fwlogsum summarizes and maintains a set of HTML reports, based on user-specified reports and Checkpoint FW-1 log entries. A few default reports are included, but users are invited to customize and create their own.
74c0066929fbf585ad3782a74cd3d1fb96b146f139ad3400ef2e14591fae9c2crootkeep.sh obtains root locally on Solaris via an included kcms exploit, and modifies the startup scripts so an account is added each time the machine is rebooted.
b31cab0f47180be89e3bf59a1a2676046fa41c7ed2eaf453f1356516a401c87dCERT Advisory CA-2000-10 - Several flaws exist in Microsoft Internet Explorer that could allow an attacker to masquerade as a legitimate web site if the attacker can compromise the validity of certain DNS information. These problems are different from the problems reported in CERT Advisory CA-2000-05 and CERT Advisory CA-2000-08, but they have a similar impact.
caa2d8e1fc0030e105ed4758efd2116e7096d4949c4c4cfa5c18509f8e8e48a8scl is a collection of 8 stable shellcodes in asm source code format. Includes a shellcode to bind a shell to a port in 96 bytes, code to echo strings, print messages, run shell scripts in /tmp, and send a UDP packet to a host.
04ff5197ed0a33727f8ca1a051ed29e07341fe847c5b094c40ea40d11c6a93a1Netwin ESMTP Server v2.7q linux x86 remote exploit. Tested on RedHat 6.1, binds a shell to TCP port 30464.
f6229c6e2a67eb3307f3fb307b27985b9446209516295d99dc899bca3fe60903Microsoft Security Bulletin (MS00-039) - "SSL Certificate Validation" vulnerabilities. Microsoft has released a patch for two security vulnerabilities in Microsoft Internet Explorer 4 and 5. The vulnerabilities involve how IE handles digital certificates, allowing a malicious web site operator to pose as a trusted web site. This patch also eliminates all vulnerabilities discussed in Microsoft Security Bulletin here.
37483c950618d1bae7f4c63a69010fd2d860585f497e0aa1a4a70a22e898cb40KNmap is a new KDE frontend for Nmap which supports all the scan methods and a great deal of options. Screenshot here.
89d5eb2e72ddcc2d63c65247ac755005f5365a352355bf770139f9fe34243dd0INND (InterNet News Daemon) 2.2.2 has a remotely exploitable stack overflow in the control articles handler. About 80% of usenet servers are vulnerable.
1fdab59692baa167e5e89c82010248721ee6cdb5b14cc48401a4a2cd02d49432ipac is an IP accounting package for Linux which collects, summarizes, and nicely displays IP accounting data. The output of ipac can be a simple ASCII table, an ASCII graph, or even images with graphs showing traffic progression. ipac can be used for IP traffic analysis and for accounting purposes.
117e5b140da794467f5847e10a4d70560aa2ce0dd345de0e02413db8ae6cb9dfouch.c is a local linux denial of service attack which runs ls -w with a large parameter, causing ls to take up all the available memory. Obfuscated source.
8c5ebdec1d772958f856e4516beced5151ab86d93861706df9cec590be032d1cNarrow Security Scanner 2000 (unix / perl) searches for 534 remote vulnerabilities. Updated frequently for the newest vulnerabilities. Tested on Redhat, FreeBSD, and OpenBSD, Slackware, and SuSE.
701e2addd80ef7d2ba0be0634202b7f96d79d360186a9cbe1c29b70f8c881acfsilk.c allows you to craft custom HTTP requests. Makes it simple to set the method, vhost, referer, uri, agent, and http version.
35938e66281bbf6dfc683c4e3cf483e136f5cca7e60c03a024454edf01a8cec8eSS is a remote security scanner for linux that scans remote nodes for known security flaws. It does some of the simple probing technics automatically like banner grabbing, OS guessing. Includes a multithreaded TCP portscanner.
41d0d71c307fbb3009e934f1b1d31435169484601f32dff56538de5770a42377Apache DSO backdoor - A get request to a "special" url allows remote command execution.
d49407f8380be928bcc8cb57171d11ca41fd2ec1f61a4678089d8ce1b6f3aaa9Debian Security Advisory - Majordomo will no longer be distributed with Debian linux due to licensing restrictions which do not allow a fixed version of Majordomo to be distributed. If you are using majordomo we recommend that you replace it with one of the many other mailing-list tools available such as fml, mailman or smartlist. Debian security homepage: http://www.debian.org
05be458888b11488009cce8158839b8086d482254e1862d1ef230b28bd791957Microsoft Security Bulletin (MS00-037) - Patch Available for "HTML Help File Code Execution" vulnerability. Microsoft has released a patch for a security vulnerability in the HTML Help facility which ships with Microsoft Internet Explorer 4 and 5. The vulnerability allows a malicious web site to launch code on a visiting user's computer without the user's approval. Such code could take any actions that the user could take, including adding, changing or deleting data, or communicating with a remote web site. Microsoft FAQ on this issue available here.
2a85b0eb44b421e06ad2885b46582cb0f459c6609e585227ee502531b4ab6fb8gdm (xdmcp) remote root exploit. Tested against SuSE 6.2 and RedHat 6.2 running gdm-2.0beta1-4. Binds a shell to port 3879.
5f84108be835cb86e853f427609a8dabcca65b14019c0c0ca3b864c31c36179bThis advisory presents an analysis of several vulnerabilities in the TACACS+ protocol. Unfortunately, only some of the vulnerabilities can be fixed without breaking the interoperability. Thus, the main purpose of this advisory is to identify the weaknesses, to allow for a conscious decision to be made on how much trust to place into the encryption offered by TACACS+.
072ddc2bf221d5c240f48441f527c417d20180f2dd0752f271db6be05c4d6be2Delphis Consulting Plc Security Team Advisory DST2K0003 - Buffer Overrun in NAI WebShield SMTP v4.5.44 Management Tool for Microsoft Windows NT v4.0 Server (SP6). Any user who can connect to tcp port 9999 can obtain a copy of the configuration. Secondly, if you pass an oversized buffer of 208 bytes or more within one of the configuration parameters the service will crash overwriting the stack but and the EIP with what ever was passed within the parameter.
5230eece683fd72a6c2495b32df00a21a3efe154506ea65502fe723b503ba75aDelphis Consulting Plc Security Team Advisory DST2K0007 - Buffer Overrun in ITHouse Mail Server v1.04 for Microsoft Windows NT v4.0 Workstation (SP6). Sending an email via SMTP to an IT House Mail Server with a recipient's name in excess of 2270 bytes causes the IT House Mail Server to buffer overrun overwriting the EIP, allowing an attacker to execute arbitrary code on the the server.
04158d4a5fa3738aa4bbf98b226f6ad9e374d75fe9a62e42b5df8f4909473a59Delphis Consulting Plc Security Team Advisory DST2K0008 - Buffer Overrun in Sambar Server 4.3 (Production). By using the default finger script shipped with Sambar server it is possible to cause an Buffer overrun in sambar.dll overwriting the EIP allowing the execution of arbitry code.
05b6dfa2ec29e75514de7fa8cbc730fb79c63434ccf49ad1b6c49e7cedffd1cbxterm denial of service attack - By sending the VT control characters to resize a window it is possible to cause an xterm to crash and in some cases consume all available memory. This is a problem because remote users can inject these control characters into your xterm in many different ways. This sample exploit injects these control characters into a web get request. If an admin were to cat this log file, or happened to be doing a "tail -f access_log" at the time of attack they would find their xterm crashed. Tested against rxvt v2.6.1 and xterm (XFree86 3.3.3.1b(88b).
e795174a235a3f5459e6a457c90c55832ca2987bccf1247db19929754e389a0eWindows Media Encoder 4.0 and 4.1 is vulnerable to a remote denial of service attack. This source causes the Windows Media Encoder to crash with a "Runtime Error". Tested on version 4.1.0.3920. This is the vulnerability described in ms00-038.
2ed47a5509b2f1b80d55fd6418bff28abd5d3f4d1ccef95b325aedc8176ceeadSecurity Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
b9e878d60975e8423fe2f6fd111af65627f5ad6761a8ae20153c699859a24004Tcpdump2ascii version 2.10 - Takes the hexadecimal output from tcpdump(8) and produces the ASCII equivalent side by side.
c06763c61879d769de62d6811f0ed8d7e74faf1172022eda699969c8ea307ca1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed