ignore security and it'll go away
Showing 1 - 25 of 184 RSS Feed

Files Date: 2002-10-01 to 2002-10-31

lodowep-src-1_2_1.zip
Posted Oct 30, 2002
Site cqure.net

Lodowep 1.2.1 is a tool for analyzing password strength of user accounts on a Lotus Domino webserver system by using dictionary attacks. Lodowep is multi-threading and supports both session- and basic-authentication. The binary version of this tool can be found here.

tags | cracker
MD5 | dca73cca85c27f720d9cd8e9ccb2270e
CSSA-2002-041.0.txt
Posted Oct 30, 2002
Site stage.caldera.com

Caldera security advisory CSSA-2002-041.0 - Versions of the pam_ldap module prior to 144 include a remote exploitable format string bug in the logging function. Caldera released fixed packages for OpenLinux 3.1.1 and 3.1 configurations.

tags | remote
MD5 | d03efb188f70701feba1ffc923e5d39d
CSSA-2002-040.0.txt
Posted Oct 30, 2002
Site stage.caldera.com

Caldera security advisory CSSA-2002-040.0 - The uudecode utility created output files without checking to see if it was about to write to a symlink or a pipe. If a user uses uudecode to extract data into open shared directories, such as /tmp, this vulnerability could be used by a local attacker to overwrite files.

tags | local
MD5 | cd216723764ec227721effb6d82249b7
gentoo.uudecode.txt
Posted Oct 30, 2002
Site gentoo.org

Gentoo Linux security advisory - The uudecode utility created output files without checking to see if it was about to write to a symlink or a pipe. If a user uses uudecode to extract data into open shared directories, such as /tmp, this vulnerability could be used by a local attacker to overwrite files.

tags | local
systems | linux, gentoo
advisories | CVE-2002-0178
MD5 | 02b659d228dbf4264204ea6a1de1f4e2
rpfcd-0.10.tar.gz
Posted Oct 30, 2002
Site insecure.dk

Remote pf control daemon allows remote control and monitoring of OpenBSD packet filter. It communicates with clients using RPFC protocol running on top of SSL (Secure Socket Layer). The protocol is designed to be relatively forgiving and easy to use.

tags | tool, remote, sniffer, protocol
systems | openbsd
MD5 | 11374aabaa798230ebb27c655c205700
mod_ssl-2.8.12-1.3.27.tar.gz
Posted Oct 30, 2002
Site modssl.org

mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.

Changes: Fixed a cross site scripting security bug. Now allows 8192 bytes of shared memory data size.
tags | encryption
MD5 | 6d52df71a602ae150898fb8483fa22a4
logwatch-4.2.1.tar.gz
Posted Oct 30, 2002
Site logwatch.org

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
MD5 | b0ba7785397a29a94715e9710b13340d
packit-0.4.5.tgz
Posted Oct 30, 2002
Site packit.sourceforge.net

Packit offers the ability to monitor, manipulate and inject IPv4 (and soon IPv6) traffic (TCP/UDP/ICMP) on and into your network. This can be valuable in testing firewalls, intrusion detection systems and in general TCP/IP auditing. At the comment Packit can be run using one of two modes. packet capture, and IPv4 packet injection. Packit is dependent on libnet 1.1.0+ and libpcap and has been tested with numerous FreeBSD and Linux kernels.

Changes: Bug fixes, updates.
tags | kernel, udp, tcp
systems | linux, unix, freebsd
MD5 | 1b306d38cbad92bf5c19a5eadfbbdda5
ws_ftp-3.1.3.txt
Posted Oct 30, 2002
Authored by Low Halo

WS_FTP v3.13 and below is vulnerable to the classic FTP bounce attack as well as PASV connection hijacking. Examples and solutions included.

MD5 | da93caaf270c3934ec16be745b2cf6cc
CA-2002-29.kerberos
Posted Oct 30, 2002
Site cert.org

CERT Advisory CA-2002-29 - Multiple Kerberos distributions contain a remotely exploitable buffer overflow in the Kerberos administration daemon. A remote attacker could exploit this vulnerability to gain root privileges.

tags | remote, overflow, root
MD5 | 5bc3502dfd425743f5896240e081ff72
Oracle9iAS.dos.pl
Posted Oct 30, 2002
Authored by deadbeat

Oracle9iAS Web Cache Denial of Service exploit in perl, as described in Atstake advisory a102802-1.

tags | exploit, web, denial of service, perl
MD5 | 5587607f8f49ffd172b5844f93e01670
cuts-0.01.tar.gz
Posted Oct 30, 2002
Site codewar.net

CUTs (cellphone unix terminal) is a procmail hack that allows you to use a normal cellphone's messaging capability as a Unix/Linux terminal from anywhere.

tags | telephony
systems | linux, unix
MD5 | 4c30b3b77376b70b194f019b71a53df2
solarhell
Posted Oct 29, 2002
Authored by Deloitte and Touche SSG (Security Services Group) | Site deloitte.co.za

Solarhell is a remote root exploit shell script which abuses the Solaris /bin/login bug by using telnet. Solaris 2.6, 2.7 and 2.8 (7.0 and 8.0) is vulnerable. More information available here.

tags | exploit, remote, shell, root
systems | solaris
MD5 | 750b7545abb4813fae07fb331e4b0c43
mdaemon-dos.txt
Posted Oct 29, 2002
Authored by D4rkGr3y | Site dhgroup.org

A denial of service vulnerability found in Alt-n MDaemon v6.0.7 can allow malicious users to remotely crash this application. This vulnerability, which may also affect earlier MDaemon versions, resides in the method used by MDaemon's POP3 service to process user input that is received with the DELE or UIDL commands.

tags | denial of service
MD5 | 5ffed104c216bb417400af1f15ac0a1b
2002alert43rev1.pdf
Posted Oct 29, 2002
Site otn.oracle.com

Oracle Security Alert #43 - The Oracle9iAS Web Cache contains two denial of service vulnerabilities that can be triggered remotely by sending specially crafted HTTP requests to this service. The denial of service issues, which affect version 9.0.2.0.0 for Windows NT/2000 and XP, result in an immediate crash of the application. This vulnerability was reported to Oracle by Atstake and will be fixed in the 9.0.4 release of Oracle9i Application Server.

tags | web, denial of service, vulnerability
systems | windows, nt
MD5 | 0ca7ed9ecd802108b9234cb8bdafae7b
Atstake Security Advisory 02-10-28.1
Posted Oct 29, 2002
Authored by Atstake, Andreas Junestam | Site atstake.com

Atstake Security Advisory a102802-1 - The Oracle9iAS Web Cache contains two denial of service vulnerabilities that can be triggered remotely by sending specially crafted HTTP requests. The denial of service issues, which affect version 9.0.2.0.0 for Windows NT/2000 and XP, result in an immediate crash of the service. Oracle released a security advisory for this vulnerability. This advisory can be found here.

tags | web, denial of service, vulnerability
systems | windows, nt
MD5 | 89e8742a8f5ef59e9dd916b6987f7ad5
srm-1.2.6.tar.gz
Posted Oct 28, 2002
Authored by Matthew Gauthier | Site srm.sourceforge.net

secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.

Changes: Bug fixes.
systems | unix
MD5 | d025b076ac95a88276f4f8616cb20698
StJude_LKM-0.22.tar.gz
Posted Oct 28, 2002
Authored by Tim Lawless | Site wwjh.net

Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: Redhat 8.0's attempt to stop module rootkits stopped StJude as well - added code to discover the sys_call_table during initialization on systems with a non-exported sys_call_table. Fixed some bugs and include problems.
tags | remote, kernel, local, root
systems | linux
MD5 | 355bc6c48ce1a8d82edf83a28df0ce89
ABfrag
Posted Oct 26, 2002

ABFrag claims to be a Linux Kernel ( here. Encrypted with burneye. Archive password is set to p4ssw0rd. Use at your own risk.

tags | kernel, trojan
systems | linux
MD5 | 4ef317e80a0a1a33db854f7c79ab3558
suntd.c
Posted Oct 26, 2002
Authored by Jenkinz

SunOS telnetd scanner.

tags | tool, scanner
systems | unix, solaris
MD5 | 916a5d98cff6c823134a38f9382a4572
Rapid7 Security Advisory 8
Posted Oct 25, 2002
Authored by Rapid7 | Site rapid7.com

Rapid 7 Advisory R7-0008 - IBM Web Traffic Express Caching Proxy server is vulnerable to cross site scripting. The Caching Proxy server allows script code to be injected into pages using standard cross-site scripting techniques. A second, variant attack allows the HTTP headers to be manipulated.

tags | web, xss
MD5 | c089ec22a3f6afb5d2920686d4198cc8
Rapid7 Security Advisory 7
Posted Oct 25, 2002
Authored by Rapid7 | Site rapid7.com

Rapid 7 Advisory R7-0007 - The Caching Proxy component of IBM's WebSphere Edge Server v2.0 is vulnerable to a denial-of-service attack against one of the default CGI programs. A malformed HTTP request for /cgi-bin/helpout.exe will cause ibmproxy.exe to crash and cease functioning.

tags | web, cgi
MD5 | eba84402ea5b4bf5dc44072df1d8b101
webserver4everyone.txt
Posted Oct 25, 2002
Authored by Tamer Sahin, David Endler | Site idefense.com

iDEFENSE Security Advisory 10.15.02 - RadioBird Software's WebServer 4 Everyone v1.27 and below contains denial of service and directory traversal vulnerabilities allowing any file on the system to be downloaded. Fix available here.

tags | denial of service, vulnerability
advisories | CVE-2002-1212, CVE-2002-1213
MD5 | 2d7b8fbae7e7c09997cb4fa252fefd0a
tftp.dos.pl
Posted Oct 25, 2002
Authored by D4rkGr3y | Site dhgroup.org

Solarwinds TFTP server v5.0.55 and below remote denial of service exploit in perl.

tags | exploit, remote, denial of service, perl
MD5 | 940a91e472909d558a7cf5bdf8d5360b
ou-audit2002.msi
Posted Oct 25, 2002
Authored by Security Storm | Site securitystorm.net

Opticon Users 2002 is a simple tool to show administrators who is logged onto the network and from what workstation that user is accessing the network from. Information about the workstation used to logon from, the domain, the logon server, and the date/time of logon is also displayed. This tool makes it easy to spot unauthorized logons from a certain workstation or logons using an administrative account.

MD5 | 44f1c5880e93cbc062786c7e81bc4ef4
Page 1 of 8
Back12345Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    8 Files
  • 21
    Sep 21st
    1 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close