what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2001-05-08

Posted May 8, 2001
Site doutlets.com

HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories iff they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.

Changes: A fix for a compile bug on non-x86 platforms, and a fix for weakening hardlink restrictions when CONFIG_SECURE_NOTSOMUCH is enabled.
tags | root, patch
systems | linux, unix
MD5 | 4e90fc9810ee92e68a3b4af18b6dd0b1
Posted May 8, 2001
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port.

Changes: Fixes memory usage errors, adds support for FreeBSD 4.3 and 5.0, nonstop clusters, and CFS. Also includes fixes for Solaris and Linux.
tags | tool, intrusion detection
systems | unix
MD5 | f507803f8eb02a22b1ce3fb2f86811db
Linux IPTables Firewall
Posted May 8, 2001
Site iptables.org

iptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.

Changes: Updates for 2.4.0 final compatibility, various IPv6 fixes, eggdrop bot connection tracking, and big-endian alignment fixes. Changes: Fixes for SAME Target, fixes for iplimit match in combination with iptables-save/-restore, iptables-restore deals correctly with spaces in --log-prefix, a fix for collission of FTP and IRC NAT helpers, a new NETMAP Target for mapping whole networks 1:1 to other addresses, new length Target for matching packet length, new ipv4options match for matching IPv4 header options, new IPv6 agr match for matching IPv6 global aggregatable unicast adresses, new pkttype match for matching link-layer multicast/broadcast packets, and a new talk conntack and NAT helper module.
tags | tool, firewall
systems | linux
MD5 | 7d065a5d1e7003a0e61bece79a88d903
Posted May 8, 2001
Authored by Paul L Daniels | Site inflex.co.za

Inflex is an email scanner which encapsulates your existing sendmail server setup. It scans both incoming and outgoing email and it does not alter your current /etc/sendmail.cf file. It can scan for email viruses, unwanted file types (eg. EXE, BMP, MPEG) and file names (eg. prettypark.exe). It can also be used to scan for text snippets within emails.

Changes: Installation for SuSE distributions was corrected. The previous version's install script would lock up.
systems | unix
MD5 | 5caeec1d94b89ce22702eec174ec20bc
Posted May 8, 2001
Authored by Robert Osterlund | Site pikt.uchicago.edu

PIKT is a cross-platform, multi-functional toolkit for monitoring systems, reporting and fixing problems, security management, and updating system configurations. PIKT comprises an embedded scripting language with unique, labor-saving features. Binaries available here.

Changes: Now can include process output into config files. Added the -I piktc option, which can auto-update your config files. Pikt scripts can now be standalone and directly executable. Introduced a new, "official" PIKT utility, piktx, which does remote command execution with PIKT-style macros and command-line host lists.
tags | tool
systems | unix
MD5 | e27d9e54351e2dbc62e256abdf5c53c7
Posted May 8, 2001
Site debian.org

Debian Security Advisory DSA-055-1 - The gftp package has a problem in its logging code which allows malicious ftp servers to execute commands on the client machine. This has been fixed in version 2.0.6a-3.1.

systems | linux, debian
MD5 | ef6596b65ce3851a35fba5753e535351
Posted May 8, 2001
Site debian.org

Debian Security Advisory DSA-028-1 - Man has a format string vulnerability which leads to a local exploit for the man user.

tags | local
systems | linux, debian
MD5 | c04746bbc6de42a4ee83de73daf30797
Posted May 8, 2001
Site cert.org

Cert Advisory CA-2001-11 - A worm which uses the sadmind overflow and the IIS unicode bug is propagating on the internet. Solaris systems compromised by this worm are being used to scan and compromise other Solaris and IIS systems. IIS systems compromised by this worm can suffer modified web content.

tags | worm, web, overflow
systems | solaris
MD5 | e570ec4ca2764bfc26430d8e5f738e9f
Posted May 8, 2001
Authored by Nijen Rode

kbdis.c disables the keyboard on most x86 systems. Useful for locking out root in a pinch.

tags | tool, x86, root, rootkit
systems | unix
MD5 | b993d33d0fe64d76d9829f0ed97d6ab1
Posted May 8, 2001
Authored by Dataspy

taSpyNetworkX 0.2 Beta is a IRC bot which is under development. Features encrypted user data, a nick DB, port redirect, web download and execute, built in ident server, and more.

tags | web
MD5 | c8edcf79afd2f9257be3199635daebbc
Posted May 8, 2001
Site debian.org

Debian Security Advisory DSA-055-1 - A new Zope hotfix has been released which fixes a problem in ZClasses. The problem is "any user can visit a ZClass declaration and change the ZClass permission mappings for methods and other objects defined within the ZClass, possibly allowing for unauthorized access within the Zope instance." This hotfix has been added in version 2.1.6-10.

systems | linux, debian
MD5 | e57f433fb0a00cdfcccd3e9d10af18ea
Posted May 8, 2001
Authored by Nemes||y

/usr/bin/mailx local buffer overflow exploit. Gives gid=mail shell. Tested against Solaris 8.

tags | exploit, overflow, shell, local
systems | solaris
MD5 | 520e42332e0f23e523bc15a68ef0be5b
Posted May 8, 2001
Authored by Tim Lawless | Site sourceforge.net

StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. This is a experimental version, and a spin off from the Saint Jude Project.

tags | kernel
systems | linux
MD5 | caa99d3b4772a1cc15352b72f6680686
Posted May 8, 2001
Site debian.org

Debian Security Advisory DSA-054-1 - A recent (fall 2000) security fix to cron introduced an error in giving up privileges before invoking the editor. A malicious user can easily gain root access. This has been fixed in version 3.0pl1-57.3.

tags | root
systems | linux, debian
MD5 | ed96a529b8d78aecb08b62cb946238c3
Posted May 8, 2001
Authored by venomous | Site rdcrew.com.ar

Cfingerd prior to v1.4.3 remote root exploit for linux/x86. Exploits a format string vulnerability in the syslog() call.

tags | exploit, remote, x86, root
systems | linux
MD5 | 2c8c5b4b13dedbf6ebdf17665491a0a0
Page 1 of 1

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2019 Packet Storm. All rights reserved.

Security Services
Hosting By