Mixmaster is an anonymous remailer which provides protection against traffic analysis and allow sending electronic mail anonymously or pseudonymously. It is every unix using citizens civic duty to run a remailer and help ward off the evil forces of censorship. It is a well known fact that running a remailer will make you automatically cool.
724bd6228322c5bb45df892c0a599badd061ab301084e3c8633307fc99865f0bCobalt RaQ 4 and possibly others overflow.cgi remote root exploit which takes advantage of a flaw in the Security Hardening Package.
f913bb1392a7292e21f35b8a2b2e99ad39393ff5a90efaf97daf65816f45d436IDScenter is a control and management front-end for Windows platform. Main features: Snort 1.9/1.8/1.7 support, Snort service support, Snort configuration wizard, Rule editor, AutoBlock plugins (Network ICE BlackICE Defender plugin included (Delphi, open-source), Plugin framework for Delphi included), MySQL alert detection & file monitoring, e-mail alerts / alarm sound alerts / visual notification, etc.
3e34cc0d12317b233581fcb0f47de17fb2333adc34a812338c0767ba5ffc2916LSA v1.1 for unix, linux, and windows is a tool written in PHP for testing PHP and system security settings, virtual hosts, and local accounts. You can write own plugins for LSA.
feb0d191c50922e7a9a0b76ba3a7383caaf36975d91f3e8d50a64a70e0b2779eNessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 920 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available here.
c5f72886ac756dd1c7cc41addfad86459d102cc879a2a069911aebaad8bc10a8Denial of service exploit for SSH servers and clients from several vendors containing vulnerabilities in the greeting and key-exchange-initialization phases of the SSHv2 transport layer that allow denial of service attacks and/or arbitrary code execution. OpenSSH, SecureCRT, and LSH are not affected - vulnerable versions include F-Secure 3.1.0 and below for unix and v5.2 and below for Windows, SSH 3.2.2 and below for windows and unix, putty v0.53 and below, WinSCP 2.0.0 and below, and more. Includes binary files which can be sent to ssh servers or clients via netcat.
6b89b3721c386cfd26123193715b84e647d2b13cbc7c5337faa63bea2c1ae80eRapid 7 Security Advisory - SSH servers and clients from several vendors contain vulnerabilities in the greeting and key-exchange-initialization phases of the SSHv2 transport layer that allow denial of service attacks and/or arbitrary code execution. OpenSSH, SecureCRT, and LSH are not affected - vulnerable versions include F-Secure 3.1.0 and below for unix and v5.2 and below for Windows, SSH 3.2.2 and below for windows and unix, putty v0.53 and below, WinSCP 2.0.0 and below, and more.
4e0095d93035f5f570e62c687c4ba8324db7f74b95ef0d6aad64c3c1651a3e9cTrojan /bin/login.
08a2db6a5fd39499b85f17438742623ff3cc30354aa3f5a797831cc0f0b5cfc9Sniffdet is an implementation of a set of tests for remote sniffers detection in TCP/IP network environments which is composed of a flexible and easy to use library and a console application to run the tests. Major features include several tests for sniffer detection, configfile support, output plugins, dropping of root privileges, and documentation.
d1a39149fd6df19b4cf2c4cbd3dd5de613041518332127b53f686baa71aafa01MAC Changer is a utility for viewing/manipulating the MAC addresses of network interfaces which can set specific, random, vendor-based (with a 6000+ vendor list) and device-type-based MACs.
33260108e09bc83a2caecac008f2bfb7c786d7cafc660656cf49482f2f096854SMTP map uses fingerprinting to scan for the version of SMTP server software which is running on a machine.
fcf9afa36d3a1e2accd4efd30a8b63a168d372cfdcc4557b443f9f0b780b503bDnshijacker v1.3 is a libnet/libpcap based DNS sniffer/spoofer. A versatile tool, it supports tcpdump-style filters that allow you to specifically target victims. DNS answers are forged based on entries in a 'fabrication table' or by simply forging one answer to all requests. DNS Hijacker is an excellent tool for blocking and removing advertisements at the network level. The package comes with a default rule file for blocking about 780 known ad servers, as well as instructions on how to incorporate with RRDTool for ad blocking statistics generation. Archived prank: here. Future versions will be ported to use Libnet 1.1.0.
4040cb211860bec4dd43af09e157da25ebd20189d35884c11639d281ef7cd16aFloppyfw is a router and firewall on one floppy disk. It uses Linux basic firewall capabilities, and has a simple packaging system. It is ideal for masquerading and securing networks on ADSL and cable lines, using static IP, DHCP, and PPPoE. Installation involves editing of only one file on the floppy.
c9d84925342881f9d180cb00e5e0f9e349a16a4960a038a2120ce5d0e89e78c5Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Understands regular expressions and POST payloads.
4d45450773939db6dca6056dad88a34d0932f9d82ee354d101155e92083157deSendIP is a commandline tool to send arbitrary IP packets. It has a large number of command line options to specify the content of every header of a RIP, RIPng, BGP, TCP, UDP, ICMP, or raw IPv4/IPv6 packet. It also allows any data to be added to the packet. Checksums can be calculated automatically, but if you wish to send out wrong checksums, that is supported too.
f39a533fe455e12decaca426dbdb8a1381e15957767d6bc9405c6418553104bfTcpreplay v1.3 - Tcpreplay is a set of tools aimed at testing the performance of a NIDS by replaying real background network traffic in which to hide attacks. Tcpreplay allows you to control the speed at which the traffic is replayed, and can replay arbitrary tcpdump traces. Unlike programmatically-generated artificial traffic which doesn't exercise the application/protocol inspection that a NIDS performs, and doesn't reproduce the real-world anomalies that appear on production networks (asymmetric routes, traffic bursts/lulls, fragmentation, retransmissions, etc.), tcpreplay allows for exact replication of real traffic seen on real networks.
a1b60f3a733858855133529bde413965f2d6db81ee81f256f5eeda38a92f98c9Motion uses a video4linux device for detecting movement. It makes snapshots of the movement which later will be converted to MPEG movies, making it useful as an observation or security system. It can send out email and SMS messages when detecting motion and includes a web interface.
04828ac21f6f4cc514215852af2b4354eaab8b0bc7ec2ac84b9b387bb91daf6fProcess Monitor v0.23 for Linux is a small kernel module that allows you to watch all programs executed on the system. It is useful for generating full listings of programs (and their supplied arguments) run by potentially dangerous users on a system.
925ec438e183031f4d96030d9759a85aefd0c33c7d5dd0ef3b2c6cce26c34756Zyxbrut.c is a brute force program written for the ZyXel router telnet service.
09a2e8873fc29128a79a933087fd6b993b20bc25a6fb311b7d0228b7d714db16Obstruct.tgz is a denial of service attack against IRC servers. Warning: Code was found on a compromised machine, use caution. Opens a IRC server port on the target +machine and sends SERVER You_were_owned_by_obstruct.c 1 data and then loops again and floods the server. Floods all of the open sockets on the server until it can no longer accept connections. Floods the IRC Operator server notices so that the IRC operator cannot view legit traffic.
438e11ef32a07129806dc28198dbf61dfaa6361de812ac75e0d0fec11e649929EEye Security Advisory - During a review of the PNG image format implemented in Microsoft Windows, pngfilt.dll, serious vulnerabilities were discovered related to the interpretation of PNG image data. The more serious bug is a heap overflow which can be exploited to execute code when the malicious PNG image is viewed. IE 5.01-6.0 is vulnerable, along with the IE web control for Outlook, Access 2000, Backoffice, Microsoft Visual Studio .NET 2002, Office 2000, Office XP pro, Project 2002 Professional, Publisher 98, SNA Server 4.0, SQL Server 7.0, Visio 2002, Visual Basic .NET Standard 2002, Visual C, Visual C++ .NET Standard 2002, Visual FoxPro 7.0, Visual Studio 6.0, Windows 2000, Windows 95, Windows 98, NT, and XP. Microsoft advisory is ms02-066.
f11b994b879980c3165d71f5cef07811d6d5feb5f65c16286a58a35a2b0cacf3The MySQL database versions <= 3.23.53a and <= 4.0.5a contains local and remote vulnerabilities allowing remote attackers to bypass the MySQL password check and execute arbitrary code with the privileges of the user running mysqld. An arbitrary size heap overflow within the mysql client library and another vulnerability which allows '\0' to be written to any memory address allow DOS attacks against or arbitrary code execution within anything linked against libmysqlclient.
b385bbffd26b7aac37dec468afd6558f47557fa4ccb25456b032f8f0f3e77828A heap overflow has been found in Fetchmail v6.1.3 and below which allows remote attackers to execute code with the privileges of the user running fetchmail on Linux. It is a denial of service vulnerability on BSD. Fixed in v6.2.0.
00367f13a6c9121041c44e2a0b3582239a66f54aeae1714fc5cf1dc427242f38Web Hack Control Center is an administrative tool that scans web servers for known vulnerabilities. Scans HTTP and HTTPS (SSL) servers, and it's exploits database contains over 1500 vulnerabilities. WHCC can be used as your primary browser or be launched from Internet Explorer.
4ed49210b62bc99ca619b59ab8b64bf528871e8dc7d905737ece72d9bbcdd912SuSE 8.1's "gfxmenu" which is configured into GRUB by default on many machines allows the user to pass in additional kernel boot parameters without entering the password, allowing users who can locally reboot the machine to easily spawn a root shell.
8835b98c7e6cc1122e66d91619047a0fcc3b5ad373a989202c6f9b7dbbe592f8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
