Remote root exploit for Wu-ftpd 2.6.0 from the ports collection running on FreeBSD v3.3, 3.4 and 4.0.
b33a52130ecae7c08a7f0c4dcb7e6ef28378351b56b083cae7ad55d2438dc515This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
fcb9fbd5c09bc4255d43422c629f5ab6a44e3cbd21d8d0ff47741191605eadedWeekly Newsletter from Help Net Security Issue 22 - 17.07.2000 - Covers weekly roundups of security related events. In this issue: Excel 2000 vulnerability, Apache::ASP hole fixed, Big Brother vulnerability, Netscape administration server password disclosure, Feartech FTP browser problem, IIS vulnerabilities, Microsoft Office 2000 (Excel and PowerPoint) and in PowerPoint 97 IE Script vulnerability, Cvsweb vulnerability, Armoring linux, Armoring Solaris, Armoring NT, The US may announce new encryption rules, Introduction to PGP, New Excel bug, Kevin Mitnick allowed back online, Win95 Smash virus, NmapNT, and more.
ab6ee8fd4f90b938aa24a81a207029831725ac88b08dea86613b6e5c4ea75712SuSE Security Announcement - A security hole was discovered in the FTP server in nkitb version less than 2000.7.11-0 contains a remote root vulnerability. The standard ftp server does directly pass untrusted data from a DNS server to the setproctitle() function in a unsecure manner, allowing an attacker to modify his/her DNS record to execute abitrary machine code as root while connecting to the standard ftp daemon.
736fef8cf6af36ad331b57ed0ef2b54ea785d6ef402650a95644b54305ef2a9cDebian Security Advisory - The version of nfs-common distributed in Debian GNU/Linux 2.2 is vulnerable to a remote root compromise involving rpc.statd.
5b12e7f0218b416192ef89b0230faf8815a97e17df1ef3c4ee6d162b145fbf14GAMSoft's TelSrv 1.4/1.5 contains a remote denial of service vulnerability. If supplied with a very large login name, the service will crash.
d31d36019b70a0193ce995c7d0dfaa0d973ba38791905be7948fcc5321627aabchkrootkit V. 0.16 locally checks for signs of a rootkit. Includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux 2.0.x, 2.2.x and FreeBSD 2.2.x, 3.x and 4.0.
dce1bb35a3eae94ae776ffa1b6b40a4695555ca9c51dec2103f00d0a70dce590WipeOut v1.0 is a log cleaner which uses temporary files to remove the entry not just zeroing the entry out. All other cleaners only look for the login name and doesn't check the hostname, so it is possible to cloak the wrong user. This tool does check if the hostname is the correct one.
ede3c9c209f66b8fdbb5b4903f5fb8f97f467aaf7062dc46c018197b0e345a69Debian Security Advisory - The versions of cvsweb distributed in Debian GNU/Linux 2.1, are vulnerable to a remote shell exploit. An attacker with write access to the cvs repository can execute arbitrary code on the server, as the www-data user.
bde093ff911197907af689c349320d1215735f41782f40c7e69166fcde98e03cCrypto-gram for July 15, 2000. In this issue: Full Disclosure and the CIA, Counterpane Internet Security News, More Counterpane Internet Security News, News, Even the President Can't Choose a Good Password, The Doghouse: Intuit QuickBooks, Full Disclosure and Lockmaking, Security Risks of Unicode, Crypto-Gram Reprints, and Comments from Readers.
f64ae0592134ce4f7b1bd16733a9f0798ae00b308be2abfdfab0435e2c1b5630
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed