Php-ssl-brute is a php script that uses curl to brute force ssl protected website login screens.
8138deb0f058f8ce8e57f600c7a987e9ee82eef72ee6487cf0caf36b8c3b2b24Microsoft Security Advisory MS02-013 - The version of the Microsoft VM that ships with Internet Explorer version 4.x and 5.x contains a flaw affecting how Java requests for proxy resources are handled. A malicious Java applet can exploit this to re-direct web traffic once it has left the proxy server to a destination of the attacker's choice. An attacker could use this flaw to send a user's Internet session to a system of his own control, without the user being aware of this, then forward the traffic on to the intended destination. Microsoft FAQ on this issue available here.
8c295687f73fa987218731ee8d853453ca72931d7a330e2a088ca03a8bec73f4CERT Advisory CA-2002-06 - Multiple remote vulnerabilities have been discovered in several implementations of the RADIUS protocol. One of the bugs is a denial of service which allows attackers to execute arbitrary code if they know the shared secret. Affected systems include: Ascend RADIUS versions 1.16 and prior, Cistron RADIUS versions 1.6.4 and prior, FreeRADIUS versions 0.3 and prior, GnuRADIUS versions 0.95 and prior, ICRADIUS versions 0.18.1 and prior, Livingston RADIUS versions 2.1 and earlier, RADIUS (commonly known as Lucent RADIUS) versions 2.1 and prior, RADIUSClient versions 0.3.1 and prior, YARD RADIUS 1.0.19 and prior, and XTRADIUS 1.1-pre1 and prior.
0a33e6e8ed0831f06280aed47272fadc8cf4478e6c1f4d4482f36a35747833a2Ntop v2.0 has a remotely exploitable format string vulnerability in the syslog function.
0a6cbe274d2c5b10423d42341985f35bd9654328e67a0f836c5c98578583a426Cobalt's RAQ 4 server has three remote vulnerabilities. The service.cgi script has a cross site scripting vulnerability because it incorrectly parses the incoming searches and includes HTML tags and Javascript in the result. A directory traversal vulnerability allows attackers to read restricted files or passwords and profiles the users. In addition, a very long URL string will crash the service. Exploits included.
5ff610883de6c62b6e21a04a4afd2e050469e4e36cf69e6665831f6d3baaed70Microsoft Security Advisory MS02-012 - The Windows 2000 mail server, Exchange 2000, has a denial of service vulnerability which allows remote attackers to stop the service. Microsoft FAQ on this issue available here.
153a883ababdef694da321c2bf0472884fc0224d83e8a9d48ca3d60c87799db4Microsoft Security Advisory MS02-011 - The Windows 2000 and Exchange 5.5 mail servers have an authentication flaw which allows remote users to send spam. An attacker who exploited the vulnerability would gain user-level privileges on the SMTP service, thereby enabling the attacker to use the service as a mail relay. Microsoft FAQ on this issue available here.
79af169e4d6ac71e1a111e5ec5b5584d6b3e277a9eb407a38f5a63ff072620fePacket Storm new exploits for February, 2002.
ed69a11111642e3b223c9b986d9533726b008bb1153321a113321f53f96bb6b4Apache 1.3.x + php 4.0.6 proof of concept exploit for the multipart/form-data POST requests bug. This exploit crashes the daemon.
4897e0f6a9cd3079e9c2afb645eaaff987ec37ff48d79cea6eb16c6f1c26b858Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.
cc3b61764681686be8c3e715adb04a29ac05b47f6bebb64b9583a9ec4a088a62The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
c604733b221cf15992fc4be7277bbce44eb1dc57d8a1b87d3db28fe0d44d3d40IP Accounter is an IP accounting package for Linux. It collects, summarizes, and nicely displays IP accounting data. Its output can be a simple ASCII table, or graph images. Ipchains and iptables are supported. Logs are stored in files, gdbm, or even a PostgreSQL database.
a3afeb5aebdaaa49e7b56ecea8828b2d96e067556aacd7872fbec7a7fe34bba0ICMP-Chat is an encrypted console chat program that uses ICMP packets. ICMP-Chat uses enigma (crypt) for encryption. It is a peer-to-peer chat program that enables you to hide your chat or to chat through many firewalls.
4a3ec04f141c9a704bcb190947bafe80875b15eeef129610e6e9ab193361743dJohn the Ripper is a very fast password cracker which is available for many flavors of Unix, DOS, Win32, and BeOS. Its primary purpose is to detect weak Unix passwords, but a number of other hash types are supported as well.
0e24f68123f72cf7001de29610336072d3f3d5d4474d5cbabab21159e041d5d7The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
c008eac3d2554dc81f2595d129bb97e0f0e99fb87982471f26d0ea16ce0e1d9a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed