Securax Security Advisory #13 - When someone telnets to a unix system, the tty that will be assigned to him will be writable for any user on the system. However, when he is logged in, his tty will not be writable for all users. So if someone would write data to a tty that is currently used by someone who's logging in, that person won't be able to log in. Includes ttywrite.c proof of concept code.
e75a840488618e3a62e3bda5514108f15199ee99169afe9ae87c7041a15d8156~el8 issue 1 - In this issue: H/P trading cards, hp2.adv info, identdkill, testsyscall, rm -rf / shellcode, the unix virus childrens manual, super code ripping contest, a mail bomber, and much more.
4303a18801f7f0d03a0b04fb35025fbf12a7c386b0ff7c456970f9b11f5e920eFreeBSD Security Advisory - Three problems affect the /proc filesystem on FreeBSD. The first allows unprivileged local users can gain superuser privileges due to insufficient access control checks on the /proc//ctl files, which gives access to a process address space and perform various control operations on the process respectively. The second allows local users to deny service to a machine by mmap()ing a processes own /proc//mem file in the procfs filesystem. The third allows users with superuser privileges on the machine, including users with root privilege in a jail(8) virtual machine, to overflow a buffer in the kernel and bypass access control checks placed on the abilities of the superuser. This allows root users to break out of the jail environment, lower the securelevel, and load modules in kernels where module loading has been disabled.
1be1e19e18220a02b70cfb8ea9e3cbd761ff6f228fe93d6cbd2e541f870d4df1FreeBSD Security Advisory - The BitchX port, versions prior to 1.0c17_1, contains a remote vulnerability. Through a stack overflow in the DNS parsing code, a malicious remote user in control of their reverse DNS records may crash a BitchX session, or cause arbitrary code to be executed by the user running BitchX.
716fb15322642749f5eca910e3091b28b14df85543d8631e488adbb658af1d9eSecurax Security Advisory #11 - XFree86 Version 3.3.6 is vulnerable to a remote denial of service attack over tcp port 6000. The server can freeze if sent many characters, requiring a reboot to restore normal operation. Includes Linnuke.c proof of concept code.
d85f44f0f08c172627069fd7c4b1a4471100fdaa8e7642820989936cc36dee3fNetscape Navigator Cookie Cutter - Let you choose which cookies to use under Windows Netscape.
7da809c5f6d64bda6e064dd62376f78d955fdca042e8d18f7ea7b0d8cddde26ctyrec is a tty recorder. Recorded data can be played back with the included ttyplay command. It can record emacs -nw, vi, lynx, or any programs running on tty.
7f977aa4c2da2d74ce73006d29d036a8684d0a8b040735fc27eebd3e5b28ef9bfwlogwatch analyzes the ipchains, netfilter, or iptables packet filter logfiles and generates text and HTML summaries. Features realtime anomaly alerting capability, an interactive report generator, and the ability to cut off attacks by adding firewall rules.
83a95d75c1dd591dfd451d076d426f71bcfbca41afe1ebb1c0cc03a40f923af8utcpdump is a stripped-down version of tcpdump 3.4 that was developed for Trinux but may be suitable for other low-footprint/floppy/embedded Linux/*BSD distributions. It provides only a subset of the features/protocol decodes available in the full version of tcpdump, and is primarily useful for conducting basic network troubleshooting.
d4031d6b10d1c177d8037f72fd07be3480b5f0d1f0b1c96351d73651b2ff5ad0Angst is an active packet sniffer, based on libpcap and libnet. Dumps into a file the payload of all the packets received on the specified ports. Two methods of active sniffing are implemented - Angst is able to monitor ARP requests, and after enabling IP forwarding on the local host, it sends ARP replies mapping all IPs to the local MAC address. In addition, it has the ability to flood the local network with random MAC addresses (like macof), causing switches to send packets to all ports. Only compiled and tested on OpenBSD. Readme available here.
5315c9f3d6bbe30419bc08bf3738e09481778abb5dc744de823f3467c52c2496The idea of the International Kernel Patch is to collect all crypto patches so that using crypto in the kernel will be easier than today. The patch includes a number of crypto patches including a crypto API including Blowfish, CAST-128, DES, DFC, IDEA, MARS, RC6, Rijndael, Safer, Serpent, and Twofish, an encrypted filesystem loopback device using the crypto API, CIPE VPN and EnSKIP patches.
431cc42de0d1e0c44cb5aa5c2053bf382e34812c091638e2d2db1a16c35d048fsugarplum 0.84 - Sugarplum is an automated spam-poisoner. Its purpose is to feed large quantities of realistic and enticing but otherwise utterly useless data to wandering spam-bots such as EmailSiphon, Cherry Picker, etc. The intention is to so contaminate spammers' databases as to require culling out large portions, including any real data, and/or to require that spambots be instructed to avoid your site. Sugarplum detects so-called "stealth" spambots, and can be used to activate firewalling or more aggressive countermeasures at the administrator's option. It includes Apache mod_rewrite rules for known spambots.
d0e4455fa9a3d1cccf4600c0a05a42f7e20697dfdf8c922573672e611f3b47a1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed