exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 151 - 175 of 187 RSS Feed

Operating System: UnixWare

Samhain File Integrity Checker
Posted Oct 5, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (stable branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Better detection of kernel module rootkits (Linux only) to detect 'stealth' syscall redirection, the server can listen for syslog reports from remote hosts, logfiles can be written in XML format, the default install paths comply with the Filesystem Hierarchy Standard, minor bugs have been fixed, and added support for Mac OS X.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 0ff014554ff5f6e52c2fcc3638ee710af2c7053143a3f95659761f0aa510a287
Samhain File Integrity Checker
Posted Aug 4, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (stable branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: New files in monitored directories are now automatically included in the monitoring. More info and examples for paging is included in the manual. Several minor bugs have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 65f57e2ad7b7c22483a3f42e9807ae6c22bd831ac181beed6eacdac7a7fdd282
Samhain File Integrity Checker
Posted Jun 1, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (development branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6. The devel version has more advanced features, but not all options are thoroughly tested yet.

Changes: A fix for a bug in the parsing of signed database/configuration files.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 2b26539157d7d860474fdc522cb212ec6d4b3a32f4400304c6a57f6bf867402f
Samhain File Integrity Checker
Posted May 23, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (development branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6. The devel version has more advanced features, but not all options are thoroughly tested yet.

Changes: Now detects Linux LKM rootkits. Problems with repetitive reports by the daemon have been fixed, the installation has been streamlined, init scripts for Linux (SuSE, Redhat, and Debian) have been added, and the docs have been revised.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 5d1dad7c0b0a2a4dd188767a5f3f037cf9749b1bb98b06900f7c8d21c445aba1
Samhain File Integrity Checker
Posted Apr 22, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (stable branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6. The stable version does not support all features that are mentioned in the summary. Client/Server communication is not encrypted, and wildcard patterns for filenames are not supported.

Changes: Verifying the integrity of the log file has become more convenient, alignment for the memory profiling code has been fixed to make it work on Solaris, and some bugs have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 95b8dc0feb825c5838066c1efa265cacbdb56ba1ec54e264939c3b70b8099cd9
Samhain File Integrity Checker
Posted Apr 22, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (development branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6. The devel version has more advanced features, but not all options are thoroughly tested yet.

Changes: Verifying the integrity of the log file has become more convenient, alignment for the memory profiling code has been fixed to make it work on Solaris, and some bugs have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 59110c9b17c7a9e01f591414e5ac61ae4abf9a086b8ddef3f20dec0cb95804c0
Samhain File Integrity Checker
Posted Apr 10, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Lots of small bugfixes.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 09a63845ac98e809c95542526a65794687886f028534896e431f63e0814e1bc4
Samhain File Integrity Checker
Posted Mar 21, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Minor problems with the 'stealth' option have been fixed, client/server encryption uses CBC mode, and HMAC-TIGER is used for message authentication.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 7586fdf2b2be87916768c7d10baaa36b29608cb4bde146ce3e9a228ca9029385
Samhain File Integrity Checker
Posted Mar 10, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Problems with logging to syslog and with templates for the HTML server status page have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 668359b668a71b61438b1ab2f12daabe3a31ac1b11e9dd4fdf840819bce81d6a
Samhain File Integrity Checker
Posted Mar 3, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: This release includes support for specifying files as shell-style wildcard patterns, fixes for some compilation problems on FreeBSD and Alpha/Linux, and a couple of fixes for other bugs.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 990646118fc67738df6e20049f2f0b490c9268689ad4d8830bf778393b11b9a2
Samhain File Integrity Checker
Posted Nov 2, 2000
Authored by Rainer Wichmann | Site samhain.sourceforge.net

samhain is a distributed host integrity monitoring system. It consists of monitoring agents running on individual hosts, and a central log server collecting reports from these agents via authenticated TCP/IP connections. On single hosts, it is possible to run a standalone monitoring agent. Currently, agents may monitor the integrity of files and directories, and watch for login/logout events. In addition to forwarding reports to the log server, other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. samhain has been tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Bug fix release which includes enhancments!
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | d9ed906ca9c641206d8da7958e625115650b13d904f827efaab285b62ff78ec0
iss.summary.5.9
Posted Oct 11, 2000
Site xforce.iss.net

ISS Security Alert Summary for October 10, 2000. 91 new vulnerablities were reported this month. This document has links to more information and full advisories on each. Includes: apache-rewrite-view-files, win2k-simplified-chinese-ime, xinitrc-bypass-xauthority, slashcode-default-admin-passwords, quotaadvisor-quota-bypass, hinet-ipphone-get-bo, netscape-ie-password-dos, traceroute-heap-overflow, glibc-unset-symlink, lpr-checkremote-format-string, netscape-messaging-list-dos, palm-weak-encryption, mediaplayer-outlook-dos, unixware-scohelp-format, ie-getobject-expose-files, webplus-example-script, lprng-format-string, openview-nmm-snmp-bo, alabanza-unauthorized-access, pine-check-mail-bo, ciscosecure-tacacs-dos, suse-installed-packages-exposed, ciscosecure-csadmin-bo, ciscosecure-ldap-bypass-authentication, rbs-isp-directory-traversal, wincom-lpd-dos, webplus-reveal-path, webplus-expose-internal-ip, webplus-reveal-source-code, du-kdebugd-write-access, glint-symlink, mdaemon-url-dos, browsegate-http-dos, klogd-format-string, office-dll-execution, cisco-pix-smtp-filtering, horde-imp-sendmail-command, exchange-store-dos, doublevision-dvtermtype-bo, sambar-search-view-folder, camshot-password-bo, websphere-header-dos, win2k-telnet-ntlm-authentication, http-cgi-multihtml, hp-openview-nnm-scripts, freebsd-eject-port, webtv-udp-dos, imp-attach-file, fastream-ftp-dos, fur-get-dos, 602prolan-telnet-dos, 602prolan-smtp-dos, as400-firewall-dos, eftp-bo, eftp-newline-dos, sco-help-view-files, win2k-rpc-dos, mailform-attach-file, linux-mod-perl, pam-authentication-bo, siteminder-bypass-authentication, mailto-piped-address, winsmtp-helo-bo, yabb-file-access, linux-tmpwatch-fork-dos, muh-log-dos, documentdirect-username-bo, documentdirect-get-bo, documentdirect-user-agent-bo, interbase-query-dos, suse-apache-cgi-source-code, phpphoto-dir-traverse, apache-webdav-directory-listings, eudora-path-disclosure, phpphotoalbum-getalbum-directory-traversal, lpplus-permissions-dos, lpplus-process-perms-dos, lpplus-dccscan-file-read, xmail-long-apop-bo, xmail-long-user-bo, w2k-still-image-service, irc-trinity, wftpd-long-string-dos, wftpd-path-disclosure, iis-invald-url-dos, screen-format-string, ntmail-incomplete-http-requests, wavelink-authentication, php-file-upload, unix-locale-format-string, and aix-clear-netstat.

tags | web, overflow, cgi, udp, perl, php
systems | cisco, linux, windows, unix, freebsd, suse, aix, unixware
SHA-256 | c216ccfd7bb412d411ec6ce30d33d782e379f3b95c50042b517f1d53c6b4cbc5
Samhain File Integrity Checker
Posted Oct 6, 2000
Authored by Rainer Wichmann | Site samhain.sourceforge.net

samhain is a distributed host integrity monitoring system. It consists of monitoring agents running on individual hosts, and a central log server collecting reports from these agents via authenticated TCP/IP connections. On single hosts, it is possible to run a standalone monitoring agent. Currently, agents may monitor the integrity of files and directories, and watch for login/logout events. In addition to forwarding reports to the log server, other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. samhain has been tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Bug fix release which fixes problems with IP address caching and null characters in passwords.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 05bcb5c628550e899a35271dbf30846efc2a0a63a58ff46493819bb6fc95698c
unixware.scohelp.txt
Posted Sep 28, 2000
Authored by Ivan Arce | Site core-sdi.com

CORE SDI Security Advisory - SCO Unixware 7 default installation includes scohelp, an http server that listens on port 457/tcp and allows access to manual pages and other documentation files. The search CGI script provided for that purpose has a vulnerability that could allow any remote attacker to execute arbitrary code on the vulnerable machine with privileges of user "nobody".

tags | remote, web, arbitrary, cgi, tcp
systems | unixware
SHA-256 | f680f55bfc32747ee179bacde9f8d0a084560d975d1acee0c089638742207f41
Samhain File Integrity Checker
Posted Jul 15, 2000
Authored by Rainer Wichmann | Site samhain.sourceforge.net

samhain is a distributed host integrity monitoring system. It consists of monitoring agents running on individual hosts, and a central log server collecting reports from these agents via authenticated TCP/IP connections. On single hosts, it is possible to run a standalone monitoring agent. Currently, agents may monitor the integrity of files and directories, and watch for login/logout events. In addition to forwarding reports to the log server, other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. samhain has been tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Downloading database and configuration files from the server has been enabled, the client/server communication protocol has been revised, obsolete funtionality has been removed, the 'stealth' mode has been improved, and nested conditionals are possible now in the configuration file. An extensive manual has been added.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 53da78706a18ff4dce9b0ee37a60fe8df981b1076074833d5e55def8f98a32c2
labs43.txt
Posted Jun 2, 2000
Site ussrback.com

USSR Advisory #43 - Remote dos attack against Real Networks Real Server version 7, 7.01, and G2 1.0. Sending malformed packets to the RealServer HTTP port (default 8080) will cause the service to stop responding. Exploit URL included. Affects Windoows NT/2000, Solaris 2.x, Linux, Irix, Unixware, and FreeBSD.

tags | remote, web
systems | linux, solaris, freebsd, irix, unixware
SHA-256 | fb3235de31d91f9fe6c72377f127e585ee0a820398fcdfdb7ff9898b18eeb010
Samhain File Integrity Checker
Posted Mar 7, 2000
Authored by Rainer Wichmann | Site samhain.sourceforge.net

samhain is a distributed host integrity monitoring system. It consists of monitoring agents running on individual hosts, and a central log server collecting reports from these agents via authenticated TCP/IP connections. On single hosts, it is possible to run a standalone monitoring agent. Currently, agents may monitor the integrity of files and directories, and watch for login/logout events. In addition to forwarding reports to the log server, other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. samhain has been tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: A module to watch for login/logout events has been added, deleted files are recognized now, a race condition has been fixed, write permission to critical files is checked more strictly, logging thresholds have a more syslogish syntax, messages are queued for delivery during temporary mail delivery failures and log server downtimes, some minor bugs have been fixed, and a test script has been added for better testing. New DB format.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | c4bec6eae7b835c7924032b004d61e27b74c80010826672f9a8458c4206485d7
mi018en.htm
Posted Jan 27, 2000
Authored by Renegade Master | Site hispahack.ccc.de

Shellcode programming for SCO. All examples are taken from a SCO OpenServer 5.0.4 machine so some of them may not work under another SCO type of Unix (like unixware) although I have tried to make it as portable as possible.

tags | paper, shellcode
systems | unix, unixware
SHA-256 | 87c08b528d90150e54c5f23a73488490f89852b7c1807a80215a7bcfe1019c7f
uw-ppptalk.c
Posted Jan 22, 2000
Authored by Shane A. Macaulay

UnixWare 7 exploit for /usr/bin/ppptalk.

tags | exploit
systems | unixware
SHA-256 | 10de24aa93dd63689988d573d193dad1b34aff38e4811d4a1f12d1f1b2c411f6
fastrack.remote.txt
Posted Jan 2, 2000
Authored by Brock Tellier

A vulnerability in Netscape FastTrack 2.01a will allow any remote user to execute commands as the user running the httpd daemon (probably nobody). I've only tested the version of Netscape FastTrack that comes with SCO UnixWare 7.1, 2.01a. I'm not sure what other platforms, if any, are vulnerable. Unixware exploit included.

tags | exploit, remote
systems | unixware
SHA-256 | d75d7676e9ba884cae00eb12d442f7c46825fe70ae4746948d00b7756b541383
unixware.rtpm.txt
Posted Dec 30, 1999

Unixware 7 Vulnerability - Any local users can exploit a bug in rtpm to gain "sys" privileges.

tags | exploit, local
systems | unixware
SHA-256 | 67a0fa19005aafa9242d3fbfa9e854feb7e4cfe89d0badb133bbc369c9e2471e
unixware.pis.txt
Posted Dec 28, 1999
Authored by Brock Tellier

A vulnerability in "/usr/local/bin/pis" on SCO UnixWare will allow any user to create arbitrary files with group "sys" privileges. A full root compromise is then trivial.

tags | exploit, arbitrary, local, root
systems | unixware
SHA-256 | 6bb80262134ac8ffccd94ff0c09ebbb892bf91d48a90d119fec119e35aea2470
i2odialogd.txt
Posted Dec 24, 1999
Authored by Brock Tellier

Anyone can gain remote root access to a UnixWare 7.1 system by exploiting a vulnerability in the i2odialogd daemon. This daemon is installed and running by default.

tags | exploit, remote, root
systems | unixware
SHA-256 | 036bfe31c03c92e9bc94b4a442b735a8cb7fd6fd7607cdb68240709bed19aff3
unixware7.fundamental.txt
Posted Dec 10, 1999
Authored by Brock Tellier

A fundamental flaw in SCO UnixWare's security model will allow any user to gain root, read system files, etc. Any process that gets extra privledges from /etc/security/tcb/privs is vulnerable. Exploit included.

tags | exploit, root
systems | unixware
SHA-256 | e43f1d71568f42ead69639f27b46f790fcc45e7e0ab1b76a9ed368206e498a62
unixware.pkg.exploits.txt
Posted Dec 6, 1999
Authored by Brock Tellier

Most of UnixWare's pkg commands can be exploited to print /etc/shadow, leading to a probable root compromise. Tested on Unixware 7.1. Contains exploits for pkgtrans, pkginfo, pkginstall, pkgcat, and pkgparam.

tags | exploit, root
systems | unixware
SHA-256 | 0bda77b4bfd4fb0d530fdbb0f125b2437e75b360b862295fcd5fbc49d7944cba
Page 7 of 8
Back45678Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close