exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2004-04-05

shoneypot-0.2-7.tar.gz
Posted Apr 5, 2004
Site sourceforge.net

Single Honeypot simulates many services - SMTP, HTTP, shell, and FTP. It can pretend to be many OS's, such as Windows FTP systems, Windows SMTP systems, different Linux distributions, and some Posix distributions.

tags | tool, web, shell, intrusion detection
systems | linux, windows, unix, osx
SHA-256 | df033947535658dfb6aa0e49cb9d62ba6002a893119692be0fd847d14f0cbb09
pam_usb-0.2.1.tar.gz
Posted Apr 5, 2004
Authored by Andrea Luzzardi | Site sig11.org

pam_usb is a PAM module that enables authentication using a USB storage device through DSA private/public keys. It can also work with floppy disks, CD-ROMs, or any kind of mountable device.

systems | linux
SHA-256 | 4c0993d6a58e7ce409c3cbbfada982f5c897bd61804aa3a7b8975b86b2b8b413
rkhunter-1.0.5.tar.gz
Posted Apr 5, 2004
Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix clone.

Changes: Fixed bugs and added new features. Added known-bad database with blacklisted binaries.
tags | tool, shell, perl, integrity, rootkit
systems | unix
SHA-256 | 3df32f0482965454da395531f55410988514589c1395706816fe961dcd6f9359
igi2fs.zip
Posted Apr 5, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Proof of concept exploit that makes use of a format string bug in IGI 2: Covert Strike. Affected versions are 1.3 and below.

tags | exploit, proof of concept
SHA-256 | e963bebcef000f6153acb4f8a4cc85894d3778effc37a72da254057fb13164a1
igi2.txt
Posted Apr 5, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

The IGI 2: Covert Strike server is affected by a format string bug in the logging function of the RCON commands. Affected versions are 1.3 and below.

tags | advisory
SHA-256 | f0fdf110d4229c03eb1683c695c18a13b559b107219d10ecd8ef6f31ef2a357c
Director31ad.html
Posted Apr 5, 2004
Authored by Juanma Merino | Site t3k.ibernet.com

IBM Director 3.1 Agent for Windows is vulnerable to a remote denial of service attack when being scanned.

tags | advisory, remote, denial of service
systems | windows
SHA-256 | 11c8a7a8d97e1b7c71871fe52805b379be6151773027ff19753134ed8fd5d859
monit.txt
Posted Apr 5, 2004
Authored by Matthew Murphy

Monit versions 4.2 and below have two basic authentication flaws that allow for a remote denial of service and a buffer overflow that can lead to arbitrary code execution. An off-by-one vulnerability also exists with POST requests.

tags | advisory, remote, denial of service, overflow, arbitrary, code execution
SHA-256 | 810840b17572800a7f7b3a1a0f1869203058b4950c0967687cd2f0ee5da4baf4
dreamweaver.txt
Posted Apr 5, 2004
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR05042004B - To aid in the development of web applications that require database connectivity, certain test scripts are created and uploaded to a website when using Macromedia's Dreamweaver. These scripts help to test database connectivity. If left these scripts can allow an attacker to gain access to the backend database server, without the attacker having to supply a user ID and password. Systems affected are IIS/Dreamweaver MX and UltraDev 4.

tags | advisory, web
SHA-256 | 5676bedc096db266dcec8d45b47caabbecb7b6fb751eaa892c1472bac4cc2b9a
idefense-040504.txt
Posted Apr 5, 2004
Authored by Greg MacManus | Site idefense.com

Remote exploitation of a buffer overflow in the win32_stat function of ActiveState's ActivePerl may allow arbitrary commands to be executed. No check is made on the length of the string before the copy is made allowing long strings to overwrite control information and execution of arbitrary code possible.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2004-0377
SHA-256 | 3adc232e9981b7e4b616c8280bed4f979ce9a51c0a72c7d2f4eff52bb06efd16
winampheap.txt
Posted Apr 5, 2004
Authored by Peter Winter-Smith | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR05042004 - Due to a lack of boundary checking within the code responsible for loading Fasttracker 2 (.xm) mod media files by the Winamp media plug-in in_mod.dll, it is possible to make Winamp overwrite arbitrary heap memory and reliably cause an access violation within the ntdll.RtlAllocateHeap() function. When properly exploited this allows an attacker to write any value to a memory location of their choosing. In doing so, the attacker can gain control of Winamp's flow of execution to run arbitrary code. This code will run in the security context of the logged on user.

tags | advisory, arbitrary
SHA-256 | f19369974724e97b0e10b88bb80392f6506e21880ffcc74b92f2f54c0d616991
msSharePointXSS.txt
Posted Apr 5, 2004
Authored by Ory Segal | Site SanctumInc.com

Microsoft SharePoint Portal Server 2001 suffer from cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2004-0379
SHA-256 | 10169682debdfb934b48a36f761142428188f321b766946424a38fe3d7ad8251
suse-yast.txt
Posted Apr 5, 2004
Authored by l0om | Site excluded.org

Possible symlink attack in SuSe's Yast Online Update tool.

tags | advisory
systems | linux, suse
SHA-256 | fa5ad54174d9f2e28e10a089d616b0f4ebc3a38a0f1b21434805e9abf2d6c5a7
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close