what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files Date: 2002-08-30

Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-041 - Unchecked Buffer in Content Management Server Could Enable Server Compromise. Three security vulnerabilities: A buffer overrun in a low-level function that performs user authentication, a vulnerability resulting from the confluence of two flaws affecting a function that allows files to be uploaded to the server, and a SQL injection vulnerability affecting a function that services requests for image files and other resources.

tags | overflow, vulnerability, sql injection
SHA-256 | 6e540b40befc61c59dcfc09856719d609a1bd1b820d42e2c173b0ddf3fac1347
Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-040 - Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise. A security vulnerability results because the MDAC functions underlying OpenRowSet contain an unchecked buffer. An attacker who submitted a database query containing a specially malformed parameter within a call to OpenRowSet could overrun the buffer, either for the purpose of causing the SQL Server to fail or causing the SQL Server service to take actions dictated by the attacker.

tags | overflow
SHA-256 | 724bb1c4ef4bbe76d9247ef77b88d897827ff562f654d1c31e51b61531d54093
Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-039 - Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution. Sending a carefully crafted packet to the Resolution Service, an attacker could cause portions of system memory (the heap in one case, the stack in the other) to be overwritten. Overwriting it with random data would likely result in the failure of the SQL Server service. Overwriting it with carefully selected data could allow the attacker to run code in the security context of the SQL Server service.

tags | overflow, code execution
SHA-256 | c02fb5e27f8774fa22735471626ebbcec3ae67117a3d248a9a3f34fe3d6b41b2
Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-038 - Unchecked Buffer in SQL Server 2000 Utilities Could Allow Code Execution. This advisory documents SQL injection vulnerabilities and buffer overruns in SQL Server 2000 and MSDE 2000.

tags | overflow, vulnerability, code execution, sql injection
SHA-256 | 5086f40b83fa85c238c3816a27a87b1a91792c74ea2e7e3c3ff5de0bd8458d80
Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-037 - Server Response To SMTP Client EHLO Command Results In Buffer Overrun. A security vulnerability results because of an unchecked buffer in the IMC code that generates the response to the EHLO protocol command. If the total length of the message exceeds a particular value, the data would overrun the buffer. If the buffer were overrun with random data, it would result in the failure of the IMC. If, however, the buffer were overrun with carefully chosen data, it could be possible for the attacker to run code in the security context of the IMC, which runs as Exchange5.5 Service Account.

tags | overflow, protocol
SHA-256 | 6fcee21872b7f42847d8fbc6a5c19017b300f98f4b2d58cf3bb9a8e51b28d654
Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-036 - Authentication Flaw in Microsoft Metadirectory Services Could Allow Privilege Elevation. A flaw exists that could enable an unprivileged user to access and manipulate data within Microsoft Metadirectory Services (MMS) that should, by design, only be accessible to MMS administrators. Specifically, it is possible for an unprivileged user to connect to the MMS data repository via an LDAP client in such a way as to bypass certain security checks. This could enable an attacker to modify data within the MMS data repository, either for the purpose of changing the MMS configuration or replicating bogus data to the other data repositories.

SHA-256 | b1d7451fe6e869edc7b74e470bb51d0435d64cf4b2b2f1ce168b2eea1cb3790c
Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-035 - SQL Server Installation Process May Leave Passwords on System. A security vulnerability results because of two factors: The files remain on the server after the installation is complete. Except for the setup.iss file created by SQL Server 2000, the files are in directories that can be accessed by anyone who can interactively log on to the system. The password information stored in the files is either in clear text (for SQL Server 7.0 prior to Service Pack 4) or encrypted using fairly weak protection. An attacker who recovered the files could subject them to a password cracking attack to learn the passwords, potentially compromising the sa password and/or a domain account password.

SHA-256 | 9f9beb2a328bbc2c0a237bce8101c3044e0ed4db04422219c2b498b9e29b18b5
Internet Security Systems Security Alert August 29, 2002
Posted Aug 30, 2002
Site iss.net

A vulnerability has been reported in the Windows file and resource sharing mechanism. The SMB (Server Message Block) protocol handles the sharing of files and devices in Windows environments. A flaw in the implementation of SMB may allow remote attackers to launch DoS (Denial of Service) attacks against vulnerable systems.

tags | denial of service, overflow
systems | windows
advisories | CVE-2002-0724
SHA-256 | b74704a2cee3637e1a2e674c5a67573beff65a176eec97554c88e17a844cc641
Posted Aug 30, 2002
Authored by Redox | Site autosec.sourceforge.net

Poor Mans IDS is a couple of scripts which check certain files on your host (any you like) for changes in content, ownership, and mode. Rather than only mailing if something is wrong (like other IDSs), this lean IDS will send you a daily (or weekly or hourly, depending on how you set-up your cron job) security audit, containing details of what it found.

Changes: Bug fixes and some cool improvements.
tags | tool, intrusion detection
systems | unix
SHA-256 | 6c2bba2937cdbe45c044fa15d5a6a702dee80dfa2c0f7f66611d3fe20ca4b282
Posted Aug 30, 2002
Site autosec.sourceforge.net

Sonar is a network reconnaissance utility which runs all its scans from plugins. The currently supported plugins are an ICMP scan and an ACK scan which can see if hosts that don't respond to ICMP are online.

Changes: This release fixes a few annoying bugs. The ICMP scan has been made more versatile, allowing you to choose an ICMP type and ICMP code. Upgrades from older releases are recommended.
tags | tool, scanner
systems | unix
SHA-256 | a7a19f5a0590498af29fa545a487e733df287143e87c5bc8627cf0a9ad6ed224
Posted Aug 30, 2002
Authored by Balazs Scheidler | Site balabit.hu

Zorp is a new-generation modular proxy firewall suite to fine tune proxy decisions with its built in script language, fully analyze complex protocols (like SSH with several forwarded TCP connections), and utilize out of band authentication techniques (unlike common practices where proxy authentication had to be hacked into the protocol).

Changes: Some bugfixes were made and a new feature was implemented.
tags | tool, tcp, firewall, protocol
systems | unix
SHA-256 | 446b43d501611e5c3f4f8ecd41977e8befc91d2f4bae55339235ef42cd9498b8
Posted Aug 30, 2002
Site prelude.sourceforge.net

Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.

tags | tool, remote, local, intrusion detection
systems | unix
SHA-256 | 5fd33f6e59d36461dc673f8f8a58b32cbb4aaead2d9e78b2009b07b7357d9f13
Posted Aug 30, 2002
Site prelude.sourceforge.net

Prelude NIDS is the network sensor part of the Prelude Hybrid IDS suite. It provides network monitoring with fast pattern matching (Boyer-Moore) to detect attacks against a network. Includes protocol and detection analysis plugins featuring Telnet, RPC, HTTP, and FTP decoding and preprocessors for cross-platform polymorphic shellcodes detection, ARP misuse detection, and scanning detection. It supports IP fragmentation and TCP segmentation to track connections and detect stateful events.

tags | tool, web, tcp, shellcode, protocol, intrusion detection
systems | unix
SHA-256 | ca96ec7fdf581ae50704cdd1534c035a1dbd4684cdd86d052c10242b50a890e6
Samhain File Integrity Checker
Posted Aug 30, 2002
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: This release fixes a bug that may cause filename truncation if a filename with special (e.g. non-ASCII) characters is logged to an SQL database.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 41e664afd9d562cf8958ebb2cbb3551a0dd0b56b359765252162270de6660d1e
Posted Aug 30, 2002
Authored by Dianne Skoll | Site roaringpenguin.com

MIME Defanger is a flexible MIME e-mail scanner designed to protect Windows clients from viruses and other harmful executables. It works with Sendmail 8.11 / 8.12's "milter" API and will alter or delete various parts of a MIME message according to a flexible configuration file.

Changes: The quarantine notification message was improved and some less important syslog messages were lowered from 'info' to 'debug'. Default permissions on /etc/mail/mimedefang-ip-key were tightened.
systems | windows, unix
SHA-256 | e85285eb5079e52d42c46b6ff36aee98d8839c2b4e899e753644a6724402210c
Posted Aug 30, 2002
Site cse.fau.edu

Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.

Changes: When showing an excerpt of logs, the number of matching lines is now shown to express the severity of attack. A bug was also fixed that would consider certain FQDNs as IPs.
tags | tool, remote, sniffer
SHA-256 | 6e06ce57e9567b7f857f438a20ef6cfa6911fe8497fa14aeee9a0fdeefb081d4
Posted Aug 30, 2002
Site staff.ncst.ernet.in

Httptype is a program that returns the http host software of a website. It is written in Perl.

Changes: New stable version. You can now use URLs in a host file as well. Unsupported URL schemes will return a warning and be skipped. This version also tries to figure out the server type of SSL hosts.
tags | web, perl
SHA-256 | 2b3981af663c406ae7f3a4e36b2def3f7a7a45a032e2bae76fe2f14757464526
Posted Aug 30, 2002
Site cheops-ng.sourceforge.net

Cheops-ng is a graphical network management tool for mapping and monitoring your network. It has host/network discovery functionality, OS detection, and it also does a port scan of each computer to tell what services are running, so you can use or administer them.

tags | tool, scanner
systems | unix
SHA-256 | 631ae749d0fe052d1e8c6a7fd3a200868284f06e0b71e82180b230f67c48bf05
Posted Aug 30, 2002
Authored by Condor

The ADP Forum v2.0.2 contains vulnerabilities which allow remote users to delete accounts, read encrypted passwords, and take admin access.

tags | remote, vulnerability
SHA-256 | fac6bda213743acedaec62da8da9907f6ad07a7c30fcf40dde14e6e60ccc7ad6
Posted Aug 30, 2002
Authored by Lawrence Lavigne | Site neoerudition.net

Cgivti2.V2.pl uses a webserver host list provided by the user to scan for cgi, vti, msadc and several other vulnerabilities. Like cgivti.V2.pl, this script is easily configured to include other vulnerabilities.

tags | cgi, vulnerability
systems | unix
SHA-256 | 8966b5fa7d151c0547e782abcc1f118f0e7298ccb898d0f31dd4ee49e5a02865
Posted Aug 30, 2002
Authored by Killah | Site hack.gr

Port-binding shellcode that binds to tcp port 8975 for Linux on Sparc.

tags | tcp, shellcode
systems | linux
SHA-256 | 1da3cedc1b42a86af88a60d44c954f2454e64423c6d2eb6ad231f91314a92658
Posted Aug 30, 2002
Site sourceforge.net

IP Accounter is an IP accounting package for Linux. It collects, summarizes, and nicely displays IP accounting data. Its output can be a simple ASCII table, or graph images. Ipchains and iptables are supported. Logs are stored in files, gdbm, or even a PostgreSQL database.

Changes: Some bugs were fixed, the Web interface was improved, the configure script option 'dropzero' was dropped, the TODO list was updated, and the batch mode was rewritten.
systems | linux
SHA-256 | 32c3412dd40a473de4cdf199992063c606459b11d1e5a72250ec2c1e2742fa1d
Posted Aug 30, 2002
Authored by Phundie

FakeDate consists of tools and libraries for supplying a fake date, time, and alarm signals to target programs using LD_PRELOAD. The supplied time can be constrained to a user selectable interval.

systems | unix
SHA-256 | a3030ddf65237561fb0a847349c1fbe34f9236ba29b594fbdfd11c2624f3bf29
Posted Aug 30, 2002
Site sendmail.org

Sendmail is a very popular unix Mail Transfer Agent, a program that moves mail from one machine to another.

Changes: Several minor problems have been fixed.
systems | unix
SHA-256 | 02701c7cbb1ce5bdbcc6acb699ad562a5e048dd8446010217b327653d78f60be
Posted Aug 30, 2002
Authored by Hexxeh

Substitution Ciphers - This paper discusses the five classic substitution ciphers and how they are solved.

tags | paper
SHA-256 | f946254eec745aa69631a45b0f3ff7eec21fda672e2b0778aee8b478b76f9938
Page 1 of 2

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By