Patch advisory for Sun Microsystems. Please read for details.
7b81d7b40500ef7fc1b31b126879e07d10216118ce7b0486b1fc89745f9819b1Solaris 8 libsldap local root exploit. Tested on an Ultra10 and an Enterprise 3500 with success.
703e2effcab17ca46f0f0820fae8e927c45ac8cfb996d67be8fc666421a7a8f2ISS X-Force has discovered buffer overflow vulnerabilities in two popular Remote Authentication Dial-In User Server (RADIUS) implementations. RADIUS was originally designed to manage user authentication into dial-up terminal servers and similar devices. It has since been used as a standard for access control and user authentication for numerous Internet infrastructure devices, including routers, switches, and 802.11 Wireless Access Points.
d5d80e70fd98ab61af0a31f821187d5887d6b3bb8563e79b3a40554e82a4ba19Microsoft Security Advisory MS01-037 - The Windows 2000 SMTP service, which is installed by default, allows unauthorized users to successfully authenticate to the service using incorrect credentials. An attacker who exploited the vulnerability could gain user-level privileges on the SMTP service, thereby enabling the attacker to use the service and perform mail relaying via the server. Microsoft FAQ on this issue available here.
7d3ed4b66cfeab0d4a76065bf994f2e1498f2676ac11b99f097bc2f915034245Georgi Guninski security advisory #48, 2001 - There is local root compromise in FreeBSD 4.3 due to design flaw which allows injecting signal handlers in other processes. Includes vvfreebsd.c, a local root exploit.
7713d19bc24aa7a9762066afdba62b29c53aa85272d88cc6bfb733c93872c401Georgi Guninski security advisory #47, 2001 - OpenBSD 2.8 and 2.9 have a race condition in the kernel which leads to local root compromise. By forking a few process it is possible to attach to +s pid with ptrace. Includes vvopenbsd.c, a local root exploit.
4688ad1afc259ebe9475d2938db6a97bb4b7bba11539103d8d09c14ea9d0232dStMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.
33b2a82b72ad4b69da6a97ec42e2075330adf82b34899f654194adb5c628dd98Tstot.c is a remote exploit for xloadimage for Red Hat 7.0. Xloadimage is a Netscape 4.77 helper application with a buffer overflow vulnerability. Binds a shell to a port. Fix available here.
7c5e9b0f582f8b9f8069d43e9559a992dd4b582e20d60a2d78d0443ffbdce520Cayman routers allow remote access by using } as the username.
a17e1c26d5bd70627c96f7b43f1922e3ad836ea6c06226251e575bf5202ffa13Cisco Security Advisory - Vulnerabilities in Cisco SN 5420 Storage Routers. Two vulnerabilities have been discovered in Cisco SN 5420 Storage Router software release up to and including 1.1(3). One of the vulnerabilities can cause Denial-of-Service attack. The other allows unrestricted low level access to the SN 5420. The vulnerabilities are exploited via TCP ports 514 and 8023.
1afc76ae5c67cd4b32febcfd4b2c0a11ec83ff017303afaec985ba49773f15b2Cfingerd v1.4.3 and below Linux/x86 local root buffer overflow exploit.
5e415ed8282123a93e68f4a857a9f0ce4671a2b5267122c13f0a903a573d4994IBM db2 for Windows (98/NT/2000) is vulnerable to a simple remote denial of service attack via db2ccs.exe (listening on port 6790) and db2jds.exe (port 6789).
6c5296f9d72c17968922f22da1b6375455027b8746c894c2b6b6df7b0c2ccf53Cfingerd v1.4.3 and below local root buffer overflow exploit in perl. Exploits <a href="http://www.securityfocus.com/archive/1/192844"this</a> vulnerability.
