Wget versions 1.9 and 1.9.1 are susceptible to a symlink attack during a phase where it downloads the file to a temporary filename but does not actually lock the file.
3e19a9e65f1b07c2febfde7d6bffc9cc7a814a75db5421d998b8a9cb89dcc8c5AUSCERT Advisory - A vulnerability exists in hardware implementations of the IEEE 802.11 wireless protocol that allows for a trivial but effective attack against the availability of wireless local area network (WLAN) devices.
a46c2a37097c474213beefb0ef777f388574dfbff75a232f91c1838edbf91fe4LHA has some additional buffer overflows in the extract_one function.
5a53496931d36f0f0629ce52c2693ceccacf6032e71a671af6253290e91d1570Mailbomb is a Perl script used to aid system administrators in locking down spam filters.
bd9b327974cf2fc56b8afff647d595772d8002fdff6715b18a99617f665b8b65This utility was written to allow for easy access to the kernelspace for testing insertion of modules, accessing miscellaneous kernel information, and allows for an easy test environment.
14b2a36a62e422787d27a7c092ba4f5173809ea1b33331a8a949a7e234f67f46AIRE is an 802.11 network discovery utility for Microsoft Windows XP. Upon finding a wireless access point, it displays pertinent information (timestamp, ESSID, channel, mode, etc) and has various useful features like a power meter display and other APs within range.
3cda61bb9f2d7d08af278454ecb10065fe45d20e4c2f20c68b87c0fdbd223293Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
acd85eeb4b35eecc6aace83f16e870501f129c00ce925eb81da5576ff45a6827Microsoft LSASS vulnerability auto rooter. Downloads and executes code from a FTP server.
f71ef7270796d05800fff06da2bb58e37b947b69d61fbedbb27101d5571716batcpreplay is a BSD-style licensed tool to replay saved tcpdump files at arbitrary speeds. It provides a variety of features for replaying traffic for both passive sniffer devices as well as inline devices such as routers, firewalls, and the new class of inline IDS's. Many NIDSs fare poorly when looking for attacks on heavily-loaded networks. tcpreplay allows you to recreate real network traffic from a real network for use in testing.
9d8239023b75dd6c0b9e911839f95de8c525490ec95b4e149405ac24a212f5b2XScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. It is also more stable than xlock and has more than 150 modes.
e428b88cb6719b4deedf505ffb98fb7cbfecb4340e81c29857801aeeef329528tcptrack is a packet sniffer which passively watches for connections on a specified network interface, tracking their states and listing them in a manner similar to the top command. It displays source and destination addresses and ports, connection state, idle time, and bandwidth usage. Screenshot available here.
ffb8532569fd43819bf7a138a019f8da2eb141e62ce0b962d897e3e957d2f963Ettercap NG is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining an established TCP connection! Integrated into a easy-to-use and powerful ncurses interface.
9e042be55dc3fc883314f68cf213147ecf2e919ac0fa03815dcf4e4ff60cb58bNetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.
bcfefe2bdad05e3ef87f47860826e2d5667e3b1be86bc86bd387cc276c4aff77Webdevil is a tool used to create a distributed performance test against webservers by keeping connections alive until the server times them out. Slave daemon is included to assist in stress testing.
25e78e914b5eb91d497b9fe75d5d5c553156aa5477b01c8871545759d820db53netjail is a user-space mechanism for limiting the ability of a process to connect sockets in the PF_INET and PF_UNIX domain. The main motivation for this is to foil (or discover) spyware or "call home" code in suspect pieces of binary-distribution-only programs.
2062e3bd63e3da7ecd933c31add9dd03a66dafd8760d66429f68c0271fa79398Paper discussing shellcode usage that also includes troubleshooting and functionality information. Included are other whitepapers that help offer guidance, some tools, and some shellcodes.
4ec0245150d0f387da8ee2844e769c59d9caac00f74d87dd99b63675db28cafeNetwox is a utility that can be thought of as a one stop shop network toolbox. It includes a graphical front-end called Netwag. This kit comes with 150 tools that can be used to perform a multitude of tasks that are very useful to any administrator. It supports various protocols (DNS, FTP, HTTP, NNTP, SMTP, SNMP) and performs low level functions like sniffing, spoofing traffic, and playing client/server roles. Both Windows and Unix versions are included.
d068f8caaf9544ef94715cbf215b51943bdd474f04bcc7da82636eeb7f0fd7c3Network Stresser is a traffic flooding utility designed to test the limits of a network. Supported protocols are TCP, UDP, ICMP, and IGMP.
5a470bc7d3f865ca40fbcec208e4a8bbab5016ef9559792aaafb7edde840a8b5Remote denial of service exploit that makes use of the flaw eEye found in Symantec Norton Personal Firewall and other related products. Sends a malicious DNS response packet to a vulnerable host, causing the kernel to go into an infinite loop. Tested against Symantec Norton Personal Firewall 2004.
210a95aedb58ff218b08a68c2698d26d830137378183d72bec41e0c872f2d24dlibShellCode is a library that can be included when writing Linux and BSD i386 based exploits by providing functions that generate shellcode with user given parameters during runtime.
006c6f21ee8c651042ebe887dc08fd248181cac69739071d143146cf6639a355Directory traversal attacks on the Sun Solaris SMC Web Server under releases 8 and 9 allow a remote attacker to determine whether or not a file exists on the underlying filesystem due to differences in error messages.
afadcf605c1e2463d9dc1006e2bcbc5d78588c56164f93b99e0edf5afbb88beeEthereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.
4401e49a993d9b5d017d7e4bc7705cc3873234e73d06b82f884dcd45213ec8d3Ethereal Security Advisory Enpa-sa-00014 - It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire, by convincing someone to read a malformed packet trace file, or by creating a malformed color filter file. Versions affected: 0.9.8 up to and including 0.10.3.
5bdf294b805f328fb3c4ea0444bf4b5ac67d19b595d748a2922380a8d2fd4d4fA vulnerability exists in Icecast 2.x that can cause a denial of service condition.
99456ace2fa0f87f2f52c3e000095e321d0e4fa0dd63df8a4290735635761047Outpost Pro Firewall has a flaw that allows malicious people to cause a Denial of Service. The issue has been reported in Agnitum Outpost Pro Firewall version 2.1. Prior versions may also be affected.
23a021e46fe713e14e1875d37a7ff9271b44c31c2d36e4da8d11ece37740c979
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed