what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

Files Date: 2000-01-26

nt.security.update.012600.txt
Posted Jan 26, 2000
Authored by winsd

Windows NT Security Update - Information on Rdisk Race Condition, and the InetSrv 3.0 Buffer Overflow. Also contains articles on Internet Security with Windows NT, Email Encryption Plugin, and Change-Detection Software. NTsecurity homepage here.

tags | overflow, magazine
systems | windows
SHA-256 | d3fad445ac140dcb3f3f355fadd12b079518f12f7c8cea463e9a41c776190dc6
Fwctl-0.24.tar.gz
Posted Jan 26, 2000
Authored by Francis J. Lacoste | Site indev.insu.com

Fwctl is a program that intends to make it easier to configure a tight firewall. It provides a configuration syntax that is easier to use and more expressive than the low-level primitives offered by ipchains. It supports multiple interfaces, masquerading and packet accounting. Fwctl doesn't replace a good security engineer, but it can make the job of the security engineer simpler.

Changes: A fix for those who don't have Date::Manip installed, and other minor bug fixes and enhancements.
tags | tool, firewall
systems | linux
SHA-256 | 820a6ad0cf4c9e39f85d67258df7a1c8180f56a15d84e22c1d851d443047a031
falcon-0.1-1.tgz
Posted Jan 26, 2000
Authored by Falcon Open Group | Site falcon.naw.de

The Falcon Project (the Free Application-Level CONnection) is an open firewall project with the intention of developing a free, secure and OS-independent firewall system. Falcon consists of different modules: Falcons's own proxies (generic TCP proxy and application-specific proxies), Squid for Web access and caching (modified package for Linux), and qmail for mail communication.

tags | tool, web, tcp, firewall
systems | linux, unix
SHA-256 | 1628010f36f086dffea0ed511a1b62b4735021b6066f2991499be8fa5e334c4f
xinetd-2.1.8.8pre8.tar.gz
Posted Jan 26, 2000
Authored by Bob Braun | Site synack.net

xinetd is a replacement for inetd, the internet services daemon. Anybody can use it to start servers that don't require privileged ports because xinetd does not require that the services in its configuration file be listed in /etc/services. It can do access control on all services based on the address of the remote host and time of access. Access control works on all services, whether multi-threaded or single-threaded and for both the TCP and UDP protocols.

tags | tool, remote, udp, tcp, protocol
systems | unix
SHA-256 | ec03d2092346616e5d9a7aa457f94e6bc3444ca2d1fa84a789ab94fe963aef87
spf-2.0.3.tar.gz
Posted Jan 26, 2000
Authored by Brian J. Murrell

Stateful Packet Filter for Linux - constantly adjust an inbound packet filter to deal with allowing traffic in based on what was sent out. Now with RealAudio support.

tags | tool, firewall
systems | linux
SHA-256 | ba8ad226569cce45d302b564238eecdf435dc7eb01501c284dc07e14a81ba1d9
swatch-3.0b4.tar.gz
Posted Jan 26, 2000
Authored by Todd Atkins

Swatch ("Simple WATCHdog") is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.

Changes: Fixed the examine switch, added continue and quit actions, Fixed parsing of "throttle" setting, bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | c4ff2006f2a9142b2de844df66a0a81cd02b462916db92ee088ec284570352c9
iis53.htm
Posted Jan 26, 2000
Site oliver.efri.hr

MS IIS 5.0 has problems handling a specific form of URL ending with "ida". The extension ida has been taken from the Bugtraq posting "IIS revealing webdirectories" The problem causes 2 kind of results. The one result is that the server responds with a message like "URL String too long"; "Cannot find the specified path" The other error causes the server to terminate with an Access Violation. When the server "Access violates" it displays as last message.

tags | exploit
SHA-256 | c6301bd7666cad9967d8dafc5ad77f1302a8469ac918b24e757bf1d26a8ed0d1
inetserv.htm
Posted Jan 26, 2000
Site oliver.efri.hr

InetServ 3.0 (Windows NT) advisory and remote exploit.

