what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files Date: 2000-12-15

XATO-122000-01
Posted Dec 15, 2000
Authored by Sozni | Site xato.net

Xato Security Advisory XATO-122000-01 - The majority of the command-line SMTP mailers available for Win32-based systems are vulnerable when used to send mail from a web server. The vulnerabilities found allow remote web users to read and/or write to the servers file system, retrieve files from the server's file system as mail attachments, bounce and/or spoof e-mail messages, spam, flood, mail bomb, or otherwise use a server's resources without authorization, bounce off a server to perform port scans, bounce off a server to perform brute-force attacks to POP and/or SMTP accounts, reroute all the mail through an untrusted mail server by changing mailer options, and launch dos attacks against the server or other systems. Vulnerable mailers include BatMail v1.8d, Blat v1.85h, CGIMail v2.5, CLEMAIL v1.3, Comments v1.7, FormVar v1.61, GBMail v2.02, MailForm v1.96, MailMe! v1.6, MailPost v5.1, MailSend v7.15, MailSend v3.18, NetFormDD v2.9, Postie v6, SendFile v1.0, Stalkerlab's Mailers V1.2, WindMail v3.05, WebMailer Pro v1.2, WebMailer Lite v1.2, and wSendmail v1.5.

tags | remote, web, spoof, vulnerability
systems | windows
SHA-256 | 5778b64953305f37414121c27758dc5965bc40da638cb84c38fd43be55ea05a4
rdC-LPRng.c
Posted Dec 15, 2000
Authored by venomous | Site rdcrew.com.ar

LPRng v3.6.24 and below remote root exploit for Linux/x86 which exploits the syslog() format string vulnerability. Tested against the default install of Redhat 7.0 (LPRng-3.6.24-1) and LPRng3.6.22-1 installed on Slackware 7.0.

tags | exploit, remote, x86, root
systems | linux, redhat, slackware
SHA-256 | 711ec9e53d55297ca043c724b126975613590c27a195978efaf80054e1390558
IDMEF-xml-plugin_0.1.tar.gz
Posted Dec 15, 2000
Authored by Joe McAlerney | Site silicondefense.com

Intrusion Detection Message Exchange Format (IDMEF) XML output plugin for Snort - Produces IDMEF messages in response to events triggering Snort rules. It is configured in a standard Snort configuration file, and can run concurrently with existing Snort logging output.

tags | tool, sniffer
SHA-256 | 47be696d8de817eee9d309676ddafdcad0bd15b9991cfc434abf5f7c06d62654
ipfirewall
Posted Dec 15, 2000
Authored by Magda Cien

Ipfirewall v3.1 is a script which configures a Unix firewall. Includes compatibility for ipchains, ipfw, ipfwadm, and natd. Designed for linux or BSD.

tags | tool, firewall
systems | linux, unix, bsd
SHA-256 | cf6bdbbe6a015b9b900e4aeabaee56db61c9543a9b63771c185f0f50a5e5da7a
Internet Security Systems Security Advisory December 14, 2000
Posted Dec 15, 2000
Site xforce.iss.net

WatchGuard SOHO is an appliance firewall device targeted at small to mid-sized companies that wish to connect their network to the Internet. ISS X-Force discovered the following vulnerabilities in the SOHO Firewall that may allow an attacker to compromise or deny service to the device:

tags | remote, vulnerability
SHA-256 | 8cc47b08e479f3101cc3f6ca9d94c2fd332658761e4a019a84429b4c8c47abfb
nscan07.exe
Posted Dec 15, 2000
Authored by Averk | Site nscan.hypermart.net

NScan is a very fast portscanner for Windows (up to 200 ports per second) for both hosts and large networks with numerous features: it scans not only address ranges, but also files with host lists (e.g. proxy list, domain zone or old log), writes logs at the different detail levels, has speed limits, pre-defined service sets and so on. It includes a set of additional tools: whois client, that supports automatic information recognition and fetch, has query history and other features; traceroute, that traces all the way to the host at once in one or two seconds, making route discovery tenth times faster; TCP-based DNS client that supports most of the available options, including AXFR zone transfer.

Changes: Bug fixes and updates.
tags | tcp
systems | windows
SHA-256 | 336b6d9ffde4587d851f236b75356d3c8f8df2eb7928cf02a262ba738c03f85b
StJude_LKM-0.05.tar.gz
Posted Dec 15, 2000
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for 2.2.0 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work equally well for both known and unknown exploits.

Changes: Added new response method which will execute an external command to record and deal with the intrusion. It is likely to be noted by an astute individual that this also affords the opportunity to counter-attack the attacker, using their control channel against them.
tags | remote, kernel, local, root
systems | linux
SHA-256 | 0a1f1e745c9305728343c29b50726a9384d6f9f0123caec99ec9473b156315fb
stunnel-3.9.tar.gz
Posted Dec 15, 2000
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: Fixes a security vulnerability in the syslog() function, uses an improved ssl loop to combat the 'random hang' problem of previous releases, and correctly honors client keylength requests. We strongly suggest you upgrade now.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
SHA-256 | 6e5823fa9edd49e61120e42eff0ef519263f3c773f984da6ec77d63e51a183f2
g2s-0.4.1.tar.gz
Posted Dec 15, 2000
Site jedi.claranet.fr

G2S is a smart, all-in-one frontend between client and server applications. It features portability, a robust super-server (inetd) replacement, TCP-wrappers integrated with paranoid DNS checks and support for broken or fake name servers, handy but detailed log files, support for various protocols (raw IP, ICMP, GGP, TCP, EGP, PUP, UDP, RDP), IPv6 compliance, IPv6 to IPv4 gatewaying, and support for RBL maps for automatic spam filtering.

tags | udp, tcp, protocol
systems | unix
SHA-256 | 7032acdac4351ce4a81bc1552c9d0244076982c9f5f469cbed77b3c2c5a1affd
vmail-0.5.6-devel.tar.gz
Posted Dec 15, 2000
Site virtua-web.co.uk

Vorpal Mail is an easily configurable but flexible replacement for sendmail, supporting advanced features such as virus scanning, virtual domains, etc.

tags | virus
systems | unix
SHA-256 | e5206c70485e446e7bf4a50d9973d709a5ecbd046844b46dfb8e84bc29dae99e
securecgi-1.0.tar.gz
Posted Dec 15, 2000
Site jedi.claranet.fr

The Secure CGI Library eases the development of C/C++ Web applications using the CGI interface. It's designed with security in mind and can enforce correct limits to avoid common denial-of-service attacks. It can also handle an unlimited number of variables with unlimited content size, and with very fast parsing and hashed lookups.

tags | web, cgi, library
SHA-256 | fb8afc71525fd3a7a7393057d5b7321cfb29ad3cead3d057d120b6cde64db024
unrm-0.91.tar.gz
Posted Dec 15, 2000
Authored by Octavian Popescu | Site hideout.art.ro

unrm is a small linux utility which can, under some circumstances, recover almost 99% of your erased data (similar to DOS's undelete).

Changes: This release searches through all erased data for the data, allowing for far more accurate recovery.
tags | tool
systems | linux, unix
SHA-256 | c461c5b17f93bf7b8d5f6b731db312a72037b5fd0d83072b98b17ffea9ea3af3
Openwall Linux Kernel Patch
Posted Dec 15, 2000
Authored by Solar Designer | Site openwall.com

The Secure-Linux patch adds a few security features to the kernel which, while not a complete method of protection, will stop most of the 'cookbook' buffer overflow exploits cold. It also adds the option of restricting the use of symlinks and named pipes in +t (temp) directories which fixes most tmp-race exploits as well. It can also add a little bit more privacy to the system by restricting access to parts of /proc to root so that users may not see who else is logged on or what they're doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction, and priveledged IP aliases for kernel 2.0.

Changes: Now works on kernel 2.2.18! Also includes workarounds for GNU MailMan and Courier Mail. Readme available <a href="https://www.openwall.com/linux/README"here.</a>
tags | overflow, kernel, root
systems | linux
SHA-256 | 9e7bf4bf8d704bdfa6dcc56066ed237fdc76140d9939c21863c15318242d51a6
anomy-sanitizer-1.33.tar.gz
Posted Dec 15, 2000
Authored by Bjarni R. Einarsson | Site mailtools.anomy.net

The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.

Changes: This release fixes a bug where MIME-boundaries could get corrupted under very specific conditions, thus making one or more attachments illegible.
tags | trojan, perl, javascript, virus
systems | unix
SHA-256 | 98eb2f63e572a4aa415b91b47db7527b0c11c5db548aa6a529bfb715ca5071df
lids-0.9.11-2.2.18.tar.gz
Posted Dec 15, 2000
Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: This release includes various bugfixes in lidsadm and is compatible with kernel 2.2.18.
tags | kernel, root
systems | linux
SHA-256 | 77d51a6ef53e377459d132a3d65faba0ed5c39b85e2f9439483a99a686abc0fe
CA-2000-22.lprng
Posted Dec 15, 2000
Site cert.org

CERT Advisory CA-2000-22 - Input Validation Problems in LPRng. A popular replacement software package to the BSD lpd printing service called LPRng contains at least one format string vulnerability in the syslog() function, which allows remote users with access to TCP port 515 to execute arbitrary code on vulnerable systems as root. Fix available here.

tags | remote, arbitrary, root, tcp
systems | bsd
SHA-256 | 7fc230b21bc7c073377322bd6f4f933c974648e8cc9f128acc8e460b7085da36
icqrin13.zip
Posted Dec 15, 2000
Authored by Moritz Bartl | Site headstrong.de

Icqrinfo is a Windows program which reads information (including passwords, personal information, and deleted contact list information) stored in ICQ.DAT files. ICQ Versions 99a, 99b, 2000a, and 2000b are supported.

Changes: Support for ICQ 2000b and a few bugs have been fixed. It contains a plain routine to extract contact list information to a textfile.
systems | windows
SHA-256 | 3c1bbb96928d420b7f704c1d789026a92c786f88ccbf3cf8776784146905cf01
attacker.zip
Posted Dec 15, 2000
Site members.home.com

A simple TCP port listener. You provide a list of ports to listen on and the program will notify you when a connection is made to the port(s). Can minimize to the system tray and play an audible alert. This program is intended to act as a guard dog to notify you of attempted probes to your computer via the Internet. 11/19/1998 release.

tags | tcp
SHA-256 | 3391210655a754537c5e861930e9b93630d18972107662c36c2f83492e3f923c
udpflood.zip
Posted Dec 15, 2000
Authored by Robin Keir | Site foundstone.com

UDPFlood v2.0 is a UDP packet sender. It sends out UDP packets to the specfied IP and port at a controllable rate. Packets can be made from a typed text string, a given number of random bytes or data from a file. This program was written to stress test game servers where I work. It proved to be especially useful for bullet-proofing the packet receiving code, making sure it could deal with various combinations of formatted and random data.

tags | denial of service, udp
SHA-256 | 4b7ae9a55e88c36ba84ba2aa2fa3321494b17e84ce127a199df2a3a8ef60d764
Blast20.zip
Posted Dec 15, 2000
Authored by JD Glaser | Site foundstone.com

Blast v2.0 - A small, quick TCP service stress test tool. Blast does a good amount of work very quickly and can help spot potential weaknesses in your network servers.

tags | tcp
SHA-256 | 4748961063184db9300cb0e92b5327c7001591c319c6cac0ad3f148a0474d49f
setreuid_1-255.asm
Posted Dec 15, 2000
Authored by vade79, realhalo | Site realhalo.org

Shellcode which does a setreuid before spawning a shell. Allows you to choose which UID / GID to use.

tags | shell, shellcode
systems | unix
SHA-256 | bab59cebad1397fb98c625b155e3892b60680d09a40410d2dae76cd0f4e43062
killntoe.c
Posted Dec 15, 2000
Authored by vade79, realhalo | Site realhalo.org

Nettoe v1.0.5 denial of service attack - Causes the Nettoe server to use all available CPU cycles and lock the game.

tags | exploit, denial of service
SHA-256 | 0829ddccf17a5f6cf8784776e011d370671b9df074562df981cf1b37ab918cdd
Newbie Guide To The Underground
Posted Dec 15, 2000
Authored by Ratdance

A serious newbies guide to the underground.

tags | paper
SHA-256 | 370184283306338515c762102e2da6cd29d333067479676072a56635fb416bde
sa_09.txt
Posted Dec 15, 2000
Site nsfocus.com

NSFOCUS Security Advisory (SA2000-09) - EZshopper v2.0 and v3.0 from AHG contains remote CGI vulnerabilities which allow an attacker to get directory listings and sensitive file contents. Exploit URL's included.

tags | remote, cgi, vulnerability
SHA-256 | 26cabffb2d71d094476b9be5255376ed3fa9940c9c2776dc3aa0c73a88675d8a
sa_08.txt
Posted Dec 15, 2000
Site nsfocus.com

NSFOCUS Security Advisory (SA2000-08) - Microsoft IIS for Far East Editions File Disclosure Vulnerability. Submitting a malformed URL with a non-ascii character, a different file can be opened and the contents read. Vulnerable versions include IIS 4.0 (Far East Edition) previous to SP6 and IIS 5.0 (Far East Edition). English versions are unaffected. Exploit will be released soon.

SHA-256 | 18ac62855ee1f46fc88efa8ccb402ebb65f449eb0664a5ce46786c49c83d7b5b
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close