SUID Advisory #5 - DCFORMS98.CGI Advisory - Anyone can create / truncate any file owned by the web server user.
622d24605c915932cd5a7cb660b480ecd49f2adef13453625c046a4da0b01370Narrow Security Scanner 2000 searches for 297 remote vulnerabilities. Written in perl, tested on Redhat, FreeBSD, and OpenBSD, Slackware, and SuSE.
cbf5dbf759a6a030ab9ce87d2def68d57adcbc9526f9099ec608606574c2616dSpidermap is a collection of perl scripts which enable you to launch precisely tuned network scans. The goal of this project is to create an integrated suite of tools for low-impact network reconnaisance with features including custom packet rates and scan types for each network with increased efficiency by mapping multiple networks in parallel. The target users are system administrators and network security professionals seeking a non-destructive way to inventory network services and do so in a resaonable amount of time.
227c95431fe91294242b54435a1eb2cb5d29e240b010ccc7499f72d566fb108eThe best of the Linux hexeditors, with integrated assembler and disassembler.
fd0a47cda0c097fd98011e26388fb565341d0fc33f612b02b303298e6302e60eA script to parse output from the objdump binutil and write in cross refrences (read: Linux disassembler!)
4716bd3e21efb02c6725d7654ed9a02dc27fdd9dc590696bc703a118a8b48911A perl script that parses objdump's output, and cross refrences it. The major advantage over dasm: oob seperates out functions, even if the binary has been stripped.
3483e5be5c1d11a73b71c516d45a38f237d5550820661f6baf28b32854ba4533The Reverse Engineer's Assembly Producer is a GUI to dasm with some added functionality, the ability to include hexidecimal opcodes in the assembler listing.
5f09d5a74cc0a7f4617bd9e9dd9937c913f633c2c9c64d8f7253acec58b385dcThe Reverse Engineer's Query Tool is a script that will attempt to exstract as much information from a binary as possible, strings, symbols, hex dump, disassembly, etc.
a55ea388601ffaa88b28fa2393c79b09247a94d6530db7b188f7f272d0eb9433Bastille Linux aims to be the most comprehensive, flexible, and educational Security Hardening Program for Red Hat Linux 6.0/6.1. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.
c52d5c43dfe145876b42336b82f4e89038c43871d439c9c4b2327954b8a2e33fThe Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.
b863cdc56b792b66a6990e090eba0966614e3d3f7c36f85b41d358d043c46f9bCross Site Scripting Summary - Malicious HTML tags (especially scripting tags) can be embedded in client web requests.
9c3ae91b3585c42ccfc911b0c21507edb3a0aa2e02019c97dbcf50880d0da02bElectric Fence stops your program on the exact instruction that overruns (or underruns) a malloc() memory buffer. GDB will then display the source-code line that causes the bug. It works by using the virtual-memory hardware to create a red-zone at the border of each buffer - touch that, and your program stops. Catch all of those formerly impossible-to-catch overrun bugs that have been bothering you for years.
e5be3a38a0d2b71ba558eb310a2db44ea6e7c208e16d4fd907dc6ed11c46b1a7Checkpoint-1 and other firewall vulnerability - The low-down of it is fooling a firewall into opening "a TCP port of your choice" against an FTP server. Or, if you're running an evil FTP server, having it open ports against clients accessing the server.
d3c08340f210729ab1830b529790957de036e964233c20d7dcad334c181bc68aIgnite-UX bug in HP-9000 Series700/800 running release HP-UX 11.X only. Each password field in /etc/passwd should be "*" in a trusted system. This is normally handled automatically. One way for the password field to be set to a blank is to create a system image of a trusted system with Ignite-UX and not save /etc/passwd.
b11a24cc1c75ed0842663732f1a37175e911393590dd0651271d4b3a4c315e19OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
ec129084c3a579d30ddba65070b8d75a7dd74cff73650905d92704281c08cb5aOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
98bda0b01d2dafc993d98fd87638c583b4084b98cffa8ffb6538a37cb12f1ae7When an NT 4.0 workstation or backup domain controller is joined to a domain, the trust account password is set to a well-known initial value. If you are concerned about internal network security, this is not really an acceptable risk.
68323e351a6c2397613bb4b0fc46638389b1e97ca43f93e696395cce94ef330eMonty originally cobbled this together to keep the network admins he worked with from doing annoying things like keeping tftp daemons running on his Unix hosts for weeks on end. Its pretty handy for that too. May this script (grabrtrconf.sh) help make SNMP die the sad lonely death it deserves once and for all!
b10303fcc51c90a6d201075efe4f67a027ca4794f56d6e741bb7f4b814941a74This is an application to dump the contents of the LSA secrets on a machine, provided you are an Administrator. It uses the same technique as pwdump2 to bypass restrictions that Microsoft added to LsaRetrievePrivateData(), which cause the original lsadump to fail.
11b494a6f6ac8a8656a5c685d550ae53883a9d7cf65fe206745bacef5cd910a5This is a file system driver for linux, which understands the NT registry file format. With it, you can take registry files from NT, e.g., SAM, SECURITY, etc., and mount them on linux. Currently, it's read-only, though I may add read-write capability in the future.
fbd28017cf1376b3ebdb20590e0a8ad28f3e175df8176d40ca1d701f7c442aedIf you have an md5 checksumming utility on your system, you can use these scripts for a "poor man's tripwire". These do several quick checks for archiving and security purposes.
5105f0110153435688b633709392243a2b67d2f33b49e68780fa2df4ee6e043eSFS is a secure, global file system with completely decentralized control. SFS lets you access your files from anywhere and share them with anyone, anywhere. Anyone can set up an SFS server, and any user can access any server from any client. At the same time, SFS uses strong cryptography to provide security over untrusted networks. Thus, you can safely share files across administrative realms without involving administrators or certification authorities.
798cd8a703502cf681454ac0cf54df040463558e56f714bf5d6d7916b131fa50CERT FAQ on Denial of Service attacks.
aa308bbdd7a84b75ac107867e1d3be42b7e8b8e32a695161cc3c74c92478cca7Technical details of the attack on Yahoo! last week. Includes information on what kind of packets were sent, how they were affected, and how they fixed it.
6ef68ee3bb6800bd3f2021946e09a1eb30e71b8d0e1ee3b57e7c296d180467e2Microsoft has released a patch for a security vulnerability in IE. The vulnerability allows a malicious web site operator to read certain types of files on the computer of a visiting user. Microsoft FAQ on this issue here.
373220b8ad63829aaf03d782ef020e89f78437740678899327cdc39fe4ca3dc2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed