More information on the vulnerability described in ms99-061, a problem in IIS that causes it to parse invalid escape sequences, allowing a carefully made string to bypass IDS systems, ISAPI filters, and extension handlers. Includes a perl script to test for vulnerability.
ef40568ad6b25c2ee06d8471ee964346dcb723886938cecd3b91cb78e396a9a0Unixware 7 Vulnerability - Any local users can exploit a bug in rtpm to gain "sys" privileges.
67a0fa19005aafa9242d3fbfa9e854feb7e4cfe89d0badb133bbc369c9e2471eRecovery of supposedly erased data from magnetic media is easier than what many people would like to believe. A technique called Magnetic Force Microscopy (MFM) allows any moderately funded opponent recover the last two or three layers of data written to disk. Wipe repeadetly overwrites special patterns to the files to be destroyed, using the fsync() call and/or the O_SYNC bit to force disk access.
80556ae453a20cddc8f5722425fb2bd0f65d1c6a47fed3a6f710036dfdc64acareltunnel - Offers a reliable data channel over unreliable protocols.
441ede0a7fa2af972ab873891120c2ef966f24a225fcbbd4ca2fc7cc2a51320dicmptunnel encapsulates data in ICMP frames. The usual mode of operation is tcp/ip forwarding, one icmptunnel will be set up on a blocked machine (behind a firewall) listening on TCP/IP port X. The other icmptunnel will be set up on a nonblocked machine (somewhere on the internet) connected to a local service (such as port 23, telnet). Data received on the blocked machine's tcp/ip socket will be encapsulated in an ICMP packet of users choice (ICMP_ECHO, ICMP_ECHOREPLY, ICMP_TIMESTAMP, etc..) and sent to the nonblocked machine. This machine will identify the packet as encapsulated data, decapsulate the data and forward it on to its tcp/ip socket connected to the telnet daemon. The telnet daemon responds with some data, icmptunnel on the nonblocked machine encapses the packet and sends it back to the blocked machine (ICMP type still user definable).
e414eb5c22d711054cf1a16559c6d88f0e38880d80e83e40f639eca897217a32LinGate is a powerful network gateway software. It provides security to your networks, allowing access to external world in safe and secure manner. LinGate has access control mechanism to restrict access to its services. It can even perform different services for requests from different IPs on the same LinGate port. Once setup, LinGate requires no operators, and can be configured remotely using KLinGate interface which will be designed for KDE and jLinGate which will be designed for the Java platform.
899374fb1e9db1eada77929718f86176ae9e101b02e78b44115646b49085903aFirewalking is a technique developed by Mike Schiffman and David Goldsmith that employs traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks. Firewalk the tool employs the technique to determine the filter rules in place on a packet forwarding device. The newest version of the tool, firewalk/GTK introduces the option of using a graphical interface and a few bug fixes.
abca0e11c8a13b172277159c158ef59459718014b5ddb721b1854918bb4d79e9Fork Bomb Defuser is an easily loadable kernel module for Linux which detects, logs, and disables "fork bombs". It allows you to configure max_forks_per_second and max_tasks_per_user parameters at module load time. Any possible fork bomb that attempts to spawn a huge number of processes simultaneously is detected in real time, and the fork bomb is disabled.
d19bf461b3abf88a4b41ca410eb230f5c7e9d431093ec5c02324bd436fa21d5fSecure FTP (sftp) implements a file transfer protocol using ssh/rsh as the transport mechanism. When the client is invoked, a remote shell is spawned and the server is run. sftp is mainly useful over a secure ssh session since passwords are not exposed. It also has the advantage that no root access is required, since the server runs as a user process.
e303ca7e6994901dfff9ed6e49e557e57f6593de2cef71b1d5b212fe0dd555f3Secure Sunos shell script. Disables a few commonly exploited holes.
322c583635c8fbd0e1b5abdf4a0e7777cc242083eecc4248c2fff3b71da1ffb2Aps is a small tool for analyzing network traffic. It prints out a great deal of information about the relevant protocols including TCP, UDP, and ICMP. It allows you to filter IP addresses, hardware addresses, ports, and specific protocols.
a1e4551b59a005abbced8537c5ac1d052efca6863efed3e41688db0cc14a0c1eEvery single file available on buffer overflow mentions that strcpy(), etc, but for some reason no one has noticed that 'cin >>' is also a problem. cin is an extremely commonly used function in C++ code, and it ought to be more widely known that the favoured use of it is insecure. Ditto for improper use of an ifstream.
