exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2001-08-11

coderedwarn0_0b2.tar.gz
Posted Aug 11, 2001
Authored by Jonathan Hayward | Site JonathansCorner.com

Code Red Warn is a perl script which runs as a daemon and watches apache logs to notify you each time you are scanned with code red.

Changes: The recipient list has been adjusted to be more SMTP-compliant. A suggested way to run without keeping bounce messages in queue has been provided. SMTP connections are tested on the remote host before sending, and the 404 on home page download has been fixed.
tags | tool, perl, intrusion detection
systems | unix
SHA-256 | fae00696b98d72d39d852cfaf643db6cda13a657fa477e73854249eb09f8dd1a
coderedwarn0.0b.tar.gz
Posted Aug 11, 2001
Authored by Jonathan Hayward | Site JonathansCorner.com

Code Red Warn is a perl script which runs as a daemon and watches apache logs to notify you each time you are scanned with code red.

tags | tool, perl, intrusion detection
systems | unix
SHA-256 | f69297ae0b8f1068f19470d74cfedc384e601a7657fe6aacbe7c236a3db523c0
FreeBSD-SA-01_52.fragment
Posted Aug 11, 2001
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:52 - Remote users may be able to prevent a FreeBSD system from communicating with other systems on the network by transmitting large numbers of fragmented IPv4 datagrams. For the attack to be effective, the attacker must have a high-bandwidth connection to the target system. IP datagram fragments destined to the target system will be queued for 30 seconds, to allow fragmented datagrams to be reassembled. There was no upper limit in the number of reassembly queues. Therefore, a malicious party may be able to transmit a lot of bogus fragmented datagrams (with different IPv4 identification field) and cause the target system to exhaust its mbuf pool, preventing further network traffic processing or generation while the starvation condition continues.

tags | remote
systems | freebsd
SHA-256 | 2972addf4a608d78056fb160604edc584e28bdaa94b04465877d6a8a8703c371
FreeBSD-SA-01_50.windowmaker
Posted Aug 11, 2001
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01_50 - The windowmaker ports, versions prior to windowmaker-0.65.0_2 and windowmaker-i18n-0.65.0_1, contain a potentially exploitable buffer overflow when displaying a very long window title in the window list menu. Since programs such as web browsers will include the contents of a webpage's title tag in window titles, this problem may allow authors of malicious webpages to cause windowmaker to crash and potentially execute arbitrary code as the user running windowmaker.

tags | web, overflow, arbitrary
systems | freebsd
SHA-256 | f5f9cbaff9ebb65ced3a13b3c86bdd040d1610658fabba9d5dff8d9042bfe8e7
FreeBSD-SA-01_49.telnetd.v1.1
Posted Aug 11, 2001
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:49 - An overflowable buffer was found in the version of telnetd included with FreeBSD. Due to incorrect bounds checking of data buffered for output to the remote client, an attacker can cause the telnetd process to overflow the buffer and crash, or execute arbitrary code as the user running telnetd, usually root. A valid user account and password is not required to exploit this vulnerability, only the ability to connect to a telnetd server. The telnetd service is enabled by default on all FreeBSD installations if the 'high' security setting is not selected at install-time. This vulnerability is known to be exploitable, and is being actively exploited in the wild. All released versions of FreeBSD prior to the correction date including 3.5.1-RELEASE and 4.3-RELEASE are vulnerable to this problem.

tags | remote, overflow, arbitrary, root
systems | freebsd
SHA-256 | 9c1445cec7a0d6ec09dada59a4d65d65632fc6cb6348d8ffeb707e4260bb06b7
FreeBSD-SA-01_48.tcpdump
Posted Aug 11, 2001
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:48 - An overflowable buffer was found in the version of tcpdump included with FreeBSD 4.x. Due to incorrect string length handling in the decoding of AFS RPC packets, a remote user may be able to overflow a buffer causing the local tcpdump process to crash. In addition, it may be possible to execute arbitrary code with the privileges of the user running tcpdump, often root.

tags | remote, overflow, arbitrary, local, root
systems | freebsd
SHA-256 | 9a822bec0fcd7051f39647d8d5f8c4fdefd0fa597a5a930cbfe8581b2738de6f
FreeBSD-SA-01_47.xinetd
Posted Aug 11, 2001
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:47 - The xinetd port, versions prior to xinetd-2.3.0, contains a potentially exploitable buffer overflow in the logging routines. If xinetd is configured to log the userid of remote clients obtained via the RFC1413 ident service, a remote user may be able to cause xinetd to crash by returning a specially-crafted ident response. This may also potentially execute arbitrary code as the user running xinetd, normally root.

tags | remote, overflow, arbitrary, root
systems | freebsd
SHA-256 | eccfcea8d2ee4eab56c39fb1af4bb79cb8e037169f4831c3514d687c16af83b4
FreeBSD-SA-01_46.w3m
Posted Aug 11, 2001
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:46 - The w3m port, versions prior to w3m-0.2.1_1, contains a buffer overflow in the parsing of MIME headers. A malicious server which is visited by a user with the w3m browser can exploit the browser security holes in order to execute arbitrary code on the local machine as the local user.

tags | overflow, arbitrary, local
systems | freebsd
SHA-256 | e0a43372bad9d7749bdcf363380729a9a5451d15ef8149646d3b8984982832b2
FreeBSD-SA-01_45.samba
Posted Aug 11, 2001
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01_45 - The samba ports, versions prior to samba-2.0.10, samba-devel-2.2.0a, and ja-samba-2.0.9.j1.0_1, fail to properly validate NetBIOS names. Sending a specially crafted NetBIOS name containing unix path characters, a remote user may be able to cause the samba server to write the log files to arbitrary locations on the local filesystems.

tags | remote, arbitrary, local
systems | unix, freebsd
SHA-256 | c3e99512614ab0dff34a38b9cfb9ed1f616023df53de84a83f02728b336d9ec3
FreeBSD-SA-01_44.gnupg
Posted Aug 11, 2001
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:44 - The gnupg port, versions prior to gnupg-1.0.6, contains a format string vulnerability. If gnupg attempts to decrypt a file whose filename does not end in '.gpg', the filename is copied to the prompt string, allowing a user-supplied format string. This may allow a malicious user to cause arbitrary code to be executed as the user running gnupg.

tags | arbitrary
systems | freebsd
SHA-256 | 30fcf073612ca484650733359c5dc934eb0bca1ab927c014077ef1b77b09da2f
FreeBSD-SA-01_43.fetchmail
Posted Aug 11, 2001
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:43 - The fetchmail port, versions prior to fetchmail-5.8.6, contains a potentially exploitable buffer overflow when rewriting headers longer than 512 bytes. This problem may allow remote users to cause fetchmail to crash and potentially execute arbitrary code as the user running fetchmail.

tags | remote, overflow, arbitrary
systems | freebsd
SHA-256 | 0ce42eb29df0ee11755da8eb304904f95adb31e6e6856b57c3c372a659305744
FreeBSD-SA-01_42.signal.v1.1.asc
Posted Aug 11, 2001
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:42 - A flaw exists in FreeBSD signal handler clearing that would allow for some signal handlers to remain in effect after the exec. Most of the signals were cleared, but some signal handlers were not. This allowed an attacker to execute arbitrary code in the context of a setuid binary. All versions of 4.x prior to the correction date including and 4.3-RELEASE are vulnerable to this problem.

tags | arbitrary
systems | freebsd
SHA-256 | e5355fe831c6a5d26c53474d7ecbf52ae5441d2812933d8a8e46f1f1e1730760
FreeBSD-SA-01_41.hanterm
Posted Aug 11, 2001
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:41 - The hanterm binary is installed with setuid root permissions, but contains insecure code which allows unprivileged local users to obtain root access on the local system.

tags | local, root
systems | freebsd
SHA-256 | 61c26ff5be9c094bd4598f02b374f1f3a82a7d93409d3b8d57c3e0d82b1d810c
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close