accept no compromises
Showing 1 - 25 of 228 RSS Feed

Files Date: 2004-11-01 to 2004-11-30

psad-1.4.0.tar.gz
Posted Nov 28, 2004
Site cipherdyne.org

Port Scan Attack Detector (psad) is a collection of four lightweight daemons written in Perl and C that are designed to work with Linux firewalling code (iptables and ipchains) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate. Changelog available here.

Changes: p0f-style passive OS fingerprinting has been added through the use of the OPT field in iptables log messages. There is a bugfix for iptables log messages that include TCP sequence numbers, in addition to other bug fixes.
tags | remote, kernel, udp, perl, tcp
systems | linux
MD5 | f932bc9063810a8798fbc4c9730be9a4
ftp-spider.pl
Posted Nov 25, 2004
Authored by Nithen Naidoo

FTP server spider, written in perl. Scans a ftp server to get the entire directory structure, detect anonymous access and writable directories, and look for user specified data. Not tested against Windows ftpd.

tags | tool, scanner, perl
systems | windows, unix
MD5 | e8c27b5dfc647be35cefe32afd5bd366
relay.v4.c
Posted Nov 24, 2004
Authored by Thun

This forwards connections on any port you want to any host & port you like. Added the ability to select which device to listen on. Based on Laq's relay.3.

tags | tool
systems | unix
MD5 | 8e550e97fcbd9798504057657196313e
iDEFENSE Security Advisory 2004-11-22.t
Posted Nov 24, 2004
Authored by Jouko Pynnonen, iDefense Labs | Site klikki.fi

iDEFENSE Security Advisory 11.22.04 - J2SE prior to v1.4.2_06 contains serious remote vulnerabilities which allow applets loaded in browsers to load an unsafe class, and write to any file on a users system. IE, Mozilla, and Firefox can lead to compromise on Linux and Windows systems if a malicious web page is loaded.

tags | advisory, remote, web, vulnerability
systems | linux, windows
advisories | CVE-2004-1029
MD5 | 589ce64427e67a02d8109eeaf1fd0809
cryus.imap.2.2.8.txt
Posted Nov 24, 2004
Authored by Stefan Esser | Site security.e-matters.de

Cryus v2.2.8 and below contains four remote vulnerabilities, including one which is pre-authentication. Fix available here.

tags | advisory, remote, vulnerability
advisories | CVE-2004-1011, CVE-2004-1012, CVE-2004-1013
MD5 | d4db20d02f1bf3f8bb227f7379525a1a
SecureCRT_Remote_Command_Execution.pdf
Posted Nov 24, 2004
Authored by Brett Moore SA | Site security-assessment.com

SecureCRT v4.1 and below contains a remotely exploitable command execution vulnerability. Patch available here.

tags | advisory
MD5 | 47bd4d35a9f090227c841786ea8584b3
Winamp_IN_CDDA_Buffer_Overflow.pdf
Posted Nov 24, 2004
Authored by Brett Moore SA | Site security-assessment.com

A remotely exploitable stack overflow has been found in Winamp version 5.05 and below which allows malformed m3u playlists to execute arbitrary code. Fix available here.

tags | advisory, overflow, arbitrary
MD5 | 7b3cfd0296132b1fdbd30266a79b6e9c
b4b0-phpbb.tgz
Posted Nov 24, 2004
Authored by evilrabbi

PhpBB v1.0.0 - 2.0.10 remote exploit which takes advantage of a bug in admin_cash.php. Opens a back door on a tcp port.

tags | exploit, remote, php, tcp
MD5 | 3f3f2f16c17761e910f11a2cb42cc9c0
ecl-channel.adv
Posted Nov 24, 2004
Authored by ECL Team

Local user input handling vulnerabilities exist in WCI's TC-IDE Embedded Linux prior to v1.54 which allow local users with access to the tools provided with the system to spawn a root console, gaining full control over the running Linux operating system. In corporate environments where this product is being used, such vulnerabilities could cause disastrous effects, all users are encouraged to update to the latest firmware ASAP.

tags | exploit, local, root, vulnerability
systems | linux
MD5 | 2eb22b307cc833cd042d1b49d8b116c4
Openwall Linux Kernel Patch
Posted Nov 24, 2004
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: 2.4.28-ow1 fixes a number of security-related bugs, including the local root ELF loader vulnerabilities discovered by Paul Starzetz, a race condition with reads from Unix domain sockets (potential local root), and smbfs support vulnerabilities discovered by Stefan Esser (remote DoS by a malicious smbfs server; potential: remote root by a malicious smbfs server).
tags | overflow, kernel
systems | linux
MD5 | a17719c83b71c328ef92b53761f3819a
mailtraq-update.txt
Posted Nov 24, 2004
Authored by Travis Schack

Mailtraq Version 2.6.1.1677 remote exploit which allows SYSTEM level access while using the Mailtraq administration console. Requires a Mailtraq admin account.

tags | exploit, remote
MD5 | 427df7d3b6fffda815a1a52caea03bb8
efuzz01.zip
Posted Nov 24, 2004
Authored by priestmaster | Site priestmaster.org

Efuzz is an easy to use Win32 tcp/udp protocol fuzzer which finds unknown buffer overflows in local and remote services. Uses config files to define the range of malformed requests. Includes C source, released under GPL.

tags | remote, overflow, local, udp, tcp, protocol, fuzzer
systems | windows, 32
MD5 | 3c8c380489c496390c8128be757b1a5d
proz_ex.c
Posted Nov 24, 2004
Authored by Serkan Akpolat | Site deicide.siyahsapka.org

Prozilla-1.3.6 remote client side stack overflow exploit, tested against current Gentoo, slackware, Debian, and suse.

tags | exploit, remote, overflow
systems | linux, suse, slackware, debian, gentoo
MD5 | 9a0268a366aa17a0540e97e9a3beee8c
Cisco6509_Reverse.tar.bz2
Posted Nov 21, 2004
Authored by Milos Koprla

Simple C tool and binutils patch with step by step description (HowTo_Reverse_engineering_Cisco_image.html) how to convert cisco image to MIPSIV file for reverse engineering. Allows you to dump and disassemble the text section, tested on a Cisco Catalyst 6509.

systems | cisco
MD5 | 69b035d8d5ac135be7f12daf7e8c93d6
phpbb.php.txt
Posted Nov 20, 2004
Authored by Pokleyzz, How Dark | Site howdark.com

Remote command execution exploit for phpBB 2.0.10 that makes use of a flaw in the viewtopic.php code.

tags | exploit, remote, php
MD5 | f921925d25c8aefc535037fe9d34cefd
Gentoo Linux Security Advisory 200411-29
Posted Nov 20, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-29 - unarj contains a buffer overflow and a directory traversal vulnerability. This could lead to overwriting of arbitrary files or the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
MD5 | d64e8594bc3721d95c03e41c483c0370
20041119.IESP2Unpatched.html
Posted Nov 20, 2004
Authored by cyber flash | Site k-otik.com

Microsoft Internet Explorer (including IE for Windows XP SP2) is reported vulnerable to a file download security warning bypass. This unpatched flaw may be exploited to download a malicious executable file masqueraded as a HTML file. Full exploitation given. Original posted on k-otik.

tags | exploit
systems | windows, xp
MD5 | efd4da6639e3f50e0df00ddbd6efee64
2427surprise.txt
Posted Nov 20, 2004
Authored by Paul Starzetz | Site isec.pl

A subtle race condition in Linux kernels below 2.4.28 allow a non-root user to increment (up to 256 times) any arbitrary location(s) in kernel space. This flaw could be used to gain elevated privileges.

tags | advisory, arbitrary, kernel, root
systems | linux
MD5 | 42de458b8f020d22510cbfb0a1a95d9e
Corsaire Security Advisory 2004-07-20.1
Posted Nov 20, 2004
Authored by Stephen de Vries, Corsaire | Site penetration-testing.com

Corsaire Security Advisory - The aim of this document is to define a vulnerability in the Netopia Timbuktu 7.0.3 product for Mac OS X that suffers from a buffer overflow.

tags | advisory, overflow
systems | apple, osx
advisories | CVE-2004-0810
MD5 | 1444e99d41aca0d1fe6e55cfef2f2a69
Corsaire Security Advisory 2004-06-19.1
Posted Nov 20, 2004
Authored by Martin O'Neal, Corsaire | Site penetration-testing.com

Corsaire Security Advisory - The aim of this document is to clearly define several vulnerabilities in the Danware NetOp Host product that suffers from multiple information disclosure issues.

tags | advisory, vulnerability, info disclosure
advisories | CVE-2004-0950
MD5 | 62ac9ea687c7f3b8d3f743ef6881f1f0
opera754.txt
Posted Nov 20, 2004
Authored by Marc Schoenefeld | Site illegalaccess.org

Opera 7.54 is vulnerable to leakage of the java sandbox, allowing malicious applets to gain privileges. This allows for information gathering as well as denial of service effects.

tags | advisory, java, denial of service
MD5 | a67b11d7269a7f701fd1a3682d495e7b
aclient.txt
Posted Nov 20, 2004
Authored by Reed Arvin

Altiris Deployment Solution 5.6 SP1 (Hotfix E) suffers from a privilege escalation flaw that allows for SYSTEM level access. Step by step exploitation given.

tags | exploit
MD5 | 1be9fdc191a6ebdcdd6f90985f998910
zoneAdBlock.txt
Posted Nov 20, 2004
Site zonelabs.com

ZoneAlarm Security Suite and ZoneAlarm Pro have been updated to address a vulnerability in their ad-blocking functions.

tags | advisory
MD5 | 491b70c200644db74a75979fec666aef
mailtraq.txt
Posted Nov 20, 2004
Authored by Reed Arvin

A privilege escalation technique can be used to gain SYSTEM level access while using the Mailtraq administration console. Mailtraq Version 2.6.1.1677 is vulnerable.

tags | exploit
MD5 | 570f63e06a088944b32ac1db1e0bb12f
slmail5x.txt
Posted Nov 20, 2004
Authored by muts | Site whitehat.co.il

SLMail 5.x POP3 remote PASS buffer overflow exploit that binds a shell to port 4444. Tested on Windows 2000 SP4.

tags | exploit, remote, overflow, shell
systems | windows, 2k
advisories | CVE-2004-0942
MD5 | 2f39531126d87191b5ceaf073ca81878
Page 1 of 10
Back12345Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    14 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close