Parses all the IP addresses out of a text file.
7ee6a159f70bacc23298381418e81dc3270178e79e5e5aa2fca6094169a31b2cInternet Explorer 5.0 under Windows 95 and WinNT 4.0 (suppose Win98 is vulnerable) allows reading local files and text/HTML files from any domain. Window spoofing is possible. It is also possible in some cases to read files behind fiewall. Example code here.
ae28152f3141ef6c3d473a077670277333c83e16b166924e3ecccd5099c6e352A combination of well known DoS attacks, including the new IGMP/STACK windows 98/2000 bug.
eb60c7bbbe0fd56a3e85599a01322462c2fdd8a847f25d13e3946da9053d02bfSimple denial of service attack against Windows98/95/2000/NT Machines. Sends random, spoofed, ICMP packets with randomly choosen ICMP error codes. Result: Freezes the users machine or a CPU usage will rise to extreme lag. Tested on: 2.0.35, 2.2.5-15, 2.2.9, and 2.0.36.
a34419b9c97a97e204d430651d4d366a08dfd341003378c9521826a77759a530There are potential problems with file access checking in the lpr and lpd programs. These could allow users to potentially print files they do not have access to.
e07c08619c2fb583c21126d232a90aff1fd7b271ca7a7c9118b1cf1b84a8f84dThere might be a really nasty stack smash bug in linux-2.2.12 and 2.0.38. If I am reading this correctly, the implications of this bug could be very dire. It may be possible to easily obtain root privilege on any box running this kernel. Includes comments by Alan Cox.
26882e3fac59928336c10c9962f8a3f5cce1846683fd03a227f0f61b771d35beA serious security hole has been found in the web configuration utility that comes with OpenLink 3.2. This hole will allow remote users to execute arbitrary code as the user id under which the web configurator is run (inherited from the request broker, oplrqb). The hole is a run-of-the-mill buffer overflow, due to lack of parameter checking when strcpy() is used.
b36a8272ac716effd911a885be7e5ec3e74fe7e469278cc4955a647b5a86bbe3Redir is a port redirector. Its functionality basically consists of the ability to listen for TCP connections on a given port, and, when it recieves a connection, to then connect to a given destination address/port, and pass data between them. It finds most of its applications in traversing firewalls, but, of course, there are other uses. It can run under inetd or stand alone (in which case it handles multiple connections). It is 8 bit clean, not limited to line mode, is small and light.
0892748e04afd7bc36a12511a51a2073bf809560d48e49db309f9af1cdb55506pss.php3
c231c024dc475fb922e27c86d44753146e61ab196e2dc58d111ec2607e7b5c3eiplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic, though adding support for other protocols should be relatively easy. iplog 2.0 is complete rewrite of iplog 1.x by behe <eric@ojnk.net>. As such, it contains all the features supported by iplog 1.x, including a built-in DNS cache, the ability to detect port scans, null scans, and FIN scans, "smurf" attacks, and bogus TCP flags (used by scanners to detect the operating system in use). iplog 2.0 adds detection of Xmas scans, ICMP ping floods, UDP scans, and various IP fragment attacks. As mentioned above, iplog 2.0 has a packet filter.
ff5147246cf34d189e79e87c6d49b2e1487617532ec9d9f6b643394567e296c7Ethernet Packet Sniffer 'GreedyDog' Version 1.30. Unyun
e3fe7aef03b7b6c4070f3c0b13f7a9ae417b4162816b8a3ff5df5e5988004419lids is an intrusion detection system patch for the Linux kernel; it can protect important files from being changed. When it's in effect, no one (including root) can change the protected files or directories and their sub-directories. First release.
876cfbda1720c31debfa343471e807d720b478388d1840e06c0a90c0be175976PacketX 1.0 is a native Windows NT firewall testing tool that allows for complete TCP/IP packet creation. It creates packets to be 'fired' at a firewall in validation tests so that firewall rules can be confirmed. PacketX[tm] contains complete TCP/IP packet spoofing technology in order to verify the approval/denial of internet domain address against firewall ACL's. Freeware version.
4c35e611d93dad2d380a1e9f3e54a132c151acf2d5fc5d0e14e626923b7725b3Yet Another Wingate Scanner (YAWS) Version 0.1.
1e321a08d3f5472a712fdfbdbbb470dd8f42a2f100e6e751422294ebac6dcf44Update to ms99-042, released Oct. 15. Updated patch availability. The IE 5 security model normally restricts the Document.ExecCommand() method to prevent it from taking inappropriate action on a user's computer. However, at least one of these restrictions is not present if the method is invoked on an IFRAME. This could allow a malicious web site operator to read the contents of files on visiting users' computers, if he or she knew the name of the file and the folder in which it resided. The vulnerability would not allow the malicious user to list the contents of folders, create, modify or delete files, or to usurp any administrative control over the machine.
368f46701e13ab6e23ee4e12a95583ca7ffd7eacdd5e56b4c0404fe1899040dbAny user may overwrite any file with group auth (i.e. /etc/shadow, /etc/passwd) using /etc/sysadm.d/bin/userOsa.
efdff100c4986b360fdb21f715839b67fb3d8d0b39aa721df77706513060b1a7An overflow in /opt/K/SCO/Unix/5.0.5Eb/.softmgmt/var/usr/bin/cancel which will allow any user to gain lp privs.
9a4e597b84c8c1eb31bb630c9cc574cac8e99b62e17a606be42a39e44a6790f1Windows 95 updated RDS exploit.
149a610621db59471d4420731c09658ea691396164cc0d8d1ac34ce2e22ef793IE 5.0 vulnerability - reading local (and from any domain, probably window spoofing is possible) files using IFRAME and document.execCommand. Includes exploit. Demonstration code Here.
9675de24df2217c21e2f6231a2c519019a809807235ded9783257956a7c2f796WinNT.Infis is an executable file with .EXE extension that installs itself as a native Windows NT system driver. Alert from Finjan
23e7fbdac27458b692f699f8b02855358119285d3d4e180ca6f8cd287273b70amultithreaded telnet toy first seen on palante's DefCon 7 CTF server. Waits for a incoming connection, port scans the source IP, and forwards the tcp connection back to one of the open TCP ports on the source IP.
3fe5fbb7e8645bc3f727dd1d289575575ded8656f7a9147c5a91414d5c07a22cThe NASHUATEC D445 printer is vulnerable to many attacks
394d23effdf942f93c8f35952664715426d28a4501b41528f8f01ed69afed5fcThe Veganizer is a spam counter-attack. It searches the headers of a specified message for all associated IPs and Domains, then sends mail to pre-specified addresses at those servers (abuse@, postmaster@) as well as addresses found by a whois query on the IPs/Domains. The mail sent will also include the original message with full headers.
269eb9c4b6ca3f3682eadc3e191298bd93cccb8ccb1c7946fd5bdd3d79c2675dUpdated paper on Intrusion Detection under Windows NT. This should make things a bit clearer. Microsoft Powerpoint presentation.
a45c068425c0bf5d041f5c876d0ebd0469a3d384c7bcf037e4daf643457ae7c9The SINUS firewall. For linux 2.2.x kernels. The only firewall under linux with a portable GUI interface, which works with JDK 1.2 under Windows, Linux, OS/2, Solaris and more. This version fixes some problems with tcp reject on 2.2.x kernels. (Official Site)
49bc21952d4aa94003d1b9bd563328ddb8dbd9eb1370cdfe12828435250253d4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed