4553 - Invader v2.1.1 is source code which can append parasitic executable code to any ELF binary which causes it it to send a shell to a remote host. Uses TCP port 21317 by default.
0c6a10e80235d530fd829513fd77b7d0d73a2293de197e444ed142bb554b173dThe Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
ed4fb0b394f06d364b96efdd261fc0f134af62fa8d51f8c903e292c39a92cdf5Linux exploit for versions of sudo 1.6.3p7 and below. Takes advantage of the Sudo prompt overflow in v1.5.7 to 1.6.5p2. Detailed exploitation instructions included.
ee90e41523420f5c98021640ebbbf74c34bdc74421fe55b9a06335ab03d69aedCombating reverse telnet using OpenBSD Packet Filter (pf) - This paper goes into detail on how to set up a firewall properly to disallow outbound traffic from reverse telnet attacks from compromised machines.
b8b0f85c10f344cc6143603c25ef79a8379bb05a1625ef6cbb3755e44d03971cIP Telephony based networks, which might be a core part of our Telephony infrastructure in the near future, introduce caveats and security concerns which traditional telephony based networks do not have to deal with, have long forgotten about, or have learned to cope with. The security risk is usually overshadowed by the technological hype and the way IP Telephony equipment manufacturers push the technology to the masses. This paper highlights the different security risk factors with IP Telephony based networks.
10fdc19e837a48d2132e421740f1be97f5a4b7f2e8d40525080b86f72461e49facFreeProxy (aka "acfp") is an HTTP/1.x proxy for Microsoft Windows that generates error pages when unable to reach a destination host. The results of the error page do not have any input validation leaving it vulnerable to cross-site scripting attacks.
b73cb37d7003a95b03e17334931602a4021c36c50e68d3f36d09ad572bddca2dThe problem described on this advisory certifies BIND versions 4 and 8 do not prevent sending of two or more resolution requests for the same domain name allowing DNS Spoofing attacks with significant probability of success.
1ff0291e103cffab6d704722eb3a1553d6877ea3f7896be778483fcaf7956ec1Itadem Trojan v3.0 is a small trojan controlled by a web browser. New features include bug fixes, server can be passworded, and html layout. Archive password is set to p4ssw0rd. Use at your own risk.
5f57c327b784ac19ffee3dd1b85e14d9c139481d4145e666f173874e625d089eanwrap is a wrapper for ancontrol that serves as a dictionary attack tool against LEAP enabled Cisco Wireless Networks. It traverses a user list and password list attempting authentication and logging the results to a file.
5b2c150321984726d6e8b0dce2701c05c125c16ac8cf177cc9d5351ee2046d15Calisto Internet Talker Version 0.04 Remote Denial of Service exploit.
cfa90118496081e0fe751cc98451d2637dd51c25d130732436c1a6e645da95b7NGSSoftware Insight Security Research Advisory #NISR22112002 - Multiple Buffer Overruns in RealOne / RealPlayer / RealOne Enterprise. Three remotely exploitable overruns exist: two being heap based overflows and the other being a stack based overflow. On exploitation of these overruns any supplied code would execute in the security context of the logged on user.
4c45143df7581f419149bb29354b7898f743178a4437690f3558d6fdc69fb9cbGuardeonic Solutions Security Advisory #03-2002 - ClearCase 4.1 is susceptible to a remote denial of service. Performing two simple nmap scans against ClearCase, which listens on port 371, causes the daemon to die upon the second scan.
e6c47ca7ad4afa168fe736998824176be31474662b7598ab7802b94381355094Microsoft Security Advisory - Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution. Both web servers and web clients are at risk from the vulnerability: Web servers are at risk if a vulnerable version of MDAC is installed and running on the server. To exploit the vulnerability against such a web server, an attacker would need to establish a connection with the server and then send a specially malformed HTTP request to it, that would have the effect of overrunning the buffer with the attacker's chosen data. The code would run in the security context of the IIS service (which, by default, runs in the LocalSystem context). Web clients are at risk in almost every case, as the RDS Data Stub is included with all current versions of Internet Explorer and there is no option to disable it. To exploit the vulnerability against a client, an attacker would need to host a web page that, when opened, would send an HTTP reply to the user's system and overrun the buffer with the attacker's chosen data. The web page could be hosted on a web site or sent directly to users as an HTML Mail. The code would run in the security context of the user.
6befe459e6dbfe443c23c4464aabd9bce1694963db34252a389d0b9e741f1db4Zeroo HTTPd server remote command execution exploit. Based on advisory by InetCop.
5fe342e390df430cbaf5f6ff02493e0c6a4b87aee4b723dd0bd56fe633aef058CERT Advisory CA-2002-33 - Heap Overflow Vulnerability in Microsoft Data. A routine in the RDS component, specifically the RDS Data Stub function, contains an unchecked buffer. The RDS Data Stub function's purpose is to parse incoming HTTP requests and generate RDS commands. This unchecked buffer could be exploited to cause a heap overflow.
3545b3ca951a5477fd7faa99a4548d9b9e2f7fa3d5d6c97fe2714ab53ca3f119CERT Advisory CA-2002-32 - Backdoor in Alcatel OmniSwitch 7700 and 7800 AOS version 5.1.1. A telnet server listens on TCP port number 6778, a backdoor that was originally used during development to access the Wind River Vx-Works operating system. Due to an oversight, this access was not removed prior to product release.
2cf513517b1b565638c67b4665449f278bd02bdf0c633bf392723ae847f0e980Foundstone Research Labs Advisory - 112002 - MDAC : Microsoft Data Access Components (MDAC) is a collection of components that provide the back-end technology which enables database access for Windows platforms. One of the components within MDAC, Remote Data Services (RDS), enables controlled Internet access to remote data resources through Internet Information Services (IIS). Such access allows users to execute files including .dll and .exe extensions, thereby providing increased site functionality. In general RDS embodies two functional technologies: Data Space and Data Control. The technology exploited within MDAC utilizes the DataSpace object of RDS which acts as a middle layer between the local command execution and the web front end. Due to incorrect string handling within the RDS interface, it is possible for a malicious user to gain control of the remote system via over-running a buffer.
b459f3412c2d95369b0424fdc5ce3c56decc698c701bb274121447dc85d55650NetworkActiv Scanner is a Fast, Easy to use, Advanced network scanner with many useful features. You can perform DNS dig, whois, and more. Main features are: TCP connect() scanning (standard TCP port scan), TCP SYN scanning (fast and "quiet" TCP port scan), Fast UDP port scanning with auto-speed control and reliable results, UDP sub-net scanning, High speed ping scanning of sub-nets (UDP or ICMP), TCP sub-net scanning, Integrated fast trace-route, Remote OS detection via advanced TCP/IP stack fingerprinting, Wizard Mode: Walks you through step-by-step to perform network scanning, trace-route, and much more. Whois Client: Ability to perform whois with ease, you can either specify a whois server, or have it attempt to determine a whois server automatically. DNS Dig system: Performs DNS dig quickly with ease, choose between TCP and UDP, specify a DNS server or have it attempt to determine the authoritative server automatically. Also, support for many RR's (Resource Records), Simple Port Scan Mode for easy and quick port scans, Nice looking interface, with multi-skin support, Tells you if remote computer being scanned is stealth, User set-able max speed (ranging from 2 PPS to non-limited), Tells you the host responses for TCP connect() port scan and sub-net scan, Tells you the port use from huge lists of ports as found, Random order, reverse order, and "Only Scan Known Ports" scan capable, and much more.
c6da0a0b39a79bf14c487fa9845238ea26fca9570d5d81d346b1f12a28e2476bTHC-Hydra is a parallel login hacker. With this tool you are able to attack several services at once (Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, VNC, ICQ, Socks5, PCNFS, Cisco and more). Includes SSL support and can be used with Nessus. Bugfix release.
b67fed5cd977e8ba18900852cae0931684c3d2fdabbd6cb40da704c831693658myNetMon v2.0 is a Windows based network monitor and packet analyzing tool (sniffer) tool. Uses WinPcap. Freeware.
1b8fe353875521248b3ccccd5e177016852e76e68538097e830121a58b40f62eiDEFENSE Security Advisory 11.19.02c - Users of Netscape Communicator 4.x's web browser and e-mail client who can be tricked into clicking on a malicious link can return the contents of the targeted user's preferences file often including e-mail password and URL history back to a remote attacker who redefines user_pref(), a javascript function.
5eab9de58ab811abe7daf58eecc2038d3161def28aef9bc2de99db7a39f21201iDEFENSE Security Advisory 11.19.02b - Remote exploitation of a weakness in Eudora v5.2 and below allows for the retrieval of sensitive information from a targeted Eudora users computer. Attackers send an e-mail to a Eudora user that directs him to a specific URL; the e-mail also contains an HTML-enabled e-mail attachment that contains scripting code.
a91227d3aa4332c09c7f7f785482cf0c2393f3cf12a5c52febfc27081a5d2192iDEFENSE Security Advisory 11.19.02a - Linksys Cable/DSL Routers models BEFW11S4, BEFSR11, BEFSR41 and BEFSRU31 can be crashed when several thousand characters are passed in the password field of the device's web management interface. Exploitation simply requires the use of a web browser that can send long Basic Authentication fields to the affected router's interface. Fix available here.
8ca79486cce08dd1cfef970e3b491e8d112d4db4386af4c62871697a20d14813Patch advisory for Sun Microsystems. Please read for details.
51ae6558498c1ffeb92ace4d03d5996b68bc3d80b1aaa6cf8fd6bfa7277d33ecLatte is a little unix backdoor which only allows one UID to use it.
36a540fdd14f8ef987bd47009981917b9ca200a54600f80626fd589f19ae0261
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed