what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 94 RSS Feed

Files Date: 2004-12-31

alph-0.7.tar.gz
Posted Dec 31, 2004
Authored by Corcalciuc V. Horia | Site sourceforge.net

alph implements and analyzes historical and traditional ciphers and codes, such as polyalphabetic, substitutional, and mixed employing human-reconstructable algorithms. It provides a pipe filter interface in order to encrypt and decrypt block text to achieve transparency. The program is meant to be used in conjunction with external programs that transfer data, resulting in transparent encryption or decryption of information. The program can thus be used as a mail filter, IRC filter, IM filter, and so on.

Changes: Minor corrections and a facelist.
tags | encryption
SHA-256 | 63d5ba9842d5de0738638ceb7be659563822a2f5a0d865d998d7db3c29d53c73
rkhunter-1.1.9.tar.gz
Posted Dec 31, 2004
Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: Added support and hashes for various OSes.
tags | tool, shell, perl, integrity, rootkit
systems | netbsd, unix, solaris
SHA-256 | bc3163c8b5ceaa27a0a38daac6146987dba202b556b8fe7a7e3fe136f528d9eb
listener-0.8.tgz
Posted Dec 31, 2004
Authored by Folkert van Heusden | Site vanheusden.com

This program listens for sound. If it detects any, it starts recording automatically and also automatically stops when things become silent again.

Changes: Added external filter support.
systems | linux
SHA-256 | 7746d6db4f2fc9c25f6eadf76a52e43e061078ee954a7016e9815714efa1bb78
scrutinizer-1.02.tar.gz
Posted Dec 31, 2004
Authored by Markus Roth | Site solutix.ch

The scrutinizer toolkit is designed to protect Web servers from HTTP (D)DoS attacks. It is a toolkit consisting of an analysis engine which analyzes Web server access logfiles in almost real time, an Apache module which is able to block wrongdoers on the Web server, an extension to block offenders with netfilter firewalls, and a set of visualization tools. The analysis engine uses statistical anomaly detection to expose offenders. The engine has to be trained with old log files so that it can adapt itself to your system.

tags | web, denial of service
SHA-256 | 3b5c3fcb0185c82c422da19ec48bef0aa8aa70190c1c6004f02a7d7f8184948d
Secunia Security Advisory 13634
Posted Dec 31, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Nicolae Mihalache has reported a security issue in avelsieve, which potentially can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | e6099b09429b5723bc67aa32914de8949b1f76b3cb0e3e7fdffaae0813df7fb8
phpbbworm2.tgz
Posted Dec 31, 2004
Authored by Herman Sheremetyev

New version of the phpBB worm that successfully works against a patched phpBB 2.0.11. The scripts in this tarball are the worm itself and the bot that is installed.

tags | exploit, worm
SHA-256 | 16b732162c823b5b45b96caf698d1e229ba187473030bd0dc6a87b8f4118faa4
STG Security Advisory 2004-12-20.16
Posted Dec 31, 2004
Authored by STG Security | Site stgsecurity.com

STG Security Advisory: An input validation flaw in ZeroBoard versions 4.1pl4 and below can allow malicious attackers the ability to run arbitrary commands with the privilege of the HTTPD process, which is typically run as the nobody user.

tags | exploit, arbitrary
SHA-256 | c308b0793660dff9bacda679d6ea1adf0cf46f3c7d0c38cbc80870f869879079
ieTrick.txt
Posted Dec 31, 2004
Authored by Albert Puigsech Galicia

Internet Explorer will accept %0a and %0d in URLs. In FTP URLs, it will accept them in the username part of the URL. Due to the similarity between the FTP and SMTP protocols, this can be used to send mail.

tags | advisory, protocol
SHA-256 | e2e71c2a7f12cac58fb231beaf48bf5b486852f8767f80078d2102127d129720
plesk700.txt
Posted Dec 31, 2004
Authored by Andrew Smith

Plesk, a popular server administration tool used by many web hosting companies, is susceptible to cross site scripting flaws.

tags | advisory, web, xss
SHA-256 | 561ab831ef114785159c21d59981cca959a4a7af271cbe8bf055ab77f58d6fb2
phpbb-url.pl
Posted Dec 31, 2004
Authored by Alberto Trivero | Site albythebest.altervista.org

Simple tool to automate the creation of the URL needed to exploit phpBB versions below 2.0.11 using the viewtopic.php vulnerability.

tags | exploit, php
SHA-256 | 97f48c8238366a517072f68c8271d01c882853ab1bf9dc15f358fd99045e5759
SSRT4699.txt
Posted Dec 31, 2004
Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with System Administration Manager (SAM) running on HP-UX that may allow local unauthorized privileges. Affected Versions: HP-UX B.11.00, B.11.11, B.11.22, and B.11.23.

tags | advisory, local
systems | hpux
SHA-256 | 319afe43d1b320a755cd24871491338f3e486749a9432161423cb91beaa6d5ca
shoutcast194.c
Posted Dec 31, 2004
Authored by Damian Put, Tomasz Trojanowski | Site cc-team.org

SHOUTcast DNAS/Linux version 1.9.4 format string remote exploit. Tested on slackware 9.1 and 10.0. Bind a shell to port 7000.

tags | exploit, remote, shell
systems | linux, slackware
SHA-256 | d2c5f4ccf6da4f8162e3796a3521048971da31a1653d14c5d1dc589793cbd7bd
Secunia Security Advisory 13635
Posted Dec 31, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Rpm Finder, which can be exploited by malicious people to compromise a user's system and by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local, vulnerability
SHA-256 | 235e6abaff83d84e633690fa2b9e2648da4e8b729ea43505e4774ecdebf54457
Next Generation Security Advisory 223122004L
Posted Dec 31, 2004
Authored by David Litchfield, NGSSoftware | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR2122004L - IBM's DB2 database server contains a procedure, generate_distfile. This procedure suffers from a stack based buffer overflow vulnerability. Systems Affected: DB2 8.1/7.x.

tags | advisory, overflow
SHA-256 | 3ef55a702511cb8221131c88341c2991b45a10ee7c8b153e5ddda2eb0ad3028e
Next Generation Security Advisory 223122004K
Posted Dec 31, 2004
Authored by Mark Litchfield, NGSSoftware | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR2122004J - IBM's DB2 database server contains a function, rec2xml, used to format a string in XML. This function suffers from a stack based buffer overflow vulnerability. Systems Affected: DB2 8.1/7.x.

tags | advisory, overflow
SHA-256 | b8613611d22ef6e27ef52155f6315c5d527c17d33199e9824cdca2fd21abca6f
oracle23122004J.txt
Posted Dec 31, 2004
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR2122004J - The code for PL/SQL procedures can be encrypted or wrapped to use the Oracle term. When a wrapped procedure is created a buffer overflow vulnerability can be triggered. Systems Affected: Oracle 10g/9i on all operating systems.

tags | advisory, overflow
SHA-256 | 6b25554fd71f5fe123c25e28820f4b1f31d38e591f699777f1bf2d6ed93ae82c
oracle23122004H.txt
Posted Dec 31, 2004
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR2122004H - Oracle 10g and 9i suffer from multiple PL/SQL injection vulnerabilities. Systems Affected: Oracle 10g/AS on all operating systems.

tags | advisory, vulnerability, sql injection
SHA-256 | 6e5d05e4c37be6abe44d5313fc7449e528c71dc7700e7622039d9692cc8be6e9
oracle23122004F.txt
Posted Dec 31, 2004
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR2122004F - The 10g Oracle TNS Listener is vulnerable to a denial of service vulnerability. Systems Affected: Oracle 10g on all operating systems.

tags | advisory, denial of service
SHA-256 | af6b33695e7d0331269bb9875337f50a3075042eadab32b1f8486a07d3fb6a67
oracle23122004E.txt
Posted Dec 31, 2004
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR2122004E - The 10g Oracle Application Server installs ISQL*Plus. Once logged in, an attacker can use load.uix to read files on the server. Systems Affected: Oracle 10g AS on all operating systems.

tags | advisory
SHA-256 | 41e4563892e55bab629dadaa582258738d586ada2b237ca6ef0b6b3ebb0209ca
oracle23122004D.txt
Posted Dec 31, 2004
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR2122004D - The 10g Oracle database server may have passwords in clear text in world readable files. Systems Affected: Oracle 10g on all operating systems.

tags | advisory
SHA-256 | d3b0b872bbed09a293cc3e6d16fa8f3fd84179096e93c1d42e83f550db052afe
oracle23122004C.txt
Posted Dec 31, 2004
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR23122004C - The Oracle database server supports PL/SQL, a programming language. PL/SQL can execute external procedures via extproc. Extproc is intended only to accept requests from the Oracle database server but local users can still execute commands bypassing this restriction. Systems Affected: Oracle 10g/9i on all operating systems.

tags | advisory, local
SHA-256 | d564ebb6b5748561ebcce49b8dface7849a65669daeb969695defa9c396adb17
oracle23122004B.txt
Posted Dec 31, 2004
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR23122004B - The Oracle database server supports PL/SQL, a programming language. PL/SQL can execute external procedures via extproc. Extproc has been found to suffer from a directory traversal problem that allows attackers access to arbitrary libraries. Systems Affected: Oracle 10g/9i on all operating systems.

tags | advisory, arbitrary
SHA-256 | 25c8b9a1837b4ad345045e140f4a5f8d0598d3455a856d252b974d56dca2fd4d
oracle23122004.txt
Posted Dec 31, 2004
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR2122004A - The Oracle database server supports PL/SQL, a programming language. PL/SQL can execute external procedures via extproc. Extproc has been found to suffer from another buffer overflow vulnerability. Systems Affected: Oracle 10g on all operating systems.

tags | advisory, overflow
SHA-256 | 40555a31fe2e6ad6539966721ecc71750f0e9aab14788315d6ec9c0e5f421632
oracle23122004G.txt
Posted Dec 31, 2004
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR2122004G - Due to character conversion problems in Oracle 10g with Oracle's Application server it is possible to bypass pl/sql exclusions and gain access to the database server as SYS. Systems Affected: Oracle 10g/AS on all operating systems.

tags | advisory
SHA-256 | 8d1abd33755d60617a7f206475214c1c02523008459acccc97aaeff0494e01ba
oracle23122004I.txt
Posted Dec 31, 2004
Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR2122004I - Database triggers exist to help maintain data integrity and perform certain actions when a table's data is modified. Many of the default triggers in Oracle can be abused to gain elevated privileges. Systems Affected: Oracle 10g/9i on all operating systems.

tags | advisory
SHA-256 | e72c95ea02cc6dce6f0b00cfde315e1752b174373db4397eb16a6eb2becf9523
Page 1 of 4
Back1234Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close