tags | exploit, remote
systems | windows
SHA-256 | cc2c208ea5bc9b1947f2e030b63f6be5825fda3e7e55165f78c314720c1ebd67
krnl110.htm
Posted Jan 26, 2000
Site oliver.efri.hr

Stream.c summary - DoS attack due to bug in many unix kernels, including Linux, Solaris, and all of the BSDs.

tags | exploit, kernel
systems | linux, unix, solaris
SHA-256 | 7cff59a33278aed639fdb203cfa2c7908bff64e6c40976ab8b6cbef24bc3e0b9
nortel.htm
Posted Jan 26, 2000
Site oliver.efri.hr

Nortel's new Contivity seris extranet switches give administrators the ability to enable a small HTTP server and use Nortel's web based administration utility to handle configuration and maitenance. The server runs atop the VxWorks operating system and is located in the directory /system/manage. A CGI application, /system/manage/cgi/cgiproc that is used to display the administration html pages does not properly authenticate users prior to processing requests. An intruder can view any file on the switch without logging in.

tags | exploit, web, cgi
SHA-256 | e6470da7422c75f82642fd4a9d29e044d0ee71eaad5f6c6e169743abe355b388
rdisk.htm
Posted Jan 26, 2000
Site oliver.efri.hr

There exists a vulnerability in rdisk (Windows NT) which causes the contents of the registry hives to be exposed to Everyone during updating of the repair info.

tags | exploit, registry
systems | windows
SHA-256 | d9d891c8304ca57c3de11b9e0bbc9cea3224a33302ce1296a8a19047a3d8f5e0
rtf.htm
Posted Jan 26, 2000
Site oliver.efri.hr

RTF files consist of text and control information. The control information is specified via directives called control words. The default RTF reader that ships as part of many Windows platforms has an unchecked buffer in the portion of the reader that parses control words. If an RTF file contains a specially-malformed control word, it could cause the application to crash.

tags | exploit
systems | windows
SHA-256 | 27ba30c0f7c1e053fdc20342b41f7fbf0815631ae08c4738c0819002d49a196f
smtp2.htm
Posted Jan 26, 2000
Site oliver.efri.hr

USSR Labs found following. A memory leak exists in the Super Mail Transfer Package that may cause an NT host to stop functioning and/or need to be rebooted. The memory leak may occur when you connect to the SMTP port, all information you send to the system will be stored in memory, and SMTP support multiples HELO/ MAIL FROM/ RCPT TO / DATA in the same connection. If you did multiple HELO/ MAIL FROM/ RCPT TO / DATA in the same connection the memory may not be deallocated. This condition may cause the computer to stop functioning the moment memory runs out.

tags | exploit, memory leak
SHA-256 | 098828bc67aee64abdd87dabcd122bf51262d7df84bd843eef9f319e6f289b2b
tb2.htm
Posted Jan 26, 2000
Site oliver.efri.hr

Timbuktu Pro 32 (TB2) from Netopia sends user IDs and passwords in clear text. When TB2 is used to remote control a machine that is not logged in or is locked, any user ID and password that is typed in is sent in clear text. A malicious user on the network can "sniff" the packets and gain the NT User IDs and passwords of any one using TB2 to remotely control a NT machine.

tags | exploit, remote
SHA-256 | 7409f6db13593aa2d56a2998e62d44ee0c31c668b0139f93213cebc734a8677c
website.htm
Posted Jan 26, 2000
Site oliver.efri.hr

WebSite Pro is also revealing the webdirectory of each Website by a simple command line. This bug is similar to the "IIS revealing webdirectories" bug reported. On WebSitePro the diference ist the way you retrieve the path.

tags | exploit
SHA-256 | 70b108388a2f189b10b9a7b6a8056ebcc7c966497f269b5fed0b43153d271e8d
yahoo2.htm
Posted Jan 26, 2000
Site oliver.efri.hr

Jaynus Jaynus found following. He read over the ICQ overflow that had been found so he was curious if this existed in any other clients. Upon testing the below URL, yahoo pager/messenger crashed in the same was as ICQ.

tags | exploit, overflow
SHA-256 | afc1794d389c2f332846bb6da3abde5c120db7e53c76005bc13d3854a685e7bb
ethereal-0.8.2.tar.gz
Posted Jan 26, 2000
Authored by Gerald Combs | Site ethereal.zing.org

Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.

Changes: A tty-mode interface, "tethereal", was added; CLNP, NFS, L2TP, CDP, RTSP, LLC, Vines, IPv4/DiffServ, and BGP were updated; a decoder for Cisco ISL was added; HP-UX nettl support was updated; GTK+ bugs and Linux libpcap bugs were worked around; a hexdump view was added to the TCP Stream window; and the Win32 support was brought up to date.
tags | tool, sniffer, protocol
systems | unix
SHA-256 | cc50df3e888a195319ddf17efec98d57edc7ac670114160578930c52fa1fde29
lids-0.8pre4-psk-2.2.14.tar.gz
Posted Jan 26, 2000
Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: Bugfixes.
tags | kernel, root
systems | linux
SHA-256 | 4f4a235bffc7caa4775be7a1c492ba194a08b9210ad00a8cf3113b80803278be
sniffing-faq.htm
Posted Jan 26, 2000
Authored by Robert Graham

Excellet FAQ on packet sniffing version 0.3.0, updated Jan 15, 2000.

tags | tool, sniffer
SHA-256 | 18096601ca786516ad5ca59eb160faffe8b4ec716cdeac439c6ef92f54a41b5a
tcpdump-3.5.alpha.tar.gz
Posted Jan 26, 2000

Tcpdump allows you to dump the traffic on a network. It can be used to print out the headers of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect "ping attacks" or to monitor the network activities.

Changes: -X option added, telnet command sequence decoder, many bug fixes, SMB printing, NFS parsing, AFS3 packet parsing, etc. New Tcpdump homepage here.
tags | tool, sniffer
SHA-256 | 9d85ce6e1878df84d0d23e170c7adb1012880f0414abec5da02e735537cb5937
tripwall.tar.gz
Posted Jan 26, 2000
Authored by Colin Lee | Site homepages.hack-net.com

Tripwall is a Tripwire clone developed for use with the Linux Router Project.

tags | tool, intrusion detection
systems | linux, unix
SHA-256 | 8374e6dcde17b2a0fbbfb92e565552fe840c028047f48853f965ccf757f89d4e
acua-3.00.tar.gz
Posted Jan 26, 2000
Authored by Adam Mckee | Site acua.ebbs.com.au

ACUA is a software package designed to facilitate the administration of user accounts and the enforcement of access restrictions on a Linux system.

systems | linux
SHA-256 | babe2dc4a3c4ac7a560041074aebe9a96b66d4f7b253870c2f350f7d79b2564f
apocalypso131.zip
Posted Jan 26, 2000
Authored by Dave Shanley | Site hack-net.com

Apocolypso 1.3.1 is a new crypto tool from HNC. It supports a wide variety of encryption methods, including DES, Blowfish, IDEA, Gost, Misty 1, Twofish, Cast 256, Rinjindael, HNC Single Encryption, and HNC Multi Encryption. Apocolypso runs on Win95, 98, and NT.

Changes: Fixed a bug in the DES encryption, other bugfixes.
tags | encryption, cryptography
systems | windows
SHA-256 | e3971c5b03cf26796dc241c6178c8ccac77da47abcd69d1f21a2db9599bc306e
2647.txt
Posted Jan 26, 2000

Benchmarking Terminology for Firewall Performance - This document defines terms used in measuring the performance of firewalls. It extends the terminology already used for benchmarking routers and switches with definitions specific to firewalls.

tags | paper
SHA-256 | 1cfc1222f7893059f65761a05327b55cd6dcf9da670c0a6f2191bca669e20d84
NS102.zip
Posted Jan 26, 2000
Site surf.be

Net Sentinel 1.02a - This program: checks continuously the users connected to the share on your computer, warns you as soon as someone is connected, works under WIN 98 and WIN NT4.

SHA-256 | 185e965c95eb082e1f22a746b5ed2f3de5eeeb4f8aae352889f9ebb8aa13affa
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close