what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 161 RSS Feed

Files Date: 2002-05-01 to 2002-05-31

MDKSA-2002:030
Posted May 13, 2002
Authored by Mandrake Linux Security Team | Site mandrakesecure.net

Mandrake Linux security advisory MDKSA-2002:030 - A vulnerability found in the netfilter package can result in a serious information leak that can expose filter rules and network topology information. This vulnerability affects Mandrake Linux 8.0, 8.1 and 8.2 .

systems | linux, mandrake
SHA-256 | 59e7afed923c050dc1ea8b370801e26faa6d4802d4f005f42c0071dfb5236c14
RHSA-2002:086-05
Posted May 13, 2002
Site redhat.com

Red Hat Security Advisory RHSA-2002:086-05 - A vulnerability found in the netfilter package can result in a serious information leak that exposes filter rules and network topology information. There is a workaround but no fixes are included in this advisory.

systems | linux, redhat
SHA-256 | 9bf35b2deb28384a8aac31f4b683b8f54a575d89eaab1cafdd6075f7145843f0
iXsecurity.20020404.4d_webserver.a
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin | Site cqure.net

The 4D webserver v4.7.3 has a buffer overflow condition in the username or password field in a basic authentication resulting in EIP overwrite and possible arbitrary code execution.

tags | overflow, arbitrary, code execution
SHA-256 | b96f3931116f62370d7fc24b352b14216c1aa472d09e0f7a13ec66181f1c021f
cURL-remote-FBSD.pl
Posted May 10, 2002
Authored by Zillion | Site safemode.org

Remote FreeBSD cURL exploit for versions 6.1 - 7.3. More info available here.

tags | exploit, remote
systems | freebsd
SHA-256 | cb3b41070a035495a6c0d2f9b4a6cfc27b235c73e132f73706c9a2910cdd0597
cURL-remote-LNX.pl
Posted May 10, 2002
Authored by Zillion | Site safemode.org

Remote linux cURL exploit for versions 6.1 - 7.3. More info available here.

tags | exploit, remote
systems | linux
SHA-256 | dad91fe61044ca9a5d49c69ade363fac8dad8e28d8281dc3943fb2ce21ed8fb8
lsat-0.5.5.tgz
Posted May 10, 2002
Site dimlight.org

Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks inetd entries and looks for unneeded RPM packages. It is being expanded to work with Linux distributions other than Red Hat, and checks for kernel versions.

Changes: Fixed bugs and added checkrpm module to report RPM integrity on redhat based systems.
tags | kernel
systems | linux, redhat
SHA-256 | 52892f514f310b0e0929cbd03ed544a7652ba88640cc4ed57c4d787006117e00
cqure.net.20020412.bordermanager_36_mv1.a
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin

Cqure.net Security Advisory cqure.net.20020412.bordermanager_36_mv1.a - Three vulnerabilities were identified in Novell Border Manager 3.6. The vulnerabilities will cause the handling NLM to abend, and in some cases result in a denial of service to to Novell server.

tags | denial of service, vulnerability
SHA-256 | f299bcf1188f4c8c7d32630643702fd962fc7a016d90a590fa5014a2d1f6d783
cqure.net.20020412.netware_sdmr.a
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin

Cqure.net Security Advisory cqure.net.20020412.netware_sdmr.a - The IPX compatibility issue Posted to BugTraq on July 11, 2000 by Dimuthu Parussalla applies to Netware 6.0 SP 1 as well. An attacker could cause the SDMR.NLM to abend and in some cases reboot the server.

SHA-256 | 6e6452d419db4e473889709434156d711e2dea30704458f960ad8691c0bfdd80
cqure.net.20020412.netware_client.a
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin

Cqure.net Security Advisory cqure.net.20020412.netware_client.a - Multiple buffer overflow conditions exist in the Novell Netware client for Windows v4.83 which allow an attacker to crash any software relying in name resolution.

tags | overflow
systems | windows
SHA-256 | acf676864959962a18ec7ee46cd42809dc4d8f63457b8d3aa66b57a2932b55b5
ngsec.dhcpd.txt
Posted May 10, 2002
Authored by FJ Serna | Site ngsec.com

ISC DHCPD in its version 3 introduced new dns-update features. ISC DHCPD v3.0 to 3.0.1rc8 is vulnerable to a remote root format string bug attack, while reporting the result of a dns-update request.

tags | remote, root
SHA-256 | a290c9d40604af3f940c6014c394c6ae911843feb29f15807b203cd233a48342
fwlogwatch-0.8.tar.gz
Posted May 10, 2002
Authored by Boris Wesslowski | Site kyb.uni-stuttgart.de

Fwlogwatch analyzes the ipchains, netfilter, iptables packet filter, and Cisco logfiles and generates text and HTML summaries. Features realtime anomaly alerting capability, an interactive report generator, and the ability to cut off attacks by adding firewall rules.

Changes: Adds support for Snort IDS logs and for sending summaries by email. Bugs were fixed!!!
tags | tool, firewall
systems | cisco, unix
SHA-256 | 795c67cf5a2db29ed7dd5a76ae3f841e7a8d70ca6895bf6f78bbc9910c6b3ab3
portfwd-0.25.tar.gz
Posted May 10, 2002
Authored by Everton da Silva Marques | Site nucleo.freeservers.com

portfwd is a small userlevel daemon which forwards incoming TCP connections or UDP packets to remote hosts. Multiple forwarders can be specified in a flexible configuration file. There is support for FTP forwarding and transparent proxy.

Changes: The ability to invoke an external program to select the destination based on the address and port of incoming connections or datagrams has been added.
tags | remote, udp, tcp
systems | unix
SHA-256 | abd24d938ea563ceb77b2bf0b4564443d027463dbb2b03979e7b61d5943405f4
dirwatch.tar.gz
Posted May 10, 2002
Authored by Pedram Amini | Site pedram.redhive.com

Dirwatch is a (/tmp) directory watcher written to to aid in the discovery of race conditions. Dirwatch has multiple speed settings, the fastest of which can even catch a successive link() unlink(). Dirwatch also has the ability to filter files based on user, group, suid bit, and wildcard (*?) file names.

systems | unix
SHA-256 | 5cdc8fea6ea4919bd2106e78c2892ae715e43baa15d23ca4eec2a512646b6089
confuse_router.c
Posted May 10, 2002
Authored by Pedram Amini | Site pedram.redhive.com

Confuse Router v1.0 is an arp cache poisoner which allows you to see traffic in a switched environment such as a cable modem network. Requires libnet.

systems | unix
SHA-256 | 3f39d0ee3be48ebe6c2f78d8012c01677c3f389706c1f2b080b773de1fd86e82
ms02-022
Posted May 10, 2002

Microsoft Security Advisory MS02-022 - A buffer overflow in the MSN Chat control allows remote attackers to run arbitrary code if a user runs MSN Messenger or Exchange Instant Messenger. It is also possible to exploit this vulnerability via a web site or HTML email. Microsoft FAQ on this issue available here.

tags | remote, web, overflow, arbitrary
SHA-256 | b87ce4858a40e34353bddfda6a10d403e7641db211ecf164002df49eb80edf8c
fd_openbsd.c
Posted May 10, 2002
Authored by Fozzy | Site dmpfrance.com

Local root exploit for OpenBSD up to 3.1 which takes advantage of the fd race and skeyaudit binary.

tags | exploit, local, root
systems | openbsd
SHA-256 | 942689559f299505c2d3b0892168e2f9e4a4e49b301c8a85a802e0d8e1361e0d
openbsd.fd.txt
Posted May 10, 2002
Authored by Fozzy | Site dmpfrance.com

On current OpenBSD systems, any local user can fill the kernel file descriptors table, leading to a denial of service. Because of a flaw in the way the kernel checks closed file descriptors 0-2 when running a setuid program, it is possible to combine these bugs and earn root access by winning a race condition.

tags | denial of service, kernel, local, root
systems | openbsd
SHA-256 | e1b6639e9a5ff47fdbc4fbd454486735d12558a62364c4a7a3c8f06239895718
HexView Security Advisory 2002-05-03.01
Posted May 10, 2002
Authored by HexView, SGI Security Coordinator | Site sgi.com

SGI Security Advisory 20020503-01-I - A vulnerability found in netstat allows local users to detect whether a file exists, even when the permissions and ownership of that file should not allow it. This vulnerability has been corrected in IRIX 6.5.12 and patches are available.

tags | local
systems | irix
SHA-256 | ecfddfe1a5d66662e1eacb3e599522d5cc271ef9922a8b2cb650afd55c1f66d3
cqure.net.20020408.netware_nwftpd.a.txt
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin

Cqure.net Security Advisory 20020408.netware_nwftpd.a - A vulnerability found in the Novell Netware 6.0 SP1 FTP daemon can be used in a denial of service against this application. Exploitation of this problem can result that the daemon starts consuming all CPU resources.

tags | denial of service
SHA-256 | 090c17bdcfa438d7edb5199d6b979d712c815b29b6cfad263682923334c7e20b
suse.sysconfig.txt
Posted May 10, 2002
Site suse.com

SuSE Security Announcement: sysconfig (SuSE-SA:2002:016) - On SuSE 8.0 information gained from DHCP packets is used in commands line execution by the ifup-dhcp script. This vulnerability has been fixed in the sysconfig-0.23.14-60.i386.rpm package.

systems | linux, suse
SHA-256 | c82cc50639bd3babda48b1d2a00ee6187697cb5e6a2f5fdd0ee5849e68c17de6
CA-2002-12-ISC-DHCP
Posted May 10, 2002
Site cert.org

CERT Advisory CA-2002-12 - A format string vulnerability in ISC DHCP 3 to 3.0.1rc8 can be used to remotely execute code through this application. Because ISC DHCP runs with root privileges, exploitation of this vulnerability can lead to a root compromise.

tags | root
SHA-256 | 04162819e3ff2eccb2f46aeb34787f7c46b175659b06ede22042c9ce455db002
w00w00-AIM-2.txt
Posted May 8, 2002
Authored by w00w00, Matt Conover, John Hennessy | Site w00w00.org

AOL Instant Messenger (AIM) contains a buffer overflow in the code that is responsible for parsing requests to run external applications. The overflow can be used to remotely penetrate a system and it is not possible to block these requests in the AIM client. No client side fix is currently available.

tags | exploit, overflow
SHA-256 | 946194c0c09dedf0c32dd70f3f60b1ba047cf82d56205fa98f75e4a934abf0cb
suse.imlib.txt
Posted May 8, 2002
Site suse.de

SuSE Security Announcement: imlib (SuSE-SA:2002:015) - Imlib used to depend on a netpbm library which is well known to have security problems. This and a heap corruption bug have been corrected.

systems | linux, suse
SHA-256 | 2b8c62dbe9dfb2ff8c5fe9b81bf9c14050d90ff08553f73c01d4d5e6d20e6e29
CA-2002-11.cachefsd
Posted May 7, 2002
Site cert.org

CERT Advisory CA-2002-11 - Sun's NFS/RPC file system cachefs daemon (cachefsd) installed by default with Sun Solaris 2.5.1, 2.6, 7, and 8, contains a remotely exploitable heap overflow which allows attackers to execute code as root.

tags | overflow, root
systems | solaris
SHA-256 | 276afe600b3d5e09b12d6159c45a24d28ff25e3a76a9605470b08859cf84ca4f
CA-2002-10.rpc.walld
Posted May 7, 2002
Site cert.org

CERT Advisory CA-2002-10 - Solaris v2.5.1, 2.6, 2.7, and 2.8 rpc.walld contains a remotely exploitable format string overflow.

tags | overflow
systems | solaris
SHA-256 | dfeef848a17800822a0856ca026207b11800f25c0ee6e7a9baf5ebdd84e6d094
Page 5 of 7
Back34567Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close