what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 431 RSS Feed

Files Date: 2000-05-01 to 2000-05-31

linux-security.1-5.txt
Posted May 30, 2000
Authored by Benjamin Thomas, Dave Wreski | Site linuxsecurity.com

Linux Security Magazine May 29. In this issue - Articles: The Top 10 Security Risks, Intrusion Detection on Linux, Analyzing Future Computer Trends and Threats, Always-on Internet Security, Mini-FAQ: "antivirus software for Linux". New Advisories this week: FreeBSD process and krb5 vubnerabilities, TurboLinux gpm, SuSE gdm, Slackware fdmount, XFree86 Multiple distribution vulnerability, Red Hat Secure Web Server 3.0-3.2: mailmail, Qpopper Vulnerability, Mandrake 7 dump vulnerability, Mandrake xemacs vulnerability, Mandrake fdmount buffer overflow, Caldera buffer overflow in kdm, and Caldera DoS attack against X server.

tags | web, overflow
systems | linux, redhat, freebsd, suse, slackware, mandrake
SHA-256 | 7dfd070ef058e716f57228524f1de6980dc09e772cf2b571688d4489cf6a21e4
conflictd.tar.gz
Posted May 30, 2000
Authored by Noah | Site ccitt5.net

conflict-DoS.c and conflictd.c are tools which spoof arp packets to make an annoying popup message appear on the target windows machine. It is faster to close all the boxes than reboot. Tested on FreeBSD 4.0. Uses libnet.

tags | denial of service, spoof
systems | windows, freebsd
SHA-256 | 3052be4e41953d7b53d40912556f19985d90a258d2c2c9c779131052e107ad32
snuff-v0.8.1.tar.gz
Posted May 30, 2000
Authored by Noah | Site ns2.crw.se

Snuff is a packet sniffer for Linux 2.0/2.2 that can monitor many streams at once. It can also mail and wipe the log if reached a specified size.

Changes: No more crap in the sniff logs anymore - Checking the size of the ip & tcp header now. Added the keepopen parameter for the log file and fixed a y2k bug.
tags | tool, sniffer
systems | linux
SHA-256 | 20ada8083a2c773baff8cb842960c41146ad942dfe604084482ae24470262a29
ecrack-0.1.tgz
Posted May 30, 2000
Authored by Sean Trifero | Site innu.org

ECrack v0.1 - Energymech (StarGlider Class - IRC bot) brute force password cracker. Tested with emech-2.7.6 but should work with other versions also.

tags | cracker
SHA-256 | 965bcadb702864ba2de652dc0a30c9932d3974a698c74d705f69c326931d9e6e
hunt-1.5bin.tgz
Posted May 30, 2000
Authored by Pavel Krauz | Site cri.cz

Hunt (linux binary distribution) is a program for intruding into a tcp connection, watching it and resetting it. It can handle all connections it sees. Features: Connection Management - setting what connections you are interested in, detecting an ongoing connection (not only SYN started), Normal active hijacking with the detection of the ACK storm, ARP spoofed/Normal hijacking with the detection of successful ARP spoof, synchronization of the true client with the server after hijacking (so that the connection don't have to be reset), resetting connection, watching connection; Daemons - reset daemon for automatic connection resetting, arp spoof/relayer daemon for arp spoofing of hosts with the ability to relay all packets from spoofed hosts, MAC discovery daemon for collecting MAC addresses, sniff daemon for logging TCP traffic with the ability to search for a particular string; Packet Engine - extensible packet engine for watching TCP, UDP, ICMP and ARP traffic, collecting TCP connections with sequence numbers and the ACK storm detection; Switched Environment - hosts on switched ports can be spoofed, sniffed and hijacked too; much, much more. Requires Linux 2.2, GlibC 2.1 with LinuxThreads, Ethernet.

Changes: Bug fix release - computation of packet checksum has been fixed, packet relaying for routers has been corrected, unprintable characters are printed in <hex> and printing of terminal control characters can be turned off.
tags | tool, udp, spoof, sniffer, tcp
systems | linux
SHA-256 | ac19041b44e008c04d61ff7f5b5814d6dca222360f7b72d642db09ae5b89b9b3
hunt-1.5.tgz
Posted May 30, 2000
Authored by Pavel Krauz | Site cri.cz

Hunt is a program for intruding into a tcp connection, watching it and resetting it. It can handle all connections it sees. Features: Connection Management - setting what connections you are interested in, detecting an ongoing connection (not only SYN started), Normal active hijacking with the detection of the ACK storm, ARP spoofed/Normal hijacking with the detection of successful ARP spoof, synchronization of the true client with the server after hijacking (so that the connection don't have to be reset), resetting connection, watching connection; Daemons - reset daemon for automatic connection resetting, arp spoof/relayer daemon for arp spoofing of hosts with the ability to relay all packets from spoofed hosts, MAC discovery daemon for collecting MAC addresses, sniff daemon for logging TCP traffic with the ability to search for a particular string; Packet Engine - extensible packet engine for watching TCP, UDP, ICMP and ARP traffic, collecting TCP connections with sequence numbers and the ACK storm detection; Switched Environment - hosts on switched ports can be spoofed, sniffed and hijacked too; much, much more. Requires Linux 2.2, GlibC 2.1 with LinuxThreads, Ethernet.

Changes: Bug fix release - computation of packet checksum has been fixed, packet relaying for routers has been corrected, unprintable characters are printed in here.
tags | tool, udp, spoof, sniffer, tcp
systems | linux
SHA-256 | a8a1978f3bd05ca3f01c168c13c9a09b1e1e9038c14fdfe43694c07fe3a0e328
suse.kmulti.txt
Posted May 30, 2000

SuSE Security Announcement - A local security hole was discovered in the KDE CD player, kmulti here.

tags | local
systems | linux, suse
SHA-256 | 3d6e3eea20f253e2d757f141b870e0c57ded66217a446d1cc10dd0bab9e94906
wemilo.tcl
Posted May 30, 2000
Authored by r00tabega, Futant | Site r00tabega.com

Remote Cart32 exploit - Though L0pht released an advisory and patch for the well known Cart32 bug, this is the first exploit released to date. Allows remote command execution.

tags | exploit, remote
SHA-256 | b15ca1584e4ea0d26f2e39fd6253fdaeb6ec98bcc198aec4914a379e204b8f61
execve-shell.tar.gz
Posted May 29, 2000
Authored by teso, scut | Site team-teso.net

execve-shell.tar.gz allows you to easily create linux x86 shellcode that execs any command you supply.

tags | shell, x86, shellcode
systems | linux
SHA-256 | 0cc554a1bcbc9a9ef9026428188060ef14886a2ba40aad275be5201d08d7fe39
lids-0.9.5-2.2.15.tar.gz
Posted May 29, 2000
Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: Bugfixed for protect mount point, lids_check_base, fixes for lidsadm when adding ACLs, added sparc64 support.
tags | kernel, root
systems | linux
SHA-256 | b54064449b6376c3b81a85031039ae49f5858dfc74fa9ca581700b1b8d7ed257
ippl-1.99.5.tar.gz
Posted May 29, 2000
Authored by Hugo Haas | Site pltplp.net

Ippl is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger.

Changes: Fixed two typos and a bug causing ident on closing connexions to loop forever - this is the beta branch.
tags | udp, tcp, system logging, protocol
systems | unix
SHA-256 | 80af6f04b5e510e4fdc8b8bea354f898bf66e3f14b61c8f0c232304dcbd0309f
ippl-1.4.10.tar.gz
Posted May 29, 2000
Authored by Hugo Haas | Site pltplp.net

Ippl is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger.

Changes: Bug fixes - This is a stable release.
tags | udp, tcp, system logging, protocol
systems | unix
SHA-256 | 49c7a697c6c9e1cd92d7935bb8702b9c0fdcbb4f6e7ddea60ce52f00e85b8bc0
Nmap Scanning Utility 2.54 BETA 1
Posted May 29, 2000
Authored by Fyodor | Site insecure.org

Nmap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), and TCP/IP fingerprinting (remote host operating system identification). Nmap also offers flexible target and port specification, decoy scanning, determination of TCP sequence predictability characteristics, sunRPC scanning, reverse-identd scanning, and more.

Changes: Added an extremely cool scan type -- IP Protocol scanning. Basically it sends a bunch of IP headers (no data) with different "protocol" fields to the host. The host then (usually) sends back a protocol unreachable for those that it does not support. By exclusion, nmap can make a list of those that are supported. Fixed some minor bugs in nmap and nmapfe, and added Russian and Lithuanian documentation.
tags | tool, remote, tcp, nmap
systems | unix
SHA-256 | 97ccdbe36d2b7fd01c3a0e0f067f07649d00ff8b154d81e289bb06293aa4dbf6
sniffit_NT.0.3.7.beta.zip
Posted May 28, 2000
Authored by Symbolic Worldwide | Site symbolic.it

Sniffit 0.3.7 beta for Windows NT/2000. This package requires winpcap, available here.

tags | tool, sniffer
systems | windows
SHA-256 | 5dc0e9d0adc84ccbf869ea5f754045ebeeed46d2098aaf33f29da5f15c585098
jolt2.c
Posted May 28, 2000
Authored by Phoenix

jolt2.c exploits the recent "IP Fragment Reassembly" Windows remote denial of service vulnerability described in here.

tags | exploit, remote, denial of service
systems | windows
SHA-256 | 9c74ccde3ad936b28eeb3cbda652ab7c06bff0cb11932e31ee5ca38d6e17d3c6
elm-ex.c
Posted May 28, 2000
Authored by Xfer | Site b0f.freebsd.lublin.pl

Elm 2.5 PL3 exploit tested under linux Slackware 3.6, 4.0, 7.0.

tags | exploit
systems | linux, slackware
SHA-256 | b1de465cf7dc580d8cf33db3c0c853843c58120a663d26845e8f21b66cc0db14
5niffi7.c
Posted May 27, 2000
Authored by Michel Kaempf

5niffi7.c - Remote root exploit for sniffit (-L mail) 0.3.7.beta on Debian 2.2. Includes a detailed explanation of how the exploit works.

tags | exploit, remote, root
systems | linux, debian
SHA-256 | 024ddcc5e92f17b5a21a0b1e29b8e09fbda58d5ab78d29e5646d0557c2a197ff
Animal.c
Posted May 27, 2000
Authored by Gramble

Gauntlet firewall remote proof of concept code, tested against BSDI.

tags | exploit, remote, proof of concept
SHA-256 | e083c880ad28d303ffd72c300afb16fe308a4792b9bb9ff3042cfa2e79c3b4d2
xaosexp.c
Posted May 27, 2000
Authored by DiGiT | Site security.is

/usr/bin/xaos local root buffer overflow exploit. Works on suse 6.1, and could be modified for 6.2.

tags | exploit, overflow, local, root
systems | linux, suse
SHA-256 | 41063c66d14d76b252432334dc2031dd8d874cf94f253caf555c2a55974289a0
ssibug
Posted May 27, 2000
Authored by DiGiT | Site security.is

The thttpd web server comes with a CGI script called /cgi-bin/ssi which allows any file on the system to be read. Exploit URL included.

tags | exploit, web, cgi
SHA-256 | 25679f8183d70073b7bf52ab21666b2b31569ed14056ca67fae4e26e726dd272
elm_again.c
Posted May 27, 2000
Authored by vade79, realhalo | Site realhalo.org

elm_again.c exploits another buffer overflow in elm v2.5 giving a gid=12 shell if /usr/bin/elm is SGID. Tested on Slackware 3.6 and RedHat on elm2.5PL3.

tags | exploit, overflow, shell
systems | linux, redhat, slackware
SHA-256 | a63af30bfc97eb80e07b9f38915a5c778463721196ce3c7f4a6bf9172b6729c7
CISADV000524a.txt
Posted May 27, 2000
Site cerberus-infosec.co.uk

Cerberus Information Security Advisory (CISADV000524a) - The Cerberus Security Team has discovered a serious security flaw with Rockliffe's MailSite Management Agent for Windows (version 4.2.1.0). This server allows remote users to access their POP3 accounts and read their mail over HTTP. The service usually listens on TCP port 90. Unfortunately there exists a buffer overrun vulnerability that allows attackers to execute arbitrary code. As this service runs as system, by default, any code executed will run with system privileges - meaning any server running this agent could be fully compromised.

tags | exploit, remote, web, overflow, arbitrary, tcp
systems | windows
SHA-256 | 201140e806c2e3d3ec0bd2fb4cfda30b1743e7b0fd7054bcce93c848c6ca1a7a
access.counter-4.0.7.txt
Posted May 26, 2000
Authored by Howard M. Kash III

A popular CGI web page acess counter, version 4.0.7 by George Burgyan permits execution of arbitrary commands as a result of unchecked user input. Commands are executed as the same permission of the webserver.

tags | exploit, web, arbitrary, cgi
SHA-256 | 94ace7ee3453cc97474d0f764a764949d5e6287f3e4ff04fcae1b290ca7c34b5
root-tail-0.0.6.tar.gz
Posted May 26, 2000
Authored by mj baker | Site csl.mtu.edu

oot-Tail v0.0.6 is a program which tails a text file and displays the information directly to the root window of your desktop transparently, which means without window frames or windows. It is an extremely handy program for monitoring /var/log/secure and /var/log/messages while you run X. This program will even trail different files and display them in different colors.

Changes: Many bugfixes.
tags | tool, root
systems | windows, unix
SHA-256 | 2478abda73cd314182f5e2d0083718db379b0f9ae53ceb39004d4adc2287b22d
ksnuffle-0.7.tgz
Posted May 26, 2000
Authored by Mike Richardson | Site quaking.demon.co.uk

KSnuffle is a network packet sniffer for KDE. It supports multiple concurrent sniffers, packet filtering (aka tcpdump), event triggers and commands, text and binary logging (and replay), remote sniffing (via a demon process), and dynamically loadable plugins. Network traffic is displayed graphically and in detail; supplied plugins summarise traffic by direction (incoming, outgoing), source, and destination.

Changes: The source and destination values in the packet details display was fixed, and compilation fixes for Mandrake and gcc.
tags | tool, remote, sniffer
SHA-256 | a9033b5c56e9381653e48ca7618a3f9b81550031dff190ee10fa20f83f6488df
Page 1 of 18
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close