Microsoft Security Advisory MS01-016 - A remote denial of service attack has been discovered in WebDAV, and extension to the HTTP protocol included in Windows 2000 IIS 5.0. Microsoft FAQ on this issue available here.
c80117b9bf7cc43251692b9718db26d94050802d79ad071dfb50f1e55501d4d4Remote Nmap is a python client/server package which allows many authorized clients to connect to a centralized nmap server to do their port scanning. This could be useful for security companies who want to have all their scans come from a dedicated machine.
6e2d5296e6d2c16093f2ba394662e10723c9b919de3d5ea44c60358ad8fd3287Debian Security Advisory DSA-044-1 - The mail program (a simple tool to read and send email) as distributed with Debian GNU/Linux 2.2 has a buffer overflow in the input parsing code. Since mail is installed setgid mail by default this allowed local users to use it to gain access to mail group. Since the mail code was never written to be secure fixing it properly would mean a large rewrite. Instead of doing this we decided to no longer install it setgid. This means that it can no longer lock your mailbox properly on systems for which you need group mail to write to the mailspool, but it will still work for sending email. Debian security homepage: http://www.debian.org
65225d45fe97f937fa6791a4d502df39372d4b4b6ff6ce1d5471044798905136Suq Diq v1.00 is a remote exploit for IBM Net.Commerce, WebSphere and possibly other IBM and Lotus applications as well. These products use Tripple DES with a fixed key by default, allowing remote users to gain the usernames and plaintext passwords of all Net.Commerce accounts. Exploit URL's included.
456ddf7f21b031b28f2dde450649305feb794560bd860f5ff50870ac332465dcchkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, Solaris, and OpenBSD.
4fb32cf69c099e1c1c8fb0a829f0cf20295af56a66ccb91b51642d0d8d5d2bafFreeBSD Security Advisory FreeBSD-SA-01:29.rwhod - Malformed packets sent to the rwhod daemon via UDP port 513 could cause it to crash, thereby denying service to clients.
d0e5626fc0a114aca4d206ed884b059d29eb84f5db39bad6f452ffdbbdb3ec07FreeBSD Security Advisory FreeBSD-SA-01:28 - Malformed packets sent to the timed daemon on UDP port 525 could cause it to crash, thereby denying service to clients.
4b53ee36f6fd34c4b54d687a1dac18792fc95ea30d370ff8f2d80275bbbe55ffFreeBSD Security Advisory FreeBSD-SA-01:27 - The cfengine port, versions prior to 1.6.1, contained several format string vulnerabilities which allow a remote attacker to execute arbitrary code on the local system as the user running cfengine, usually user root.
a7f47cec624617cb484ffc0d9e3ccf954f580bd00348310894bd1aac303a4cd2FreeBSD Security Advisory FreeBSD-SA-01:26 - The interbase port has a hard coded backdoor which has full read and write access to databases stored on the server, and also gives the ability to write to arbitrary files on the server as the user running the interbase server (usually user root). Remote attackers may connect to the database on TCP port 3050.
a541aa5579236a77051e5dcbc2246ce72182fdea0f95eaace89c3acbd18ad1efFreeBSD Security Advisory FreeBSD-SA-01:23 - The icecast port, versions prior to 1.3.7_1, contains multiple format string vulnerabilities, which allow a remote attacker to execute arbitrary code as the user running icecast, usually the root user.
e32a64dc0b3ab0cbabbdccc9b1c5ab6d87888e20dac4061a5944907543de4e36OpenSSH-2.2.0 remote exploit - Includes a wrapper to brute force the offset.
69c2cf51173e0fc8e778c6301220d383a260b74f3973fc7a977063b57e64b674nPULSE is a web-based network monitoring package for Unix-like operating systems. It can quickly monitor tens, hundreds, even thousands of sites/device s at a time on multiple ports. nPULSE is written in Perl, uses nmap as its core scanning engine, and comes with its own mini web server for extra security.
a22ae4ce7edafd40a197aabf965a8be7f7cdcdd3b9d8cbef6d161551d9e846d8Disassembling programs on Debian Linux 2.2 using gdb.
56d9a1c2e8443b0f76c19af756ecdda7c41fa869fa870e362ec15110a4a21e2bICQ 2000b build #3279 Banner Remover.
b1e477ddfe63142517b9a3c4644f09983bf34d3a7f04e717580d9a205b239ca0Auto.txt lists eleven known and unknown methods of starting programs upon bootup in Windows. Trojans, backdoors, and keyloggers often use these to restart themselves.
2be6281495c93af23929c2c718feed2fda08f10646b64b0c3c7a014be08296b0WARD v1.0 is a classic war dialer: it scans a list of phone numbers, finding the ones where a modem is answering the call. Wargames still r0cks. WARD can generate phone numbers lists based on a user-supplied mask, in incremental or random order. Remember to change some defines to make it fit your current system configuration. Tested on Linux.
3d6ac9f41626b7fe14cf0698b5eba65d9ddbf380d57d73126c87d9614543d3c5Cit-scan is a scanner for Linux which scans for common services. Features randomized IP generation.
5bdf7c154e8074152b5d27eb1c02e14619af40b4462e9ccaa294274d08107dfbLocal exploit for /usr/X11R6/bin/ascdc v0.3-2-i386 which overflows the -c switch.
369413df47f94becaec9f4e8410f671ac2ad5558dfd1fab00aa597cde7c8de5dRKit is a Linux LKM backdoor/rootkit which intercepts the SYS_setuid call and ups a specified UID to 0 when that user logs in thereby successfully (and covertly) backdooring the root account.
9e0558a46516706382a2647e56185358b0531f40282626e1c0cbf6705a4a05d2Sqlping v1.1 (unix port) is a tool which sends a specially crafted UDP packet to port 1434 to SQL Server 2000 which will return gobs of useful info including SQL version and service pack. Based on SQLping from http://www.sqlsecurity.com.
05a1be726607efbcb157f03dc375f6e2e53bd8ce933f93a6dc180bd70d37eaf7Sqlping v1.2 is a tool which sends a specially crafted UDP packet to port 1434 on SQL Server 2000 which will return gobs of useful info including SQL version and service pack. Features the ability to send broadcast queries. Released at Black Hat Windows 2000 Feb 14th and 15th.
55222ecc8d6707ba80fdc70f94f75b0c659234cf866a6db70c7971c3d37a276aDebian Security Advisory - On versions of Zope prior to 2.2beta1 it was possible for a user with the ability to edit DTML can gain unauthorized access to extra roles during a request.
e59e84ea5add01b5cbf3c7251d060ddd800507723217e66b84e417e02472ca4bDebian Security Advisory DSA-042-1 - Gnuserv, a remote control facility for Emacsen which is available as standalone program as well as included in XEmacs21, has a buffer overflow which can be exploited to make the cookie comparison always succeed.
9ed783e0c6abaf46763de9ff4df5c7e63418c4cad78d6fe51f25bf934992f3ccNmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Screenshot available here.
2daefb4ffb47bf34b2d5a8e52abb432d5c8e3cf93a7f96aea425cdea97acad99Downloads a file via ftp. Executes it. Removes it. Easy to hide. Easy to bind. C++ source. Archive password is set to p4ssw0rd. Use at your own risk.
135eed4a33cd7b8f95b4c8864e0e61c5ce1f793d3aca1b36baaa24ba58add957
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed