The Phusion Webserver v1.0 for Windows 9x/NT/2000 contains three remote vulnerabilities which allow users to see and retrieve any file on the server. Exploit information included.
803f44e633274876ffbcfb29b2146327c1f1601a0dfad1a62a327fe9914c10b2Win32 port of RATS v1.3, a security auditing utility for C, C++, Python, Perl and PHP code. Source available on homepage. Added recursive directory scanning while porting.
6cd4590bbf81dfb9a02353d40417f518f8b432a5d29fa31ef218ffa0e478d1c6Microsoft Security Advisory MS02-006 - A buffer overrun is present in all implementations of Microsoft SNMP services. Sending a malformed management request to a system running an affected version of the SNMP service, an attacker can execute code of his choice in the LocalSystem context or cause denial of service. A patch is under development to eliminate the vulnerability. In the meantime, Microsoft recommends that customers who use the SNMP service disable it. Microsoft FAQ on this issue available here.
7304dc6744937a8448ea65ff5c97d203fcd636643ccba425a0f43e66c631932fMicrosoft Security Advisory MS02-005 - A cumulative patch for IE 5.01, 5.5, and 6.0 is available which fixes six security vulnerabilities. Several of them are very serious. Microsoft FAQ on this issue available here.
9b54f193cdc4f9515a07af66bb266947fd08b7e3b1aeb50eb5602e169c5e760cPatch against samba 2.2.2 which allows mounting of unpatched win 9x+me machines without knowing the password. There is an option to retrieve the password very quickly too, and another to switch between the two password if both read only and read-write ones are presents.
abb2ee0f8ddd2bad2811f283572a75c9f79c45d05546be94f9919f5d6ec132aeNSAT (Network Security Analysis Tool) is a fast, stable bulk security scanner designed to audit remote network services and check for versions, security problems, gather information about the servers and the machine and much more. Unlike many other auditing tools, it can collect information about services independently of vulnerabilities, which makes it "timeless", meaning it doesn't depend on frequent updates as new vulnerabilities are found.
f229b7ddb5745a46d6b3ba6917503f79c7fde08d0df8fb0fb1473e5ab06b17fcSNScan v1.04 is a Windows GUI SNMP detection utility that can quickly and accurately identify SNMP enabled devices on a network. This utility can effectively indicate devices that are potentially vulnerable to SNMP related security threats. SNScan allows for the scanning of SNMP specific ports (e.g. UDP 161, 193, 391 and 1993) and the use of standard (i.e. "public") and non-standard (i.e. user-defined) SNMP community names. User defined community names may be used to more effectively evaluate the presence of SNMP enabled devices in more complex networks.
25db527b88761f7b1fe8253afd030667ba1828c7602d33bfc118f16416509e9aWmap v1.2 is a cgi scanner that attempts to be smarter than most. To increase the chance of finding useful stuff, wmap has a file containing interesting Directories (dirs.db) and other file containing common cgi dirs (dircgis.db) to search for. If a directory is found is added to the test. This include all the directories that are found in the html tags. For each directory found, not only scans for vulnerable CGI's (cgis.db) it scan for interesting files (ex. passwords.tmp) included in the file (file.db) and does an http PUT scan.
9401723e6a8fa8cef94bcdef5cc3e81baf2fd849c83c526c353df37664fcb743Avirt Gateway 4.2 remote exploit.
c7c71b607fa45cf484a658d01ea6310238e1dd14cda3695bca1c9028168cf405Ettercap v0.6.3.1 and below advisory and remote root exploit against Linux. Due to improper use of the memcpy() function, anyone can crash ettercap and execute code as root user.
0707e613e12873f42925d43ba22b3e2a53a3329febbdea8c7110ba8cc31f4e41Zlister is a UNIX system administration tool designed to provide comprehensive filesystem management. The complete filesystem is listed, compressed, diff'd with the previous set and stored for reference. Time-saving tool, designed to quickly list the details of any file/directory, or of any pattern searched for. Provides comprehensive tool for filesystem searching. Supported with copious documentation. Tested on Solaris, HP/UX, and Linux.
833b6bce344a81b6b54db7a0118b83bbf591c2b1bb6c0681c7a94eabc3daa706This is a kernel patch to prevent stealth, fin, and rst scans. Also slows down the tcp connect scan. Tested on debian potato running 2.4.16. Tested with nmap and queso - Changes OS fingerprint.
34dc5fef83c2a347dc0f9e61a28b304f44dd7ead8a44a36b2bf875b32880c4a0Domino Hash Breaker v1.0 is a tool that tries to guess a Lotus Domino HTTP password from his hash and a dictionary file. It needs Lotus Notes R5 client installation and nnotes.dll.
6ffe6b4d13ef659fc146b7ce4167173e4c037d1dc3cf2705bafc99210557c714Ettercap is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining an established TCP connection! Integrated into a easy-to-use and powerful ncurses interface.
