Eeye Advisory - Both Macromedia Coldfusion 6.0 and Macromedia JRun 4.0 along with their prior versions are vulnerable to various heap overflows when handling URI filenames larger than 4096 bytes..
90b2b823b8a467f8fa059878b381391c6e1fa419031b09b61b9981944581ebd7A memory corruption vulnerability exists in INweb Mail Server v2.01. The POP3 server included with INweb Mail Server does not properly handle some types of requests. By submitting a maliciously crafted request to the POP3 server, an attacker could crash the system, resulting in a denial of service.
1c82afe19efc5cd1f9b94c6e761931142f3ae2f1c1916669da77662486122d4eThe Hyperion FTP Server for Windows 95/98/NT/2000 has a vulnerability which allows remote attackers to traverse through directories of a target host. Versions tested against that are vulnerable are Hyperion Ftp Server v2.8.1 / Windows 2000 sp3 and Hyperion Ftp Server v2.8.1 / Windows 98 SE.
f2e3dc440c3dc9d6c71656d2e0914613fa308ff83b4f72614aed8ac43457c54eiDEFENSE Security Advisory 11.11.02 - KDE, the open source graphical desktop environment, has a buffer overflow that is locally exploitable via the kdenetwork module using the LAN browsing implementation known as LISa.
dd52f45e6d2d46ffd6d77f77e4dc9480426f8ca8373e076992cad002f3b6c589A buffer overflow has been found in the iSMTP Gateway version 5.0.1 by Incognito. By injecting an overly long MAIL FROM: command, the server will crash. The support for the underlying operating system and the gateway software has been discontinued.
f204c71e48d4825113845c421b993db385df8737e682da300148cd3825e84dedMassrooter takes advantage of remote vulnerabilities in bind, PHP, lpd, rpc, wuftpd, null httpd, telnet, mail, ssl, and ssh on multiple systems.
aa4d6ef52ab74fd1b0cee5680c3fafec1a1e47fb692804c03ada64947dc1bec2Microsoft IIS 4.0, 5.0, and 5.1 has a vulnerability in dllhost.exe which allows local users to gain SYSTEM privilege. This vulnerability arises from the fact that the process of dllhost.exe harbors an impersonation token of SYSTEM account while processing user's request.
59f0eed38e0b61e096b9411bafd55ca8111563286a592ed9bc74f3da943e5263Lcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex. Windows binaries available here.
019b699069dc2f29fb4dac866eb1a1e1c6b69e4ee61d9fdb0f09f55b511bcee7iDEFENSE Security Advisory 11.04.02b - Northern Solutions' Xeneo Web Server v2.1.0.0 (PHP version) is vulnerable to a remote denial of service attack making the server crash with a Microsoft Visual C++ runtime error message. Fix available here.
6666bb2c685153ee0151cae36a27b81d2f2a4710105f318be7fe42b918d20de4iDEFENSE Security Advisory 11.04.02a - Pablo Software Solutions' FTP Server v1.5 and below is a multi-threaded FTP server for Windows 98, NT 4.0, 2000 and XP that contains a remotely exploitable buffer overflow vulnerability. Fix available here.
baa01c7e8344ba2565fc81e13b9f3b233aad068c7e8e6a3fb844674096cd92e8WinDNSSpoof is a simple DNS ID Spoofer for Windows 9x/2K. You must be able to sniff traffic of the target - if you are in a switched network you can use ARP Cache Poisoning tools like winarp_sk or winarp_mim (see http://www.arp-sk.org).
2911c72fedd98553e0a0961f6319b0f628acb27aa5a9ddb8e1080b7bd4e79c6bWinTCPKill is a TCP connection killer for Windows 9x/2K. You must be able to sniff traffic of the target - if you are in a switched network you can use ARP Cache Poisoning tools like winarp_sk or winarp_mim (see http://www.arp-sk.org).
923d8a462a5f0fac999c2cbce0fc54dbc03131e7c3825ac2322c9b299d0809d2WinSSLMiM implements a HTTPS man in the middle attack from the Windows platform. It includes FakeCert a tool to make fake certificate (like the DCA of sslmim in Phrack 57). It can be used to exploit the Certificate Chain Vulnerability in Internet Explorer. Tested under Windows 9x/2000.
fa801d51a1b8cc96034f44ee461b037e348c7862a3c1fcd4dc4983a8ae087712Xsun-expl.c is a local exploit for the SPARC architecture that makes use of the Xsun -co heap overflow found in April, 2002 on Solaris 2.6, 7, and 8.
97e55a2ca5d9e617ff856cd2414f020155d9ce6262a00ab465fbed2df4dbfdb0Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
9f31c28678de9e0ae46d3bdc153f3e07b44193e025bdb8911f6ba9fadead60ecISS X-Force has discovered several serious vulnerabilities in the Berkeley Internet Name Domain Server (BIND). BIND is the most common implementation of the DNS (Domain Name Service) protocol, which is used on the vast majority of DNS servers on the Internet. DNS is a vital Internet protocol that maintains a database of easy-to-remember domain names (host names) and their corresponding numerical IP addresses.
415591543028456a7c65c52b6e53dedc3d552efa7ad0f398790215825ae30993FreeBSD Security Advisory FreeBSD-SA-02:42 - Several libc functions --- including getaddrinfo(), gethostbyname(), getnetbyname(), and others --- utilize the DNS resolver functions res_search, res_query, and/or res_send which contain buffer overflow vulnerabilities which allow remote denial of service attacks against many applications.
1cdf791d166fa98998ba12602cfd1fd958f9553e41b786d6a8431d56df284d9bFreeBSD Security Advisory FreeBSD-SA-02:40 - The Kerberos administrative servers, kadmind and k5admind contain stack overflows that allow remote code execution as root from non-authenticated attackers. According to the MIT security team, there is evidence that this bug is being actively exploited.
a53b924c7f8aa4c605768a128d5b3a18c94db514f6e304190e2a87c9e3175aefSamhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
d9fb3cd317e367dd82ad0c3deda6f8033a2b6c54676d6d45cb3a70aaa4c39c97
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed