Webonycer is a tool to assist newbies in chaining proxies.
d3e7b4559630143fbdf0e9a515c0715a6f02fdb5b46438a0828b187a92b994f6Synnergy Laboratories Advisory SLA-2000-14 - The BSD/Linux telnet client has a stack overflow which is not usually a security problem, except in the case of a restricted shell environment which allows users to set environment variables and run telnet. Perl proof of concept exploit included.
edc44b44131a6f19bee4f950cce7723477469f167ee3406d25923487214db406Exploit for the recently published Denial of Service Vulnerability in WebTV for Windows discussed on Bugtraq ID 1671 published on 9/12/2000.
8b66d8e815481bbb72395de08927c43e8bc87630b8ebaafcd5fa7b63694b0c8aRSTD is a companion to the Stealth IP stack which will send rate-limited tcp rst (Connection Refused) packets on specified ports.
c2b8d49b6fdff0931e95f85492dbfb02551ec85fc94d12432ddb2a7e487f6546Snortstart v0.17 is a bash script which acts as a wrapper for starting snort which aims to install, start and stop snort in a chroot jail under unprivileged user and group.
f819146994c6cc9de048ddcdbb411b19792f7ba7f075d8e9fa8f6c0def139babGnuPG is a complete and free replacement for PGP. Because it does not use IDEA it can be used without any restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application. Features RSA support.
a499f3582f0787317d4ca20bcdb7c892baf45a2e8da4dfacf42dddf0afc29cd0911 is a centralized interface that allows one to control whisker and nmap from a single program. It uses portscanning, OS detection, and searching for vulnerable Web-based applications/scripts.
fa5cc0f6c2a1bd8c23df01b1ba3d947e8a0cd5ee6925634742c6203bd7db858eNDiff compares two nmap scans and outputs the differences. It allows monitoring of your network(s) for interesting changes in port states and visible hosts. NDiff should be useful to network administrators, security analysts, and other interested parties who need to monitor large networks in an organized fashion.
32f1f209626d6e7c82687b7d38d38eb1da0a06bc300327b127dc4b5310148bd2FreeBSD Security Advisory FreeBSD-SA-00:46 - The screen port, versions 3.9.5 and before, contains a vulnerability which allows local users to gain root privileges. This is accomplished by inserting string-formatting operators into configuration parameters, which may allow arbitrary code to be executed.
42fc636e75dec72d9698572a3e19f2c6947bfa82773535479548ca93c2d63d53jew.c v1.1 is a linux based bluebox program. Features DTMF dialing, CCITT 5 dialing, some c5 toys, ACTS tone generation, and more. Dosn't studder like ADM's linux tone generation program.
d885f5f4273ab67eb9826c4627253a1fe638e6aa037101077d2dfa0c2e663614chkrootkit V. 0.17 locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, and Solaris.
bc34744b5328306b93b47066622634a50b5c355452a1f2b68495fe700faa53b4Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 509 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them.
675ea6db964d4d0a9825d2c09e5d4e0a6e31cebf39a3f970c265e9dad7e91878Winfingerprint 229: Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controlller), BDC (Backup Domain Controller), NT member server, NT Workstation, SQLServer, Novell Netware Server, Windows for Workgroups, Windows 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, Enumerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes.
40bf57d3f8c13c4a064696eb6aaa5bf41ad2424ba19056cdec86c41a41e74938Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: Microsoft "un-removable user" vulnerability, Wavelink 2458 vulnerability, IE 5.5 cross frame vulnerability, WFTPD dos vulnerability, Screen 3.9.5 local root vulnerability, php file upload vulnerability, QNX voyager issues, Glibc update, SunFTP vulnreable, and much more.
c898ce77ac0700892b460049f5f830a5924ec38d27ef1f526debe3ae6c0e33fbA security hole was discovered in syslogd distributed with SuSE 6.2 and 6.3. Local denial of service. Patches available here.
f9eda213e0b80c0aada004c3af66d392c1f5e5c90aea89f48c4d4610eab0854dSlackware Security Advisory - Xchat has an input validation bug which allows remote command execution.
30dc8aac1f0ccab4ffb1e0ba8491d2439abe3a70956951c5f2cf47f52ecaed0eMultihtml.c is a remote exploit for /cgi-bin/multihtml.pl, versions previous to 2.2 which spawns a remote shell.
1cb8b402e54df7815270db3a85536296536997d3459dfb03bc464424e639323cWeekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: WebSphere application server pligin issue, Mdaemon web services heap overflow, Camshot server vulnerability, Microsoft re-releases the NTML patch, Sambar server search CGI vulernability, Screen format string exploit. Also includes articles on the security of electronic banking, virus scanner inadequacies with NTFS, bi-lingual servers, Building a bastion host using HP-UX 11, Network Intrusion Detection of third party effects, Format String attacks, Mail Abuse prevention organization stands up to Harris Interactive, and much more.
42e75b75a52f4dea98cd72f8c46e09c594f8554e905a37edd3b42a0833bdec9cDebian Security Advisory - Multiple vulnerabilities have been reported in syslogd and klogd. A local root exploit is possible, and remote exploits may be possible in some cases.
9695e3a42ebd3dc161702a48d700c215c4c5371ddef3455dc38ba564d9c4a392Vigilante Advisory #13 - WinCOM LPD V1.00.90 for Windows NT contains a denial of service vulnerability. A steady stream of LPD options sent to TCP port 515 will eventually consume all the memory on that host.
ba7ccfd5b67e3c0588662c9527a602816dcfb0c5a62a0a91d09a4406cc5875b6Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
d770f361b5d417a6663e4a628f1bc6770d57622106e91f03860f8bacd3db92b9Napster sends the full path of all the MP3's it sends to the remote user.
2b462826c9393e9037288e380064d8302a7d3cb8499ca32b1d10dcd7d360e5f1C-Kermit local exploit. Versions 7.0.197 and below are vulnerable. Tested on Slackware 7, where it is not suid. It is suid on Olivetti X/OS R2.3, 3.x.
b1c58ec5e7f44694f976de55f2766d8a2088c17241a91eff5815c66be7258e40Kernel logging daemon klogd in the sysklogd package for Linux contains a "format bug" making it vulnerable to local root compromise (successfully tested on Linux/x86). There's also a possibility for remote vulnerability under certain (rather unprobable) circumstances and a more probable semi-remote exploitableness with knfsd.
2ecbd0ed65cc65018f64e392edb56708bf8a2ff389e963f1c9c260946bd00f25Vigilante Advisory #12 - Mdaemon 3.1.1 for Windows NT includes Webconfig and Worldclient which listen to TCP port 3000 and 3001. They both are vulnerable to a heap overflow vulnerability which could be used to execute arbitrary code. Fix available here.
9633e5d15d8fbf21e8c07e68f5b9143eb0b13c96a75fdb436fc56cddf57db245
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed