exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2001-04-22 to 2001-04-23

ms01-022
Posted Apr 22, 2001

Microsoft Security Advisory MS01-022 - The Microsoft Data Access Component Internet Publishing Provider provides access to WebDAV resources over the Internet. It contains an implementation flaw causing it to handle all requests in the security context of the user. As a result, if a user browsed to a web page or opened an HTML e-mail that contained script, that script could access web-based resources as the user. It is likely that at a minimum, the attacker could browse the user's intranet, and access web-based e-mail as well. Microsoft FAQ on this issue available here.

tags | web
SHA-256 | 44db5213ed41bbd17999a666108a7c3f4de1bd1b055a49df7f1da3d7e837ddc5
icqrin14.zip
Posted Apr 22, 2001
Authored by Moritz Bartl | Site headstrong.de

ICQr Information v1.4 reads out ICQ Database (DAT) files including personal data such as passwords and deletec contacts. ICQ versions 99a, 99b and 2000a/b are supported.

Changes: Drag and Drop support, several bugfixes.
SHA-256 | b2789d0ed40278f44b3e8f425331b7e500885dd3615c47b611199a01120a0c46
debian.cfingerd.txt
Posted Apr 22, 2001
Site debian.org

Debian Security Advisory DSA-048-1 - Cfingerd v1.4.1 and below contains a remote root vulnerability in the logging code. When combining this with an off-by-one error in the code that copied the username from an ident response cfingerd could exploited by a remote user.

tags | remote, root
systems | linux, debian
SHA-256 | 4f2c12f6d99ee40361976febf66e64d47d18e894ffe3b2fab72ba9d1c6cef850
crank-0.1.3.tar.gz
Posted Apr 22, 2001
Site crank.sourceforge.net

Crank is short for "CRyptANalysis toolKit", and its overall purpose is to provide a powerful and extensible GUI environment for solving classical (pen-and-paper) ciphers, providing as much automation as possible. Initial focus is on the cryptanalysis of monoalphabetic substitution ciphers. Screenshot here.

Changes: Includes easier plugins, added transposition.grid-controls added (rectangular grid transposition ciphers) and steganalysis.word-gaps added (hidden cipher breaker).
tags | encryption
SHA-256 | 10138da429af76f9110c0ea15cea7d8ef95077494b162250f5eb89bda8b45509
zorp-0.8.3.tar.gz
Posted Apr 22, 2001
Authored by Balazs Scheidler | Site balabit.hu

Zorp is a new-generation modular proxy firewall suite to fine tune proxy decisions with its built in script language, fully analyze complex protocols (like SSH with several forwarded TCP connections), and utilize out of band authentication techniques (unlike common practices where proxy authentication had to be hacked into the protocol).

Changes: Fixed a segfault in the FTP module, and fixed some bugs in the core module including umbrella zone support, zorpctl now takes care of stale pidfiles, experimental support for Linux 2.4 netfilter.
tags | tool, tcp, firewall, protocol
systems | unix
SHA-256 | 02ec2db9d72a83c6a0e6041705783f33ceb8cb2ef856e501c3ef58af0bfd5c9a
portfwd-0.19.tar.gz
Posted Apr 22, 2001
Authored by Everton da Silva Marques | Site nucleo.freeservers.com

Portfwd is a small C++ utility which forwards incoming TCP connections and/or UDP packets to remote hosts. Multiple forwarders can be specified in a flexible configuration file. There is support for FTP forwarding.

Changes: Some problems preventing compilation on RedHat 7.0 have been fixed. Support for GNU Autoconf/Automake has been improved.
tags | remote, udp, tcp
systems | unix
SHA-256 | f25a61546256b4521cbcc08d4382a4f0bead73b52f1ba49013b8eb1979b9aee3
outguess-0.2.tar.gz
Posted Apr 22, 2001
Site outguess.org

Preserves statistical properties of the cover medium, no known statistical tests can detect steganographic content. Determines the size of a message that can be hidden safely. Uses more DCT coefficients in the JPEG format. OutGuess 0.2 is not backwards compatible with OutGuess 0.13b. Please upgrade to OutGuess 0.2.

tags | encryption, steganography
SHA-256 | 2f951ed7b9b9373fae8fe95616d49c83ae246cf53a2b60a82814228515bfa7d6
stegdetect-0.1.tar.gz
Posted Apr 22, 2001
Site outguess.org

Stegdetect is an automated tool for detecting steganographic content in images which is capable of detecting several different steganographic methods to embed hidden information in JPEG images. Currently, the detectable schemes are jsteg, jphide, and outguess 01.3b.

tags | encryption, steganography
SHA-256 | 3f0c46906d4a507c996967b2780a9968cfa1e24446dfdd0cf7357afaf78b33c5
snoopy.pl
Posted Apr 22, 2001

snoopy.pl is a simple SNMP scanner written in PERL, and making use of the Net::SNMP module. It will scan a list of hosts, and report the system id back if a valid community string is found.

tags | tool, scanner, perl
systems | unix
SHA-256 | cbfc11eb6c20a75049d500a8068cd3e913176e085b0eca948b9b669daab52926
corkscrew-1.4.tar.gz
Posted Apr 22, 2001
Site agroman.net

corkscrew is a small program for tunneling SSH through HTTP proxies. It features easy configuration and support for several Unix variants.

