Sambar Server 4.4 Beta 3 and below for WinNT, Win95 OSR2, (possibly Linux affected) contains a vulnerability which allows remote users to browse the filesystem of the webserver. Fix available here.
682efe87f41f4ff59f349e51db891761fcbe069277019c774fc845c93fc2a01dVery basic guide to sending fakemail.
72db9f6e0f8c3a4da67938ab2b7a8ed1eac95751b1b2e9798b10b3332da5ac55UNIX/misc/vtgrab-0.1.2.tar.gz 0 Vtgrab is a utility for monitoring the screen of another machine. It only works for text consoles.
3c76542dbc1025ef88f44906d8ca9b17c650ad589b2d46159cc16485f1e5f504Saqueadores Edicion Tecnica Issue #23 (En Espanol) - Features articles on RPC hacking, MIPS R2000, electronics, an interview with Mixter, Domino tips & hacks, ADSL.
d0cc3fdcb8aa9fc96cb1cab73987347d4f0466e3c09409b2cfb7a4d0b61bba71LinuxSecurity.com Weekly Newsletter for September 11, 2000. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This weeks issue contains How to perform a secure remote backup, Introduction to Unix permissions, Using Postfix: A basic guide on configuring and installing, Booting without all the extras, Firewalls - Common Configuration Problems, Amateur Fortress Building in Linux, Authentication: Patterns of Trust, Solar Designer's 2.2.17 Kernel Patch, Network ICE Releases Open-source Carnivore, Researchers refuse Carnivore review, and more.
405dc01a9e4a17a465e19d9459e3373c2f2007a278f549111db49660b981ce83Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.
ea7e3aa3d266c5e5183b5617ce08b566de66401a52f1c0b35e62dd42c857fee8Pdump is a sniffer written in perl which dumps, greps, monitors, creates, and modifies traffic on a network. It combines features from tcpdump, ngrep, tcptrace, dsniff (and its webspy and urlsnarf), pfilt, macof, and xpy. It understands tcpdump-like syntax and allows easy modifications via a plug-in system. Readme available here.
f312f47fbf5e181eaef1e1785de4fa33f18d686d8cdfcb40874a22fd732570ebFreeBSD Security Advisory FreeBSD-SA-00:51 - The mailman port, versions prior to 2.0b5, contained several locally exploitable vulnerabilities which could be used to gain root privileges.
dedb3bb4a1ce3ca995f2fb71a6dfc4cc5f55e619fc981e278494f0f87dd01815FreeBSD Security Advisory FreeBSD-SA-00:50 - The listmanager port, versions prior to 2.105.1, contained several locally exploitable buffer overflow vulnerabilities which could be used to gain root privileges.
3e32fb931fa234b663d485febacb30965ed690394c9e151c22d8c8c63ec013ceFreeBSD Security Advisory FreeBSD-SA-00:49 - The eject port is installed setuid root, and contains several exploitable buffers which can be overflowed by local users, yielding root privileges.
031b23226b8c3145fcc2d633e190d78e52aa482d69c5e45788560e7f54bc4834FreeBSD Security Advisory FreeBSD-SA-00:48 - The xchat IRC client provides the ability to launch URLs displayed in an IRC window in a web browser by right clicking on the URL. However this was handled incorrectly in versions prior to 1.4.3, and prior to 1.5.7 in the 1.5 development series, and allowed a malicious IRC user to embed command strings in a URL which could cause an arbitrary command to be executed as the local user if the URL were to be "launched" in a browser as described above.
aed685a66de97edce6729dc5e82feed39ad7397a61a60b4b457ceaf446493e6dFreeBSD Security Advisory FreeBSD-SA-00:47 - The pine4 port, versions 4.21 and before, contained a bug which would cause the program to crash when processing a folder which contains an email message with a malformed X-Keywords header. The message itself could be deleted within pine if identified, but other operations such as closing the folder with the message still present would cause the program to crash with no apparent cause.
fef7796ba9f4008ae05e32e357e31610d2560144adcb1cfbe8ecff674325874cKlogd Local Exploit. Envcheck is a Linux kernel module which detects and prevents exploitation of the recent glibc vulnerabilities by intercepting the execve system call and sanitising the enviroment passed. At the cost of a very small performance penalty, it has advantages over a glibc upgrade, including logging of exploit attempts, it works with statically linked binaries, it is transparent to applications that may be sensitive to a change of glibc, and it partially protects libc5.
3c854c738a6a76ef40141f865055426a01aff9e74874c43676c3a699869312f9Vigilante Advisory #11 - Lotus Domino ESMTP Service Lotus Domino Release 5.0.2a contains a buffer overflow in the processing of SMTp commands, causing the service to crash. Tested on OS/2 Warp 4.5, it is assumed that other platforms are vulnerable as well.
899917d16df031887b0b09207f33847668e2d85bd87d183da90737c8950ead90Vigilante Advisory #10 - Intel Express Switch series 500 crashes when a malformed ICMP packet is sent to the Intel Express Switch or a host behind it. The switch looses all routing functionality but continues to function as a switch, except for the fact that learning also crashes, so new connections are not "picked up". Fix available here.
7256e8c0df1d7ce12f4af0950cdfe91032004217c0851024af0a141e17c70d5aMicrosoft Security Bulletin (MS00-063) - Microsoft has released a patch for a security vulnerability in Microsoft Internet Information Server (IIS). The vulnerability could enable a malicious user to prevent an affected web server from providing useful service by sending a particular type of invalid URL. Microsoft FAQ on this issue available here.
12d25552be38868a8fa36ffe9023fb0e2764f085ac7e10c191b403366e1535b4Vigilante Advisory #9 - Internet Information Server (IIS) 4.0 for Windows NT 4.0 is vulnerable to a denial of service attack as described in ms00-063 in which a certain series of requests can cause INETINFO.EXE to gradually consume all system ressources (99-100% CPU and all memory). When the pagefile can't expand any further, INETINFO.EXE is killed by the operating system.
f88b454e98f58dc0cab36e2079df258a10823f10487e75deb9870d645da092caRed Hat Security Advisory - The mgetty-sendfax package contains a vulnerability which allows any user with access to the /var/tmp directory to destroy any file on any mounted filesystem. A malicious user can create a symbolic link named /var/spool/fax/outgoing/.lastrun which points to any file on a mounted filesystem, and that file's contents will be destroyed the next time faxrunq is run.
6729a1a0b2737e85ae4f5ba7398a377fec561d503a17dd3698e11dd59d09872eAtstake Security Advisory - Netegrity's SiteMinder is a web access control product for Solaris and Windows NT that implements various authentication mechanisms to protect content on websites. Due to an error in SiteMinder's URL parsing, it is possible for an attacker to bypass the authentication phase and view protected web pages directly.
e0d3f793315991d1bfe7a1596da57ae4a879f58a9bf6b103ecee5c49798552b3A serious vulnerability has been found in IRIX telnetd which can give remote root access to any IRIX 6.2-6.5.8[m,f] system. The vulnerability occurrs when one of the environment variables contains a format string which is passed on to the syslog() function. Proof of concept exploit included (updated version - compiler and little endian fixes). Fix available here.
f3757ed7c83366e37236fcd1468ac10d93f1b85113d1d44c9616dc8a918135d9SuSE Security Advisory - pam_smb is a package that allows Linux/Unix user authentication using a Windows NT server. Versions 1.1.5 and before contain a buffer overflow that would allow a remote attacker to gain root access on the target host. In addition, Zope needs updating again and the Xchat IRC client can be tricked to execute arbitrary commands if the user clicks on an URL. SuSE security site here.
5a5cc35d33db367672c5f0cd1d3602494bd48a405273b950e7dabe93aac239c6ICMP Usage in Scanning v2.01 - This paper outlines what can be done with the ICMP protocol regarding scanning. The paper deals with plain Host Detection techniques, Advanced Host Detection techniques, Inverse Mapping, Trace routing, OS fingerprinting methods with ICMP, and which ICMP traffic should be filtered on a Filtering Device.
1ff9c1a751e358458994c2d61f241f21e90f086d7913e3155237dfdc53b0edabThis is a list of the ports which trojans run on. Updated Aug 2000, lists 350 trojans and thier default port. Newest version of this list available here. Archive password is set to p4ssw0rd. Use at your own risk.
3e1809812271d23eb04ede26e54c8aa3db1ba2160ff2c809ca459101541ee74aBeginners guide to unix hacking. Includes host enumeration, buffer overflows, firewalls, common mistakes, log cleaning, and more.
ea3139e78e2968521486618e39ab47156557263a1b247cf7ca40e4dfc47ca6c6Lsof is an extremely powerfiul unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port.
dbf618652685f94befe85ab1fcbe56c7cc178f174f75e966f269a3b022932bf9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed