what you don't know can hurt you
Showing 1 - 25 of 33 RSS Feed

Files Date: 2004-06-18

Posted Jun 18, 2004
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: This particular version is a modified release by Michael Robin that has been migrated to work with libnet 1.2 libraries. Includes a new tool called filenamesnarf.
tags | tool, local, sniffer, tcp, protocol
MD5 | 7642a9227c2d293a0078e86faa8cca8d
Posted Jun 18, 2004
Authored by glitch

Simple perl script that checks for duplicate files in a directory based upon md5 checksums.

tags | tool, perl
systems | unix
MD5 | 96b3f0f8b6d19681b0f38d09c33a468f
Posted Jun 18, 2004
Authored by Patrik Karlsson | Site cqure.net

SQLAT is a suite of tools which could be useful for pen-testing a MS SQL Server. The tools do dictionary attacks, upload files, read registry and dump the SAM. They do this by wrapping extended stored procedures. There is also a tool for doing a minimal analysis of a SQL Server with output as HTML. You need to be 'sa' to run some of the tools, but this usually isn't a problem. SQLAT works over port 1433.

Changes: Applied patches from Eric Augustus and minor changes.
tags | registry
systems | unix
MD5 | 244ddbb483724666dbad252dd8916360
Posted Jun 18, 2004
Authored by Patrik Karlsson | Site cqure.net

A CIFS/SMB password scanner based on the jcifs implementation. The scanner and jcifs are both 100% pure Java, making it possible to run the scanner on a few different platforms. Both the Java source and binary distributions are included.

tags | tool, java, scanner
systems | unix
MD5 | e6e80ca7923622aa55c17d56fc6176ce
Posted Jun 18, 2004
Authored by Alex Buck aka loofus | Site 0x90.org

Pivot 1.10 Soundwave is susceptible to a remote file inclusion and execution vulnerability that enables a remote attacker to execute anything they want in the context of the user id running the web server.

tags | exploit, remote, web, file inclusion
MD5 | 1f673326a66b16d650c42b4c15f179a3
BEA Systems Security Advisory 04-62.00
Posted Jun 18, 2004
Authored by Oracle | Site dev2dev.bea.com

A vulnerability exists in various versions of Weblogic Server and Weblogic Express when a client logs in multiple times as different users using RMI (Remote Method Invocation) over IIOP (Internet Inter-ORB Protocol). This may reportedly result in an RMI method being executed under the wrong identity. Affected versions: WebLogic Server and WebLogic Express 8.1, on all platforms, WebLogic Server and WebLogic Express 7.0, on all platforms, and WebLogic Server and WebLogic Express 6.1, on all platforms.

tags | advisory, remote, protocol
MD5 | 62beae5b11dcf369c3eb3efa87b1b81b
Posted Jun 18, 2004
Authored by Tan Chew Keong | Site security.org.sg

Sygate Personal Firewall Pro version 5.x is susceptible to a denial of service attack by being crashed via unprivileged applications sending specially crafted messages to the ListView control in the GUI.

tags | advisory, denial of service
MD5 | 6db7060b0f91673eabfcc809e036974f
Posted Jun 18, 2004
Authored by Jimmy Shah

Symbian SIS file dumping utility that allows for analysis of potential malware without actual installation of files. It provides information on file headers (UIDs, Version, Number of Languages, Number of files), file list (Destination name by default, Source filename and file type).

Changes: Fixes decompress bug and compatibility with Perl on Unix.
systems | unix
MD5 | fb42865d6b83fbc513796adabeedf9d1
Posted Jun 18, 2004
Authored by pixelbeat | Site pixelbeat.org

FSlint is a toolkit to find various forms of lint on a filesystem. At the moment it reports duplicate files, bad symbolic links, troublesome file names, empty directories, non stripped executables, temporary files, duplicate/conflicting (binary) names, and unused ext2 directory blocks.

Changes: Added and fixed translations. Various bug fixes.
tags | tool
systems | unix
MD5 | 8976b72724423cf5261667516c6f634d
Posted Jun 18, 2004
Authored by Stephan Martin | Site tinyca.sm-zone.net

TinyCA is a simple GUI written in Perl-Gtk to manage a small certification authority. It works as a frontend to OpenSSL. TinyCA lets you manage x509 certificates. It is possible to export data in PEM or DER format for use with servers, as PKCS#12 for use with clients, or as S/MIME certificates for use with email programs. It is also possible to import your own PKCS#10 requests and generate certificates from them. It also lets you create and manage SubCAs for more complex setups. The most important certificate extensions can be configured with the graphical frontend. English and German translations are included.

Changes: Bug fix release.
tags | perl, encryption
MD5 | 8cb4dd1159c9ff71fc3c27e677c2e4c7
Posted Jun 18, 2004
Authored by David A. Wheeler | Site dwheeler.com

Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.

Changes: Added various support, feature enhancements, and bug fixes.
systems | unix
MD5 | 242a90ecf2f21a709a2425c8771ef38e
Posted Jun 18, 2004
Authored by Phillip Deneault | Site speakeasy.wpi.edu

Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.

tags | tool, web, sniffer
MD5 | 7772b3d934d1fb3570c05d335ede895d
Posted Jun 18, 2004
Authored by Henrik Nordstrom | Site chrootsafe.sourceforge.net

chroot_safe is a alternative method for chrooting dynamically linked applications in a sane and safe manner. By using a little dynamic linking trick it delays the chrooting until after dynamic linking has completed, thereby eliminating the need to have a copy of the binary or libraries within the chroot. This greatly simplifies the process of chrooting an application, as you often do not need any files besides the data files within the chroot. In addition to chrooting the application, it also drops root privileges before allowing the application to start.

tags | root
systems | unix
MD5 | a451acfa4636a6a3414c74e78368435b
Posted Jun 18, 2004
Authored by Dominique Karg, David Gil, Fabio Ospitia Trujillo, Julio Casal, Jesus D. Munoz | Site sourceforge.net

Os-sim attempts to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, Acid, MRTG, NTOP, OpenNMS, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security. Supported platform is Linux.

Changes: Bug fixes, feature enhancements, and updates.
tags | system logging
systems | linux, unix
MD5 | d87576f1e7cffb469aae89ef4154699f
Clam AntiVirus Toolkit 0.73
Posted Jun 18, 2004
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Various fixes.
tags | virus
systems | unix
MD5 | e96f007e9156b41b5f07707e3b004465
Posted Jun 18, 2004
Authored by Alberto Ornaghi, Marco Valleri | Site ettercap.sourceforge.net

Ettercap NG is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining an established TCP connection! Integrated into a easy-to-use and powerful ncurses interface.

tags | tool, sniffer, tcp
MD5 | 7344ec31635069737cbd53e58ce93b58
Posted Jun 18, 2004
Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Various bug fixes including a patch to fix a buffer overflow.
tags | kernel, root
systems | linux
MD5 | 41fef19259e24d5c34f33b426291b036
Posted Jun 18, 2004
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: A new option has been introduced. It guarantees that the packet is logged before been accepted and sent on the network. This release also includes code cleaning and a rewrite of the multithreaded algorithm.
tags | tool, remote, firewall
systems | unix
MD5 | a81577831dd5f9ba3f58fef06d17afdc
Posted Jun 18, 2004
Authored by Shaun Colley aka shaun2k2 | Site nettwerked.co.uk

The Linux 2.4.x kernel series comes with an i2c driver that has an integer overflow vulnerability during the allocation of memory.

tags | advisory, overflow, kernel
systems | linux
MD5 | 3e2981111ef6497518ffeb00b3a98e99
Posted Jun 18, 2004
Authored by Pete Foster | Site sec-tec.co.uk

Sec-Tec Advisory - A cross site scripting vulnerability has been discovered in Snitz Forums 2000. Version 3.4.04 is affected.

tags | advisory, xss
MD5 | 7012e9ae03857f86bff396165533b03b
Posted Jun 18, 2004
Authored by Drew Copley, http-equiv | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a security vulnerability in IBM's signed acpRunner activex. Because this application is signed, it might be presented to users on the web for execution in the name of IBM. If users trust IBM, they will run this, and their systems will be compromised. This activex was designed by IBM to be used for an automated support solution for their PC's. An unknown number of systems already have this activex on their systems. Version affected is

tags | advisory, web, activex
MD5 | 4c22845f70366becd0e2e3101582bfc9
Posted Jun 18, 2004
Authored by lowdownhaxor

Bit of information regarding the first cellular phone virus called Cabir being discovered.

tags | advisory, virus
MD5 | a80bf45246702e59461cf3d40b6c21ef
Cisco Security Advisory 20040616-bgp
Posted Jun 18, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory: A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet.

tags | advisory, denial of service, protocol
systems | cisco
MD5 | 0752dbcf53a837e2b7d7954fb5b85278
Posted Jun 18, 2004
Authored by Roy Hills | Site nta-monitor.com

Checkpoint Firewall-1 version 4.1 and later with IPsec VPN enabled will return an IKE Vendor ID payload when it receives an IKE packet with a specific Vendor ID payload. The Vendor ID payload that is returned identifies the system as Checkpoint Firewall-1 and also determines the Firewall-1 version and service-pack or feature-pack revision number. This is an information leakage issue which can be used to fingerprint the Firewall-1 system.

tags | advisory
MD5 | 291502ded47afbba3cc5408a4a3b50f2
Posted Jun 18, 2004
Authored by fryxar

Symantec Enterprise Firewall dnsd proxy, versions 8 and later, is vulnerable to cache poisoning attacks when acting as a caching nameserver. Full proof of concept exploit included.

tags | exploit, proof of concept
MD5 | ff4e422f5bdf7ce95c8bbba21561cd14
Page 1 of 2

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By