2e5e1b6e1ccae2dd9cb8c61834b5261e022625336f213b52edcf49bc2ce2ca60FreeBSD Security Advisory FreeBSD-SA-02:11 - ucd-snmp/net-snmp remotely exploitable vulnerabilities. The Net-SNMP (previously known as UCD-SNMP) package is a set of Simple Network Management Protocol tools, including an agent, library, and applications for generating and handling requests and traps. The Net-SNMP port, versions prior to 4.2.3, contains several remotely exploitable vulnerabilities which includes SNMPv1 request and trap handling in both managers and agents.
a695d1e35a3555f83b9d23ae5c4a7df964abe0ac453434ab6954eb289cc8d84bRUS-CERT Advisory 200202-01: Temporary file handling in GNAT. The run-time library of the GNU Ada compiler (GNAT) handles temporary files in an unsafe manner. The impact depends on the application creating the temporary file. It ranges from temporary to permanent denial of service, from data eavesdropping to system compromise. All POSIX multi-user systems running GNAT-compiled binaries which use Ada language facilities for creating temporary files are affected. The following GNAT versions are known to have this defect: GNAT 3.12p, GNAT 3.13p, and GNAT 3.14p.
178cc98c4759139f8780406a94fc64741ca13957b53dbc9a0f76ec4f9a7ddd21CERT Advisory CA-2002-03 - Multiple vulnerabilities have been discovered in various Simple Network Management Protocol (SNMP) implementations. These vulnerabilities may allow unauthorized privileged access, denial-of-service attacks, or cause unstable behavior. It is urged that administrators turn off SNMP altogether if it is not currently necessary. Research and discovery made by the University of OULU.
89a7c63a1e39898658787058aa9492ce71bd791a973e34c9d9294c8fbb3cc5aeFTP-Bruteforcer is a quick perl program to brute force FTP accounts. You can switch off ping, it loggs each password even when the session is aborted, it creates automatically a log in your $HOME. It also has a status report on tty8, which shows you the user-pass combination the script checks.
0f489116e7201d5db4c9b1672b32b1e4fa17cf51d3575c563286e9e50c8dd1d8SilentLog is a keystroke logging tool that runs under several Windows 32 versions (it should also run under NT). The best of it's features is it's small size: only 7 KB compiled. (But it's NOT a DOS program, it uses 32Bit-Windows). The source code (FASM assembly syntax) is included. The executable also contains a DLL which it recreates when loaded. (So the real sizes are 3 KByte executable and 4 KByte for the DLL). The program logs all standard keys (the return key is also processed correctly). See Readme.txt included.
611302bf5d88d929ce00083fb98a64dc814d02f9a5e2f4864a056fed03cc6c87Morpheus request share files denial of service exploit.
91c20978fc47e509b6294dfef55aef106bca0c7b2e21ba8d86f9a9024fee5185LKH is a very powerful and documented kernel function hooking library running on Linux 2.4/x86 . The code has been explained and the API described in Phrack #58 : Linux x86 kernel function hooking emulation. It Supports functions with or without frame pointer, you can enable, disable the hook, access in rw mode the original function parameters, set as permanent or singleshot hijacking, and be discrete or aggressive.
16c7ed9d936ee524ab55a4a97c5e3ce75a22f7ef153579eaf81e0fc3edbec54bMicrosoft Security Advisory MS02-004 - The Windows 2000 telnet server contains an unchecked buffer which allows remote code execution. Interix 2.2 is also affected. Microsoft FAQ on this issue available here.
84cfd0d73087f0165d71800210a169f606ec422d5815d56325b8b67aa75c9d32Microsoft Security Advisory MS02-003 - A flaw in Microsoft Exchange 2000 allows remote users to remotely access configuration information on the server. Specifically, this flaw inappropriately gives the "Everyone" group privileges to the WinReg key. This key controls the ability of users and groups to remotely connect to the Registry. Microsoft FAQ on this issue available here.
f8bc960bb1e8f246f305d98706924b5d465d40858a6425ddddfb81e122f92f85Microsoft Security Advisory MS02-002 - Malformed Network Request can cause Office v. X for Mac to Fail. Office v. X contains a network-aware anti-piracy mechanism creates a denial of service vulnerability. An attacker could use this vulnerability to cause other users' Office applications to fail, with the loss of any unsaved data. An attacker could craft and send a special packet to a victim's machine directly, by using the machine's IP address. Or, he could send this same directive to a broadcast and multicast domain and attack all affected machines. Microsoft FAQ on this issue available here.
3c1e389bcb9376114388761c54ab7b5eb1177fdfb8123d981f8dca88c3cd1426Proof of concept exploit for the buffer overflow vulnerability that exists in the nick handling code of mIRC. This exploit works with mIRC version 5.91 which is the latest version that is affected by this vulnerability.
957bf70f6116314b5806d74de9c7b2cd9e687d65688b24535d1ea8dcad75616d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed