what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 254 RSS Feed

Files Date: 2000-06-01 to 2000-06-30

cisco.txt
Posted Jun 21, 2000
Authored by Brad Spengler

Enhancing network security through the use of inexpensive cisco routers. Describes local router security, turning off the routers services, access-lists, dos protection, and more.

tags | local
systems | cisco
SHA-256 | d03ff45dc98d26a5101627907163535a5bc7387cf4d3281a0eb76a95e6ecb9ad
ms00-038
Posted Jun 21, 2000

Microsoft Security Bulletin (MS00-038) - Patch Available for "Malformed Windows Media Encoder Request" vulnerability. Microsoft has released a patch for a security vulnerability in Windows Media Encoder version 4.0 and 4.1, which ships as a component of the Windows Media Technologies. The vulnerability allows a malicious user to interfere with a digital content provider's ability to supply real-time audio and video broadcasts. Microsoft FAQ on this advisory available here.

systems | windows
SHA-256 | 657862122d144ac528a9732e1cb0f5ed855bf5f5f70d29c00a977860b3edb78c
Internet Security Systems Security Advisory June 20, 2000
Posted Jun 21, 2000
Site xforce.iss.net

The AIX cdmount program allows regular users to mount CD-ROM filesystems. This program is basically a SUID to root wrapper of the mount command. Insecure handling of the arguments to cdmount may allow a local regular user to execute commands as root.

tags | local, root
systems | aix
SHA-256 | 9f59ba46228465abd1d52f3ef05776c0a0c410e98203f09b70608a2f5f6cb353
stream2.c
Posted Jun 21, 2000

stream2.c is a remote dos attack which uses ACK packets to consume large amounts of CPU. This DoS targets FreeBSD, Linux, and Solaris.

tags | exploit, remote
systems | linux, solaris, freebsd
SHA-256 | 00e9a352d451a182c3b164b08eb3f0e785601818f7b898a84b811d45891d0ea4
portfwd-0.12.tar.gz
Posted Jun 21, 2000
Authored by Everton da Silva Marques | Site nucleo.freeservers.com

Portfwd is a small C++ utility which forwards incoming TCP connections and/or UDP packets to remote hosts. Multiple forwarders can be specified in a flexible configuration file. There is support for FTP forwarding.

Changes: Compilation now defaults to production switches (i.e. optimization flags and a stripped executable), a minimal FAQ has been added to the documentation, and a problem with initialization scripts has been fixed.
tags | remote, udp, tcp
systems | unix
SHA-256 | d53d7c34a48fb678eff4e71f3a33ab395c56d1c7b0158c1db09d2cbffaa05c5f
debauch-0.5.tar.gz
Posted Jun 21, 2000
Site quorum.tamu.edu

Debauch is a memory allocation debugger for C which has been modified from memleak from the XFree86 project. The debugger will detect memory leaks, corrupted memory, stores to freed memory and more. Best of all, it doesn't require recompiling or relinking existing programs to work, making it ideal for finding leaks even in shared libraries. Currently debauch works on Linux systems. Preliminary ports for BSD, MIPS and Sun architectures are available but may not work properly at present.

tags | memory leak
systems | linux, bsd
SHA-256 | 3029d16b18ecb4188f8624fd4bc761c7af0eeaa37546c143ab42e6f3dca236a7
libnet-1.0.1b.tar.gz
Posted Jun 21, 2000
Authored by Mike Schiffman

Libnet v1.0.1b is an API to help with the construction and handling of network packets. It provides a portable framework for low-level network packet writing and handling (use libnet in conjunction with libpcap and you can write some really cool stuff). Libnet includes packet creation at the IP layer and at the link layer as well as a host of supplementary and complementary functionality.

systems | unix
SHA-256 | 3ac835ba090ff3efdb3cf22be7ca6c38431b34fa0fd97ab5e0279abb2e6aa7f6
CA-2000-12.activex
Posted Jun 20, 2000
Site cert.org

CERT Advisory CA-2000-12 - HHCtrl ActiveX Control allows local files to be executed. The HHCtrl ActiveX control has a serious vulnerability that allows remote intruders to execute arbitrary code, if the intruder can cause a compiled help file (CHM) to be stored "locally." Microsoft has released a security bulletin and a patch for this vulnerability, but the patch does not address all circumstances under which the vulnerability can be exploited. This document discusses additional ways in which this vulnerability can be exploited.

tags | remote, arbitrary, local, activex
SHA-256 | 8d64072fcd1d5225daf75a8d9412a0172ca99075fdfc8c2e678d6a8c2ef122e3
ipaudit-0.92.tgz
Posted Jun 20, 2000
Authored by Jon Rifkin | Site sp.uconn.edu

ipaudit records network activity. It stores a count of bytes and packets exchanged for every combination of host/port pairs and protocol. It can be signalled after a fixed interval (30 minutes is typical) to output results. It's useful for identifying heavy bandwidth users, intrusive telnet sessions, denial of service attacks, scans, etc. There is also an option (like tcpdump) to save raw packet headers for detailed analysis with packages such as tcpdump or ethereal.

Changes: Hardware address recording, sorted output, memory overflow and PPP fixes, and it includes two new utilities (ipstrings, total).
tags | tool, denial of service, sniffer, protocol
SHA-256 | 8e99a45673263e045cb03981d4f6dfdb2f3ad000e205834f2923c2f0019f45c7
LIFE_STAGES.TXT
Posted Jun 20, 2000

Life Stages worm .vbs source code. Sets off virus scanners. Archive password is set to p4ssw0rd. Use at your own risk.

tags | worm, trojan, virus
SHA-256 | 89cdf4fd376f0ec61a42005acb5e52f54bec695cda8adf47ba2039200eef9af0
intact30.zip
Posted Jun 19, 2000
Site pedestalsoftware.com

Intact Open Use is a host integrity checking system for Windows 95/98. This is only a 30 day trial. Intact can detect change in the filesystem and registry.

tags | registry
systems | windows
SHA-256 | 4cf2810673f6b8e0ec16988e8a63d002e0d5952d90749361e6f2904a5ddf8cef
netsec18.txt
Posted Jun 19, 2000
Site net-security.org

Weekly Newsletter from Help Net Security Issue 18 - 19.06.2000 - Covers weekly roundups of security related events. In this issue: Remote dos attack in NAI pgp certificate server, SmartFTP daemon v0.2 vulnerability, Microsoft revises ms00-035, remote dos attack in AnalogX Simpleserver WWW v1.05, MS00-031 patch re-release, Dragon Server v1.00 and 2.00 remote dos attacks, AOL instant messenger dos. Also linux security techniques, kernel basics, and much more.

tags | remote, kernel
systems | linux
SHA-256 | 370cba453102d1a90e1f04d927c9700faca6b6b3ad60c541ebf6dea08cb96e37
linux-security.1-8.txt
Posted Jun 19, 2000
Authored by Benjamin Thomas | Site linuxsecurity.com

Linux Security Week June 12 - In this issue: Updates are available for the Document Template package, BRU Backup Utility, Kerberos 5, and a bug on FreeBSD/Alpha systems that weakens its encryption. OpenBSD 2.7 is annunced and and the U.S. House gives its "OK" to the digital signature bill.

systems | linux, freebsd, openbsd
SHA-256 | d3af4c437f7224ecb592716f7973e2c5f6eeb9545d977a4490847348ca8cf0e6
motion-1.0.tar.gz
Posted Jun 19, 2000
Authored by Jeroen Vreeken | Site motion.technolust.cx

motion uses a video4linux device as a motion detector. It will make snapshots of the movement it sees, making it usable as an observation or security system. It can send out email, SMS messages, or invoke an external command when detecting motion.

Changes: First stable release! Includes many bug fixes, support for mpeg movies, sanity checks.
systems | linux
SHA-256 | 180eb595eae21df8fc38fa47ed24dc5f4a9ffc4673821d67aa65aeb364992ade
apcd.c
Posted Jun 19, 2000
Authored by WC

Debian 2.1 local root exploit - A vulnerability exists in the apcd package shipped with Debian 2.1.

tags | exploit, local, root
systems | linux, debian
SHA-256 | f7ca16d4ea9299fd7aef4c4a72b95848377702b1feeccf9d2d657e4193b25dbe
userregsp.c
Posted Jun 19, 2000
Authored by Fygrave

MailStudio2000 v2.0 and below userreg.cgi exploit - Executes arbitrary commands on remote host as root.mail.

tags | exploit, remote, arbitrary, cgi, root
SHA-256 | 095872ca533dfd3c5443df88fb3daab10038263b301956bf03770b5a5ac72928
setxconfxploit.c
Posted Jun 19, 2000
Authored by Suid | Site suid.kg

SetXConf local root exploit for Corel linux v1.0 with xconf utils.

tags | exploit, local, root
systems | linux
SHA-256 | db447881a66d9c741450d6d7e316b1bb4edd263812be29422ab468e0194719f4
major2.c
Posted Jun 19, 2000
Authored by Morpheusbd | Site brightdarkness.de

Majordomo local exploit for Suse 6.0 and 6.3. Tested against Majordomo Wrapper <= v1.94.5.

tags | exploit, local
systems | linux, suse
SHA-256 | 312f4fcbf45535494f8a44755293ca6e8bc7842547f4c8e7aa00445f3d859041
SSHWin-2.2.0.exe
Posted Jun 19, 2000
Site ssh.org

SSH (Secure Shell) Windows Port is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.

Changes: Lots of bugfixes, easier access control on the server end, full draft compatibility, interoperability with lsh and openssh without special kluges, more portability, and more.
tags | remote, shell, encryption
systems | windows
SHA-256 | 9086e00c98cc755dca63755c3eb1eb211bfeb07f77b8d7755f4239f67d512ab2
ssh-2.2.0.tar.gz
Posted Jun 19, 2000
Site ssh.org

SSH (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.

Changes: Scp and Sftp were re-written. Server authentication code has undergone major cleanup. This version is much more stable and portable than previous versions, and interoperates with lsh and openssh without kludges. There are many bug fixes and porting improvements.
tags | remote, shell, encryption
SHA-256 | 2eed3b75a12f7cdfaa9f8ea85b5399fc1cd4ac5e88192c9a5784851d93a2950c
vbs-1.0.0.tar.gz
Posted Jun 19, 2000
Authored by Theo Nolte | Site adsl-nolte1.rz.rwth-aachen.de

Vbs is a mail-filter to make attachments unexecutable by replacing the dot in the filename extension of critical attachments with a tilde, so that MUAs won't recognize those attachments anymore as executable. It is implemented as a wrapper for the delivery agent.

systems | unix
SHA-256 | 0e593fdba33fb611f5cd4ce5e761239c474b21be1468684fcbbc7de6349e6bf0
winfingerprint-225.zip
Posted Jun 19, 2000
Authored by Vacuum | Site technotronic.com

Winfingerprint 225: Advanced remote windows OS detection which does not run under Win 9x. Features the ability to enumerate servers, shares, global groups and users, displays active services, scan network neighborhood, establish null IPC$ sessions, and registry query (currently determines Service Pack Level & Applied Hotfixes).

Changes: HTML fixes, added ShellExecute() so default browser will automatically open up results. This is a low priority release.
tags | remote, registry
systems | windows
SHA-256 | ae7ee89927e58ab7a222f65d01cf51ba546ce17889f6adfbfb6d1a3cff3b1eb4
dsniff-2.2.tar.gz
Posted Jun 19, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: New filesnarf program which saves files sniffed from network file system traffic, Rewrote HTTP decoding in dsniff, Alpha platform support, Fixed arp discovery in arpredirect on Linux, Added -m flag to enable automatic protocol detection in dsniff (based on the classic file(1) command), Added TDS (Sybase, Microsoft SQL Server) parsing to dsniff, and Added regular expression matching and POP support to mailsnarf.
tags | tool, local, sniffer, tcp, protocol
SHA-256 | 2c83a22007336345ee4a0b4a690b0df387ca6dc1f1c1ac7eb68f04e8465c341c
pine_bof.c
Posted Jun 19, 2000
Authored by vade79, realhalo

Pine v4.10-21 local buffer overflow - drops a gid=mail shell if /usr/bin/pine is SGID. Tested on Debian slink2.1.

tags | exploit, overflow, shell, local
systems | linux, debian
SHA-256 | 7764b61d5684322567f4c2b7d67debaf0db0e2c30bbcecd3de3c2f2533e14b92
zodiac-0.4.9.tar.gz
Posted Jun 19, 2000
Authored by teso, scut | Site team-teso.net

Zodiac is a portable, extensible and multithreaded DNS tool. It is meant to be used as a DNS packet monitor and DNS protocol test and debuging tool. It's basic features are: sniffing of DNS datagrams on an ethernet device, decoding of all types of DNS packets, including safe decompression (partly finished, SOA record are, for example, not decoded yet), nice display and gui, if you like ncurses and text based frontends, always interactive in all situations through built in command line, threaded and flexible design. Advanced features include: local DNS spoof handler, jizz DNS spoof, exploiting a weakness in old bind implementations, determines jizz-weakness, id-prediction and resolver type remotely, id spoofing, exploiting a weakness in the dns protocol itself, implements some advanced DNS denial of service attacks, including flood, label compression and unres attack, advanced DNS smurf.

Changes: Now runs on *BSD, and fixed some bugs.
tags | denial of service, local, spoof, protocol
systems | unix
SHA-256 | 87f79104df9555ecf18355d034a721bd7327ecf82037e1e480a0752bb07e3a14
Page 4 of 11
Back23456Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    36 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close