what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

S-97-45.asc
Posted Jan 10, 2000

Subject SGI IRIX rld security vulnerability Date 30-May-97

systems | irix
MD5 | 523d2e9a9cc05ee9967ebde965bc7edc

Related Files

sadmind-howto.txt
Posted Nov 22, 2001
Authored by Cyrax | Site members.antionline.com

Explanation of how to exploit the rpc.sadmind bug on Solaris.

tags | exploit
systems | solaris
MD5 | be1ae7f11bc82103d3ad0d2ed147e147
SharesFinder.zip
Posted Apr 30, 2001
Authored by Diskiller | Site nfisher.campus.vt.edu

Share finder is a tool for System Administrators to examine what is being shared on their networks. Scans for open shares and lists contents.

MD5 | 5ef809ec617a1a2de0ec3fd1078b27f1
sses-sshauth.txt
Posted May 17, 2000
Site sses.net

A vulnerable secure shell distribution is available from the popular Zedz Consultants FTP site (formally known as replay.com). The RedHat Linux RPM ssh-1.2.27-8i.src.rpm contains a PAM patch which contains faulty logic allowing users to essentially pass through the username/password authentication step and gain shell access.

tags | exploit, shell
systems | linux, redhat
MD5 | 95b80c63f273743306ae2cf0b0b7b355
STC3.zip
Posted May 5, 2000
Authored by SnakeByte | Site KryptoCrew.de

STC 3.0 is a multipurpose tool for Windows, which does the work of 30 seperate programs. Includes a .htaccess Brute-Forcer, Anonymous FTP Scanner, List of Bios Master Passwords, tiny CD-Player *g*, CGI-Vulnerability Scanner, Country Codes List, Dictionairy Generator, DNS, DomainScannerr, File Compare (Patch Engine), FTP Brute-Force, Service Scanner, Cached ISP Passwords Retriever, Hex/bin/dex/ascii converter, HTML Grabber, IRC Channel Brute-Force, IRC_Flooder, Link-Looker, NetBios Password Cracker, Password Generator, Ping / Traceroute, Port2Service, Portflooder, Portscanner, PortCheck (checks for open Ports), Port Watcher, Screensaver Password Retriever, Anonmailer / Mailbomber, OOB Nuke, Telnet Brute-Force and Whois lookup.

tags | cgi
systems | windows
MD5 | ec404986eb565969ca36e04946f4a252
safer.000317.EXP.1.5
Posted Apr 20, 2000

S.A.F.E.R. Security Bulletin 000317.EXP.1.5 - Remote user can obtain list of directories on Netscape. Netscape Enterprise Server with 'Web Publishing' enabled can be tricked into displaying the list of directories and subdirectories, if user supplies certain 'tags'.

tags | remote, web
MD5 | 60df3f8b4459cf2b98238ef1b0d2793c
SuperKoD.zip
Posted Mar 17, 2000
Authored by Safety

IGMP windows DoS attack. Results in bluescreens and sometimes reboot. Source and windows binary included.

tags | denial of service
systems | windows
MD5 | fb32bf93be100281ee4c3b845556d91b
suse.imap.txt
Posted Mar 16, 2000

SuSE Security Advisory - A security hole was discovered in the SuSE IMAP server which allows remote attackers to receive imap administrator privilige which can be used e.g. to create or delete folders. This is unrelated to the SuSE linux distribution, which is unaffected. SuSE security site here.

tags | remote, imap
systems | linux, suse
MD5 | 612ae41493ffdd2e254ddef335fa00fe
syslog-ng-1.4.1.tar.gz
Posted Mar 13, 2000
Authored by Balazs Scheidler | Site balabit.hu

syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.

Changes: Bug fixes.
tags | system logging
systems | unix
MD5 | 89f6c02ebafdfe37eec471b2fdf64692
sara-2.1.10.tar.gz
Posted Mar 13, 2000
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.

Changes: Added yet more http vulernability testing incl infosrch, Fixed Netscape buffer overflow detection, Fixed some of the GUI interfaces, Adding SARA Search capability, and Added Napster detection.
tags | tool, cgi, scanner
systems | unix
MD5 | 0c7c601ca45fb8404f0a0bb4c8cf02cf
sharesecret-0.1.0.tar.gz
Posted Mar 11, 2000
Authored by Stefan Karrmann | Site mathematik.uni-ulm.de

Sharesecret splits a secret into parts, such that at least all of the parts are needed to reconstruct the secret. If you have fewer parts you know only the length of the secret.

tags | encryption
MD5 | 008f6e5e9469719951e075b387ae43b6
safer.000309.EXP.1.4
Posted Mar 8, 2000
Site safermag.com

S.A.F.E.R. Security Bulletin 000309.EXP.1.4 - StarOffice comes with a nice groupware server, called StarScheduler, which includes a web server that is vulnerable to several security problems, leading to remote code exection and root access.

tags | remote, web, root
MD5 | 7638b30db584cbbd94e068974d39ef42
saint-2.0.beta2.tar.gz
Posted Mar 8, 2000
Site wwdsi.com

SAINT is the Security Administrator's Integrated Network Tool. It gathers as much information about remote hosts and networks as possible by examining all network services and potential security flaws. The collected data can then be analyzed using a simple rules-based system (or via other included interfaces). In Exploratory Mode, SAINT will examine the avenues of trust and dependency and iterate further data collection runs over secondary hosts.

tags | tool, remote, scanner
systems | unix
MD5 | 900fd265583eaf17ede071b915c32caa
Samhain File Integrity Checker
Posted Mar 7, 2000
Authored by Rainer Wichmann | Site samhain.sourceforge.net

samhain is a distributed host integrity monitoring system. It consists of monitoring agents running on individual hosts, and a central log server collecting reports from these agents via authenticated TCP/IP connections. On single hosts, it is possible to run a standalone monitoring agent. Currently, agents may monitor the integrity of files and directories, and watch for login/logout events. In addition to forwarding reports to the log server, other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. samhain has been tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: A module to watch for login/logout events has been added, deleted files are recognized now, a race condition has been fixed, write permission to critical files is checked more strictly, logging thresholds have a more syslogish syntax, messages are queued for delivery during temporary mail delivery failures and log server downtimes, some minor bugs have been fixed, and a test script has been added for better testing. New DB format.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 1524c12ed5477418ce36fb6f8f3f3b3b
SCX-SA-01.txt
Posted Mar 6, 2000

Securax Advisory - Many windows applications can be made to blue screen upon parsing special crafted path-strings refering to device drivers.

tags | exploit
systems | windows
MD5 | 92be8f0f7a56c7af4cd6e57cb818c1c5
stjude-0.4.tgz
Posted Mar 6, 2000
Authored by Tim Lawless

StJude is an attempt to monitor the flow of privilege in my Solaris boxes. It tries to detect privilege violations or improper transitions (ie stack smashing, or other local root exploits) by watching audit trails.

tags | tool, local, root, intrusion detection
systems | unix, solaris
MD5 | b416a0164c195804d20a79668d919373
sXe.c
Posted Mar 4, 2000
Authored by l-n1nja | Site hack.co.za

sXe sends IGMP packets, denying service to windows machines. If you can figure out how to use this, you can create quite an effective attack from even a 14kbs modem.

tags | exploit
systems | windows
MD5 | bb83e80359ad9e3003efa5ae30eae779
syslog-ng-1.4.0.tar.gz
Posted Mar 4, 2000
Authored by Balazs Scheidler | Site balabit.hu

syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.

Changes: Important new feature - macro expansion in destination filenames. Also contains stability and portability enhancements, and lots of code cleanup.
tags | system logging
systems | unix
MD5 | 5245d975a4ef394c1d1af75a7b6334f6
srp-1.5.1.tar.gz
Posted Mar 4, 2000
Authored by Tom Wu | Site srp.stanford.edu

Secure Remote Password (SRP) is a password-based authentication and key exchange mechanism where no information about the password is leaked during the authentication process. It does not require any public key infrastructure, and uses two DH keypairs so if one were to eavesdrop on the authentication process no information which would aid in guessing the password can be obtained. There are some modified telnet and ftp clients and servers available for use with SRP already.

Changes: OpenBSD support, a new license, integrity-protected encryption, and bugfixes.
tags | remote, encryption
MD5 | 2e1771d5930e7594a04b03f3dfc6ab02
set22.zip
Posted Mar 4, 2000
Authored by Paseante, set | Site thepentagon.com

Saqueadores Edicion Tecnica Issue #22 (En Espanol). Featuring everything about GPS&GLONASS, Random Numbers how's and why's, Electronics (lots of), Linux Kernel Modules Games, MacroVision Anti-Tapping and V-Chip, Cisco Routers on X.25 networks and more.

tags | kernel, magazine
systems | cisco, linux
MD5 | b809ce5cbba67c655635e3376074ded4
sps3.c
Posted Mar 4, 2000
Authored by Chopsui-cide | Site midgets.box.sk

sps3.c - Spaghetti Proxy Server 3.0 DoS attack. It does not appear as though arbitrary code could be execute using this vulnerability.

tags | exploit, arbitrary
MD5 | 9e650d8949757a5298f8ab4dc6401c87
slipwire-1.4.tar.gz
Posted Mar 3, 2000
Authored by James Quinby | Site packet.node.to

slipwire.pl is a filesystem integrity checker. It compares the SHA-1 hashes of files to an initial state and alerts the user of any changes. slipwire also records extensive file information such as inode number, last-modified date, filesize, uid, gid, etc, and can also report changes in any of these.

Changes: SHA hash of file database is returned when database is created, Quiet output by default, md5's are in the readme.
tags | tool, intrusion detection
systems | unix
MD5 | 965d2d8171e3843a53c78095269ad3ca
sara-2.1.9.tar.gz
Posted Mar 3, 2000
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.

Changes: Added the trojan_trinoo DDOS test, Added test for the sgi_fam buffer overflow vulnerability, Fixed false alarms from Web cache manager, Updated snmp reporting, and Added support for hpux 11.x.
tags | tool, cgi, scanner
systems | unix
MD5 | 90118276af80170f3848b9771d9f47e0
ssh-2.1.0.public.beta.1.tar.gz
Posted Mar 2, 2000

SSH (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications over insecure channels. It is intended as a replacement for rlogin, rsh, rcp, and rdist.

Changes: Many bugfixes, incompatibility fixes, and a rewritten scp2 / sftp2 for more functionality and stability.
tags | remote, shell, encryption
MD5 | c8056a94ba148e8ce2ea852e3045accf
sara-2.1.8a.tar.gz
Posted Mar 2, 2000
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.

Changes: Windows Trinoo detection.
tags | tool, cgi, scanner
systems | unix
MD5 | 76cf262b5dd0cbff6a919540479f5cb1
setxconf.sh
Posted Mar 1, 2000
Authored by Suid

Corel xconf utils local root (among others) vulnerability.

tags | exploit, local, root
MD5 | f3b81e9a67040c751a67efa7180e7894
Page 1 of 4
Back1234Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    13 Files
  • 30
    Oct 30th
    8 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close