exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 431 RSS Feed

Files Date: 2000-05-01 to 2000-05-31

syslog-ng-1.4.4.tar.gz
Posted May 26, 2000
Authored by Balazs Scheidler | Site balabit.hu

syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.

Changes: New stable release - Fixes unaligned access bugs on Alpha, file permission specifiers readded for pipe(), fixed a configure.in bug on systems without snprintf(), and updated the documentation. Requires libol-0.2.17.
tags | system logging
systems | unix
SHA-256 | 890f68aa9253e3f8c5a5749cbedc3fa19ca80a9714f27d9e447564a08dfe09e0
scan.txt
Posted May 26, 2000
Authored by Lance Spitzner | Site enteract.com

Lance Spitzners investigation of some mystery packets - contains some good insight by many people in the security field attempting to identify which tool created the packets.

tags | paper
SHA-256 | e72c12e1acb37e79161699a3b751dc1477a3d0997d232b544f067e7d9795cbb4
seraph.c
Posted May 26, 2000
Authored by carbon

seraph.c checks a local system for uid bits, world writable files/directories, floating files, and stores them into logs. Basically a little c program that does some find commands.

tags | local
systems | unix
SHA-256 | a9d0612830fd1e0ab4734a28e28c37e6e8ac345d666d2573e90cc7c32fb77d64
CA-2000-08.netscape
Posted May 26, 2000
Site cert.org

CERT Advisory CA-2000-08 - Inconsistent Warning Messages in Netscape Navigator. A flaw exists in Netscape Navigator that could allow an attacker to masquerade as a legitimate web site if the attacker can compromise the validity of certain DNS information. Within one Netscape session, if a user clicks on "continue" in response to a "hostname does not match name in certificate" error, then that certificate is incorrectly validated for future use in the Netscape session, regardless of the hostname or IP address of other servers that use the certificate.

tags | web
SHA-256 | 0f92b5f91c8d367d803b053a382ed8d03f57a06c09529a5caeeee1a67dc70fa4
elm_bof25.c
Posted May 26, 2000
Authored by vade79, realhalo | Site realhalo.org

Elm v2.5 buffer overflow exploit which provides a gid=12 shell if /usr/bin/elm is SGID. Tested on elm 2.5PL1-3, on Red Hat. Perl script to find offsets included.

tags | exploit, overflow, shell, perl
systems | linux, redhat
SHA-256 | de3ca64288f925a9826cafbf271fc6605aa272bb27361e89cf5913320a7c513f
elm_bof24.c
Posted May 26, 2000
Authored by vade79, realhalo | Site realhalo.org

Elm v2.4 buffer overflow exploit which provides a gid=12 shell if /usr/bin/elm is SGID. Tested on Slackware 3.6, elm 2.4PL25. Perl script to find offsets included.

tags | exploit, overflow, shell, perl
systems | linux, slackware
SHA-256 | 03d1978ea3b8ab5173fda42c7786dc04993514aae31b5c97466470d36a8dddcf
FreeBSD Security Advisory 2000.20
Posted May 26, 2000
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD-SA-00:20 - The MIT Kerberos 5 port version 1.1.1 and earlier contains remote and local root vulnerabilities. Note that the implementations of Kerberos shipped in the FreeBSD base system is not the MIT version and not vulnerable to these problems. However, a very old release of FreeBSD dating from 1997 (FreeBSD 2.2.5) did ship with a closely MIT-derived Kerberos implementation ("eBones") and may be vulnerable to attacks of the kind described here.

tags | remote, local, root, vulnerability
systems | freebsd
SHA-256 | 4f55ecf6320468d66123267409375a0ace13858593f9a6d9bf1e9f89ace29546
FreeBSD Security Advisory 2000.19
Posted May 26, 2000
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD-SA-00:19 - A bug in the BSD kernel allows local users to cause every process on the system to hang during exiting. An undocumented system call is incorrectly exported from the kernel without access-control checks, allowing for a denial of service attack. Kernel patch included for FreeBSD.

tags | denial of service, kernel, local
systems | freebsd, bsd
SHA-256 | 45e3f6b40d7341db9e1de883923c171e91c998be44dc982602439178f3b0113b
ms00-036
Posted May 26, 2000

Microsoft Security Bulletin (MS00-036) - Patch available for "ResetBrowser Frame" and "HostAnnouncement Flooding" vulnerabilities. Microsoft has released a patch for two security vulnerabilities, one affecting Microsoft Windows NT 4.0 and Windows 2000, and the other affecting Windows NT 4.0 only. The vulnerability allows malicious users to make it difficult or impossible for other users to locate services and computers on a network; in the worst case, it could allow him to provide incorrect information about the same services and computers. The "ResetBrowser Frame" vulnerability allows a malicious user to shut down browsers on his subnet, or, in the worst case, to shut down all browsers and declare his machine the new Master Browser. Microsoft FAQ on this issue available here.

tags | vulnerability
systems | windows
SHA-256 | c6fc4716f985dcbf872cadc9bd8ee789148379268cddce015426bbef65d4c28f
suse.gdm.txt
Posted May 26, 2000

SuSE Security Advisory - gdm prior to 2.0beta4 allows remote root compromise. Gdm is the GNOME replacment for xdm, handling graphical console and network logins. The gdm code, that process' logins over the network, could be tricked into writing data from the network right into the stack. This condition exists while gdm is running with root privileges and before the user is authenticated. Other distributions are affected as well. SuSE security site here.

tags | remote, root
systems | linux, suse
SHA-256 | b72a3c3c3aa5a34597dc9a0e68ba79f13b25815e8ef3f544fb17b99017973c2e
ezboard-scx-sa-03.txt
Posted May 26, 2000
Authored by Frazzle_Freckle

Securax-SA-03 - Ezboard v5.3.9 remote dos attack via wildcards in URL.

tags | exploit, remote
SHA-256 | ed822a1fc27e53ef490ca1eaffb4b388a0110ab561a1a5b201ae6e3397654cf5
lpsetexp.c
Posted May 26, 2000
Authored by DiGiT | Site security.is

solaris 2.7 lpset local exploit, i386.

tags | exploit, local
systems | solaris
SHA-256 | 82677b09b51b7eeb5f50474a25d70291b3e7b4d5eae939b2f28a8b28490519fa
wordmake0.1.pl
Posted May 25, 2000
Authored by Linga

WordMake is a dictionary file creator. It takes a text file and makes dictionary files from them.

tags | cracker
SHA-256 | b8555bce406fcaceb7477abdf7f894b4b7c485c0a1d360784cd1135f18a7efaf
anti_sniff_researchv1-1-2.tar.gz
Posted May 25, 2000
Site l0pht.com

Antisniff Unix Researchers (free) version 1-1-2 - This is a command line only version that runs many of the same tests to determine if a sniffer is running on the local network that the Windows NT/98/95 GUI does. Currently only Solaris and OpenBSD are supported.

Changes: This release fixes a security hole - All users should upgrade again.
tags | tool, local, sniffer
systems | windows, unix, solaris, openbsd
SHA-256 | de65b35b3e0305a922c26f7817795b26ce9fb4ce56db18f99e8ab6d7d0596ca9
fdmountx.c
Posted May 25, 2000
Authored by War | Site genhex.org

/usr/bin/fdmount local linux exploit.

tags | exploit, local
systems | linux
SHA-256 | bf34985b1a8b79c1e149fa1edad4560a07632b016f0109a4da99d03ceb463282
filterape.c
Posted May 25, 2000
Authored by Scrippie | Site b0f.freebsd.lublin.pl

filterape.c exploits a new elm buffer overflow to get EGID mail on Slackware.

tags | exploit, overflow
systems | linux, slackware
SHA-256 | 0283514040bf44953fc6a6a2b5828645f76e0fbbd4376d98586c0470084c52fc
obsd_ipfhack.c
Posted May 25, 2000
Authored by s0ftpj, Pigpen | Site s0ftpj.org

LKM for OpenBSD which makes ipfilter always accept packets from a certain IP.

systems | openbsd
SHA-256 | 197676aa8158610f0465e0cbff238d7ad65f3f6f057fb6ddd92a4d63386fcc6c
arpgen.tar.gz
Posted May 25, 2000
Authored by JavaMan

Arpgen is a denial of service tool which demonstrates that a flood of arp requests from a spoofed ethernet and IP addresses would be a a practical attack on a local network. Includes a standalone version and a client-server version which can be instructed to dos its local network via udp.

tags | denial of service, local, udp, spoof
SHA-256 | aa791b7fdafbdd3fb523b84ea6c96d2d50eeaa85e87cd2c7632276b418b532c9
arpci2.1.21.tar.gz
Posted May 25, 2000
Authored by Presto

ARPCI2 automates the task of sending rpcinfo requests to a mass of hostnames. ARPCI2 is intended to be a small package with a fair amount of features including time stamp, vulnerability notifications and logging, and a clean interface.

tags | tool, scanner
systems | unix
SHA-256 | 64db2d0645d08aaebe160cbc0b4ea24fae1d43f4cd949d8ca82d0eb6986e6480
Xsh0k.c
Posted May 25, 2000
Authored by Norby | Site ncl.cjb.net

Xwindows remote dos attack - creates a sequence of socket connections to tcp port 6000. Xwindows slows to a crawl and sometimes does not respond to user input.

tags | exploit, remote, tcp
SHA-256 | efe31e621870f97e050c9ccd97b857ea4370bb4acee4752fe8205face4d0fa94
winsd.052400.txt
Posted May 25, 2000
Authored by winsd | Site win2000mag.com

Windows Security Digest - May 24, 2000. In this issue: Is PKI Secure Enough?, Offline Explorer Exposes System Files, NiteServer FTP Server Denial of Service, Windows IP Fragment Reassembly, Internet Explorer Frame Domain Verification, Internet Explorer Unauthorized Cookie Access, Internet Explorer Malformed Component Attribute, Unchecked Buffer in Lotus Domino 5.0.1, Crashing NetProwler 3.0, and BlackICE Blank Password and Code Execution.

tags | denial of service, code execution, magazine
systems | windows
SHA-256 | d7ead0ef6dcd337e450e2e948b87a9e423745e7eed5918eb9ed7a0709b54d2c2
sara-3.0.5.tar.gz
Posted May 25, 2000
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.

Changes: Addded depends.sara to minimize OS oriented false positives, Fixed login.sara to minimize false positives with JetDirect, Fixed multiple subnet scanning in firewall mode, Mitigated lockups in SARA daemon mode, Added new mode (vulnerabilities) to SARA Search, Updated http.sara to minimize FrontPage vulnerabilities, Added eight new tests to http.sara, and added test for kerberos.
tags | tool, cgi, scanner
systems | unix
SHA-256 | f8164e4e16f6ab55872213c99bed2acc5191236d18e66f25f7ef49467101a235
CA-2000-07.ua.activex
Posted May 25, 2000
Site cert.org

CERT Advisory CA-2000-07 - Severe Microsoft Office 2000 UA ActiveX Control Vulnerability. Arbitrary code can be executed without any warnings by simply viewing an HTML document via a web page, newsgroup posting, or email message. Systems with Internet Explorer and Microsoft Office 2000 components are vulnerable, including Word 2000, Excel 2000, PowerPoint 2000, Access 2000, Photodraw 2000, FrontPage 2000, Project 2000, Outlook 2000, Publisher 2000, and Works 2000 Suite.

tags | web, arbitrary, activex
SHA-256 | af4e50e3ab0903bafd940611b761caf724f15c7aa9f0df38e6461697a9c632da
CISADV000524b.txt
Posted May 25, 2000
Authored by Robert Horton | Site cerberus-infosec.co.uk

The Cerberus Security Team has discovered that a flaw in the Carello web shopping cart enables remote attackers to vi ew .asp files on the the server's computer Affected system: Windows NT running IIS.

tags | exploit, remote, web, asp
systems | windows
SHA-256 | 660eb984197ab48859340fb6d1ef3d916beb70b6534fb06bb49318f17b072048
labs42.txt
Posted May 24, 2000
Site ussrback.com

USSR Advisory #42 - HP Web JetAdmin remote denial of service attack. HP Web JetAdmin Version 6.0 for Windows NT / 2000 has a heap overflow. Sending a malformed URL the JetAdmin service which runs on port 8000 will cause it to stop responding.

tags | remote, web, denial of service, overflow
systems | windows
SHA-256 | b4251729211b04a255d527fe18341e1736747e209fc075c277e456f5b72bec0c
Page 2 of 18
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close