This TCP/IP stack hardening tool for Microsoft Windows 2000/XP helps to make the OS resistant to many denial of service attacks. Binary and source included.
2259a79918a6de8a6a7d14ebaf06f1b691ab32bb594b1c03ca04f444c6e4b846PHPBB 2.0.8 is susceptible to full patch disclosure and cross site scripting vulnerabilities.
371b61e8aff45c61219490cd0843e2dbc477151643dbfbae0bf932f620e3e71bSecunia Security Advisory - Marcel Boesch has reported a vulnerability in Mozilla and Firefox, which can be exploited by malicious people to cause a denial of service. Versions affected: Mozilla 1.6, 1.7.x, and Firefox 0.x.
fba993b6d724a589100b57a880caeacb0e040dc3256bd64266d7c963296be1ceMIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
850484dadcc9aca4b40f7eceb19caac4051d869b20d81202cc202a8bb11b05baEasy integrity check system is an easy-to-install and use file integrity system. It is intended to be used by system administrators to aid with intrusion detection.
42855d3ebb290df95ccc1a59c5fb59ec640d1fb97ab6c71c2457c04166e2f050Microsoft Hotmail is vulnerable to a cross site scripting attack.
fac53ad1625eb0829847db8b6e5be732ea19aec830faef6e35e5f8c2e301bde9Novell Bordermanager 3.x suffers from a flaw that allows for a denial of service attack due to an unspecified error within the VPN service IKE.NLM.
fdf68776d373f9e276efea50a7f8193b00e23d45d4937f43906a9384eadeee5bGattaca Server 2003 version 1.1.10.0 is susceptible to full path disclosure, cross site scripting, and multiple denial of service attacks.
a2081aacff40e09987d1fdd220f9e159cd210b6b03a5656b73841afd03dd340dLsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It is useful for pinpointing which process is using each network socket. FAQ available here.
c543b3aba8c988881344cd18b93be0e95beafd1ce83c183677d0901bfbd90f92A denial of service condition exists in the Microsoft SMS Client where a data packet that gets analyzed will cause the server to throw an exception while attempting to read or write an invalid memory address. Tested against: Microsoft Systems Management Server version 2.50.2726.0.
553f2e065d26c6b861b80533b5ce510271d41b91c5034a763c8d3895d8d62af4A remote code execution vulnerability exists in the Task Scheduler (mstask.dll) because of an unchecked buffer. Affected Software: Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP, Microsoft Windows XP Service Pack 1.
b178c0fb6e2cf5a365096e5e090fe21dc3fe55636e18842f57f2b7cdfc145164Microsoft Windows Task Scheduler is vulnerable to a stack-based buffer overflow. The flaw can be exploited by creating a specially-crafted .job file. This will most frequently be a local exploit, but it is possible to imagine some cases where this could be remotely exploited as well.
8a91f17d4a2fd2983c074e04a451428f0f826e5f1059013c4a6a38db1aee67e2NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.
e294b20574821665b784aa2180752023c5d7f67c8afdde8d55474a88ec998551Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
6c46bc7cd162ea1fe3977cdfd753f9a7b7450b7b248d33d564e792d4cc7f25ffPHP memory_limit remote vulnerability allows for remote code execution on PHP servers with activated memory_limit.
a2764c250202043b5e2fbcc945ecc7953565f046d5aa69d07e2cf18d05dc5ee3PHP strip_tags() bypass vulnerability may allow for Cross-site scripting attacks launched via websites that run PHP and depend on strip_tags() for security. The attack requires a vulnerable browser such as IE, Safari, or Mozilla in order to work.
d66c97661142fe3d557417694547c784d192d272603cbc2f590fd731fd0ddf21The HtmlHelp application (hh.exe) in Microsoft windows read a value from a .CHM file to set a length parameter. By setting this to a large value, it is possible to overwrite sections of the heap with attacker supplied values. Affected software includes: Microsoft Windows 98, 98SE, ME, Microsoft Windows NT 4.0, Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP, Microsoft Windows XP Service Pack 1, Microsoft Windows Server 2003.
ac7c55f929b9e971cc8376ae4bda17d5f164652d10bf394f6db55a9ddb4eacb6A local elevation of privileges exists in the Windows Utility Manager which allows any user to take complete control over the operating system. This vulnerability affects the Windows 2000 operating system family.
06783ccb4127e8dc09bf4a647613438415e9c60af8c3a29e7ebdd29c4ff3750fAtstake Security Advisory A071304-1 - 4D WebSTAR versions 5.3.2 and below suffer from numerous vulnerabilities that allow for an attacker to escalate privileges or obtain access to protected resources. These include a remotely exploitable pre-authentication FTP overflow, directory indexing of any directory on the host, file disclosure of PHP.INI, and local privilege escalation and file overwrite via symbolic links.
3687cf4f4805ebd7619c3a629f029fcea5cc0d6baf1031b38b9528d9e63c3d7cAterm version 0.4.2 has a tty permission weakness that allows the world to write to a terminal.
f60187f4e1ea1f4d37e926cb178bb4659cd176a856814c8fbdfc5c6d8186f4ecBugzilla Advisory: Multiple security issues in Bugzilla have been discovered. These include information gathering issues (for example, database passwords may be revealed in webserver error messages), Cross Site Scripting issues, and design flaws which may make "confidential" data "protected" by Bugzilla available to all users.
c3e1dd3ee84db1b712d6183a8cb294ebae02d3b9ad75ec77b82cb213a5e1aff7Moodle 1.3.2 and Moodle 1.4 dev is susceptible to a cross site scripting flaw.
ce88b872a79cb18b143203cdcc44b3f05d440d67941b9e8d4abe53c2fbcf2484Technical Cyber Security Alert TA04-196A - Multitudes of vulnerabilities have been discovered amongst the Microsoft product line. Flaws that exist include Outlook Express failing to properly validate malformed e-mail headers, the Utility Manager allowing code execution, POSIX allowing code execution, IIS having a buffer overflow, the Task Scheduler having a buffer overflow, the HTML Help component failing to properly validate input data, and the Windows Shell allowing remote code execution.
1821f11a0fd592a922c98d1ad695e3b418762020d34a0f3cea361eefef4c0a68Packet Storm new exploits for June, 2004.
aa47ccefc4438ecb4072ae85f1448ae2cc0442aab527e45abc1fea47972d981cPort Scan Attack Detector (psad) is a collection of four lightweight daemons written in Perl and C that are designed to work with Linux firewalling code (iptables and ipchains) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate. Changelog available here.
e6447d4842b6e3c1dad9bc8268edb9d3c08ff57486dc37dcdd5f2c4f90eae031
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed