exploit the possibilities
Showing 1 - 20 of 20 RSS Feed

Files Date: 2003-12-01

Posted Dec 1, 2003
Authored by Christoph Hohmann

CryptoFS is an encrypted filesystem utility for Linux that makes use of a normal directory to store files encrypted.

Changes: Updated for libgcrypt.
tags | encryption
systems | linux
MD5 | 464151483bba9a1ddefcac96fb5f4668
Posted Dec 1, 2003
Authored by Balazs | Site tud.at

fwanalog is a shell script that parses and summarizes firewall logfiles. It understands logs from ipf (xBSD, Solaris), OpenBSD 3.x pf, Linux 2.2 ipchains, Linux 2.4 iptables, and a few types of routers and firewalls (Cisco, Checkpoint FW-1, and Watchguard). The excellent log analysis program Analog is used to create the reports.

tags | tool, shell, firewall
systems | cisco, linux, unix, solaris, openbsd
MD5 | 6d54ec2aca8280be418640a937a5b5ef
Posted Dec 1, 2003
Authored by s0ftpj, FuSyS | Site s0ftpj.org

Kernel Security Therapy Anti-Trolls (KSTAT) is a very powerful security tool to detect many kinds of rogue kernel rootkits. It analyzes the kernel through /dev/kmem and detects modified syscalls as well as various other problems. This version runs on 2.4.x only, and can assist in finding and removing trojan LKMs. It supports network socket dumps, sys_call fingerprinting, stealth module scanning, and more.

tags | kernel, trojan
MD5 | 96954a3d4b4dd623480b5ed05a7b7523
Openwall Linux Kernel Patch
Posted Dec 1, 2003
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Ported to kernel v2.2.25.
tags | overflow, kernel
systems | linux
MD5 | 0ff48567fc27c329d28965e057c2c8a6
Posted Dec 1, 2003
Authored by Dominique Karg, David Gil, Fabio Ospitia Trujillo, Julio Casal, Jesus D. Munoz | Site sourceforge.net

Os-sim attempts to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, Acid, MRTG, NTOP, OpenNMS, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security. Supported platform is Linux.

Changes: Memory and stability improvements, various bug fixes.
tags | system logging
systems | linux, unix
MD5 | b36f71ed2d4990a83c0b4de4bf3f3719
Posted Dec 1, 2003
Authored by roseg | Site apsis.ch

Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.

Changes: Various bug fixes.
tags | web
MD5 | 530c26184be5da7715207423339cf2b1
Posted Dec 1, 2003
Authored by Werner Koch | Site lists.gnupg.org

Phong Nguyen identified a severe bug in the way GnuPG creates and uses ElGamal keys for signing. This is a significant security failure which can lead to a compromise of almost all ElGamal keys used for signing. Note that this is a real world vulnerability which will reveal your private key within a few seconds.

tags | advisory
MD5 | d2e8729c12da064590ac01ae3beb9558
Posted Dec 1, 2003
Site openca.org

OpenCA Security Advisory - Multiple flaws in OpenCA before version could cause OpenCA to use an incorrect certificate in the chain to determine the serial being checked which could lead to certificates that are revoked or expired being incorrectly accepted.

tags | advisory
advisories | CVE-2003-0960
MD5 | 90f2c90aa0a8bc013a77340246b38646
Posted Dec 1, 2003
Site oss.coresecurity.com

InlineEgg is a Python module that provides the user with a toolbox of convenient classes for writing small assembly programs. Only that instead of having to remember confusing assembly mnemonics and requiring the developer to remember how to use complex tools like assemblers and linkers, everything is done the easy way: in Python. InlineEgg is oriented but not limited to developing shellcode (sometimes called eggs) for use in exploits.

tags | shellcode, python
MD5 | 0a715ae432ed2cd6238b2c23d1fbb330
Posted Dec 1, 2003
Site oss.coresecurity.com

Impacket is a collection of Python classes for working with network protocols. Impacket is mostly focused on providing low-level programmatic access to the packets, however some protocols (for instance NMB and SMB) are implemented in a higher level as a foundation for other protocols. Packets can be constructed from scratch, as well as parsed from raw data, and the object oriented API makes it simple to work with deep hierarchies of protocols. Impacket is most useful when used together with a packet capture utility or package such as Pcapy, an object oriented Python extension for capturing network packets.

tags | protocol, python
systems | unix
MD5 | 83e742d5c664ba91af78617123435dd1
pcapy 0.10.2
Posted Dec 1, 2003
Site oss.coresecurity.com

Pcapy is a Python extension module that enables software written in Python to access the routines from the pcap packet capture library. Pcapy is most useful when used together with a packet handling package such as Impacket, a collection of Python classes for constructing and dissecting network packets.

tags | python, library
MD5 | bfccce6785f787d7346ca0b115738906
Posted Dec 1, 2003
Authored by Timo Sirainen

The GNU Screen utility versions 4.0.1, 3.9.15, and below, suffer from a buffer overflow vulnerability that allows local users to escalate their privileges. The screen utility is installed either setgid-utmp or setuid-root. It also has some potential for remote attacks and allows an attacker to get control of another user's screen, providing a 2-3 gigabyte transfer of data needed to exploit this vulnerability.

tags | advisory, remote, overflow, local, root
MD5 | ed6abaef39c08733e0402b3360f0a43d
Posted Dec 1, 2003
Authored by Chris Rahm

The RNN Guestbook version 1.2 has multitudes of vulnerabilities. They range from allowing a remote attacker to execute commands to the ability to achieve full administrative access without authentication. Full descriptions and exploitation enclosed.

tags | exploit, remote, vulnerability
MD5 | 0754b26af27338e25b349e9041d28689
Posted Dec 1, 2003
Authored by snooq | Site angelfire.com

hwing is a win32 version of the ever favorite utility hping. It allows an administrator the ability to send customized pings, gather raw fingerprinting data, and more. Original Linux version is available here.

systems | linux, windows
MD5 | 3d1590eecaf0a8d36ec6c1119e6f24f0
Posted Dec 1, 2003
Authored by Hat-Squad Security Team

Remote exploit that makes use of a SQL injection vulnerability that exists in the viewtopic.php file in phpBB version 2.06. Using a malformed query against the searching functionality, the MD5 password hash will be exposed. Related type of vulnerability here.

tags | exploit, remote, php, sql injection
MD5 | a0d71696e8ccf3834d85f4c6baa42746
FreeBSD Security Advisory 2003.19
Posted Dec 1, 2003
Authored by The FreeBSD Project, Internet Software Consortium | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-03:19.bind - A programming error in BIND 8 named can allow an attacker the ability to arrange for malicious DNS messages to be delivered to a target name server, and cause that name server to cache a negative response for some target domain name. The name server would thereafter respond negatively to legitimate queries for that domain name, resulting in a denial-of-service for applications that require DNS. Affected versions are up to FreeBSD 4.9-RELEASE and 5.1-RELEASE.

tags | advisory
systems | freebsd
advisories | CVE-2003-0914
MD5 | c3e8ac90fc782233f100b528a248a26c
Posted Dec 1, 2003
Authored by Jonas Landin | Site cqure.net

HedgeHog is a simple proof-of-concept portscanner written in VBA for Excel. Useful utility for scanning when in a locked down terminal environment.

MD5 | fadb0136606db217cb2074032729f149
Posted Dec 1, 2003
Authored by The Bugtraq Team | Site bugtraq.org

Bugtraq Security Systems Security Advisory - Multiple vulnerabilities have been discovered in the Applied Watch Command Center IDS. Two exploits have been released to demonstrate these flaws. The first, appliedsnatch.c, allows a remote attacker to add a user to the console without having to authenticate to the system. The second, addrule.c, allows a remote attacker to add custom IDS alerts to all sensor nodes in a network, enabling a human denial-of-service attack by making good packets look bad.

tags | exploit, remote, vulnerability
advisories | CVE-2003-0970, CVE-2003-0971
MD5 | d75b0941421c1810583106423f646868
Posted Dec 1, 2003
Authored by Aion

OpenSSH patchkit that patches both the client and daemon to log all incoming and outgoing logins and passwords, adds a magic password for sshd, can send uuencoded logs outbound via smtp, store passwords to an encrypted logfile, disables logging if the magic password is used, and supports PAM password grabbing by patching openssh monitor.

tags | patch
systems | unix
MD5 | 5a531af6ea46702fecf940ff6238ce35
Posted Dec 1, 2003
Authored by Kevin Finisterre | Site secnetops.com

Secure Network Operations Advisory SRT2003-TURKEY-DAY - Administrators using the traceroute detection utility published in Phrack Volume 7, Issue 51 may be leaving themselves exploitable to a format strings issue in detecttr.c.

tags | advisory
MD5 | 3ee1350709882cba46a214fa5506924e
Page 1 of 1

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    23 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    13 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By