Changes: Fixed bug causing corkscrew not to run on Solaris and HPUX.
tags | web
systems | unix
SHA-256 | fda07a98b859a2b392feaa18efb6d1439af4894e53cdb176314d6925273979a2
SING-1.1.tar.gz
Posted Apr 22, 2001
Authored by Andres Alfredo | Site s21sec.com

SING, or "Send ICMP Nasty Garbage.", is a tool that sends ICMP packets fully customized from the command line. Its main purpose is to replace and complement the ping command, adding certain enhancements as fragmentation, sending and receiving spoofed packets, sending many ICMP information types (echo as the old ping, address mask, timestamp, and router discovery) and errors (redirect, unreach, and time exceeded); and send monster packets. It also supports loose and strict source routing and record routing.

Changes: Added MAC spoofing support and a better timestamp reply. Libnet included in distribution. Parser totally recoded. Better remote OS fingerprinting. Solaris 2.8 support. Fixed wrong ICMP checksum sending Router Solicitation and Router Advertisement packets. Added support for platforms with many, many, *MANY* network interfaces.
tags | tool, spoof
systems | unix
SHA-256 | aed0af97180a25926f8a0bf83ddfa301ac7ab6b6c3f01ab111d855b4dafa2b77
fwmon-1.0.4.tar.gz
Posted Apr 22, 2001
Site sourceforge.net

fwmon is a firewall monitor for Linux which integrates with ipchains to give you realtime notification of firewall events. It has fairly customizable output, allowing you to display a packet summary, hex, and ascii data dumps to stdout, a logfile, or tcpdump-style capture files. It also boasts some simple security features such as the ability to chroot itself, and does not need to run as root.

Changes: Lots of new documentation was added, including a man page. A few bugfixes were made. Documentation on using fwmon with iptables was also added.
tags | tool, root, firewall
systems | linux
SHA-256 | 89aecef8be2dad5728bbe94cf5b6243d4b583d3920f5390e824d37f17d9c1958
syslog-fifo-0.01.tgz
Posted Apr 22, 2001
Site sourceforge.net

syslog-fifo reads syslog messages from a fifo pipe, files them according to type, date, machine et,c and alerts users if 'regex' patterns are matched. It is very useful for large sites with central syslog servers.

tags | system logging
systems | unix
SHA-256 | 0859612fc82411e182087bd6d4a08dfd4fc8ab221177f98a614b7e598672fcbc
Samhain File Integrity Checker
Posted Apr 22, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (stable branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6. The stable version does not support all features that are mentioned in the summary. Client/Server communication is not encrypted, and wildcard patterns for filenames are not supported.

Changes: Verifying the integrity of the log file has become more convenient, alignment for the memory profiling code has been fixed to make it work on Solaris, and some bugs have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 95b8dc0feb825c5838066c1efa265cacbdb56ba1ec54e264939c3b70b8099cd9
Samhain File Integrity Checker
Posted Apr 22, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (development branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6. The devel version has more advanced features, but not all options are thoroughly tested yet.

Changes: Verifying the integrity of the log file has become more convenient, alignment for the memory profiling code has been fixed to make it work on Solaris, and some bugs have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 59110c9b17c7a9e01f591414e5ac61ae4abf9a086b8ddef3f20dec0cb95804c0
dynfw-1.0.tar.gz
Posted Apr 22, 2001
Site gentoo.org

dynfw is a collection of robust bash scripts that automate common iptables firewall-related tasks, such as blocking hosts, ratelimiting access to services, ratelimiting specific hosts, preventing a user on the system from generating any network data, and more. These scripts have been designed to work with virtually any type of iptables-based Linux firewall. All tools record the IP/UIDs currently blocked/limited to allow for easy rule modification.

tags | tool, firewall, bash
systems | linux
SHA-256 | a3ab2dac1cb0b9598b7571ef48b5635d0fe196c061a07e1ca73764a084f49f5f
ipa-1.1.2.tar.gz
Posted Apr 22, 2001
Site simon.org.ua

IPA is highly configurable IP accounting software for Free and Open BSD. It allows to make IP accounting based on IP Firewall and/or IP Filter accounting rules. In most cases IP Accounting Daemon is run on public servers, software routers, etc. It uses powerful IP Firewall and/or IP Filter accounting rules and based on its configuration allows to escape from writing scripts to manage network accounting.

Changes: ipastat(8) now has a better understanding of incomplete queries in the -i or -I option.
systems | unix, bsd
SHA-256 | 3974dcb0baf28850abb9ba5cf7b8235e8acb63fac3bac44e967bd5b54315c439
saint-3.1.4.tar.gz
Posted Apr 22, 2001
Authored by Sam Kline | Site wwdsi.com

SAINT (Security Administrator's Integrated Network Tool) is an updated version of SATAN, designed to assess the remote security of computer networks. Features include scanning through a firewall, frequently updated security checks, 4 levels of vulnerability severity, and a feature rich HTML interface.

Changes: Version 3.1.4 was released to the public April 22 - 3 months after it was released to paying customers. Added checking for the Linux Ramen worm, a fix for a false alarm bug affecting Linux 2.4, checking for buffer overflow in Lotus Notes Policy feature, checking for Netscape INDEX request vulnerability, checking for vulnerabilities in icecast, statsconfig.pl, and wwwwais, and an updated Compaq Insight Manager check to detect new buffer overflow vulnerability.
tags | tool, remote, scanner
systems | unix
SHA-256 | ad4a5d652019088b18652fa2a55b2cbf8b4bf5db13093be9e19aee5ae8b2a48f
transconnect-0.3-beta.tar.gz
Posted Apr 22, 2001
Site transconnect.sourceforge.net

TransConnect is an implementation of function interposing to allow users behind an HTTP proxy (which allows https) to use networking applications like telnet, ssh, fetchmail, irc, whois, etc. as if they were directly connected to the Internet.

Changes: Support for FreeBSD, NetBSD, OpenBSD, and SunOS in addition to Linux. Testing was done on Linux, SunOS 5.7, and FreeBSD.
tags | web
SHA-256 | 63ab7e85bb16f4c0c06b80f51fc8d69bf138614d2955e26cc898f468be9c3d01
attackwatch-0.0.1.tgz
Posted Apr 22, 2001

Attackwatch is intended to enhance the security of small private networks that are already protected by a restrictively configured firewall but which still have a few ports open. Attackwatch will analyze the firewall output in near-realtime and will run scripts in response to incoming packets that got logged.

tags | tool, intrusion detection
systems | unix
SHA-256 | 0316aef9a7258b5cb0b6a35451300ac411dc50becc8b986cdb22034bc221f0a0
cheops-ng-0.1.4.tgz
Posted Apr 22, 2001
Site cheops-ng.sourceforge.net

Cheops-ng is a graphical network management tool for mapping and monitoring your network. It has host/network discovery functionality, OS detection, and it also does a port scan of each computer to tell what services are running, so you can use or administer them.

tags | tool, scanner
systems | unix
SHA-256 | 3a6098700c5b676dd5cd7c9f662c9066606d2d006015bcc2ab1ff5c421aeeb2e
if-1.4.9b.tar.gz
Posted Apr 22, 2001
Site karynova.com

Iridium Firewall is a very strong ipchains-based firewall with support for 21+ network services (including DHCP, NFS, SMB, HTTP, FTP, Telnet, etc.), masquerading, online gaming, multicasting, TOS flags, and specific port and IP blocking. Protections include twelve different types of IP spoofing, stuffed routing/masquerading, DoS, smurf attacks, control of the full range of ICMP datagrams, and many more. The script is configured completely through the use of a configuration file; no code hacking is required, but it is written so that users that know what they are doing can easily configure the script themselves. Iridium Firewall is heavily commented with instructions and explanations on various topics.

tags | tool, web, spoof, firewall
systems | linux
SHA-256 | 53580bf99b18eaac6e7e2840452a30ef213272c5f85b3b74626e37b641fb44ba
Page 1 of 1
Back1Next

File Archive:

March 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    13 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    31 Files
  • 8
    Mar 8th
    16 Files
  • 9
    Mar 9th
    13 Files
  • 10
    Mar 10th
    9 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    10 Files
  • 14
    Mar 14th
    6 Files
  • 15
    Mar 15th
    17 Files
  • 16
    Mar 16th
    22 Files
  • 17
    Mar 17th
    13 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    16 Files
  • 21
    Mar 21st
    13 Files
  • 22
    Mar 22nd
    5 Files
  • 23
    Mar 23rd
    6 Files
  • 24
    Mar 24th
    47 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    50 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    7 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close