seeing is believing
Showing 1 - 25 of 26 RSS Feed

Files Date: 2002-12-24

ms02-072
Posted Dec 24, 2002
Site microsoft.com

Microsoft Security Advisory MS02-072 - The Windows Shell has a serious buffer overflow in the routine that extracts attribute information from audio files which allows remote attackers to execute code with privileges of the user if you move your mouse pointer over an evil mp3 or wma file on a website, HTML email, or windows share. An HTML email could cause the vulnerable code to be invoked when a user opened or previewed the email.

tags | remote, overflow, shell
systems | windows
MD5 | dbdd34a9a4d287e5729ad6111853f2e8
tcpreplay-1.3.1.tar.gz
Posted Dec 24, 2002
Site sourceforge.net

Tcpreplay v1.3.1 - Tcpreplay is a set of tools aimed at testing the performance of a NIDS by replaying real background network traffic in which to hide attacks. Tcpreplay allows you to control the speed at which the traffic is replayed, and can replay arbitrary tcpdump traces. Unlike programmatically-generated artificial traffic which doesn't exercise the application/protocol inspection that a NIDS performs, and doesn't reproduce the real-world anomalies that appear on production networks (asymmetric routes, traffic bursts/lulls, fragmentation, retransmissions, etc.), tcpreplay allows for exact replication of real traffic seen on real networks.

Changes: Fixes a packaging problem that caused compilation issues on non-Linux systems.
tags | tool, arbitrary, protocol, intrusion detection
systems | unix
MD5 | 98d2082769ca3aa34c923998126db8af
Kaspersky_review_11_18.doc
Posted Dec 24, 2002
Site relevanttechnologies.com

A detailed vendor analysis on Kaspersky's line of anti-virus products.

tags | paper, virus
MD5 | a3fb0418877ad5b3027e97a141cf113f
chkrootkit-0.38.tar.gz
Posted Dec 24, 2002
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0.

Changes: chkdirs.c added. chkproc.c improvements. Now includes slapper B, sebek LKM, LOC, and Romanian rootkit detection. new test added: trojan tcpdump. Minor bug fixes in the chkrootkit script.
tags | tool, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd
MD5 | 53a0d56d8b5bd1300237fc448c0b37eb
paketto-1.10.tar.gz
Posted Dec 24, 2002
Authored by Dan Kaminsky | Site doxpara.com

Paketto Keiretsu v1.10 implements many of the techniques described in recent here.

Changes: Now has OpenBSD and Solaris support. A new Distco mode actively discovers the distance to remote hosts by analyzing the TTL in returned TCP RST packets. Libnet was patched to pack its variables. Traceroute hopcount determination was improved.
systems | unix
MD5 | 7fd82af09a6493f24c8681f7bbf03898
390portbind.c
Posted Dec 24, 2002
Site thc.org

s390 portbinding shellcode.

tags | shellcode
MD5 | ada4dee501818a29ef45a4bc19a9c3be
390execve.c
Posted Dec 24, 2002
Site thc.org

Setuid/setgid 0 execve s390 shellcode.

tags | shellcode
MD5 | 707d6b6af82a86eaf60c1c0a07e21f83
390connectback.c
Posted Dec 24, 2002
Site thc.org

s390 shellcode which connects back to a listening netcat on port 31337 by default.

tags | shellcode
MD5 | d0cc0d8c977991206d8fe2e6f1c6b982
390chroot.c
Posted Dec 24, 2002
Site thc.org

s390 shellcode which breaks out of a chrooted environment with setuid / setgid.

tags | shellcode
MD5 | 7fd4ef3e9447f9bfe4d2510bd63149c3
mbof.c
Posted Dec 24, 2002
Authored by Innerphobia

Remote buffer overflow exploit for the melange chat server v1.10. Tested on SuSE 8.0 and Redhat 7.3.

tags | exploit, remote, overflow
systems | linux, redhat, suse
MD5 | eb0643524b95dd0331af7784ffa7fcf1
lsof_4.66.tar.gz
Posted Dec 24, 2002
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port. FAQ available here.

Changes: Implemented the HASNOSOCKSECURITY compile-time option which causes lsof to list only the user's open files, but will also list anyone else's open socket files, provided the "-i" option selects their listing. Added support for OpenBSD 3.2 and its kernel trace file. Improved lsof help (-h) and version (-v) information reporting. Upgraded True 64 UNIX support to the 5.1B release. Fixed a FreeBSD 4.7 and above off-by-two UNIX domain socket path termination bug.
tags | tool, intrusion detection
systems | unix
MD5 | 599d7b86ed67818509fc4c6fee4433cc
burneye-1.0.1-src.tar.bz2
Posted Dec 24, 2002
Authored by teso | Site teso.scene.at

Burneye ELF encryption program 1.0.1 with full source and docs.

MD5 | 848ae0d696d2438a01753a0fad665270
kadmin
Posted Dec 24, 2002

Krb 4-1.2 kadmind remote stack overflow remote root exploit for FreeBSD 4.x, BSD/OS 4.2, SUSE 8.0, OpenBSD 2.9 and 3.0, Slackware 8.0, and OpenWall 0.10.

tags | exploit, remote, overflow, root
systems | linux, freebsd, suse, bsd, slackware, openbsd
MD5 | 8552bda183d078984fb3df592e0d2a7c
telnetjuarez.c
Posted Dec 24, 2002
Authored by Leech

Fake Freebsd-4.6 remote telnetd setenv() heap overflow exploit which is very similar to 7350854.c.

tags | exploit, remote, overflow
systems | freebsd
MD5 | 434ec5141e899879ea5f80edadf2238e
cy.c
Posted Dec 24, 2002
Authored by Irian

Cyrus-imap v2.1.10 remote exploit. Tested against Slackware linux v8.0 with glibc-2.2.3 and kernel 2.4.19. Localhost IP is hard coded.

tags | exploit, remote, kernel, imap
systems | linux, slackware
MD5 | afbe9453571139bd2ac3ca8601630a09
tcpdumpFBSD363.c
Posted Dec 24, 2002
Authored by Icesk

Tcpdump v3.6.3 remote root exploit. Tested against FreeBSD-4.6.

tags | exploit, remote, root
systems | freebsd
MD5 | dd364284b9e6dca09cb5ff4e7d13c6b5
ifenslave.c
Posted Dec 24, 2002
Authored by v1pee//nerf | Site nerf.ru

Local /sbin/ifenslave buffer overflow exploit tested on Redhat 8.0.

tags | exploit, overflow, local
systems | linux, redhat
MD5 | da70c26f960c310b74891c2f214de527
artyfarty.c
Posted Dec 24, 2002
Authored by Knight420

artyfarty.c is a local root /opt/kde/bin/artswrapper exploit tested against Slakware 8.1. Artswrapper is setuid on some distributions.

tags | exploit, local, root
MD5 | 5d4fe9514d8fcdb1df0501a379536b86
0x3a0x29wuim.c
Posted Dec 24, 2002
Authored by Dekadish

WU-IMAP v2000.287 linux/x86 remote root exploit. Tested against Debian 2.2. This code is also known as 7350owex.c.

tags | exploit, remote, x86, root, imap
systems | linux, debian
MD5 | 8d14482320cf3f9273391a43e04ffa6b
0x09wule.c
Posted Dec 24, 2002
Authored by Sunnyholer

0x09wule.c is a Linux/x86 wu-ftpd v2.6.2(1) remote root exploit. Tested against RedHat 7.2 running wu-ftpd-2.6.2(1) on the default install. Note: This exploit is reported to be old and does not work.

tags | exploit, remote, x86, root
systems | linux, redhat
MD5 | a7b2bf13c624a3f76c3a4f0b91a59c30
ES-Malaria.tar.gz
Posted Dec 24, 2002
Authored by electronicsouls, Brain Storm

ES-Malaria is a ptrace() injector.

tags | tool, rootkit
systems | unix
MD5 | 7fe96ade196dc0c3b70e65b6ce6b8242
hyperion.2.8.11.txt
Posted Dec 24, 2002
Authored by Securma Massine

The Hyperion FTP Server v2.8.11 and below for Windows 95/98/NT/2000 contains a buffer overflow in ftpservx.dll which allows remote code execution.

tags | advisory, remote, overflow, code execution
systems | windows, 9x
MD5 | 792d44051f6dac84c2bb56401940a3d5
sneaky-sneaky-1.48.tar.gz
Posted Dec 24, 2002
Authored by phish

Sneaky-sneaky is a bidirectional spoofed ICMP tunnel backdoor that has built-in encryption and logging capabilities. It communicates via echo replies keeping the true source IP address encrypted inside of the payload.

Changes: Now with delays, decoys, timeouts and spoofing options.
tags | tool, spoof, rootkit
systems | unix
MD5 | d670d308e31f0caca1bda8cde0fc72c2
iDEFENSE Security Advisory 2002-12-23.t
Posted Dec 24, 2002
Authored by Zen-Parse, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 12.23.02 - Easy Software Products' Common Unix Printing System (CUPS) and Xpdf contains an integer overflow which allows local users to access to privileges of the lp user.

tags | advisory, overflow, local
systems | unix
MD5 | b9f198d095e9f137bc9fc1167f95bfe7
sara-4.1.3.tgz
Posted Dec 24, 2002
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated twice a month to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins, open shares, and much more.

Changes: Added test for newdsn.exe, Microsoft IIS Executable File Parsing, Updated smb.sara to check for user enumeration, registry access, and guessable passwords, Updated to detect vulnerable mysql services, fixed bugs.
tags | tool, cgi, scanner
systems | unix
MD5 | 21204242b33e2a87edce2b89684926d0
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close