Paper discussing the caveats of port assignments above 1024 and how users should have blocks of ports assigned to them.
98b106f520298d4b1409ec2597c5001842dc8da75de5cd665c577160a99ee686Garuda is a wireless intrusion detection system (WIDS). It has been designed for detecting war drivers, rogue APs, denial of service attacks, and even MAC spoofing. Rule-based detection, statistics, and enumeration modules included.
64853cb32650412410e9c72e39d2c2b4696a30d9c476ef34062bdd7d28ee089eSimple little script for testing whether SSL2/SSL3 or TLSv1 ciphers are being used on a host.
7172b3961b8bdb9be9e81dba2f8b3210c27abd18fcd2ad09a7586ad4c31af58dLinksys Web Camera versions 2.12 and below are vulnerable to a file inclusion vulnerability.
7db8adff539759a22178341934bcc379d78e782cf0284c071d71e7f4c0543530nCipher Security Advisory No. 10 - Pass phrases entered by means of the nCipher netHSM front panel, either using the built in thumbwheel or using a directly attached keyboard, are exposed in the netHSM system log. Under certain circumstances this information is also available to the remote filesystem machine.
e554917325c74c91be8e3746a9531866492d107f7d7a0829460f22c16a4a648dmod_rootme is a very cool module that sets up a backdoor inside of Apache where a simple GET request will allow a remote administrator the ability to grab a root shell on the system without any logging.
9a739606a09c5832a815a754bcd656241faf19f768f15d9537d2c76938728b00The Linux kernel IEEE 1394 aka Firewire driver suffers from integer overflows that can result in a local denial of service and possible code execution. Both the 2.4 and 2.6 series are affected.
4871c28b4a1ceac9f9d68c77950e103399841d51e84d43d791e9156d8da2a03cTechnical Cyber Security Alert TA04-174A - Two vulnerabilities in the ISC DHCP allow a remote attacker to cause a denial of the DHCP service on a vulnerable system. It may be possible to exploit these vulnerabilities to execute arbitrary code on the system. Systems affected are ISC DHCP versions 3.0.1rc12 and 3.0.1rc13.
bf37320dd558e2cc0101d6e98690e231d906a7bda985ba6dca250c32f7197e14Remote proof of concept denial of service exploit that makes use of a flaw in the Unreal game engine where a simple UDP packet with a long value can overwrite important memory zones. Vulnerable games include: DeusEx versions below and equal to 1.112fm, Devastation versions below and equal to 390, Mobile Forces versions below and equal to 20000, Nerf Arena Blast versions below and equal to 1.2, Postal 2 versions below and equal to 1337, Rune versions below and equal to 107, Tactical Ops versions below and equal to 3.4.0, TNN Pro Hunter, Unreal 1 versions below and equal to 226f, Unreal II XMP versions below and equal to 7710, Unreal Tournament versions below and equal to 451b, Unreal Tournament 2003 versions below and equal to 2225, Unreal Tournament 2004 versions below 3236, Wheel of Time versions below and equal to 333b, X-com Enforcer.
6c7d8ca999fd82ca534f47257a00d83b7cdf78a424a1ac8cf377fb5568c2fdf5The Unreal game engine has a flaw where a simple UDP packet with a long value can overwrite important memory zones and possibly allow for remote code execution. Vulnerable games include: DeusEx versions below and equal to 1.112fm, Devastation versions below and equal to 390, Mobile Forces versions below and equal to 20000, Nerf Arena Blast versions below and equal to 1.2, Postal 2 versions below and equal to 1337, Rune versions below and equal to 107, Tactical Ops versions below and equal to 3.4.0, TNN Pro Hunter, Unreal 1 versions below and equal to 226f, Unreal II XMP versions below and equal to 7710, Unreal Tournament versions below and equal to 451b, Unreal Tournament 2003 versions below and equal to 2225, Unreal Tournament 2004 versions below 3236, Wheel of Time versions below and equal to 333b, X-com Enforcer.
e57e8509f33616fa5401f768a7a4c2abfc5aab3a91844a97e7ceae234da38313rssh, the small shell whose purpose is to restrict users to using scp or sftp, has a bug that allows a user to gather information outside of a chrooted jail unintentionally. Affected versions are 2.0 through 2.1.x.
311bdd186d8b1ea269ad967cd01b3b095ad35878525c4d3fb410e7ef1f211d8bA flaw in osTicket will allow a malicious attacker the ability to view files that are supposed to be protected.
cac76973da432f255c3cf4113e13301d51783cd3cdae4aba949e8d31c2902592Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix clone.
7d034f726e7d17e30b8246607b01e1e6ce425887707b75835caf07f8792659cchping is a network tool designed to send custom ICMP/UDP/TCP packets and to display target replies like ping. It handles fragmentation and arbitrary packet body and size, and can be used to transfer files under all supported protocols. Using hping, you can test firewall rules, perform spoofed port scanning, test net performance using different protocols, packet size, TOS (type of service), and fragmentation, do path MTU discovery, transfer files (even with really Fascist firewall rules), perform traceroute-like actions under different protocols, fingerprint remote OSs, and audit a TCP/IP stack. hping is very useful for learning TCP/IP.
044834e54a6341b1d44cee884a1fc256ee70528ea3f9c0a2248b9ce01171b091Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
1759ed6c9368787989437d5198bd563c001e86b295097c8822669e183bb9c063NSTX (the Nameserver Transfer Protocol) makes it possible to create IP tunnels using DNS queries and replies for IP packet encapsulation where IP traffic other than DNS isn't possible.
c0fc4b483d4ca9653baf46bd945f54b3125c99cb3a505827ac609b7744eae4b5Easy integrity check system is an easy-to-install and use file integrity system. It is intended to be used by system administrators to aid with intrusion detection.
bee152473ba711c7665a5ca0423dccae9e2467bd96ce3867f045c839d0c18afdNMB Scanner scans the shares of a SMB network, using the NMB and SMB protocols. It is useful for acquiring information on a local area network for such purposes as security auditing. It can obtain such information as NMB/SMB/Windows hostname, IP address, IP hostname, ethernet MAC address, Windows username, NMB/SMB/Windows domain name, and master browser. It can discover all the NMB/SMB/Windows hosts on a local area network by using the hosts lists maintained by master browsers.
d8c5980024332f98b9c623dd4927173d09b5eedbba5b72e70cd221fc86d030dcSqwebmail 4.0.4.20040524 is susceptible to a cross site scripting vulnerability.
b4baa82ebe0204df4d4f0c194efcd8f768666097feda0aca9403eab1bb8ff729Information regarding proper exploitation of a cross site scripting flaw affecting Internet Explorer 6 SP1 running on Windows XP.
fa7c800af3ddd9495112ac117250468eeb5035d63765176288113058bd094d62The DI-614+ SOHO DLINK router suffers a script injection vulnerability that uses DHCP as a vector of attack.
b89f567cac4704eaa1323775e91f7c938e9c34a4c6b3f5a58e198b767eca3571RPM Finder Project version 1.2 is a utility that works much like the rpmfind.net site. It supports RedHat and Mandrake Linux.
1b21c1e4fe44c14c6699021a8dfb60258df84ba160eb73d9c370d35decd0d8d2Integcheck is a system integrity checker. It checks the integrity of exposed systems by getting a list of MD5 hashes of any important file via SSH, keeps a master list of these on a relatively secure system, and compares this list daily with the current list. As long as the system considered safe is not compromised, it should inform administrators of any changes on the exposed systems.
61b95fcdb4192f32e0a682b7ec3ad6f420e146d5d8aca0b056a98ad3f98fc21bOs-sim attempts to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, Acid, MRTG, NTOP, OpenNMS, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security. Supported platform is Linux.
6a79dd8145f4067ef55ff267510341d6dc7df4cd97ab17bc70bc60c527f8bb54iDEFENSE Security Advisory 06.21.04: Remote exploitation of a denial of service condition within GNU Radius allows attackers to crash the service. The problem specifically exists in the code for handling SNMP messages. By supplying a malformed packet containing an invalid OID, such as -1, it is possible to cause the server to shutdown, preventing further requests from being handled. The Radius server must have been compiled with the '-enable-snmp' option in order to be vulnerable.
2e0e226c0c89a68cd1ee9d3f9d66b5e5d49fdec1ef03e7ec5cfa887e5d82e200
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed