exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 161 RSS Feed

Files Date: 2002-05-01 to 2002-05-31

Posted May 20, 2002
Authored by Thor Larholm | Site jscript.dk

IE 6sp1 for Windows 2000 and 98 has bugs in the showModalDialog and showModelessDialog methods of displaying dialog boxes which can be used to execute arbitrary commands. Most unpatched IE and Outook installations are vulnerable. Online demonstration exploit MS02-023, but IE 5.5 and 5.0 are still vulnerable.

tags | exploit, arbitrary
systems | windows
SHA-256 | adc13976e792486d71a781d3724cb4456937c63b31fb36bdbe418a967f248f48
Posted May 20, 2002
Site sysdlabs.hypermart.net

Psf (Process Stack Faker) attempts "hide" UN*X processes (those seen by "ps auwx" & "top") without having root. Tested on FreeBSD 4.3, Linux 2.4, NetBSD 1.5, Solaris 2.7.

tags | tool, root, rootkit
systems | linux, netbsd, unix, solaris, freebsd
SHA-256 | ffd5499ea1acc668c21132d2d2b62372eee0fee6a248e80beefaf9b2255d496c
Posted May 19, 2002
Authored by Gerald Combs | Site ethereal.com

Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here. Now includes a brand new NetWare Core Protocol dissector. Several bugs were fixed and support for new protocols was added, including AFP, AODV, ASAP, ASP, ATP, DCCP, LMP, M2UA, and WebDAV (HTTP).

tags | tool, web, sniffer, protocol, asp
systems | unix
SHA-256 | 6e8b86b17cefe3c4b762179fffaedaea98948dfcad366fdf1750976457a009cc
Posted May 19, 2002
Site sourceforge.net

SmtpRC is a fully configurable, multithreaded open mail relay scanner which supports scanning of IP blocks and can print the results to a Web page. It is intended for Systems Administrators to check IP blocks under their control.

Changes: Added a function to to DNS lookups and fixed a bug where it would sometimes SEGV while checking mail.
tags | web
systems | unix
SHA-256 | 48d4a526b72403290f253647441942b2ec61149ea1cdae8ccbdeb08d001e1342
Posted May 19, 2002
Authored by Balazs Scheidler | Site balabit.hu

Zorp is a proxy firewall suite which allows the administrator to fine tune proxy decisions (with its built-in script language), and fully analyze complex protocols (including SSH with several forwarded TCP connections, or SSL with an embedded POP3 protocol). FTP, HTTP, finger, whois, and SSL protocols are fully supported with an application-level gateway.

Changes: Bugfixes and very few new features.
tags | tool, web, tcp, firewall, protocol
systems | unix
SHA-256 | 59490e1d34e1dcc5df27ac8da8680d5d7db1622e90c2b960eec8a809c14acbc4
Posted May 19, 2002
Authored by Boris Wesslowski | Site kyb.uni-stuttgart.de

Fwlogwatch analyzes the ipchains, netfilter, iptables packet filter, and Cisco logfiles and generates text and HTML summaries. Features realtime anomaly alerting capability, an interactive report generator, and the ability to cut off attacks by adding firewall rules.

Changes: Modified output functions to improve portability.
tags | tool, firewall
systems | cisco, unix
SHA-256 | 4f5868cff5f1d2202af74ca8e89b1fc517da7d56bcdfe51d01bb9ef9c19343b9
Posted May 19, 2002
Site qmail-scanner.sourceforge.net

Qmail-Scanner, (previously known as scan4virus) is an addon that enables a Qmail Email server to scan all gatewayed Email for certain characteristics. It is typically used for its anti-virus protection functions, in which case it is used in conjunction with commercial virus scanners, but also enables a site to react to Email (at a server/site level) that contains specific strings in particular headers, or particular attachment filenames or types.

Changes: Now supports SpamAssassin 2, there are configure improvements, NULL has been added to the list of chars to treat as hostile, there is shrink compression support, the "Clear" message can now include "scoring", and documentation improvements.
tags | virus
systems | unix
SHA-256 | 29cde40716da54b1ba0db3f4ff882cd452424a28031857aba6fef1346de7a22e
Firewall Builder With GUI
Posted May 19, 2002
Site fwbuilder.org

Firewall Builder consists of object-oriented GUI and set of policy compilers for various firewall platforms. In Firewall Builder, firewall policy is a set of rules, each rule consists of abstract objects which represent real network objects and services (hosts, routers, firewalls, networks, protocols). Firewall Builder helps user maintain database of objects and allows policy editing using simple drag-and-drop operations. Firewall Builder can be used to manage firewalls built on variety of platforms including, but not limited to, Linux running iptables and FreeBSD or Solaris running ipfilter.

tags | tool, firewall, protocol
systems | linux, solaris, freebsd
SHA-256 | bd1de4f797427a5349fc42bbbdf410addd12428fe4a2639aa72371c2b956adf0
RNmap 0.7
Posted May 19, 2002
Authored by Tuomo Makinen | Site sourceforge.net

Remote Nmap is a python client/server package which allows many authorized clients to connect to a centralized nmap server to do their port scanning. This could be useful for security companies who want to have all their scans come from a dedicated machine.

Changes: More portability - no need for Python compiled with threads, a new -c commandline switch for console client that makes it possible to specify a file which contains username, password, server, and port information, fixed scan abortion (now interrupts scan), and changed the TCP port number to 3418.
tags | tool, remote, nmap, python
systems | unix
SHA-256 | 53983633d05cd8c595dc6b2176cc627bb812846757eaf68fcef54e014d83c4b3
Posted May 19, 2002
Authored by Michal Zalewski | Site razor.bindview.com

Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.

Changes: Includes a new utility called dress which reconstructs symtabs in ELF static stripped binaries, and write new ELFs suitable for use with gdb, objdump, nm, etc, and other minor improvements.
tags | protocol
SHA-256 | f3e73051c8780f7ebb6d3106fec7d584c33baff1a3a3aa5e831467983b03a4a6
Posted May 19, 2002
Site cisco.com

Cisco Security Advisory - The Cisco Content Service Switch (CSS) 11000 series switches are susceptible to a denial of service attack caused by a soft reset due to improper handling of HTTP POST requests to the web management interface.

tags | web, denial of service
systems | cisco
SHA-256 | e29943737ca226061c14b1b2491f2630dacbeff69249ba2082bc21be47222621
Posted May 19, 2002
Site cisco.com

Cisco Security Advisory - Cisco Cache Engines and Content Engines provide a transparent cache for world wide web pages retrieved via HTTP. The default configuration of the proxy feature can be abused to open a TCP connection to any reachable destination IP address and hide the true IP source address of the connection allowing for anonymous port scanning, dos attacks, spam, etc.

tags | web, tcp
systems | cisco
SHA-256 | 90dda9032936ddaa76e20df2b74ee75c7232797f81c592acdd20f58b6db84f78
Posted May 19, 2002
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Now supports a "sshd" user! Also includes code cleanup and PAM enhancements. Full changelog available here.
tags | encryption
systems | linux, openbsd
SHA-256 | d4632762d732834c6d5d536b3bd1e906e6ac0119d08bd24f775fe32a393b2de1
Posted May 19, 2002
Authored by SuSE Security | Site suse.com

SuSE Linux security advisory SuSE-SA:2002:018 - A buffer overflow that allows remote code execution has been found in the code used by Lukemftp to process information returned from the PASV FTP command. Lukemftp is the standard ftp client in /usr/bin/ftp.

tags | remote, overflow, code execution
systems | linux, suse
SHA-256 | 7c7016461f31b2c17ff9ef92c9ea6a3b7f1866c0f809f7be06301dba36e585b5
Posted May 19, 2002
Site dimlight.org

Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks inetd entries and looks for unneeded RPM packages. It is being expanded to work with Linux distributions other than Red Hat, and checks for kernel versions.

Changes: Fixed a false negative in checkinetd module, now always finds inetd.conf and xinetd.d files, fixes for a tempfile problem in checkset module and the sticky dir check, and cleanups to typos and output.
tags | kernel
systems | linux, redhat
SHA-256 | df124e1c78ead003f5b8af1a4ad047f887cbd6b4541aa532717789a87e33e29a
Posted May 17, 2002

I know how to take meat away from a dog. How do I take a dog away from meat? This is not, unfortunately, a joke.

systems | unix
SHA-256 | c7f89f29d7da757ca84d7f26d7624d026f4bbf38e9c8fcb52f17e9670eab783f
Posted May 17, 2002
Authored by Mayhem | Site devhell.org

Linux Kernel Hooker library (LKH) version 1.1 (the subject of an article in phrack #58) provides a general purpose hooking interface with easy to use C primitives. It allows you to Hijack a kernel function, Add up to 8 callbacks for the function, Access the original parameters and modify them (retroactive changes), Add or remove a callback when you want, and more. Available for kernel versions 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.10, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, and 2.4.18.

tags | kernel
systems | linux
SHA-256 | 803bdaeb7ed2a10b053826d87231306f31f5fc0f0193613ae6bf7613d1ff4f7a
Posted May 17, 2002
Authored by Dark Angel

Cerberus is an experimental tool kernel based for hardening systems. The main idea in local is that, except particular cases, a process can't have better privileges than his father. If Cerberus intercepts anomalies it kills the process before it starts to run. Cerberus stops remote exploits by ensuring that processes like in.telnetd or tcpd will never drop a shell.

tags | remote, shell, kernel, local
systems | linux
SHA-256 | ece7a2338f4b29250fdaba7920917dd49233ba0b3d8227b617f18aca8314fb92
Posted May 16, 2002
Site dwheeler.com

Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.

Changes: Updated the report given about having %s in scanf when a limit for %s was provided.
systems | unix
SHA-256 | 1303fe146d980871fbbb9a3977338f4f426e10e1cd35fbd9cd8bb88dd1326246
Posted May 16, 2002
Site netbsd.ro

Exec Denier is a kernel module for NetBSD that restricts exec syscalls for certain UIDs. It is very useful for blocking exec calls for named and ntpd. It can also restrict exec calls for users to a certain directory. Changelog available here.

Changes: Supports allowing/denying PROT_EXEC nmap calls on certain files, and cleanups to previously written code.
tags | kernel
systems | netbsd, unix
SHA-256 | 816dab99545116044312de51e57697d14c66c992ce590f81b6e8a869ce6115ae
Posted May 16, 2002
Authored by Pir8 | Site dtors.net

Sms.c allows you to control any unix server via mobile phone, two way pager, or email.

systems | unix
SHA-256 | 558d302d5d92ab6b9af8f527507419ba6ec3a6780578cceb0207bfe44d4a8571
Posted May 16, 2002

Microsoft Security Advisory MS02-023 - Six new serious vulnerabilities were discovered in Internet Explorer 5.01, 5.5, and 6.0. Some allow malicious web sites or HTML email to execute code, while others disclose information or allow malformed executables on a web page to download and run on the users system. Microsoft patch available here.

tags | web, vulnerability
SHA-256 | 7b147f778fa5f76ed2a9b82c5714bdf381438322a2a03688726bcb9480e64611
Posted May 15, 2002
Authored by Dane-Garrin Balial

GSM Demystified - A basic paper on GSM.

tags | telephony
SHA-256 | 810d243fbbcd7f715eb0c8733a39281b3c365e3cd753bf16017e509e98aa2ddd
Posted May 15, 2002
Site tcpdump.org

Tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities. Requires here. Incorporates libpcap-0.7.1.

tags | tool, sniffer
SHA-256 | 5636ca5872f0972609c6744213516f0cc89c6ce6c68a567ade2e76314da23052
Posted May 15, 2002
Authored by Zillion | Site safemode.org

Linux and FreeBSD shellcode which reboots the machine. Info on Multi-OS shellcode here.

tags | shellcode
systems | linux, freebsd
SHA-256 | e1a494bd987d475eca05396c759a60fa126d13be3a265afb1c815b4af37d5f8d
Page 3 of 7

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By