7b79ae13d85cacf1b8ce314ae39684e5ad6ef29d9488a23ca3c28dde72ba702fMcAffee's MyCIO directory traversal vulnerability - Any machine running McAffee Agent ASaP VirusScan Software is vulnerable to a remote vulnerability which allows any file on the machine to be read. This software incorporates what is known as "Rumor Technology" that facilitates in the transfer of virus definitions between neighboring machines. This agent software runs as a service ("McAfee Agent") under the local system account and uses a light weight HTTP server that listens on TCP port 6515. Exploit URL included.
1345f062edc025c7dde3a594f427338427b307283d4fb5cae989577e8ec98887Cfingerd v1.4.3 and below remote root exploit. Slightly broken. Exploit redirects fopen() call to popen() and executes code from ~/.nofinger.
071f4a1a2ce57b1bfa0e3867ce11912d46f52d364d1efbfd8b9ae3b75029765bkeyanalyze is a program which analyzes keyrings in the OpenPGP format (PGP and GnuPG), looking at properties of connectivity to generate strongly-connected set analysis, as well as some arbitrary statistics including a "mean shortest distance" calculation to show the most connected keys.
4a30e3807cfb7931365b887feeaa68c234db239f0730ba074cb477c2c9cda851qDefense Advisory QDAV-2001-7-1 - Multiple CGI Flat File database manipulation vulnerability. Many CGI scripts store data, including passwords, in a flat file database, using special characters as field and row delimiters. An attacker is often able to manipulate these databases by inserting extra delimiter characters.
3adbc5bc17ca8d7fbb204c38878615f26bac047bfa7c0f36cb2770033770699fTcpip_lib V3.2 is a library for Windows 2000 which allows constructing custom packets, IP spoofing, attacks, and more. It uses sockets 2 and opens up a raw socket, allowing you to send raw IP headers, do IP spoofing, and play with the nuts and bolts of networking protocols.
d1dd00080f296ca1975e03f5d57ada157ca8c4722ecc6b6c856d2b784baac8f9InaddyScanner is a port scanner that uses pthreads, and can scan 500 ports in 10 seconds in a good connection (112 kbp/s). Using the MIT-pthreads library and GTK, it includes a friendly interface with advanced stuff for scanning.
3044e978b06f68cd972cd6879166d21290e83e9f74eac29245504e8771b2f4baKnight.c Knight is a distributed denial of service client that is very light weight and is very powerful. It goes on IRC and joins a channel, then accepts commands via IRC (to prevent from getting caught). It has features like, an automatic updater via http or ftp, a checksum generater, a syn flooder, a tcp flooder, a udp flooder, slice2, spoofing to subnets, and more. This program has been used to create DDoS nets of over 1000 clients.
21ad07db066936bcec2b7118ae378bf626ab22dd9dc92cc85a6f1b74dca8339eStMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. This is a experimental version, and a spin off from the Saint Jude Project.
a0d290b17442053787c6652f23397b32b04e3066b225c9bafc040f367dd857d5InaddyScanner is a port scanner that uses pthreads, and can scan 500 ports in 10 seconds in a good connection (112 kbp/s). Using the MIT-pthreads library and GTK, it includes a friendly interface with advanced stuff for scanning.
c870983583afa8034f6debaa6a2612d8e13e5c4706740d64880006cee9264176Logs2Intrusions v1.0 parses IIS or Apache web server logfiles then create possible intrusions report.
3f40f66b2115df1396b1b9a360d57330fab28da0db21fcf67fe7e9a5375dd39dIRPAS is a suite of routing protocol attack tools which sends custom routing protocol packets from the unix command line. It is very useful for searching for new routing protocol vulnerabilities. Included is a tool for sending Cisco Discovery Protocol (CDP) messages, one for injecting IGRP routes, and a scanner for IGRP autonomous systems. Documentation available here.
137b8a73f18383a037c5e6af51cfe6d29c72f38628bd5ce38f1864cf91a8e559Stealth HTTP Security Scanner 1.0 build 29 - Checks for 5677 CGI vulnerabilities. Run on Win32 and Linux under Wine. Free.
dfd5a362ab45ee605e5c6e601ae5eba7ed6f320e00d9ca8c260e2a5fa4e44f92
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed