Horus is a tool for "third host" or "dumbhost" scanning. It can provide very stealth-ed portscans by using another source address in the SYN-packets of the portscan. This method will be almost invisible to the target host, since no direct connection is made from your computer to the target system. Tested on Linux.
a9d3745c610339116db47b8dc13f892e8cda110fce3eb01cd5f25189b6ff8b04Securax Security Advisory #21 - Globalscape's CuteFTP, a popular FTP client, uses a weak encryption scheme, allowing plaintext login and password recovery from the address book. Includes cuteftpd.c which calculates the plaintext.
2499dd93058956bab1a6f07a873e2dc6e7a2668ba0e1e125af0103445bbc88e9Securax Security Advisory #20 - The 1st Up Mail Server version 4.1.6a and below contains a remote denial of service vulnerability. Fix available here.
c9d3d44add8e60cf5afe922404991f19df0341b12c9296a9ea83fa9b2c70ae33Securax Security Advisory #12 - Apache 1.3.14 access_log and error_log can be altered somewhat by remote users if the site administrator reads the logs with cat or tail. Includes proof of concept code kosheen.c which attempts to display false values in a remote site's access_log and error_log.
e90beb99adb94acadafbb8f08e10bfc7cc59ecc22dd244a99d29f6720dd48e59ummmm.c v2.1 is a URL obfuscation tool which converts something like /cgi-bin/some.cgi into %2f%63%67%69%2d%62%69%6e%2f%73%6f%6d%65%2e%63%67%69. It might be used in cgi scanners which require an input file with cgi requests.
4968493ed605717ad8e51ff70428152b2255e6ab112c2e87c121f76b07e16000Remote denial of service exploit for Microsoft Exchange 5.5 SP3 Internet Mail Service and Information Store. The bug is in the handling of a line containing Content="".
0c9cfdbafe736d4492e5824460e8cf1c11123d2a6f395721ed470ff9d5905c32Denial of Service attack against an Intel InBusiness eMail Station. Will send a 630 char buffer to the pop server as argument of a USER command. The little box needs to be "powered off" and -on again.
097d217d961c8d8bf396fe40cca2df3a255ed805abb39c1fe873baf76da9a46aiisex.c is a remote command execution exploit for Microsoft IIS 4.0 and 5.0, as discussed in iis-unicode.txt which attempts to provide an interactive cmd.exe shell.
4750ce76fa11a85f6f1ef97478408066fedff3d6adc705ce98126be2563f7cf6Denial of service for NetcPlus BrowseGate 2.80 for Windows NT and 2000 when you sned more than 8000 characters in a GET / http-request, causing the system to crash.
d3ef954f1000d0d320d818df9bf2c1cb98834ce4871086275220da6bfdf2fb14Arse.c brute forces valid logins from many default Apache instalations by checking if the server returns a 404 or a 403.
48cae4b5fb7bd08375804462c8c9afd4adda0e9ff8b927b1152538b6da117678
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed