mIRC /font exploit that spawns a cmd.exe.
6bba1bfaa52ce010f24d124f672f209484623b97f3b5f54de63c58d741cbff1dThe WorldsEnd.NET Free Ping script is susceptible to a restriction bypass condition.
6d29d8f9f8da03aeba6ea1433f4351f9657d1209e01d0797f765715eb7f426b0Pixelpost version 1.4.3 is susceptible to cross site scripting attacks.
7348d6772006dbb9c4e9e232c87483f487fd980dbc8f6b11a8a7ec24c01a19dcAzbb versions 1.1.00 and below suffer from cross site scripting vulnerabilities. NASL plugin to test for this included.
e46562189f15c20dbe453280bb61f21d177294498714aaf8c0eaf491c5f84ecaGenie is a simple Telnet backdoor program that spawns on port 1179. Written for Windows 98/NT/XP. Archive password is set to p4ssw0rd. Use at your own risk.
6b2c844a48f914163cc86fe1d678b581e633d8a90a312f77d7d6aba2c01066f8Whitepaper entitled 'Attacking Automatic Wireless Network Selection'.
0fab76effc4d98fe89fa651a422e69e400fe3ac37312fd2e5b3e468409306386Dazuko is a kernel module which provides 3rd-party applications with an interface for file access control. Useful for on-demand virus scanning, as a file-access monitor/logger or external security implementations. It operates by intercepting file-access calls and passing the file information to a 3rd-party application. The 3rd-party application then has the opportunity to tell the kernel module to allow or deny the file-access. The 3rd-party application also receives information about the file, such as type of access, process ID, user ID, etc.
120a967d446d552ad485f6197f5c9d9cd8b5369ae74104c98641c8e3492031cettyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
93b8c3b9cf5b61b20a8a949d338ebdfa0f2c8b7781df5c5ecd27ca269e152fb8The OpenCA Project is a collaborative effort to develop a robust, full-featured and Open Source out-of-the-box Certification Authority implementing the most used protocols with full-strength cryptography world-wide. OpenCA is based on many Open-Source Projects. Among the supported software is OpenLDAP, OpenSSL, Apache Project, Apache mod_ssl.
7b356b26e455471fe2dcac6c03c95e4ab29b400e8b21ced9691f485baca59f6aIWar is a war dialer used for auditing your PSTN (phone) network. Its features include random/sequential dialing, Voice over IP using the IAX2 (Intra-Asterisk eXchange) protocol, ASCII flat file and MySQL logging, a curses-based front end, key stroke marking, multiple modem support, several methods of tone detection, save/load state, banner detections (to determine remote system types) and blacklist support.
fac7b4801ad91e478e31f5da3b1feb7d3e2e09c6e281b0476f8c4adf42e52e6aThe MultiAdmin security framework kernel module provides a means to have multiple root users with unique UIDs. This bypasses collation order problems with NSCD, allows you to have files with unique owners, and allows you to track the quota usage for every real user. It also implements a sub-admin, a partially restricted root user who has full read-only access to most subsystems, but write rights only to a limited subset, for example writing to files or killing processes only of certain users.
e230d05121b93e48db1cedcdc60023126e1672458257223a7e065e75221f888fA new grsecurity patch has been released for the 2.6.14.6 Linux kernel series. It implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.
eaa8d0841c436461c0a8176a81ccbfc192d61cc0a8137702536776b170a512d3A new grsecurity patch has been released for the 2.4.32 Linux kernel series. It implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.
1af16f854a638f22bea48ff17e65d41cf97929628d2f1efb3730faf0a5ed0be0The override Rootkit: A LKM Linux 2.6 rootkit that uses patched systemcalls. Features - Hides pids and automatically hides the pids of child processes - Hides network ports - Hides files which begin with a user-defined prefix - Can show the hidden pids.
04c076c58c76e17bab712708d97f482bcfca9fe65f29cad03d4b68cabbe13393Secunia Security Advisory - A vulnerability has been reported in nfs-server, which can be exploited by malicious users to compromise a vulnerable system.
fbca3d6ee86bbcfbddc7f8c6ba9a720c21b94869788de4359d9e8a7cbbed5645Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered a vulnerability in My Little Forum, My Little Guestbook, and My Little Weblog, which can be exploited by malicious people to conduct script insertion attacks.
344d3fb945bd3946f912f84232a8917390b808ff9e765e9e606fb2d98c73b444Secunia Security Advisory - A vulnerability has been reported in Cisco VPN 3000 Concentrator, which can be exploited by malicious people to cause a DoS (Denial of Service).
4568d050e5cfefb96e48d76ba5d84c33e6158ef076bf79f0b804ec3582976dabSecunia Security Advisory - Debian has issued an update for drupal. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, and conduct script insertion and HTTP response splitting attacks.
47721504723aafd407f6fb93d45d5980d9b8de189f6090026b86f68a4fa3cf69Secunia Security Advisory - Mandriva has issued an update for net-snmp. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges, or by malicious users to cause a DoS (Denial of Service).
2bc09eb6f72bb160255b32ea3674458c8e32283a9db1ea05b6e7a1f08ce38916Secunia Security Advisory - SUSE has issued an update for nfs-server. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system.
16043c0ade4414add7ee0fdd67efa41f1f01b0ce10a39c794a690ea73b29f98dSecunia Security Advisory - Mandriva has issued an update for perl-Net_SSLeay. This fixes a vulnerability, which can be exploited by malicious, local users to weaken certain cryptographic operations.
d87e25d0023e1938a8cfcd5290126201c0ad35971f9029ae395aca8cdeab484dSecunia Security Advisory - imei has discovered two vulnerabilities in MyBB, which can be exploited by malicious people to conduct cross-site scripting attacks.
49f482d71066c4671746d0f62f37379eb5b9ac5d0595562ccdb48a98cacc84e3Secunia Security Advisory - Gentoo has issued an update for gallery. This fixes a vulnerability, which potentially can be exploited by malicious people to conduct script insertion attacks.
762f514b6ccc9b6e308cb7534e19ef95dd6b73ab96553f10faae573f32cf687fSecunia Security Advisory - Aliaksandr Hartsuyeu has discovered a vulnerability in AndoNET Blog, which can be exploited by malicious people to conduct SQL injection attacks.
d6e421f5c2a2c168a0a74bb597c32eb3d8b86027941b2ff4b6fc7bc2261168b8Shareaza, a P2P file sharing product, suffers from a remote vulnerability that allows code execution.
558bf79d1a63a228c41dc5ef9d31ba2a50943261248d81c328532ac0382442f9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed