L0pht Security Advisory - Microsoft Office 2000 UA Control Scripting is categorized as being "safe for scripting", allowing malicious active content to execute regardless of macro virus protection settings. Scripts can be executed without users consent from any HTML page viewed with active scripting enabled, including both Internet Explorer and Outlook e-mail in their default configurations. Online demonstration of this vulnerability in action here.
07e38831f23656433eb66a5e66acce7f1054bd81c2b6772ad482436a56ee2957Freak88's Distributed Attack Suite is a windows trojan similar to wintrin00. It can connect up to 3 infected machines and start 65000 byte ICMP floods. Auto starts from the registry and copies itself to c:\windows\system.
4716af3cf6f3e44d7c95bfa6d56399b7703e912b08884c8eddff832691617583Bastille Linux aims to be the most comprehensive, flexible, and educational Security Hardening Program for Red Hat Linux 6.0/6.1/6.2. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.
52c6cf294aa9ad2c4d4a44e2867b45036845337e99d455cac7c57f1f9a4b3c93Analysis of the "mstream" distributed denial of service attack tool, based on the source code of "stream2.c", a classic point-to-point DoS attack tool. mstream is more primitive than any of the other DDoS tools.
243feec66f24ccdbce5b93711153f7ee5460dd38368a1916c04ed718db01e1b5Microsoft Linux box cover. Very chilling, frightening, and funny too.
1bc986e436715e6db9328f01347cc8326f0de23ce9447218dc4e65884d6302b2sendfile.pl is a tool which uses echo to send files to any webserver which has an unchecked open() call in a cgi script.
7c555f235208e9dcdbdb3351234decf73f56993d31d16ac5d34bf257b6e64390Websites using Allmanage Website Administration Software 2.6 with the upload ability contain an easily exploited vulnerability wich gives you full add/del/change access in the user-account directories and you can change the files in the main directory of the CGI script.
28da141276c6e2c819bc1648db253cc3e8c8bb66f3f25be3bda20c50b11dcfceWatcheador is a Windows application allows you to view ASP source code using the Index Server bug in IIS 4 & IIS 5. Written in Delphi 4.0. Comments in spanish.
0cb4c709460305fb3b8f99be10150eb2688fae9185521c51c6dbb18bf49e09datinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.
eea1d6f10ccfda130055f99bad8dc649317b7641a417aac8ffab111e7f8da154Iptables is built on top of netfilter: the new packet alteration framework for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects.
4de3dd21e105a1be9e7ad5715e9f1de7052e44c4ad7a2f4d3e0c755814431a85Silent delivery and installation of an executable on a target Windows computer is possible by combining some bugs. No client input other than opening an email or newsgroup post is neceassary, making the possibilities endless. The key component is from Georgi Guninski, the wordpad overflow. An ActiveX control does the rest. Exploit code included.
007f9308b3ece160e58c992cce562deeca8b829f5e860c221e1cc845b05f041a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
