what you don't know can hurt you
Showing 1 - 25 of 27 RSS Feed

Files Date: 2001-05-03

Posted May 3, 2001
Authored by Marcetam

OpenBSD execve /bin/sh shellcode - 23 bytes.

tags | shellcode
systems | openbsd
MD5 | b91a6787241e94efa06b3377ed9a7d8f
Posted May 3, 2001
Authored by Lez

Cfingerd prior to v1.4.2 remote root exploit - Takes advantage of the syslog format string bug. Tested on Debian 2.1 and 2.2.

tags | exploit, remote, root
systems | linux, debian
MD5 | 24019c08c3dedc1545ebecd7ef99cf5b
Posted May 3, 2001
Authored by Styx

Ronin.c is a FreeBSD-4.2 remote root exploit. Requires user access and a writable home directory without chroot.

tags | exploit, remote, root
systems | freebsd
MD5 | d9fb736181b3c5e40177affa5cbef7d8
Posted May 3, 2001
Site jedi.claranet.fr

IPtrap listens to several TCP ports to simulate fake services (X11, Netbios, DNS, etc) . When a remote client connects to one of these ports, his IP address gets immediately firewalled and an alert is logged. It runs with iptables and ipchains, but any external script can also be launched. IPv6 is supported.

Changes: Logging the scanned port, and no more iptables/ipchains zombies.
tags | remote, tcp
systems | linux
MD5 | 5581b89f08d851939c9cbdd38f3358eb
Posted May 3, 2001
Site linux-mandrake.com

Prelude is a Network Intrusion Detection system which captures packets and performs data analysis and reporting. Important and current features of Prelude include an IP defragmentation stack and detection plugins with persistent state.

Changes: Now includes on-demand SSL authentication and encryption between Prelude client and the Report server, an HTML reporting plugin, support for PPPOE layer, avoids duplicate operations between report plugins, and report server support for long options. The backup interface has been improved.
tags | tool, intrusion detection
systems | unix
MD5 | 0334a402975d9adac964bc5527c58a3c
Posted May 3, 2001
Site gsyc.inf.uc3m.es

Jail is a chrooted environment using bash. its main use is to put it as shell for any user you want to be chrooted. Their primary goals is to be simple, clean, and highly portable.

Changes: Path splitting was removed since it is not necessary. The user directory and its shell are now chosen from the data stored in the /etc/passwd inside the chrooted environment. The "no such file or directory" bug has been removed. mkenv.sh has been fully rewritten, and it now supports the different platforms within it. mkenv.sh supports guessing the libraries needed for the executable files being copied into the chrooted environment. Also, mkenv.sh protects you from overwriting the customized files (/etc/passwd /etc/group and /etc/shadow) so you can have multiple users in a single chrooted environment.
tags | shell, bash
systems | unix
MD5 | 0cca1979fa99b44f5bd34c4e6c69dc03
Posted May 3, 2001
Authored by Dianne Skoll | Site roaringpenguin.com

MIME Defanger is a flexible MIME e-mail scanner designed to protect Windows clients from viruses and other harmful executables. It works with Sendmail 8.10 / 8.11 and will alter or delete various parts of a MIME message according to a flexible configuration file.

Changes: Better error checking and logging, the ability to add new headers to an e-mail message, and support for ORBS- and MAPS-style real-time open-relay blacklists.
systems | windows, unix
MD5 | 11a6798b1f333208c9c15524e9531964
Posted May 3, 2001
Authored by G_Kos

The G6 FTP server v2.00 freezes if told to create a directory "COM1", "COM2", "COM3" or "COM4".

tags | exploit, denial of service
MD5 | d75e83b84d93a14de68bc4d6112b2c82
Posted May 3, 2001
Authored by Oldwolf | Site atrix.cjb.net

Wolf Attacks 1.8 - Includes over 70 dos attacks in one ksh script.

tags | denial of service
MD5 | 90239cc00d5290b2e0ae37a8869f9ae4
Posted May 3, 2001
Authored by Felipe Moniz

Stealth HTTP Security Scanner 1.0 build 22 - Checks for 2883 http vulnerabilities. Run on Win32 and Linux under Wine. Free.

tags | web, vulnerability
systems | linux, windows, 32
MD5 | 328db79a534cd013d8a1a815a112c1e9
Posted May 3, 2001
Site cert.org

CERT Advisory CA-2001-10 - Buffer Overflow Vulnerability in Microsoft IIS 5.0. A vulnerability exists in Microsoft IIS 5.0 running on Windows 2000 that allows a remote intruder to run arbitrary code on the victim machine, allowing them to gain complete administrative control of the machine.

tags | remote, overflow, arbitrary
systems | windows, 2k
MD5 | abdf83b85b5b3db8c344eeb1cc4d0b18
Posted May 3, 2001
Site redhat.com

Red Hat Security Advisory RHSA-2001:058-04 - Updated mount packages fixing a potential security problem are available. If any swap files were created during installation of Red Hat Linux 7.1 (they were created during updates if the user requested it), they were world-readable, meaning every user could read data in the swap file(s), possibly including passwords. The affected swap files are called /mountpoint/SWAP and /mountpoint/SWAP-(numeral). The new mount command enforces sane permissions on swap space.

systems | linux, redhat
MD5 | 3fdea69f15c1f4e8b23fb59d3e465da9
Posted May 3, 2001
Site cipherdyne.com

Port Scan Attack Detector (psad) is a perl program that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options (Linux 2.4.x kernels only), email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap.

Changes: New automatic danger level assigned for known trouble IPs, signature checking and updating done on the fly, and improvements to the install.pl script to parse ipchains rulesets better.
tags | kernel, perl, tcp
systems | linux
MD5 | 0c8959af19da07c0bd496241ac1f4e92
Posted May 3, 2001
Authored by Paul Starzetz

LSM (Loadable Security Module) is a simple but effective intrusion prevention loadable kernel module. Currently it protects extended file attributes on ext2 from being modified by the super user and the module from being removed and other modules from being loaded. This basic protection also prevents access to raw devices, so debugfs can not be used on a disk partition nor can a change to the boot process occur. Loading this module prevents lilo configuration.

tags | kernel
systems | linux
MD5 | 9e72f64953cdc92114114db0cd1b0607
Posted May 3, 2001
Site jedi.claranet.fr

IPtrap listens to several TCP ports to simulate fake services (X11, Netbios, DNS, etc) . When a remote client connects to one of these ports, his IP address gets immediately firewalled and an alert is logged. It runs with iptables and ipchains, but any external script can also be launched. IPv6 is supported.

tags | remote, tcp
systems | linux
MD5 | c22367c11e2ee3494b468bb59acd0b0d
Posted May 3, 2001
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated twice a month to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins, open shares, and much more.

Changes: Includes adore worm test, better tests for rsh, rlogin, netstat, and systat, upgraded sendmail and DNS zone transfer tests, added tests for doubtful rpc services, added test for poor pre-login banners for telnet, and minimized Windows XX false alarms to backdoors.
tags | tool, cgi, scanner
systems | unix
MD5 | 26bfdc9e9c04620a2017849ec47db24d
Posted May 3, 2001
Site eeye.com

Eeye Security Advisory - Windows 2000 IIS 5.0 Remote buffer overflow vulnerability (Remote SYSTEM Level Access). Affects Microsoft Windows 2000 Internet Information Services 5.0 + Service Pack 1. The vulnerability arises when a buffer of aprox. 420 bytes is sent within the HTTP Host: header for a .printer ISAPI request. Successful attacks are not logged in the IIS access logs.

tags | remote, web, overflow
systems | windows, 2k
MD5 | ae90cf7e855b551b48ca2f993f313ef4
Posted May 3, 2001
Authored by Ryan Permeh | Site eeye.com

Windows 2000 / IIS 5.0 sp0 + sp1 remote exploit. Overflows the Host: header of the isapi .printer extension. The included shellcode creates a file in the root drive of c:\ which contains instructions on how to patch your vulnerable server. Compiles on Windows, linux, and *bsd.

tags | exploit, remote, overflow, root, shellcode
systems | linux, windows, 2k, bsd
MD5 | f0bd495ec1eb2791ff66258da26512d1
Posted May 3, 2001
Site xforce.iss.net

ISS Security Advisory - Windows 2000 running IIS 5.0 has a serious remote vulnerability in the ISAPI printer extension. More information available here.

tags | remote
systems | windows, 2k
MD5 | ee2197a7cf116fb15f36e2d4b9e5e7c3
FreeBSD Security Advisory 2001.39
Posted May 3, 2001
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:39.tcp-isn - FreeBSD systems prior to 4.3-RELEASE contain vulnerabilities in the TCP ISN's. Protocols which authenticate solely based on IP address are vulnerable to blind spoofing attacks.

tags | spoof, tcp, vulnerability, protocol
systems | freebsd
MD5 | 896bd39934f10b14437591645221d360
Posted May 3, 2001
Authored by Wanderley J. Abreu Jr.

Windows 2000 / IIS 5.0 + SP1 Internet Printing Protocol vulnerability test. Causes a memory leak and reports whether or not the remote site is vulnerable, but does not contain shellcode.

tags | exploit, remote, shellcode, protocol, memory leak
systems | windows, 2k
MD5 | d6ddc1ed29d70f3955e46b0fa7785df1
Posted May 3, 2001
Authored by Todd J.

Packet Storm new exploits for April, 2001.

tags | exploit
MD5 | 65315bb0b6099178d43574302c335902
Posted May 3, 2001
Site cert.org

Cert Advisory CA-2001-09 - Many systems are vulnerable to Initial Sequence Number (ISN) attacks, allowing attackers to manipulate and spoof tcp connections. Many systems use the Central Limit Theorem to protect the ISN, however these machines are still vulnerable to statistical attack. If the ISNs of future connections of a system are guessed exactly, an attacker will be able to complete a TCP three-way handshake, establish a phantom connection, and spoof TCP packets delivered to a victim. Affected systems include Cisco, FreeBSD prior to 4.3-RELEASE, OpenBSD prior to 2.8-current, Fujitsu, HP/UX, and SGI.

tags | spoof, tcp
systems | cisco, freebsd, openbsd, hpux
MD5 | 966363ab08fc30683f982ab8819c3d81
Posted May 3, 2001

Microsoft Security Advisory MS01-023 - A serious vulnerability has been discovered in Windows 2000's IIS 5.0 in the handling of the Internet Printing Protocol (IPP). An buffer overflow in the ISAPI extension which handles input parameters allows any website user to execute arbitrary code with the local system security context, giving an attacker complete control over the server. The server must have tcp port 80 or 443 open. Microsoft FAQ on this issue available here.

tags | overflow, arbitrary, local, tcp, protocol
systems | windows, 2k
MD5 | e7cc572bb9333e54a45c6b698986e559
Posted May 3, 2001
Site redhat.com

Red Hat Security Advisory RHSA-2001:059-03 - kdesu created a world-readable temporary file to exchange authentication information and delete it shortly after. This can be abused by a local user to gain access to the X server and can result in a compromise of the account kdesu accesses.

tags | local
systems | linux, redhat
MD5 | 5cde55e96a443f03a4e19a79bf48691d
Page 1 of 2

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By