exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 76 RSS Feed

Files Date: 2002-04-01 to 2002-04-30

Nmap Scanning Utility 2.54 BETA 33
Posted Apr 27, 2002
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Screenshot available here.

Changes: This version contains a huge OS fingerprint update - More than 100 added or changed. Applied fix for an important RPC scanning bug and a nasty OS fingerprinting bug. Does not show uptime when obviously spoofed (eg OpenBSD 3.0).
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | d710c16d29c3fa4e2d2a04386cab730494d0118456b7f3e2c25f158f13ef49b7
ms02-021
Posted Apr 26, 2002

Microsoft Security Advisory MS02-021 - Outlook 2000 and 2002 provide the option to use Microsoft Word as the e-mail editor when creating and editing e-mail in either Rich-Text or HTML format. A security vulnerability exists when Outlook is configured this way and the user forwards or replies to a mail from an attacker. This could be exploited by sending a specially malformed HTML e-mail containing a script to an Outlook user who has Word enabled as the e-mail editor. If the user replied to or forwarded the e-mail, the script would then run, and be capable of taking any action the user could take. Microsoft FAQ on this issue available here.

SHA-256 | af9c8675fffa8910762ed27d32e08eb80905d4226158a10cdc3c91975f932db5
FreeBSD Security Advisory 2002.18
Posted Apr 25, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:18 - A programming error in zlib may cause segments of dynamically allocated memory to be released more than once (double-freed), allowing attackers to send specially crafted data to applications that use zlib, crashing the application.

systems | freebsd
SHA-256 | 85e35fe5255d89e2e7899a233f71d3e506322b0209fc2a63fdfa86524f863db8
Wellenreiter-v11.tar.gz
Posted Apr 25, 2002
Authored by Max Moser | Site remote-exploit.org

Wellenreiter is a GTK/Perl program that makes the discovery and auditing of 802.11b wireless networks much easier. It has an embedded statistics engine for the common parameters provided by wireless drivers, enabling you to view details about the consistency and signal strength of the network. Its scanner window can be used to discover access-points, networks, and ad-hoc cards. Records the network location with GPS support. Wellenreiter works on handhelds that can run GTK/Perl and Linux/BSD (such as iPaqs). All the major wireless cards are supported. Random MAC switching when joining a wireless network hides your real MAC to the access point, a unique feature.

Changes: GPS support has been added. It is possible to enable/disable the acoustic beacon indicator. This release uncovers non-broadcasting networks by just waiting until a probe response passes the network (someone joins the network). A new acoustic event has been added for uncovering an essid. There is massive code cleanup and speed improvements.
tags | tool, perl, wireless
systems | linux, bsd
SHA-256 | 1b7fd54fe9783cb5628608cd06f03db29b2a574fe5ce177b9968b69def8f5761
apache_1.3.24.tar.gz
Posted Apr 25, 2002
Site apache.org

Apache is the most popular webserver on the Internet, quite possibly the best in terms of security, functionality, efficiency, and speed. Changelog available here.

Changes: Fixed the security vulnerability noted in CVE-2002-0061 (mitre.org) regarding the escaping of command line args on Win32. Prevented invalid client hostnames from appearing in the log file.
systems | unix
SHA-256 | 2384c1a68f71b699dbecbb2a42da6821a14c0af62ca17d19f32c38fce048eb11
epop.c
Posted Apr 25, 2002
Authored by Cult

This exploit hangs WiredRed e/pop v2.0.3, probably works on all 2.x versions.

tags | exploit
SHA-256 | b8a406b2935f40c49f13e6e3d79fda76022255d9736da36f4610cbda284aaf71
FreeBSD Security Advisory 2002.22
Posted Apr 25, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:22 - Local users can cause the FreeBSD system to crash due to a bug in the virtual memory management system involving a failure to check for the existence of a VM object during page invalidation. This bug could be triggered by calling msync(2) on an anonymous, asynchronous memory map (i.e. created using the mmap flags MAP_ANON and MAP_NOSYNC) which had not been accessed previously, causing the system to crash.

tags | local
systems | freebsd
SHA-256 | 2b5798f47b997adc1c458dfa79cf7e89c9a9e25de047108d39e3bd1df3fe48d5
slrnpull.overflow.txt
Posted Apr 25, 2002
Authored by Alex Hernandez

Slrnpull, which is installed sgid root on RedHat 6.2, contains an exploitable buffer overflow in the -d parameter.

tags | overflow, root
systems | linux, redhat
SHA-256 | 3950879882b96a2f764f65ca4f6bcaf9fe87f1de9f0abfc1ef9d7a26911d5c12
snort4-latest.pdf
Posted Apr 25, 2002
Authored by Aidan Carty | Site entropy.ie

Building an Intrusion Detection System Using Snort - Covers installing RedHat Linux 7.1,Compiling/Installing and configuration of MySql/Apache/ACID/Snort, setup of snort rules, and hardening the machine.

tags | paper
systems | linux, redhat
SHA-256 | 693dd028e38a04d6de3d62c9a3ad6ba8116cefe131f075354424559f93aa6979
k9-setup.exe
Posted Apr 25, 2002
Authored by Oscar Gallego Sendin | Site robota.net

K9 is a Windows tool for passive OS detection. It uses WinPCAP to capture network traffic and a user friendly interface to handle results, fingerprint database, etc.

systems | windows
SHA-256 | d5b528a143b240b7f434edcb491b8360a0ea9025729d569c46b1a251990869ad
nessus-1.2.0.tar.gz
Posted Apr 25, 2002
Authored by Renaud Deraison | Site nessus.org

Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 900 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available here.

Changes: This release has SSL support, better scalability, tons of new features, bugfixes, and more.
tags | tool, remote, scanner
systems | linux, windows, unix, solaris, bsd
SHA-256 | 6c7c2bec7d8f4d2534adca4add2a7868d7b4949eb0d1ce0a890bf58f584ad6b9
psydos.txt
Posted Apr 25, 2002
Authored by Nawok

PsyBNC v2.3 has a problem dealing with oversized passwords, making it possible to tie up all the connection slots and consume a lot of CPU on the server.

tags | exploit
SHA-256 | 0076bdd43e597952dd16a6f401e73eea906e8ced691f051d4aff0d921f56940b
Alcatel.zip
Posted Apr 25, 2002
Authored by Autor Herman | Site bruring.com

Alcatel.zip is a Windows tool for getting the challenge response for easy offline config of an alcatel modem. Often used for "patching" a speedtouch home to pro, as discussed on http://brunning.com.

tags | web
systems | windows
SHA-256 | f0143874eac2d3e8f6c548caad97aa69e3794f842bfec451246d4646bf56953d
NBTEnum12.zip
Posted Apr 25, 2002
Authored by NTSleuth | Site ntsleuth.0catch.com

NetBIOS Enumeration Utility v1.2 (command line version) is a utility for Windows which can be used to enumerate NetBios information from one single host or an entire class C subnet. The information that is enumerated includes the account lockout threshold, local groups and users, global groups and users, and shares. This utility will also perform password checking with the use of a dictionary file. Runs on Windows NT 4.0/2000/XP.

Changes: New enumeration routines, better HTML reporting, support for IP input file.
tags | local
systems | windows
SHA-256 | b27f8b006bb40cc3588e16898307f94b7b74ec285c1a9cb48290f55c86ea3d34
iischeck.pl
Posted Apr 25, 2002
Authored by Filip Maertens | Site filip.compsec.be

Microsoft IIS .HTR heap overflow checker. Determines remotely if patch MS02-018 has been applied.

tags | exploit, overflow
SHA-256 | 52133ff9dadd4573b967bc8fb29cf1e30d48c51d0ca09a8652e9a86b701d1b23
screen-stuff.tgz
Posted Apr 25, 2002
Authored by Gobbles Security

Screen v3.9.11 local root linux/x86 exploit for braille module bug.

tags | exploit, x86, local, root
systems | linux
SHA-256 | 90a3c9a09aff132ce76e2ff92bcfae748992637421e40057034ec7da4b1f6c8f
xpede-4.1.txt
Posted Apr 25, 2002
Site sympatico.ca

Five vulnerabilities have been found in Intellisol Xpede v4.1.

tags | vulnerability
SHA-256 | df4573dff9d2fa48de6f6f395949332bd7564871d9bb839336c57c1974d25c6c
microsoft.dts.txt
Posted Apr 25, 2002
Authored by Peter Grundl

Microsoft Distributed Transaction Coordinator DoS - A flaw in the way MSDTC handles malformed packets could allow an attacker to hang the service and exhaust resources on the Server. If an attacker sends 20200 null characters to the MSDTC service, which listens on TCP port 3372, server resources are allocated poorly. This attack can result in MSDTC.EXE spiking at 100% cpu usage, MSDTC refusing connections and kernel resources being exhausted. This was fixed with MS02-018, although the security bulletin does not mention this vulnerability.

tags | kernel, tcp
SHA-256 | 56dd249e53673e98d3a0139b8cf8aa106a4ee865cfe40d1c24f7be6f85c089c5
fscan.txt
Posted Apr 25, 2002
Authored by Peter Grundl

A format string bug in Foundstone Fscan v1.12 for Windows can result in a malicious service banner overwriting the stack and the EIP on the PC performing the scanning, if banner grabbing is enabled. Fix available here.

systems | windows
SHA-256 | 48240b9faf31846718310f57a76c6e7c7d0a140705f914f460b711509490f1c7
remotefmt-howto.txt
Posted Apr 25, 2002
Authored by Frederic Raynal

How to Remotely Exploit Format String Bugs - A practical tutorial. Includes info on guessing the offset, guessing the address of the shellcode in the stack, using format string bugs as debuggers, examples, etc.

tags | paper, shellcode
systems | unix
SHA-256 | c323add4e7a0e2f2f14ec27d9d50002992564b1d0be3d391722da88350a25a83
FreeBSD Security Advisory 2002.23
Posted Apr 25, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:23 - Setuid or setgid applications can be used for privilege elevation due to insecure handling of stdio file descriptors on FreeBSD releases up to and including 4.5-RELEASE. It is known that the 'keyinit' set-user-id program is exploitable using this method. This vulnerability was discovered by Joost Pol.

systems | freebsd
SHA-256 | 8f69bc483a1458f7d54a29d27b77175fcbf84e8323830e08f06dd00c8fae39cc
evelyne.sh
Posted Apr 25, 2002
Authored by netric, Atje | Site netric.org

Local root exploit for the "Suid application execution bug" (< FreeBSD 4.5-STABLE) that was discovered by Joost Pol from Pine.

tags | exploit, local, root
systems | freebsd
SHA-256 | f0a04ead1fe242bd1e5e26bb4bf52e05952b5a51e90dc885185f96487aee999d
php.nuke.cross-site.txt
Posted Apr 25, 2002
Authored by Rodrigo Gutierrez | Site trustix.com

PHP Nuke v5.5 contains 8 new and 9 old cross site scripting vulnerabilities.

tags | php, vulnerability, xss
SHA-256 | 173016f49f065ea15a0ca8293cbecbab43159ab44acc35b53ecd704c5c82556a
iosmash.c
Posted Apr 25, 2002
Authored by phased

Iosmash.c is an exploit for the stdio kernel bug that resides in all releases of FreeBSD up to and including 4.5-RELEASE. The exploit uses keyinit, which is part of the S/key package, to create 5 valid root passwords that give instant root access trough S/key.

tags | exploit, kernel, root
systems | freebsd
SHA-256 | 6a6a5e8af30ab97b224a0e42ecc45ae27efc070689420d081e0ef24f01aa745c
ettercap-0.6.5.tar.gz
Posted Apr 24, 2002
Authored by Alberto Ornaghi, Marco Valleri | Site ettercap.sourceforge.net

Ettercap is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining an established TCP connection! Integrated into a easy-to-use and powerful ncurses interface.

tags | tool, sniffer, tcp
SHA-256 | 00e2039ce39eaa1f26eec0a2fa1fc59bbbea538c735f08f3aa80060548c860fb
Page 1 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close