5c686b480f99fe136628c3a0fcc4f2d535211911ea90f0bb9272f37fb9849850Forbidden Knowledge issue 8 - Interesting Wardialling Results, HTTP Basic Authentication explained, Dialout/PPP on Shiva LANRovers, PHEAR Advisory Re: Divine forces, Buffer Overflow Explained, Introduction to Assembly Programming, and Fun with "Trojan" Wingates.
3cdbc67db303054ebbbb9406564765b9aae03634d5136a1182fba501b77290ddThe Real Log Clean for Linux OS - Cleans logs under linux and tests the attributes in Ext2fs.
d4951b8435f5e9459b7093cfd71f19f94acf17d0720fd17a57b68b16a7834907Nsat is a fast bulk security scanner designed for long-range scans written in C++ which scans and audits about 60 different services and 170 cgis with different scan intensity. Updates in this version include detection of sendmail 8.9 remote exploitability, more CGI scripts that can be used in MDAC IIS attack, improved rpc service and -backdoor scanning, all latest solaris RPC vulnerabilities added, and detection of trinoo distributed DoS masters with default ports.
6f56824e13f9d05aa0eb1eef2be048cfcf35fd35354da8cabd0ade5d70de5df4Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt. Source / Binary for exploit here.
8476e3395c6fecc15aafd8b57e0bb242327bfc69dc4e3b9eeb1f05d3ec39b892SAINT (based upon SATAN) is a free network security scanner which runs on UNIX platforms. This release includes all of the new checks found in SAINT 1.4.1 beta 1, with additional checks for sadmind, Trinoo, DRAT backdoor, SSH, and QPOP vulnerabilities. This release also fixes a number of bugs that were present in earlier versions.
bf88bdd422c8df45101172dc8a96d08b94cb7070955e97c8a943d1a46f8d749cA vulnerability in IBM's Network Station Manager will allow any local user to gain root privileges.
aac4438238668b605585d43fcc4b4f4ebe45a72c09a4cd9071962bc28a93d82bA vulnerability in "/usr/local/bin/pis" on SCO UnixWare will allow any user to create arbitrary files with group "sys" privileges. A full root compromise is then trivial.
6bb80262134ac8ffccd94ff0c09ebbb892bf91d48a90d119fec119e35aea2470VeteScan is a bulk vunerability scanner containing programs to scan Windows NT and UNIX systems for the latest trojans/remote exploits, a scanner for the vulnerabilities of single hosts (with or without host checking), a tool for scanning multiple hosts, a scanner for class A/B/C networks, and fixes for various vulnerablities.
7522eda3ae4057bf5ab063908bddf4940b3eb3f57314d621557d93e939f8e97dThe Vetestcl package contains various TCL scripts with the same functionality found in the VeteScan package. You can load the scripts within an Eggdrop bot to make sure none of your channel operators or hosts running IRC bots suffers from security vulnerabilities present in the operating system or user space applications.
4415f7854f0c05907942a8740e47bdef17d76304af2563a549b0a1c406e89663w3-msql (miniSQL 2.0.4.1 - 2.0.11) Solaris x86 remote exploit. Distribution of miniSQL packet (http://hughes.com.au) comes with a cgi (w3-msql) that can be xploited to run arbitrary code under httpd uid.
e538616d4a13d2a4606a6853e879530a658b5ddefbf3256ac599a2700782b79dRedir is a port redirector. Its functionality basically consists of the ability to listen for TCP connections on a given port, and, when it recieves a connection, to then connect to a given destination address/port, and pass data between them. It finds most of its applications in traversing firewalls, but, of course, there are other uses. It can run under inetd or stand alone (in which case it handles multiple connections). It is 8 bit clean, not limited to line mode, is small and light.
7ea504f835338e448f674ca8637512f511bf74538418ad43ab39039017090e6c5ESS maintenance docs part ii
cb72bcf7a1787dcc4f0a82bac3bd676f456fdad16d0916daf5e79b72800f51efMore 5ESS Documentation
6a7b1bd1fe92afb1892e87b05b7df530092bc12bb21615e15c4025462027c901
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed