Microsoft Security Advisory MS01-012 - Outlook and Outlook Express can be tricked into executing arbitrary code via email messages which contain malformed vCards. When the vCard is opened, a buffer overflow error can cause Outlook to crash, or take any desired action, limited only by the permissions of the recipient on the machine. Microsoft FAQ on this issue available here.
2e6cf339348dc60f225d723233b963526abbd218f50a213c38d40f0e9496c1eeArb-Scan is a remote banner scanner, written in Bash and Perl. It currently supports ftpd, sshd, smtpd, domain, finger, httpd, pop2, pop3 and imapd banner checks. It features IP file reading and logging.
9a371bd38e45b14ff42dd09abe53fed5e617260a960dea1e206c70d212c3d552Scponly is an alternative shell (of sorts) for system administrators who would like to provide file transfer over SSH without providing any remote execution privileges. Functionally, it is best described as a wrapper to the "tried and true" ssh suite of applications. Features extra logging, chroot, file listing, and security checks.
bc91c05b653c367b8c1fa8a708b06df2898067279dd22f99e961ef0059e56ef5Description: Userl4nd is a simple package that will brute force accounts via ftpd. Though simple and effective at times, FTPd activity is easily and most likely logged. Currently works best against Linux systems with traffic on fair bandwidth.
3ef49ac678e3b5084b0b86275950c63ec81d77bf03d57643c9ccbb70dec18148ARPCI2 automates the task of sending rpcinfo requests to a mass of hostnames. ARPCI2 is intended to be a small package with a fair amount of features including time stamp, vulnerability notifications and logging, and a clean interface.
a0a68c3d9c4aba7a3808539d9a6e78fc3bcf5a30d104e966846608da1f984525Patches for Openssh-2.1.1 to exploit the SSH1 crc32 remote vulnerability.
4d5482a1c11fa6938554ffda52292aaf2894fd00793cdfbc28a33a512f6e94ddThis article discusses the recently discovered security hole in the crc32 attack detector as found in common ssh packages like OpenSSH and derivatives using the ssh-1 protocol. It is possible to exploit the crc32 hole to gain remote access to accounts without providing any password or to change login-uid if a valid account on the remote machine exists. Includes an exploit in the form of a set of patches to Openssh-2.1.1.
cd27d3d0419edb7ada37aee549f85877335a9048bec6e6842b8c7614a5947806Cell phone cloning for beginners (microsoft word format) - Covers ESN programming, snarfing, and more.
831de03b395ce65b7e4ca97611198178219d25df9abffacd04c1a8838e4f0228This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
42809a94a8db02acdf52353523b4e063ef735a949796ca0a3fc3695a2cbe0a86HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories iff they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.
26e213583a40c8da84ee0f58e090065625adfafc3bb4fe27bbc33426328f874fHAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories iff they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.
e4308abac01e5491aacb30967a7fd233944e2cd1fe0c9cce3558b119b04f5382Merant Micro Focus Cobol 4.1 local root exploit - Writes to /var/mfaslmf/nolicense.
b3e6feb09ab94e71a3134d21b92fbc379b90d55ded65c2e679fcd15a4ef25b91FreeBSD X key lock (xklock) v2.7.1 and below local root exploit - Tested on FreeBSD ports collection v3.5.1 and v4.2.
c4dd124149e7e5bf8e081992f5222838ea736a6a2d2fb554c015d78b41490b57Microsoft Security Advisory MS01-011 - A core service running on all Windows 2000 domain controllers contains a flaw in the processing of requests which allows remote attackers to use up most of the CPU, limiting the number of logins the machine can process. Microsoft FAQ on this issue available here.
4f2a7e699ba6d383a5a2c3e8690ab871e83dce3ab2b17788fc1f20921baeea60Red Hat Security Advisory RHSA-2001:014-03 - A locally exploitable buffer overflow was found in the crontab command in the handling of long usernames - If the system administrator has created usernames 20 characters long, it is possible for those users to gain elevated privileges.
c9d942e6d811a70f2061f713b8b18bc5e93bc8d091867ffd6a3f723608aeeddcSecuring IGS Cisco Routers v1.00 - This paper will describe how you should obtain remote and local, information about an IGS Cisco Router. After we have collected some information that is useful to us, we'll try to secure the router as much as possible.
562e7903c6f08e878af7573561022cf9f8609367a50b3705518f6e6ab89765f3CBD.c is a simple backdoor which allows machines behind firewalls to be controlled via outgoing connections.
72680bcedec7e00dde9290e30fe7813178a5b8cda122558b6d3a49b9871d7c3cDoorwatch is a tool for Windows 95/98/ME/NT/2000 which does IP scanning, port scanning, NetBios scanning, Trojan scanning, and more. Documentation in Korean - English here..
4c7bc5596f2c64e3aacdbe80cc5d8c322c0b4c6234f35f3aaf6279ed2a15d80bTWWWscan is a Windows based www vulnerability scanner which looks for 400 www/cgi vulnerabilities . Displays http header, server info, and tries for accurate results. Now features anti-IDS url encoding and passive mode scan. Tested on win95 osr2 win98,win98se,win nt4,win 2k/Me.
0759feb28ca9e981a6a5df1a4ce9234f54b9bb0df874159150b208e2c52cb3bdLpdfp is a perl script which sends a malformed query to TCP port 515 in an attempt to determine the remote OS. Whitepaper available here.
5aba8532c4351159c472bcfbf2237056ad0f1d10dcae1ced7682f8068c5a94edRemote OS Detection using LPD Querying - Line printer daemons listening on TCP port 515 can give away information about which OS is running. Proof of concept code which contains a database of LPD returned messages and OS matches here.
cded128bdfd32167081a2f12af24098e14d48c17d622174b582fc793b3e6d45dNmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Screenshot available here.
80dc1e92e456d139488c3d46a07f85edc99f24c693be2abffe7d1e19da8e6146The purpose of this app is to illustrate inconsistencies in the MS implementation of the RestrictAnonymous registry setting.
d6df10eb7f0b38d84f1de3f0c3fdab2f52f62ea42623b850c5b20c8b0b286a98The purpose of this app is to illustrate inconsistencies in the MS implementation of the RestrictAnonymous registry setting.
54a8f594254f8385c2c02fe7a62622582d763ae1448a25aeca9b46fcc20020c7Integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.
fc5b9e14dce5c202e0d0b107a8cb86a89cd50094799d6664e3bb0ec26afd7a2e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed