287162a14a8af92a5cc7d
Posted Apr 25, 2001
Authored by Marukka Der Inhaber | Site

The MSEC single-user patch disables the ability to boot into single-user mode under OS X. If this patch is not applied then anyone with physical access to the Mac OS X machine can gain root access easily by holding down the command and s keys at startup. The patch disables this by installing a modified version of /sbin/mach_init. The patch does NOT backup the insecure version of /sbin/mach_init so if for some strange reason you want to revert to the insecure copy of mach_init you must restore that file from your own backups. If you have any questions check our website at or email

tags | web, root, patch
systems | unix, apple, osx
MD5 | 0baf8d8626527794ad26e2e0ee0aa5ce
Posted Apr 25, 2001
Authored by T-Omicron | Site

Securax / Hexyn Security Advisory #19 - FTP Server Denial Of Service tested on Serv-U FTP Server, G6 FTP Server and WarFTPd Server. The servers will freeze for about one second, and the CPU usage will go through the roof. Includes perl exploit.

tags | exploit, denial of service, perl
MD5 | 4be170b50c9398765369f520a2c6f949
Posted Apr 25, 2001
Authored by T-Omicron | Site

Securax / Hexyn Security Advisory #18 - Savant WWW Server is an HTTP server for Windows 9x/NT. A bug allows any user to change to any directory, and in most cases, execute MS-DOS commands.

tags | exploit, web
systems | windows, 9x
MD5 | 6f9c9d6f54652ba826358cf13d935982
Posted Apr 25, 2001
Authored by T-Omicron | Site

Securax / Hexyn Security Advisory #17 - Bison FTP Server is an FTP server for Windows 9x/NT. A bug allows any user to change to any directory.

tags | exploit
systems | windows, 9x
MD5 | 226bb3737e08888dbe5e63e5dda1af09
Posted Apr 25, 2001
Authored by T-Omicron | Site

Securax / Hexyn Security Advisory #16 - G6 FTP Server is an FTP server for Windows 9x/NT. A bug allows any user to change to c:\ and sub directories.

tags | exploit
systems | windows, 9x
MD5 | 270d0d0f482a3c8fd89332c222d6b825
Posted Apr 25, 2001
Authored by Toxic Ocean | Site

CST contains a script scanner, that scans using a database of scripts (user editable). The sample databases included contains +700 possibly vulnerable scripts/dirs. You can scan with or without a proxy server. The scanner has 11 different Anti-IDS tactics (hex-values, double slashes, self-reference dirs, parameter hiding and session splicing), and sends fake "X-Forwarded-For:", "Referer:" and "User-Agent:" headers to hide your scan even more. You can also specify a wait time between 2 script fetches. The scanner uses HEAD requests instead of GET for faster scanning, and has support for scanning virtual hosts. You can also specify another port to scan instead of the standard port 80. The scanner outputs the scripts/dirs that return a 200, 403 or 401 HTTP code and outputs the webserver software. A full and comprehensive manual is included.

tags | web, cgi
systems | unix
MD5 | 4956b51499007de6c31e5fd22699dbfe
Page 1 of 2

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

August 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    19 Files
  • 2
    Aug 2nd
    17 Files
  • 3
    Aug 3rd
    16 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    1 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    9 Files
  • 9
    Aug 9th
    7 Files
  • 10
    Aug 10th
    10 Files
  • 11
    Aug 11th
    1 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    14 Files
  • 14
    Aug 14th
    18 Files
  • 15
    Aug 15th
    38 Files
  • 16
    Aug 16th
    5 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By