exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Snort 2.9.7.0-WIN32 DLL Hijacking
Posted Sep 30, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Snort version 2.9.7.0-WIN32 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2016-1417
SHA-256 | 99e8267b21959831c715ef5fa474d44025b8ef4dced326af53c493d96ca68d98

Related Files

Snort 2 DCE/RPC Preprocessor Buffer Overflow
Posted Apr 10, 2012
Authored by Neel Mehta | Site metasploit.com

This Metasploit module allows remote attackers to execute arbitrary code by exploiting the Snort service via crafted SMB traffic. The vulnerability is due to a boundary error within the DCE/RPC preprocessor when reassembling SMB Write AndX requests, which may result a stack-based buffer overflow with a specially crafted packet sent on a network that is monitored by Snort. Vulnerable versions include Snort 2.6.1, 2.7 Beta 1 and SourceFire IDS 4.1, 4.5 and 4.6. Any host on the Snort network may be used as the remote host. The remote host does not need to be running the SMB service for the exploit to be successful.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2006-5276, OSVDB-67988
SHA-256 | 4831463187a96ae8a63ec6bde91a0cbca65b38578ad54e60da0525ce6c81e52a
Snort IDS 2.9.2
Posted Dec 15, 2011
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Various new additions and modifications.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 04d375b627dd256d6257f2cbe5a770e4552e3f35d5e2100b97f75426b600d8cb
Snort 2.8.5 IPv6 Remote Denial Of Service
Posted Oct 23, 2009
Authored by laurent gaffie

Snort versions 2.8.5 and below suffer from an IPv6 related remote denial of service vulnerability.

tags | exploit, remote, denial of service
SHA-256 | fd81c9b1d14a60efa89b76dcfcfe0341d942a1d56a015464c5556527962cc83a
Snort 2.8.x Alert Evasion / Corruption
Posted Sep 21, 2009
Authored by Pablo Rincon Crespo | Site pablo-secdev.blogspot.com

Snort versions 2.8.1 through 2.8.5-beta suffer from an IDS logging alert evasion, logfile corruption, and alert falsification vulnerabilities. Proof of concept included. Further information available at the homepage.

tags | exploit, vulnerability, proof of concept
SHA-256 | 47a83df144ade672eb345a1ceb0cbb347d0fb205e3fa044a51a974fbb775da4a
SNORT - First Line Of Defense For Web Application Attacks
Posted Jan 22, 2009
Authored by SECInfy Team

SNORT is the most widely used open source IDS to date. SNORT has introduced inline mode which can be used to drop packets. Using inline mode, SNORT can be used as firewall as well. This paper outlines how to write common SNORT rules to protect against common web application attacks.

tags | paper, web
SHA-256 | d603d7cd574e3847201f6539864090cf47b67e46dbdcd2a8dafbe7a0b3cb0807
snort-2.8.0.1.tar.gz
Posted Dec 4, 2007
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Various new additions and modifications.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 4fa74fdbfe677362b0fef226026e7f110d7de856baaad21b5fe3ebd0f627b112
snort-2.6.1.5.tar.gz
Posted Jun 30, 2007
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Various new additions and modifications.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 968be2cbca7033b06180283f58ed7b311b9f840d9ea9ef09927d72b92397e8f9
snort-2.7.0.RC2.tar.gz
Posted Jun 30, 2007
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Target-based stream reassembly, UDP session tracking, and more.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 648f66f16d34f099dc3e6d05b7678e1a88dc385e4f5c2acfc61124b56c0a53b4
snort-dos.txt
Posted Mar 9, 2007
Authored by Antimatt3r

Snort versions 2.6.1.1, 2.6.1.2, and 2.7.0 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 64c07aec5e8b5052f034febd2b9696cf0e4590dcd7684d523ffe6b812079b68f
snort-py.txt
Posted Feb 24, 2007
Authored by Trirat Puttaraksa

Snort version 2.6.1 DCE/RPC Preprocessor remote buffer overflow denial of service exploit.

tags | exploit, remote, denial of service, overflow
advisories | CVE-2006-5276
SHA-256 | da1bc87a6c602c32578a4597492e36d27fd77a4063f944c9e22bf11fdc35da81
snort-2.6.1.3.tar.gz
Posted Feb 20, 2007
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Fixes a remotely exploitable vulnerability in the DCE/RPC preprocessor.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 8cc112d6e0a55b0a7e0802428abbd1b7815e0d01a1240c84a726ecc563629a79
snort-preprocessor.txt
Posted Feb 20, 2007
Site snort.org

Sourcefire has learned of a remotely exploitable vulnerability in the Snort DCE/RPC preprocessor. This preprocessor is vulnerable to a stack-based buffer overflow that could potentially allow attackers to execute code with the same privileges as the Snort binary. Sourcefire has prepared updates for Snort open-source software to address this issue. Snort Versions affected include Snort 2.6.1, 2.6.1.1, and 2.6.1.2 and Snort 2.7.0 beta 1.

tags | advisory, overflow
advisories | CVE-2006-5276
SHA-256 | fef4c3ca73f6930bc8ba37134b82478ff1597215d11e0f89b9720b92fc811722
snort-2.6.1.2.tar.gz
Posted Dec 21, 2006
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Snort v2.6.1.2 includes improvements to the DCE/RPC and FTP Telnet preprocessors and addresses an issue with tagged packets.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | ca8bf1b1aa2fe23c9e8f8cb23482da123aac4b5842950b3cc2a40ba13da96b51
snort-covert.txt
Posted Dec 6, 2006
Authored by fryxar

Snort patch based on the "tcpstatflow" tool and written to be compiled with snort-2.6.1.1 using the stream4 preprocessor. It is designed to detect traffic that is not HTTP / HTTPS / FTP / SMTP, with a reasonable margin of error.

tags | tool, web, sniffer
SHA-256 | 3e7d1c6ba3cd8817eff4ec346d0ef9b08d438b4e3d0085d7760509a1fd878e23
snort-2.6.1.1.tar.gz
Posted Nov 27, 2006
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Fixed problem with snort using high CPU and potentially reprocessing the same TCP reassembled packets at session end or TCP ACK of only part of a packet.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 01e21432ec5a60a3965ce3e3ebf9cdb4125c9dd5d218da22688857a6357e2a94
snort-2.6.1.tar.gz
Posted Nov 17, 2006
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: New pattern matcher with a significantly reduced memory footprint. Introduction of stream5 for experimental use. Improvements to stream4, including UDP session tracking and optimizations for the reassembly buffer. Handling for reassembly of SMB fragmented data in DCE/RPC. An ssh preprocessor for experimental use. Updated Snort decoder that can decode GRE encapsulated packets. Output plugin to allow Snort to configure Aruba access control. Bug fixes and performance improvements.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | d99fd31236c5036109779afce9f73710297fce17775b61cfa2c79ed10a70a7d8
Snort Advisory 2006-09-27
Posted Oct 4, 2006
Authored by Sourcefire | Site snort.org

Sourcefire is aware of an issue in Snort that can produce segmentation faults in certain circumstances. This issue occurs when Snort is handling a large number of sessions and the configuration item cache_clean_percent is set to anything other than 0.

tags | advisory
SHA-256 | 99672946ed3f21bcfab386a0aa7e31ff8a9b96c86b09c60c83b2b34931585524
snort-2.6.0.2.tar.gz
Posted Sep 16, 2006
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Added a DNS preprocessor and protocol decoder. This DNS preprocessor addresses vulnerabilities in Microsoft Windows DNS resolution identified in MS06-041.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 07bd7ac7b645d1380ace65b33c064ed58d9dc21bd736b1f76bc575dc22e1a5e2
snort-2.6.0.1.tar.gz
Posted Aug 28, 2006
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Added new changes to allow configurable dropping of decoder alerts in inline mode. Added updates to the Oracle database plugin to handle large data blobs and graceful disconnection.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 114e0f06692d6701f8d9d7ed82645910f790aa2f0ff3312752e00850dc1aa91d
snort-2.6.0.tar.gz
Posted Jun 12, 2006
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Fixed the HTTP evasion flaw. Moved to new versioning system.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 0acbfedf728df3d63ed075a56259b81ab5e26099051ceb5808e0c87329fe588d
snort-2.4.5.tar.gz
Posted Jun 12, 2006
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Fixed the HTTP evasion flaw.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 84eb84da542d23e9f1c29b8eb319614c509fb19a745f1fa2a88d07c740645184
snort-2.4.4.tar.gz
Posted Mar 9, 2006
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: The Snort 2.4.4 release fixes an issue where under certain conditions the frag3 preprocessor will not properly refragment stream data. Improvements have also been made to stream4 and a fix for Snort in inline mode was added. Numerous other improvements are detailed in the changelog for this release.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | b9f3e21467a5f6dd827ddb80dc9ac29ea272e4a5633a6a8a583f523a219e00e9
snort_bo_overflow_win32.pm.txt
Posted Nov 2, 2005
Authored by Trirat Puttaraksa

Remote Snort Back Orifice preprocessor overflow Metasploit exploit for Win32 targets. Exploits Snort versions 2.4.0 through 2.4.2. Tested against Snort 2.4.2 Binary with Windows XP Professional SP1/SP2, Windows Server 2003 SP1, Windows Server 2000 SP0, and Windows 2000 Professional SP0.

tags | exploit, remote, overflow
systems | windows
SHA-256 | eae99138b91426ab5eb58667181b07b717710bab0115262472624f15edd0aba7
snort-2.4.3.tar.gz
Posted Oct 19, 2005
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Fixed a remotely exploitable buffer overflow vulnerability in the Back Orifice preprocessor.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 4f3aa911234a9fc4beb5ba9b0fe88f1e3af0fcbfe84d4448415f049b9791bc65
snort-2.4.2.tar.gz
Posted Oct 3, 2005
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Fixed a crash bug with -T and default logging setup. Corrected Win32 directory setup for new WinPCAP.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
SHA-256 | 016f2b4dce0a202bece2d2eab0db77397ef3241c6c558b9c4122a26836dcb2ae
Page 1 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    35 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close