Shield is an aggressive, modular firewall script for iptables which features easy configuration through a BSD-style configuration file, optional NAT support, TCP-wrapper-like functionality for service access, port forwarding, routable protection, DMZ support, and more.
6e0b151af609001d14d4d8c76be5d1c72f2dfd20baa39f8b89a53cd1c49026f0Serial Line Sniffer is a serial port logging utility. It listens to the specified serial port and logs all data going through this port in both directions.
87fe73581a4c74f6b432f345a1eec6e34037c6f08ebd20753a818eed18c92e08fwmon is a firewall monitor for Linux which integrates with ipchains to give you realtime notification of firewall events. It has fairly customizable output, allowing you to display a packet summary, hex, and ascii data dumps to stdout, a logfile, or tcpdump-style capture files. It also boasts some simple security features such as the ability to chroot itself, and does not need to run as root.
09f707cab121a67dc9422dc939f863acbd2bcc94a414d389b3be0603120b9fb7Hylafax (/usr/libexec/fax/hfaxd) format string local root exploit. Tested on hylafax-4.0pl2-2.
27326b522b9dab8a30cd201131238bab6559ce649d75129f48fd4a1556aa0ffeSentinel is a fast file integrity checker similar to Tripwire or ViperDB with built in authentication using the RIPEMD 160 bit MAC hashing function. It uses a single database similar to Tripwire, maintains file integrity using the RIPEMD algorithm and also produces secure, signed logfiles. Its main design goal is to detect intruders modifying files. It also prevents intruders with root/superuser permissions from tampering with its log files and database.
5fd4cedb481fb37ba5e0c4cedf76af09d5bb6fd958d27a817f21132886c5c9a1This patch integrates SecurID authentication services directly into the OpenSSH daemon, allowing users to use SecurID tokens directly as their passwords instead of relying on the clunky sdshell.
8c85de6b8d937a46c60b6fad37711f51d73f43cd096bed407e03d37ddd76ffe9IRCR is a collection of tools that gathers and/or analyzes forensic data on a Microsoft Windows system. You can think of this as a snapshot of the system in the past. It is similar to TCT by Dan Farmer and Wietse Venema, as most of the tools are oriented towards data collection rather than analysis. The idea of IRCR is that anyone could run the tool and send the output to a skilled Windows forensic security person for further analysis.
e0179a471c10435d540525a98e8a6c71a962a84a61aab8615d91c7f78a95e659IIS Unicode graphical exploit for Windows. This is an updated version of Unisploit1.0-FireLust which has more cool stuff.
7001b497fb792bdfb74ef2a47fefe2e51fb5b4b9c317143fd9521347b0356319Ubt-Scan is a simple extensible vulnerability scanner written in perl. Includes some external exploits.
8fceb8d4ce40c0d4ab8ba10ca2da2ac254f05a1b0ad4b76887f1fc8e21a17672ADMgetip.c
4cb93903b49c02f60fab9cba73cbd8b7c9699a172e0b77e39bb982d347b02741FreeBSD Security Advisory FreeBSD-SA-01:38.sudo - The sudo port, versions prior to sudo-1.6.3.7, contains a local command-line buffer overflow allowing local users to gain root privileges on the local system.
ee17e318cbfabdca5e6419afbcd93bf8c6e4b3fa76924d4ad7175977535f0963FreeBSD Security Advisory FreeBSD-SA-01:37.slrn - The slrn port, versions prior to slrn-0.9.7.0, contains a buffer overflow in the wrapping/unwrapping functions of message header parsing. If a sufficiently long header is parsed, a buffer may overflow allowing the execution of arbitrary code contained in a message header as the user running the slrn program.
10eadabec9a8b1d16ad4939869c7126222596ddd4abf6d163d490a36532df582FreeBSD Security Advisory FreeBSD-SA-01:36.samba - The samba ports, versions prior to samba-2.0.8 and samba-devel-2.2.0, contain /tmp races that may allow local users to cause arbitrary files and devices to be overwritten. Due to easily predictable printer queue cache file names, local users may create symbolic links to any file or device causing it to be corrupted when a remote user accesses a printer. In addition, the file will be left with world writable permission allowing any user to enter their own data.
83fe638951363ccd0063fc9691856f2ac00bfa75e1104a56acf4148f8d68d5c3FreeBSD Security Advisory FreeBSD-SA-01:35.licq - The licq port, versions prior to 1.0.3, contains a vulnerability in URL parsing. URLs received by the licq program are passed to the web browser using the system() function. Since licq performs no sanity checking, a remote attacker will be able to pipe commands contained in the URL causing the client to execute arbitrary commands.
aaa396a811cf768bab9589ce4c8251c23bc9dac97e476c3e35b94efa6a51e522FreeBSD Security Advisory FreeBSD-SA-01:34 - The hylafax port, versions prior to hylafax-4.1.b2_2, contains a format string bug in the hfaxd program. A local user may execute the hfaxd program with command-line arguments containing format string characters, gaining root privileges on the local system.
e2e3043bd622200fe9ab2ce74472e03447529ab973b612d2bc4f89be0afbfad5NMAP NT - eEye originally developed Nmapnt for Windows NT/2000 and had made it available in the past for download. Recently, eEye security no longer makes this program available and there does not seem to be any mention of anywhere else. No installation needed. Requires packet capture drivers, available here.
9ef4874e10534cb7a123df8e2da277b5b26d25f6239b7af35874824068d68b8dDrivers needed to get Nmap for NT to work.
9e898fe9fee72f5275627bc4268072d508320b5a6000176d3df7c6bc25d796d8Debian Security Advisory DSA-050-1 - The saft daemon 'sendfiled' dropped privileges incorrectly allowing local users to execute arbitrary code under root privileges.
d9bd5948da66d174226338dfd12fad63a17fc8ac455f311a4a83013e7f02c069Debian Security Advisory DSA 051-1 - The Netscape browser does not escape the GIF file comment in the image information page. This allows javascript execution in the "about:" protocol and can for example be used to upload the History (about:global) to a webserver, thus leaking private information. This problem has been fixed upstream in Netscape 4.77.
d245c1b069c66fda15f817b49e426623e5b1c185f8661043593be04be789060dThe MSEC single-user patch disables the ability to boot into single-user mode under OS X. If this patch is not applied then anyone with physical access to the Mac OS X machine can gain root access easily by holding down the command and s keys at startup. The patch disables this by installing a modified version of /sbin/mach_init. The patch does NOT backup the insecure version of /sbin/mach_init so if for some strange reason you want to revert to the insecure copy of mach_init you must restore that file from your own backups. If you have any questions check our website at http://www.msec.net or email support@msec.net.
608ab66a3bdace92d180a2bce3e621367db4fbed4a386c2c3d85293c863151afSecurax / Hexyn Security Advisory #19 - FTP Server Denial Of Service tested on Serv-U FTP Server, G6 FTP Server and WarFTPd Server. The servers will freeze for about one second, and the CPU usage will go through the roof. Includes perl exploit.
2d2c1f7da07480b818ba73c4939a20bb83cb1d28705c9d63c332c2c8acb5f5feSecurax / Hexyn Security Advisory #18 - Savant WWW Server is an HTTP server for Windows 9x/NT. A bug allows any user to change to any directory, and in most cases, execute MS-DOS commands.
6f737629eeb7c998b7477e842ffe7e837b20a277e54d231e927e0c33aa58dc9bSecurax / Hexyn Security Advisory #17 - Bison FTP Server is an FTP server for Windows 9x/NT. A bug allows any user to change to any directory.
51cbeefe5885ffa571c47f49a694aff56ebe3391b705e2d1ab287c0dd17fcb5aSecurax / Hexyn Security Advisory #16 - G6 FTP Server is an FTP server for Windows 9x/NT. A bug allows any user to change to c:\ and sub directories.
43d9198ebb5fa6616439c99764fe5b23245afb02e05b085d7cf0550c2d427b77CST contains a script scanner, that scans using a database of scripts (user editable). The sample databases included contains +700 possibly vulnerable scripts/dirs. You can scan with or without a proxy server. The scanner has 11 different Anti-IDS tactics (hex-values, double slashes, self-reference dirs, parameter hiding and session splicing), and sends fake "X-Forwarded-For:", "Referer:" and "User-Agent:" headers to hide your scan even more. You can also specify a wait time between 2 script fetches. The scanner uses HEAD requests instead of GET for faster scanning, and has support for scanning virtual hosts. You can also specify another port to scan instead of the standard port 80. The scanner outputs the scripts/dirs that return a 200, 403 or 401 HTTP code and outputs the webserver software. A full and comprehensive manual is included.
856e57db08f283a0a2df8d4ec62c30581e58231f2d536f8fafceed1d15ed67a1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed