Cgichk is a web vulnerability scanner which automatically searches for a series of interesting directories and files on a given site. Instead of focusing on vulnerable CGI scripts, it looks for interesting and/or hidden directories such as logs, testing, secret, scripts, stats, restricted, code, robots.txt, etc.
47937001a230d3e10896211f3c3d820eb3e969277cbc5a736ef051717fd564f3Fuzz searches for new security vulnerabilities by generating random garbage which can be passed in several ways to programs to see if they can be made to crash or hang.
29b280efe18fc556c6dcba186c430ae12addb85b83e715cd6ee0e1ace1fb5058Foundstone Security Advisory - Two show code vulnerabilities exist with BEA's WebLogic 5.1.0 allowing an attacker to view the source code of any file within the web document root of the web server. Depending on web application and directory structure attacker can access and view unauthorized files. Proof of concept URL's included.
a1739693599c1bd00c0168ba2ed4568341d3855b737c21cb6ff4a6e8b88a66b3Etherape is an etherman clone which displays network activity graphically. Active hosts are shown as circles of varying size, and traffic among them is shown as lines of varying width. It is GNOME and pcap based. Screenshot here.
e445ae87463e53f2888604cecbf389c8eee66aceaa830406e73ae8645776a716The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.
dafaa757b66be13f66b725cb857e1ea3989a90eef7ce7a96ca8da47e6a5b7ce4Saint Jude LKM is a Linux Kernel Module for the 2.2.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occuring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.
e6bee285fc2507dd3ee0f6b64ca1459171be968066027209d9f561350491b65dJolt2mod sends a jolt2 attack without lagging the sending network connection nearly as much due to a rate limiting feature.
00e40bf51693c53612501d52fb8772bbcf1c18c7f3142b3d7afd8882d005570300[Sub]7 - The Ultimate SubSeven Logging Tool. Sets up a fake sub7 server on the default port which can send all sorts of false information to the client. Archive password is set to p4ssw0rd. Use at your own risk.
35bde1a83c22565aae447df36be760c1aa33e162f512ec9568a77aca6d272497Atalaya notifies an administrator of incoming connections using /etc/hosts.allow. Includes support for Festival for speech.
a896f0cedfcc58aaee0c6576c86859f242b0cdc49caac82cba0eaafe59c600c4Microsoft Security Bulletin (MS00-052) - Microsoft has released a patch for the "Relative Shell Path" vulnerability in Microsoft Windows NT 4.0 and Windows 2000. The vulnerability enables a malicious user to cause code of his choice to run when another user subsequently logged onto the same machine. Microsoft FAQ on this issue available here.
19505d9720f984106694cee0f43b13f70d2dcda0513aa6d4a59fad74f80eee1bNetwork Associates COVERT Labs Security Advisory - The Microsoft Windows implementation of NetBIOS allows an unsolicited UDP datagram to remotely deny access to services offered by registered NetBIOS names. An attacker can remotely shut down all Domain Logins, the ability to access SMB shares, and NetBIOS name resolution services. Vulnerable systems include all versions of Microsoft Windows 95, 98, NT and 2000.
2d068bd5c36d3f9dd4eb851e353b34f0284a6efd67b392a3dc8c87051d4f5ad9CVS v1.10.8 allows users to execute any binary on the server using CVS/Checkin.prog or CVS/Update.prog.
3bad54e974cc32ceefdd397039c3e78f336610cb288f63062a9e39840d1bfa34Plusmail remote exploit - plusmail fails to check authenticity before creating new accounts.
d135ccf5f8a6a9533ff037f70b405c3d3242fbe73307d53c2851b300624a774dBitchX-75p3 local exploit, Redhat 6.2 x86.
0fbfba9f5b11b246a994aa20de5302b946a018356a05381421a68087073333caThe D-Link DI-701 Residential Gateway has an open port which allows brute force password guessing, and has a factory set default password.
38facafaac95d809bb8da1935129228b1a5ac274f9bdd91ef816186614cbbffdDebian Security Advisory - The versions of the ISC DHCP client in Debian 2.1 are vulnerable to a root exploit. A previous Debian security advisory addressed this issue with package versions 2.0b1pl6-0.3 and 2.0-3potato1, but ISC has released a newer patch since the original advisory. You should install the latest packages even if you upgraded when the last advisory was released.
9b29537962857fbebac594b966a6cb551f040e65995b3c7e36c43171560b4ebbCgichk is a web vulnerability scanner which automatically searches for a series of interesting directories and files on a given site. Instead of focusing on vulnerable CGI scripts, it looks for interesting and/or hidden directories such as logs, testing, secret, scripts, stats, restricted, code, robots.txt, etc.
fe61ba4fc109af1ce8b8f0d11f83d37e20ea7a6a432d55d0598d816065a538bfNetView Scanner is a suite of three security tools for the system administrator or home user. NetView scans IP addresses for available Windows File & Print Sharing resources, PortScan scans IP addresses for listening TCP ports, and WebBrute scans web directories that are protected with HTTP authentication, testing the strength of the users' passwords. This suite is freeware penetration analysis software that will run on your Windows workstation.
cd7e986a662adfe3321f8980ebcf7a322c7ff4f9f572323fb12e430ea2605ad1The Linux IP Personality patch fools OS detection by changing some characteristics of the network traffic. Among the things that can be changed are the TCP Initial Sequence Number (ISN), TCP initial window size, TCP options (their types, but also their order in the packet), answers to some pathological TCP packets, and answers to some UDP packets.
cbfbf6d82b30b4ebbcf446bf81bdeae0049b1de667b7eb94c362ebb6b5163ebeMicrosoft Security Bulletin (MS00-047) - Patch Available for "NetBIOS Name Server Protocol Spoofing" vulnerability, which could be used to cause a machine to refuse to respond to requests for service via udp port 137. Windows NT and 2000 are affected. Microsoft FAQ on this issue available here.
3d676fd898b747c2ae0a8e6aa441b2094689b7ab920873053e04a6f8c7ed064cigmpofdeath.c is a modification of trash2.c which also sends out random type 2 igmp packets, as seen in pimp and pimp2.
1a0b90fb25e38665d05424f362ffbbf6374e0efd971ddd3b406e988288aa7fecWinamp contains a buffer overflow in its M3U playlist parser. It is possible to execute arbitrary code on a remote computer via a malicious playlist. Proof of concept playlist included.
9765035f7869f821c9fe0e6fe3c9d6e919118bc1a0033378ca09f8927214f384Shadowpenguin Security Advisory #39 - Adobe Acrobat Series PDF File buffer overflow. Many versions of Acrobat for Windows95/98/NT/2000 overflows when reading the PDF file which has long Registry or Ordering. The EIP can be controled and arbitrary code can be executed on the machine which views the PDF file. Patches available here.
517e6a13e53bcce4434518e0ff0fb9a5d889fe202d03af6d287ea2a02993baafRed Hat Security Advisory - gpm as shipped in Red Hat Linux 5.2 and 6.x contains a number of security problems. Additionally, a denial of service attack via /dev/gpmctl is possible. The newest gpm packages fix both these vulnerabilities.
ec2a6106adfda36f24bbf008cd22c924ced4bb4ed422fc3d0c2800773da2f69dicmpstrike.c is a modified trash.c with spoofed source addresses. Trash.c sends ICMP packets with random error codes which lag or freeze Windows98/95/2000/NT machines.
0a00551e7817686d2b2c9c0d5a0e1fead1565853f18f228d587c68aaef0636b9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed