This advisory is a quarterly update on backdoors for the Windows 9x and Windows NT operating systems. The focus of this advisory is NetBus 2.0 Pro. The final version of NetBus 2.0 Pro was released on February 19. The new version of NetBus is not distributed as a backdoor, but as a Remote Administration and Spy Tool. Due to the proliferation of NetBus and its common use in attacks across the Internet, NetBus 2.0 poses a significant risk with its new functionality and enhanced network communication obfuscation. The default installation of NetBus 2.0 Pro (NB2) does not hide itself from the user, but it does support an Invisible Mode to prevent users of infected machines from noticing the software. The version of NB2 available on the Internet notifies users upon installation, however attackers can easily hide the installation with slight modification.
cd10cdf945a84b52cb74e1c0118d944bbca9ce7af38baf9d4d6419a07b3eae76Internet Security Systems (ISS) X-Force has discovered a vulnerability in the system administration utility, Super. Super is used by administrators to allow certain users to execute commands with root privileges. The vulnerability is distributed with Debian Linux. It may allow local attackers to compromise root access. Super is a GNU copylefted package that is distributed with recent Debian Linux distributions, but it can be installed and configured for many Unix variants.
67dce6cd66e8aba84870b80ca864c1e6da87e58a9d0b3d36d4aa6b0deabedc5bPatch advisory for Sun Microsystems. Please read for details.
c7766b4565bba980388b7a8bbe2d11a1a6d2881f6e3e20fbb214fe6295f70860Patch advisory for Sun Microsystems. Please read for details.
02d0417b6505d83d05e1569d779d1e5d4d38e685e3e8c6f62bfda5315e33ececPatch advisory for Sun Microsystems. Please read for details.
8ed7a147f5302b8b5ec7e91c6b71fe9742c74ff4ca080d01b7688ff879a82eabBrutus obtains username / password pairs using simple dictionary attack. Uses the following protocols: Pop3, ftp, imap, telnet, web server passwords, routers, and switches. <a href="http://www.hoobie.net/brutus">
9ad6f59b91f17c149c11236f088bce1468c50c4fd3f25c80ad57ca99f6f857eePatch advisory for Sun Microsystems. Please read for details.
ea73c9feb6b6e05af1f7fc39cea2adaf5e5da28ff5eee6a4e39dffbc2ff7f097Patch advisory for Sun Microsystems. Please read for details.
9e4ba2689ac1736b9912c46f2a920c432d2d4a0670de5b8844634889875e66f8Patch advisory for Sun Microsystems. Please read for details.
0f174120d04dbbcd7f73423fcfa64b9fc203f964922aec5abf0fb14e214c8d93Remote Explorer is an application that runs on Microsoft Windows NT(tm) systems and is capable of behaving as either a virus or a worm. The virus has only been found on limited portions of one corporate network. At this time, there are no confirmed reports of Remote Explorer being found on any other networks.
a2cde0ea8ae5f05e44f1c904cf4a858a6b9957466f2a450e2474b06c647af09bInternet Security Systems (ISS) X-Force discovered three vulnerabilities in the Computer Associates ControlIT enterprise management software package. ControlIT contains vulnerabilities that allow an attacker with local access to a network or machine on which ControlIT operates to obtain username and password information or reboot machines without authorization.
10f82611da3e456519583a4603766002201aae1b13f39f27298b433f413e573bInternet Security Systems (ISS) X-Force discovered a vulnerability in the BackWeb Technologies (http://www.backweb.com/home.html) BackWeb Polite Agent Protocol that allows a user on a local network on which BackWeb clients operate to spoof a BackWeb server. Hardware and software vendors often include BackWeb software in their distribution to facilitate remote distribution of software updates.
ae269c6d4072280c3da1cd55a1677f932247aa4a7b941f1c4bf98508410b7bc3This advisory covers a number of miscellaneous issues regarding HP JetDirect printer interface cards and print servers of various vintage. HP has addressed many of these issues in newer JetDirect print server products (Fall 98). More information about newer products and upgrades are available from HP contact representatives.
bb3aa5cce539f0e7457f2fbfb8038dd15874927d5cb8cb36a88de0f03b09bbb9One or more operating systems, popular for use in intelligent embedded controllers or PLCs (Programmed Logic Controllers), may have network protocol stacks which are vulnerable to certain classes of ICMP Redirect attacks. Vulnerable controllers are prone to hang or shutdown shortly after receiving the attacking packets. The failure can extend even to their non-network functionality and can cause the controlled equipment to fail. There exists a significant possibility of the controlled equipment being left in a non-safe or inoperable condition, possibly leading to physical damage.
d8b2d01b1c279c093c6b2dcfa4da13bd984eb153946fc7d2317bba01b044ed8c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed