Microsoft Security Bulletin (MS00-077) - Microsoft has released a patch that eliminates a security vulnerability in NetMeeting, an application that ships with Windows 2000 and is also available for Windows NT 4.0. The vulnerability allows a malicious user to deny service to a NetMeeting server. Microsoft FAQ on this issue available here.
3c668e9e0ef4c2472401d28101f1e4541a99dd6185589b9f9706e5803eb6eb01Debian Security Advisory - The version of curl as distributed with Debian GNU/Linux 2.2 had a bug in the error logging code: when it created an error message it failed to check the size of the buffer allocated for storing the message. This could be exploited by the remote machine by returning an invalid response to a request from curl which overflows the error buffer and trick curl into executing arbitrary code.
b4546e53189726ce86a3b698d2a39926c6eabfb3a4c4ab5225418a919e65a44aFreeBSD Security Advisory FreeBSD-SA-00:57 - The muh port, an IRC bouncer, versions 2.05c and below contains a vulnerability which allows remote users to gain the privileges of the user running muh. This is accomplished by sending a carefully crafted exploit string containing string format operators to a user using muh but who is not connected. When the user reconnects and executes '/muh read', muh will allow the remote attacker to execute arbitrary code as the local user.
8f36eb60edcb01ea36fa29e159e50ecf301ee4326c181259fc41a4249d047569FreeBSD Security Advisory FreeBSD-SA-00:56 - The LPRng port, versions prior to 3.6.24, contains a vulnerability in syslog() which allows remote and local root compromise.
383a13988913ece81c3d550a90cc2d095ebcae22e3dc9547ad51506fae541281FreeBSD Security Advisory FreeBSD-SA-00:55 - The xpdf port, a PDF viewer for X, contains a race condition which allows local users to overwrite arbitrary files as the user running xpdf. Additionally no shell metacharacter checking is done when visiting URLs.
fffc0e765e6068b8f2afe53e82d8918165e1e3bcbe5fa3d10ea50b7380a44a68FreeBSD Security Advisory FreeBSD-SA-00:54 - Shortly before the release of FreeBSD 4.1.1, code was added to finger(1) intended to allow the utility to send the contents of administrator-specified files in response to a finger request. However the code incorrectly allowed users to specify a filename directly, the contents of which would be returned to the user.
4b5af2dc80b56a25748f70615e7b9bee970529fb40be4967c4a47cf39c2e6d1eDebian Security Advisory - In versions of the traceroute package before 1.4a5-3, it is possible for a local user to gain root access by exploiting an argument parsing error.
96b99378a5e3df437c75a80827f0afcb8530f3b641e7bacf61037b6d1b4673a8Microsoft Security Bulletin (MS00-076) - Microsoft has released a patch that eliminates the "Cached Web Credentials" security vulnerability in Internet Explorer, which allows malicious users to obtain another user's userid and password to a web site. Microsoft FAQ on this issue available here.
da1c3e8d0916bf749858b704179dabc4b0d8870ddade71fd331d032ce13a8edeSynnergy Laboratories Advisory SLA-2000-17 - A flaw in Linux/UNIX Anaconda Foundation Directory, a yahoo style search engine based on the Open Directory Project allows remote users to traverse the webservers filesystem, allowing arbitary files to be read by appending a trailing NULL byte in URL encoded format. Exploit URL included.
114471e6a48ade395cf5dd9910cfbb9ebc5b97960e372c164656001a5ddd2840Godmessage Creator allows you to implement the Godmessage IV activeX attack with any binary you supply. Archive password is set to p4ssw0rd. Use at your own risk.
05516f6b41a3b42bf1118a69b356c3c549d89a355493f0ccc97d4bda177ac489Remote Nmap is a python client/server package which allows many clients to connect to a centralized nmap server to do their port scanning. This could be useful for security companies who want to have all thier scans come from a dedicated machine.
