VLAD the Scanner - A freeware, open-source scanner that checks for the common security problems referenced in the SANS Top Ten list of common security problems. While freeware scanners are not necessarily unique, VLAD is rather unique because of the amount of vulnerable CGI programs it checks for, and its comprehensive account/password checks (seven different protocols).
04b14c4f724f8c841519d19e0952227740f9e803d953d19b5f35519b4b6b1b78Bindview Advisory - Many DCE/RPC servers don't do proper parameter validation, and can be crashed by sending an improperly formatted request. Affected systems include W2K SCM, NT4 LSA, NT4 Endpoint mapper, W2K Endpoint mapper, SQL Server 7, W2K's DHCP Server, W2K's IIS Server, Exchange 5.5 SP3, Exchange 5.5 SP3, NT4 Spooler, W2K License Srv, and NT4 License Srv. Microsoft bulletin on this issue available here.
5e096213ca28870ef36905370680122f6491ef0eb55cc4941841a9ce21274fe7Bindview Advisory - A remotely exploitable IP masquerading vulnerability in the Linux kernel can be used to penetrate protected private networks which have loaded the IRC masquerading module. There was a discussion last year that detailed exploiting NAT packet inspection mechanisms on Linux and other operating systems by forcing a client's browser or MUA software to send specific data patterns without the user's knowledge (see http://www.securityfocus.com/archive/82/50226) in order to open an inbound TCP port on the firewall. Appropriate but not sufficient workarounds were incorporated in Linux kernels released after the original advisory. Unfortunately, protocols other than those mentioned in the original discussions seem to be vulnerable as well. We found that IRC DCC helper (the Linux 2.2 ip_masq_irc module, and modules shipped with some other operating systems / firewalling software) can be exploited.
bcaf95982e917edd271016e86d6d77bc40fd5dd9c9b427da27e25b0f3c3b78f8Bindview Advisory - SMBD remote file creation vulnerability. Insufficient parameter validation and unsafe default configuration on popular Linux platforms make systems running samba SMB file sharing daemon vulnerable to remote attacks. Tested on SMBD 2.0.7 and 2.0.8. Samba daemon allows remote attackers to create SMB session log files (*.log) with highly attacker-dependent contents outside outside logs directory. This vulnerability itself can be used to perform DoS attacks, or, if combined with unprivileged local access, can be used to gain superuser privileges.
cd04a10ae9f3510f12059b264b6521eb10a3a3ea5a56ac1c4ae8a772b263273cOracle 8.1.6.0.0 local exploit for the dbsnmp binary. Gives uid=oracle shell. Tested on Red Hat 6.2.
d5ef5c71547dbb0ab80a21d8e2640abc52b98797fa1bf2a190144680962eafd4Oracle 8.0.5 local exploit - Gives UID=oracle via a buffer overflow in otrcrep binary. Tested on Linux.
d15db2d3ef39c249b21725fb76411b54d33502941e840a661aeb1f0a71e6b8a2IP Filter is a TCPIP packet filter which works well in a firewall environment. It can either be run as a loadable kernel module (recommended) or incorporated into your kernel. Scripts are provided to install and patch system files as required. IP Filter also includes several cool features, including transparent proxying via packet forwarding, allowing for round-robin forwarding to achieve load-balanced proxy.
56073fdb276a12698ab12f813035db25900ff3299365e61db03f68012eda8142
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed