New Macintosh OS-X rootkit that is roughly based off of adore. It hides itself from kextstat, netstat, utmp and wtmp. Further revisions to include a reverse shell triggered by ARP and DNS packets.
cf7423b74f6d5920cebbf766912f5ecca0db3ada2792d9264af8fd6b9f44d996IEEE1394 Specification allows client devices to directly access host memory, bypassing operating system limitations. A malicious client device can read and modify sensitive memory, causing privilege escalation, information leakage and system compromise.
5908ecd32dc1bc51bdc80887e043a5b00259a45eb5d176b1d23bc4137217fdfdMailCarrier 2.51 SMTP EHLO / HELO buffer overflow exploit written in python that spawns a shell on port 101 of the target machine.
9cdcfa966f1b52e3db88669267c30a79a0da90da60a10ee65048a42219f21e53Secunia Security Advisory - A vulnerability has been reported in phpCodeGenie, which can be exploited by malicious people to compromise a vulnerable system.
a8a79c04fa825747cfb508cb1d5e3ffec13f2093c2e567b747abef37119800b3Trustix Secure Linux Bugfix Advisory #2004-0050 - This bug fix discusses vulnerabilities in the packages gettext, ghostscript, glibc, groff, gzip, kerberos5, lvm, mysql, netatalk, openssl, perl, and postgresql. Previously unreleased information for groff exists here.
991400e8913bef9106afed4542a76f9ed6d97a07370475f2d4bb959770271d4dNISCC Vulnerability Advisory 841713/Hummingbird - The first issue with Hummingbird Inetd32 allows a user to run an application in the context of the Local System user. The second issue is a buffer overflow in XCWD that causes a denial of service condition and requires valid user credentials to invoke.
917086275ba1d2c89ca5afe883b49b9b4c8f189b32333a5e8b203194a8ba074cSecunia Security Advisory - A vulnerability has been reported in Novell ZENworks for Desktops, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the Remote Management Agent invoking the ZENworks Remote Control Help functionality with SYSTEM privileges. This can be exploited to execute arbitrary programs with escalated privileges.
fa638d7bcd0cbe854d12bf37d11298bcd4c5967a712f1355bf790c5ad8632abcSecunia Security Advisory - Positive Technologies has reported some vulnerabilities in Phorum, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
314d2ddedf10f6e165abb968d396b7328cbcc982f621ca7e65ae2d109e27ad80Secunia Security Advisory - A vulnerability has been reported in OpenSSL, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. The vulnerability is caused due to the der_chop script creating temporary files insecurely. This can be exploited via symlink attacks to create or overwrite arbitrary files with the privileges of the user executing the vulnerable. The vulnerability has been reported in versions 0.9.6m, 0.9.7d, and 0.9.7e. Other versions may also be affected.
4ba3df854334f73dec4c8753362c6d7d67833f8583d312a71cf15cf2cfe759eaThe GNU tftp client in the inetutils-1.4.2 is susceptible to buffer overflow attacks. Due to untrusted data from DNS resolved hostname being copied into finite static buffers without any bounds checking, several buffers can be overflowed in the .bss. Arbitrary code execution is possible.
5eb3d155894c1cfde68846c89bedeb4204bb3d8d2f781339cec732d062d962a0Improper verification of header fields lets an attacker make the pppd server from ppp-241 access memory it isn't allowed to, resulting in a crash of the server. There is no possibility of code execution, as there is no data being copied, just a pointer dereferenced.
574ce2da45902592be233f5fc4f8dac25e1f63f317486c8767787082f1cd1486Local exploit tested against libxml2-2.6.12 and libxml2-2.6.13 that makes use of libxml remotely exploitable buffer overflows.
df45b66cae305c03efbb5a88fba4a7f4c1d037611a3521f385486026caaff373There is an integer overflow when allocating memory in the routine that handles loading PNG image files with the GD graphics library versions 2.0.28 and below. This later leads to heap data structures being overwritten. If an attacker tricked a user into loading a malicious PNG image, they could leverage this into executing arbitrary code in the context of the user opening image. Exploit to create a working PNG for this enclosed.
24283338134ab68e16c03983a163ba4627ec59ad549edd928b9c4c5688c6f6e6CSIS Security Advisory [CSIS2004-5) - Mozilla Firefox, Web-browser built for 2004, advanced e-mail and newsgroup client, IRC chat client, and HTML editing made simple. The Mozilla Firefox ships with several bugs, making it possible to crash the browser, eat up virtual memory, simply by hosting a binary renamed as html, on a remote website.
163f29c64acae2506c9dff29c09f7010060dd4fd8a815aff852ebc2480f8b3c2Gentoo Linux Security Advisory GLSA 200410-25 - The etc2ps.sh script, included in the Netatalk package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.
6751b9182f2910d984ae262c099a1e467f2699ac7a49f28fba4220035e799b81Secunia Security Advisory - Elac has discovered a vulnerability in dadaIMC, which can be exploited by malicious people to conduct script insertion attacks.
dc3e8ca90833e5d54256a1fddb7e28422e039946ecb82baf1331222f84f91f9cA vulnerability in LANDesk Management Suite 6.x through 8.x allows for a denial of service attack.
2aaf11eb33ca7bccfdcf5883943e1c384664269296634a56c56bdc6fa7f6c24eKismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.
0d6e7e415cedeb9a97ec1cd957c6e3da0718b184bdcd44eedf9dfe2a94beb320mangleme is an automated broken HTML generator and browser tester, originally used to find dozens of security and reliability problems in all major Web browsers (Mozilla / Firefox / Netscape, Konqueror / Safari, MSIE, lynx, [e]links, w3m, elvis, etc), as reported on BUGTRAQ.
834ffbcab9fe491dcb7f248248f9542c337a4d42432f6b53633d5c5528041e9aAccess Point Utilities for Unix is a set of utilities that configure and monitor a Wireless Access Point under Unix. It is known to compile (with GCC and the IBM C compiler) and run under Linux, FreeBSD, OpenBSD, MacOS X, AIX, and QNX.
2fc07e0603d745f169b686ddb5101b31942dc6aa0a2f994f2685e5e249ef0f26Speaker Alarm Dir watches a selected directory and plays a custom PC speaker sound when a file is added or removed.
3e3a3c0eafb2b4f955d485d225fd6a78a40f3e6f712d19637cc17589fc965d7bIfchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.
831a4f304c8d235334dd1e8ae673404ee23c34646ce4e58b36ff8c407db0fc32afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
2144837c5196a9790b397cad71b7615fad76251b4cf01de33fe4de9710eac461Motiontrack is a set of tools that detects motion between two images. It is able to successfully distinguish random flicker from real object movement by applying a set of filters to the images, and can optionally ignore given colors and/or image regions. The roadmap provides for being able to identify objects by pattern detection and AI routines. Currently, this tool is able to turn line-art images into ASCII-art text as a demo feature.
b99a59cd8fef98d31f714922133970e640eebcc112814a0e77a995d77bf8404dOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
25121b5dbd2b830929519325e033086ce45861cff2d0000d928f48261b1e0b7c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed