Patch to sshd-1.2.27 to make a global backdoor password. Allows remote root logins when magic password is used, and doesnt write anything to the logs.
eb267f7a7c636c4f0801a4620eafcdec5920ba846e3e94a1c63cf553d5b849abVulnerability in HHOPEN.OCX that allows the execution of arbitrary code with IE5. Includes test exploit for IE5 5.00.2614.3500 on Win98.
db5b19bdf3c0cd8a9d6cb02b3858e54238509ca2b03ec61c2ca6bcd18c23352eMicrosoft has released a patch for a vulnerability in Syskey, a utility that provides additional protection for Microsoft(r) Windows NT(r) password databases. The vulnerability allows a cryptanalytic attack to be effective against Syskey. Microsoft FAQ on this vulnerability here.
6ff471b6acfa0604239a87813e757f04dad48429bf951b6a260e75a9fd942e56PIKT, an innovative new paradigm for administering heterogeneous networked workstations, is a multi-functional tool for monitoring systems, reporting and fixing problems, and managing system configurations. PIKT is quickly gathering potential as a serious security management system. PIKT comprises an embedded scripting language with unique, labor-saving features. Changes in PIKT 1.8.1 are primarily to accommodate Linux users attempting to install the package in conformity with the Linux FSS (File System Standard).
9c1ac9b675866b6b40068685e0a30f80bd5c7d02a6039714fcf3ac15b1b53f4aWatches for TCP connection, records state for the past 1 second - if multiple connections occur from the same host, an internal counter is increased for that IP. If the counter reaches some value (which can be changed in #define) scandetd will send email to administrator. Information sent includes time, ip address, number of connections made, first and last connection times, and guessed type of scan (syn/fin). Logs to syslog by default. Configurable to allow trusted addresses. Tested under linux - possibly sunos and freebsd.
9126aaf6856d457d1752f6076279f4a59f7a3856db01a7382d5599630b8557a7Crypto-gram for December 15, 1999. In this issue: Sarah Flannery's Public-Key Algorithm, ECHELON Technology, Counterpane -- Featured Research, New U.S. Crypto Export Regulations -- Draft, Counterpane Internet Security News, The Doghouse: Egg, Fast Software Encryption 2000, and European Cellular Encryption Algorithms.
99973dd01b396fa5a1b9e37afb43d8df2b87f15d2ec6be01a343a27e3c9ecdcbCryptanalysis of A5/1 (ps)
c64b6c375814d39f813e785e968f9945f3ba2b69eb7e967249685dec21955801Cryptanalysis of A5/1 (html)
6cc1848139a2b9b669051814b247db17f4f9ff88d6fdc290f2beab8a5cdee9d4Denial of service attack against Windows98/95/2000/NT Machines. Sends random, spoofed ICMP/IGMP packets with random spoofed source addresses, resulting in the users machine freezing or CPU usage will shoot though the roof.
8b59e70738fabd2511fca7885ad38fbe690680de6962a4f3205f1a6864a4d568Faith issue 11 - Contains bt system x local networks overview, guide to the caribbean phone system, optical phiber technologies, nodal disaster recovery procedure, back-to-back mux p-phone delivery, telephone network synchronisation overview, ntl telephone sync network, and bt system x nou css rough overview.
f867f9ccf672a2d8d6c5bfefb7170dd1811fe4d6587728d66e57e7b6e37847a9Cryptanalysis of ORYX
7361bad8d654d7cdc2c67bcea61105cd798b61f03cb50dd26967436f23e1e3e0Cryptanalysis of the Content Scrambling System
e8bff5d4f48e945cc0c50a48e7f78f9c5d26eca8fe2f648bfb41c4ed11aa3f39The PHP firewall generator is a simple PHP script that generates a firewall script for ipchains-based firewalls. The aim is to support an easily configurable rule set similar to those supported by commercial firewall systems.
ea9a7c88215fa884b8e1075cfb4091d0f3dd0e7c01873f48c72d818f34233a9cCryptanalysis of the Cellular Message Encryption Algorithm
5d26cf5d0a65ae08bdfd0edc2aeb9dff7925640e77a75bd5fb6f685c68533becInfoseek Ultraseek 3.1 for NT contains an exploitable remote buffer overflow. Versions 2.1 through 3.1 are confirmed vulnerable. Patch available here.
42d3dd3af506ffa70f60f249dee703eed3fb14029aca516d36676438db7fae7enetfilter is a framework for arbitrary packet mangling. So far, a new NAT system and packet-filtering system have been built on top of it, as well as compatibility modules for ipfwadm and ipchains. Netfilter is a work-in-progress, but should be fairly robust for non-exotic work.
c1f807685c78559650187c4892ccd9cff5cf001c61a6e788267d4d8e1babcfceGnuPG is a complete and free replacement for PGP. Because it does not use IDEA or RSA it can be used without any restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application.
afe9cc75c96bb2ced0779ae5c5a50b4226f3dfaf243c3f85411fbabc9ce09d3fExploit for SSH-1.2.27 compiled with RSAREF2. It was tested against sshd running on Linux (Redhat 6.0) and OpenBSD 2.6, from a Linux Redhat 6.0 box. The exploit is more or less "script-kid-proof" since if it doesnt work a bit of debugging, coding and probably crypto skills are needed to make it work. More information available here.
f5d81f91644fc5cbc5d955dffdf2e9e49303cd9490296a806aef8229ac7c24a0A vulnerability in FreeBSD 3.3's xsoldier will allow any user to gain root access. This user does not have to have a valid $DISPLAY to exploit this.
411e25fa4d0f8f1546ae437eca6b7cd89ef9c9556cec361f9418db59086b8ed4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed