NetBSD Security Advisory 2002-001 - A vulnerability found in the ptrace implementation on NetBSD 1.5.* , 1.4.* and CURRENT (prior to January 14, 2002) systems can result in race conditions where it is possible to use ptrace and SUID binaries to execute code with elevated privileges.
e2ceb90aa470a1126631cd2c2ce223394cc423f2b65930b3f1227dd7029eb3b2ICMP Shell is a program written in C for the UNIX environment that allows an administrator to access their computer remotely via ICMP. More info available here.
f7bc22221aa7d982e7e69a1f1ba7bb267744d00b83ca1902191cba9950fb70acchkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, Solaris, and OpenBSD. Tested on Linux 2.0.x, 2.2.x and 2.4.x (any distribution), FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9 and 3.0, Solaris 2.5.1, 2.6 and 8.0.
245625e58aa65c130869fc32a8e8c06888ee940e89fad501cb0ae03bfd778566Mailstation.pl exploits a DoS condition in the Intel eMail station.
f501f204ec204100cb68bc75ae260cad7caa05999ea63ac831eb65e0e1d8e4bfSniffit v0.3.7beta remote root buffer overflow exploit. Requires the admin to be running sniffit with the -L option.
59327ddb76c91e3de271d2d39d73f05e157642374a506dd212cb01e7026276c7FreeBSD Security Advisory FreeBSD-SA-02:07 - The k5su command included with FreeBSD, versions prior to 4.5-RELEASE, and the su command included in the heimdal port, versions prior to heimdal-0.4e_2, use the getlogin system call in order to determine whether the currently logged-in user is 'root'. In some circumstances, it is possible for a non-privileged process to have 'root' as the login name returned by getlogin. You don't actually want that to happen, trust us.
53875598a31417450b640a6ead62cd1ba3c1efd31d8d7e05c0c072b13bc5bca6Attn.tar.gz is a Redhat 7.0 local root exploit which takes advantage of a bug in the at command which allows an attacker to free() user controlled memory. Tested on Redhat 7.0 with the glibc-2.2.4-18.7.0.3 and at-3.1.8-12 packages installed.
68cf6e7dc2b3afc0aa47e66d705351d8b032f2fac0afda3d0b705506d8468181The Avirt telnet proxy v4.2 and below has a remotely exploitable buffer overflow. Tested on Win2k. Strumpf Noir Society
b95135944e65dc824cd0d38a5ed558adbd0ce830e4673f4169c91b2793ff41bdSteghide is steganography program which hides bits of a data file in some of the least significant bits of another file in such a way that the existence of the data file is not visible and cannot be proven. Steghide is designed to be portable and configurable and features hiding data in bmp, wav and au files, blowfish encryption, MD5 hashing of passphrases to blowfish keys, and pseudo-random distribution of hidden bits in the container data. It is able to embed data in BMP, WAV, and AU files.
ff9bc688ec3eb84593723ea25071447f207bcfaa94f53a248ca0096d9e2cc5a5Unichk is a tool for Linux which checks for 224 Unicode vulnerabilities in Microsoft IIS.
45a6db642a8a66e95d9334c8d29873ecda259a67fbb203d5302c66e083806f7e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed