what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 36 RSS Feed

Files Date: 2004-09-10

alph-0.2.tar.gz
Posted Sep 10, 2004
Authored by Corcalciuc V. Horia | Site sourceforge.net

alph implements and analyzes historical and traditional ciphers and codes, such as polyalphabetic, substitutional, and mixed employing human-reconstructable algorithms. It provides a pipe filter interface in order to encrypt and decrypt block text to achieve transparency. The program is meant to be used in conjunction with external programs that transfer data, resulting in transparent encryption or decryption of information. The program can thus be used as a mail filter, IRC filter, IM filter, and so on.

Changes: Fixed playfair.
tags | encryption
SHA-256 | 513f8027101c4b71d47b66f0d5ac923f25cc01d337f140dbeb0b8d6830f214fa
subjects2.txt
Posted Sep 10, 2004
Site criolabs.net

The PostNuke Subjects module 2.x is vulnerable to multiple SQL injection attacks. Detailed exploitation provided.

tags | exploit, sql injection
SHA-256 | f2e43ce81a4b458af38d2996bd7bac9a704d17169dbb72af1dc7eb272204e227
haloboom.zip
Posted Sep 10, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Proof of concept denial of service exploit for Halo: Combat Evolved versions 1.4 and below which suffer from an off-by-one vulnerability.

tags | exploit, denial of service, proof of concept
SHA-256 | 279e28068546b26d15850b461f9ae8cba371825079e3efe747efcb055aab12fb
halo14.txt
Posted Sep 10, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Halo: Combat Evolved versions 1.4 and below suffer from an off-by-one vulnerability that can result in a denial of service.

tags | advisory, denial of service
SHA-256 | ab368723fc5910a5e72174769904c58f6bf0ed7dfd96ac0223fcb7fbb731516f
Gentoo Linux Security Advisory 200409-14
Posted Sep 10, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200409-14 - Samba is vulnerable to a remote denial of service attack due to out of sequence print change notification requests. Versions below 3.0.6 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
SHA-256 | 734c55be7f74b7105607ffc3f19c3b92fdd780cbdd9dac1ec2254fe1039e224d
fed.ipSpace.txt
Posted Sep 10, 2004
Authored by anonymous

A huge list of IP space for various Federal agencies. Interesting to cross reference to logs and see who may be accessing your web sites, etc.

tags | paper, web
SHA-256 | 73f31ee9cf759edddd06e96a9c43a4ceedd2b123dbb9551c20ef02cde5a19713
Echo Security Advisory 2004.6
Posted Sep 10, 2004
Authored by y3dips, Echo Security | Site y3dips.echo.or.id

1n BBS E-Market Professional is susceptible to remote command execution vulnerabilities via remote file inclusion and also has a full path disclosure flaw.

tags | exploit, remote, vulnerability, file inclusion
SHA-256 | 3d4f0cad3bf5909482a41b6cd90458a4c7d884937342ee058bb2ffbf732e9cd2
osxrk-0.2.1.tbz
Posted Sep 10, 2004
Authored by gapple

MAC OS-X rootkit that has a lot of standard tools included, adds a TCP backdoor via inetd, does data recon, and more.

tags | tool, tcp, rootkit
systems | unix, apple, osx
SHA-256 | 21e6ef5bbf484ae909d8e4ab55e0e47d82f7478c4941f5cca236f04306b9f98e
chroot_safe-1.2.tgz
Posted Sep 10, 2004
Authored by Henrik Nordstrom | Site chrootsafe.sourceforge.net

chroot_safe is a alternative method for chrooting dynamically linked applications in a sane and safe manner. By using a little dynamic linking trick it delays the chrooting until after dynamic linking has completed, thereby eliminating the need to have a copy of the binary or libraries within the chroot. This greatly simplifies the process of chrooting an application, as you often do not need any files besides the data files within the chroot. In addition to chrooting the application, it also drops root privileges before allowing the application to start.

Changes: This is mainly an update to increase portability to other platforms.
tags | root
systems | unix
SHA-256 | a7edcb94d5151e85cfca6aa29e7fa53b02ba44a136a77ce6928f25e9fff09d1d
base-0.9.7.1.tar.gz
Posted Sep 10, 2004
Authored by Kevin Johnson | Site sourceforge.net

BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.

tags | tool, web, sniffer
SHA-256 | 5e2de03ae3a29fbeb42b795289a23f1f27bbb4e951203b99eef70a1694be5de3
nufw-0.8.5.tar.gz
Posted Sep 10, 2004
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: Fixes an SSL related bug. Minor updates.
tags | tool, remote, firewall
systems | unix
SHA-256 | 0a355f80b17e169797c3ba872c4786c668cc8fa3dd3a3293e61372cb4899d27c
ArpSpyX-1.0-source.tgz
Posted Sep 10, 2004
Authored by Allen Porter | Site thebends.org

ArpSpyX is an ARP packet sniffer that displays a list of IP and MAC addresses found by analyzing ARP traffic on your network. It can be used to easily gather MAC addresses of network machines remotely, quickly identify new clients on your wireless network, and identify ARP poisoning attacks by tracking multiple MAC addresses for a single IP address.

tags | tool, sniffer
SHA-256 | a030c43f4e839d18e6f130674bc762c7831d43bed2bbf33cbd40797b64ef43bf
weplab-0.1.1-beta.tar.gz
Posted Sep 10, 2004
Authored by topolb | Site sourceforge.net

Weplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. Several attacks are available to help measure the effectiveness and minimum requirements necessary to succeed.

Changes: Automatic BSSID detection and selection if not specified with --bssid, Analyze (-a) now shows all packets per BSSID, Big endian issues fixed, Little fixes for windows platform.
tags | tool, wireless
SHA-256 | 184e0a6a76c2d05f1b27f32e7c164f6a2b57a8361b644492a11ac52f86539dda
Secunia Security Advisory 12492
Posted Sep 10, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in F-Secure Internet Gatekeeper 6.x and F-Secure Anti-Virus for Microsoft Exchange 6.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the exception handling in the F-Secure Content Scanner Server component. This can be exploited to crash a process in the component via specially crafted packets.

tags | advisory, denial of service, virus
SHA-256 | b3ca10c3e6df929147caeb5c692f7f7718af84037ebe064bdbe7ca9960545ca7
Secunia Security Advisory 12493
Posted Sep 10, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in MailEnable Professional and Standard 1.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing DNS responses. This can be exploited to crash the SMTP service by returning a DNS response containing over 100 MX records.

tags | advisory, denial of service
SHA-256 | f5b8aa714888662a42f8bbfaaa1434adcc6dda119cf4c088df06fc3f53402ddc
Gentoo Linux Security Advisory 200409-13
Posted Sep 10, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200409-13 - Several buffer overflows and a shell metacharacter command execution vulnerability have been found in LHa. These vulnerabilities can be used to execute arbitrary code. Versions 114i-r3 and below are affected.

tags | advisory, overflow, arbitrary, shell, vulnerability
systems | linux, gentoo
SHA-256 | 3f6655c18e8e9c6b298a4899b7be30784a18b4b8ae9377ad8e50072ac22cd18e
nx_back.c
Posted Sep 10, 2004
Authored by nitr0x | Site nitrox.xt.pl

Simple unix-based backdoor that is very compact and provides a bindshell.

tags | tool, rootkit
systems | unix
SHA-256 | d2da29c47b3ffc365cc6f096647ffb62a5dbc2a4f8fd08c29068fed3eb20d0c9
Secunia Security Advisory 12486
Posted Sep 10, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Emdros, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to a memory leak in the CFeatureDeclaration::TypeTypeCompatibility() function. This can be exploited to consume available system resources by issuing a large amount of malformed CREATE OBJECT TYPE or UPDATE OBJECT TYPE statements. Versions below 1.1.20 are affected.

tags | advisory, denial of service, memory leak
SHA-256 | 90af5467e7cf6e5b9248568c49e8662738511456e0f7b51b556f0b12a910b107
phpSQLnuke.pl
Posted Sep 10, 2004
Authored by bima tampan

Perl exploit that makes use of a flaw in PHP-Nuke 7.4 where an attacker can post to global home-page messages.

tags | exploit, perl, php
SHA-256 | 4cc09851766971746c5b08e98353c8b4df3cf74fec7ad589cdc3d141e138eea7
trillian074i.txt
Posted Sep 10, 2004
Authored by Komrade | Site unsecure.altervista.org

A buffer overflow vulnerability in the Trillian basic edition version 0.74i occurs in the MSN module when receiving a string of around 4096 bytes ending with a newline character from an MSN messenger server. This vulnerability is remotely exploitable but requires the use of a man-in-the-middle attack. Full exploit included.

tags | exploit, overflow
SHA-256 | 045f8b6357fcbfcb5e4a9b20c60a3c2a36c5c1fdbf410125e1aea34ddaf40e1a
cdr_exp.sh
Posted Sep 10, 2004
Authored by newbug

Local root exploit for cdrecord, which fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable.

tags | exploit, local, root
advisories | CVE-2004-0806
SHA-256 | 2871e27ea81a6a71a847badaf4a16cae0b8f374ea8a414b249ac51d9cffa940d
MDKSA-2004:091.txt
Posted Sep 10, 2004
Authored by Max Vozeler | Site mandrakesoft.com

Mandrake Linux Security Update Advisory - The cdrecord program, which is suid root, fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable. This can be abused by a local attacker to obtain root privileges.

tags | advisory, local, root
systems | linux, mandrake
advisories | CVE-2004-0806
SHA-256 | 6f38c8ce8d76f1228e8d3ca2e1b81434d0f2613330175e2b3a098eeec3ceb160
Gentoo Linux Security Advisory 200409-11
Posted Sep 10, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200409-11 - star contains a suid root vulnerability which could potentially grant unauthorized root access to an attacker. Versions below star-1.5_alpha46 are affected.

tags | advisory, root
systems | linux, gentoo
SHA-256 | 0a764fb0ae2a0a1b04bf81b961a04d56e2ddd3be02fad962dccb42f9025e8af6
Gentoo Linux Security Advisory 200409-12
Posted Sep 10, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200409-12 - ImageMagick, imlib and imlib2 contain exploitable buffer overflow vulnerabilities in the BMP image processing code.

tags | advisory, overflow, vulnerability
systems | linux, gentoo
SHA-256 | 376ef73790324660fa24345695c0cd32047f99fa788ed69b7787d37def69f456
Secunia Security Advisory 12476
Posted Sep 10, 2004
Authored by Stefan Nordhausen, Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability in net-acct can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. The write_list() and dump_curr_list() functions create temporary files insecurely. This can be exploited via symlink attacks to overwrite or create arbitrary files with the privileges of a user executing net-acct. The vulnerability affects version 0.71 and prior.

tags | advisory, arbitrary, local
SHA-256 | b396350780b8c1b8f374c9455b36472cd9ed1ffcecc1ac74c6273db16b32ce54
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close