2a872d63b5468f22b07ce46bfc82936970287e1418ba149aca5824a4796efc76Microsoft Security Bulletin (MS00-075) - Microsoft has released a patch that eliminates the "Microsoft VM ActiveX Component" vulnerability in Microsoft virtual machine (Microsoft VM) for Windows 95, 98, Windows Me, Windows NT 4.0, and Windows 2000. If a malicious web site operator coaxes a user into visiting his site, the vulnerability allows him to take any desired action on a visiting user's machine by using ActiveX controls which are marked unsafe for scripting. Microsoft FAQ on this issue available here.
bb5c17def125a4361b08bc4f6c572106f17b422486a9caf1132046c6235a2855Kak.hta is a variation of the recent ActiveX Dotslash.
bdb21f8e4b7bfa50a24c006b6d2979c765ccd82a4bdedeee48257dd7ffdee0b2Microsoft Security Bulletin (MS00-074) - Microsoft has released a patch that eliminates the "WebTV for Windows Denial of Service" vulnerability which allows malicious users to remotely crash WebTV for Windows. Microsoft FAQ on this issue available here.
772280c0743fa28cd5eb802ad058d545f7ef5a95e7d6bd8b9d2d09f954bd87b0rhaft.c is a Netcraft imitation tool which can fetch some server information.
60e5b66a2cb02636f975d47b9b7628cf7990cd46a50502c50d06d794bc5bf068NSFocus Security Advisory(SA2000-04) - A denial of service flaw has been found in the Microsoft Win9x netbios client. An attacker can modify his host file share service and perform DoS attack against a Win9x client that visits it. Windows 95, 98, and 98se are vulnerable.
9236c974af81c4c844db26363d287b64b22ac6b3a14b0d4342716a88acbe836aNSFocus Security Advisory(SA2000-05) - Microsoft Windows 9x NETBIOS password verification contains a vulnerability which allows an attacker to use a share only knowing the first byte of the password, which can easily be guessed. This is the flaw described in ms00-072 which affects Windows 95, 98, and 98se.
7aef63a9de0679d5b03e709420e8ddace4d85f1bf4c6394a3d8949d58d90ea2aMicrosoft Security Bulletin (MS00-073) - Microsoft has released a patch that eliminates the "Malformed IPX NMPI Packet" vulnerability in Windows 95, 98, 98se, and Me. If IPX is installed, the machine can be caused to fail or flood the network with superfluous data. Microsoft FAQ on this issue available here.
64f4ccf487c0dc25586b7b958c5ab0d65657f3cb4b5012be3daa84acd131c9f4NSFOCUS Security Advisory(SA2000-03) - A denial of service vulnerability has been found in the IPX/SPX protocol implementation. When a WIN9x host receives a IPX NMPI packet that has the same source and destination machine name of its own, it will be lead to an infinite loop of sending and receiving packets. This attack will consume a large sum of CPU resource of attacked host, causing it to crash.
ee09333c713c3c147526afc9d6f8cea9c39dd915e503348778b1122d7781a015SAINT (Security Administrator's Integrated Network Tool) is a security assessment tool based on SATAN. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.
d4a2fa3f65a7eeae71ab52548598bc5ca4c0c7dbfa771ae2ca5d5761dcd8b08dThe idea of the International Kernel Patch is to collect all crypto patches so that using crypto in the kernel will be easier than today. The patch includes a number of crypto patches including a crypto API including Blowfish, CAST-128, DES, DFC, IDEA, MARS, RC6, Rijndael, Safer, Serpent, and Twofish, an encrypted filesystem loopback device using the crypto API, CIPE VPN and EnSKIP patches.
a53267652597064b7c591ffc8a54035b81f2ddac673e1eec9535e8476818b4ceZorp is a new-generation modular proxy firewall suite to finetune proxy decisions with its built in script language, fully analyze complex protocols (like SSH with several forwarded TCP connections), and utilize outband authentication techniques (unlike common practices where proxy authentication had to be hacked into the protocol).
af4de5fd0b6c4b60da55f824fea6923076484b3b7300ac59488942c058981087SuSE Security Advisory - GNU cfengine, an abstract programming language for system administrators of large networks, has several local root format string vulnerabilities.
f52aec0643cadd4f2fb5e2f95f5fd9d3969b607abef7aebde0e82ce715404736SuSE Security Advisory - esound, a daemon program for the Gnome desktop, has a race condition which allows local attackers to change the permissions on any file on the filesystem.
6c6d344c26218475b41876a24d93ef04e105e8ff868b589b666644cce3691bc5FreeBSD 4.X local /usr/bin/systat exploit. Gives a sgid kmem shell by exploiting the .terminfo bug in ncurses.
74912457abcb06d1b3486b0919890ed721d24f2ed15b58307dd60bb46c085361
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed