exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2001-01-25

safer.010123.EXP.1.10
Posted Jan 25, 2001
Authored by Vanja Hrustic, Fyodor Yarochkin, Thomas Dullien, Emmanuel Gadaix | Site safermag.com

S.A.F.E.R. Security Bulletin 010124.EXP.1.11 - A remotely exploitable buffer overflow has been found in the Lotus Domino SMTP Server on all versions up to and including v5.05 which allows a remote attacker to execute code with the privileges that the SMTP server is running as. Perl exploit code included. Fix available here.

tags | remote, overflow, perl
SHA-256 | e31bff4434d6413796577845681d26eb776527907f1c66eaef50e9daf1f86b9c
xscreensaver-3.27.tar.gz
Posted Jan 25, 2001
Authored by Jamie Zawinski | Site jwz.org

XScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. It is also more stable than xlock.

Changes: This release adds the new hacks "zoom" and "whirlwindwarp", GL improvements, bug fixes, and more.
tags | root
systems | unix
SHA-256 | ba2078017e6d6f38d974728dc241de75ccd242b114dcfc6d1781f53c12f8cf50
nessus-1.0.7.tar.gz
Posted Jan 25, 2001
Authored by Renaud Deraison | Site nessus.org

Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 531 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available here.

Changes: Bug fixes and additional options have been added. Http virtual hosts can now be tested, detached scans can now be stopped from the client, and XML support has been improved.
tags | tool, remote, scanner
systems | linux, windows, unix, solaris, bsd
SHA-256 | 61c6d45e1c8b933d29c7dbae5715c8763d2fce69c63e640b7d8e23371672a85a
ramenfind.v0.2.gz
Posted Jan 25, 2001
Site sans.org

Ramen worm local detection tool. Still in beta.

tags | worm, denial of service, local
SHA-256 | 2007b10e2daa210941ac3eb39c5d0a26bb0cd5d8a08d8e284cf209ff5a7b36eb
debian.sash.txt
Posted Jan 25, 2001
Site debian.org

Debian Security Advisory DSA-015-1 - Versions of sash prior to 3.4-4 did not clone /etc/shadow properly which lead into readable files for anybody.

systems | linux, debian
SHA-256 | 4a91fe87514f32378d3d56bc970cc2f666c5b4964833bfb0ee1cb8b95a928053
spitvt.c
Posted Jan 25, 2001
Authored by Michel MaXX Kaempf

SplitVT v1.6.4 and below local format string exploit which overflows the -rcfile command line flag. Tested on Slackware 7.1, Debian 2.2.

tags | exploit, overflow, local
systems | linux, slackware, debian
SHA-256 | f299f70b6ffdcec9e13edbdd986f8b689e08c195f243c6b64ba16a42b7184eea
debian.mysql.txt
Posted Jan 25, 2001
Site debian.org

Debian Security Advisory DSA-013-1 - A buffer overflow has been discovered in the Mysql server v3.22.32 which allows remote attackers to gain mysqld privileges.

tags | remote, overflow
systems | linux, debian
SHA-256 | dc755d42d48bf8868b36524579148fe22f5615172608a9f7252f421744e41965
zorp-0.7.13.tar.gz
Posted Jan 25, 2001
Authored by Balazs Scheidler | Site balabit.hu

Zorp is a new-generation modular proxy firewall suite to fine tune proxy decisions with its built in script language, fully analyze complex protocols (like SSH with several forwarded TCP connections), and utilize out of band authentication techniques (unlike common practices where proxy authentication had to be hacked into the protocol).

Changes: Bug fixes and experimental support for security-related IP options.
tags | tool, tcp, firewall, protocol
systems | unix
SHA-256 | ac56034dcc9fde448c326fa9ff3019d557014ea6c0163a7f9572b678f906e650
debian.micq.txt
Posted Jan 25, 2001
Site debian.org

Debian Security Advisory DSA-012-1 - A remotely exploitable buffer overflow has been found in micq v0.4.6.

tags | overflow
systems | linux, debian
SHA-256 | 43116528780cb2ff1a68c96a70f84329c920d104a7163cb089feae26186a63ac
fwipe-0.25.tar.gz
Posted Jan 25, 2001
Authored by Len Budney | Site pobox.com

fwipe overwrites your file a specified number of times (default: 5) and then deletes it. It is extremely secure; it will not be confused by filenames containing special characters, and is suitable for use against law enforcement.

Changes: This release was overwriting with zeros but not ones, now uses unbuffered writes reducing CPU consumption, and overall performs the same since I/O is the limiting resource.
systems | unix
SHA-256 | e02b0dbbc54c63f8e142b659e4823a24664ccfd8fea6c5d8bd283ccf4772fa96
bfbtester-2.0.tar.gz
Posted Jan 25, 2001
Authored by Mike Heffner | Site bfbtester.sourceforge.net

BFBTester is a utility for doing quick, proactive security checks of binary programs by performing checks of single and multiple argument command line overflows and environment variable overflows. It will also watch for tempfile creation activity to alert the user of any programs using unsafe tempfile names. While BFBTester can not test all overflows in software, it is useful for detecting initial mistakes that can red flag dangerous software. Tested on FreeBSD and Solaris.

Changes: New major rewrite of bfbtester! New features include the ability to watch created tempfiles, a new syntax for specifying binaries, and support for Solaris and Linux platforms. Also many bugfixes have been included.
tags | tool, overflow
systems | unix, solaris, freebsd
SHA-256 | a9e0e36682febbe97483e245092ec15a5879aca8f0d04dd113f8fa2f5e11b7eb
knetfilter-2.0.3.tar.gz
Posted Jan 25, 2001

Knetfilter is a KDE gui application designed to manage the netfilter functionalities that will come with the new kernel 2.4.x. In Principal, all standard firewall system administration activities can be done just using knetfilter. But there is not just a GUI to iptables command line, it is possible also some monitoring via a tcpdump interface.

Changes: New iptables paths have been added. The interface to nmap is much better now, since it can manage nmap options.
tags | tool, kernel, firewall
systems | linux
SHA-256 | 4591326a8e3ad2ff9c16ecb0f450e7edc1e1dd6d0e854028ed8f7c22624a5e66
ipa-1.0.3.tar.gz
Posted Jan 25, 2001
Site simon.org.ua

IPA is highly configurable IP accounting software for Free and Open BSD. It allows to make IP accounting based on IP Firewall and/or IP Filter accounting rules. In most cases IP Accounting Daemon is run on public servers, software routers, etc. It uses powerful IP Firewall and/or IP Filter accounting rules and based on its configuration allows to escape from writing scripts to manage network accounting.

Changes: This release includes a fix for a security bug in the exec(user)-line parameter, and other bug fixes.
systems | unix, bsd
SHA-256 | 27a58e92c828066524cbaeff620fffd7cc17bccd6749cae3fb980730999ba752
hypersrc-3.0.3.tar.gz
Posted Jan 25, 2001
Authored by Jim Brooks | Site jimbrooks.org

hypersrc is a GUI program for browsing source code, which uses GTK+. It provides a list widget containing sorted source code tags. A programmer can click a tag to hyperlink to a particular tagged line in a source code file. Screenshot here.

Changes: Hypersrc now displays a tree view of function call relationships in the source code.
systems | linux
SHA-256 | 04047cfe613f5003f883a85b25857edb33b11c44b5d61921d4945554a5fb281b
gShield-2.0.2.tgz
Posted Jan 25, 2001
Authored by R. Gregory | Site muse.linuxmafia.org

Shield is an aggressive, modular firewall script for iptables which features easy configuration through a BSD-style configuration file, optional NAT support, TCP-wrapper-like functionality for service access, port forwarding, routable protection, DMZ support, and more.

Changes: This release has misc. cleanup and removal of misc. redundant entries. Logging options for reserved drops and dhcp have been added/enhanced. Full highport access is now a toggle. Transparent-proxy options, fixes for passive ftp, and options for bind/domain forwarding have been added. Services now use getservent to determine port selection. misc cleanup.
tags | tool, tcp, firewall
systems | linux, bsd
SHA-256 | d1d66087d42bbe78e58dfc2706c55877360b205e67d34778767cb20095d963ad
mcgi.tar.gz
Posted Jan 25, 2001

Mass CGI scanner. From Guile Cool.

tags | cgi
systems | unix
SHA-256 | f857e4619461a9b4523063d16ea8ad2465e813b9d0f75e62114c8d59f866e8c3
safer.010124.EXP.1.11
Posted Jan 25, 2001
Authored by Vanja Hrustic, Fyodor Yarochkin, Thomas Dullien, Emmanuel Gadaix | Site safermag.com

S.A.F.E.R. Security Bulletin 010124.EXP.1.11 - Netscape Enterprise Server 3.x and 4.x allows remote users to obtain directory listings on remote sites running web publishing by sending the command "INDEX / HTTP/1.0".

tags | remote, web
SHA-256 | 0c07af4b20cd0f80c350f290f2165288d37e8000439245b0aa663dc85df5e127
RHSA-2000:136-10.php_dos
Posted Jan 25, 2001
Site redhat.com

Red Hat Security Advisory RHSA-2000:136-10 - PHP 3.0.17 can be caused to crash by clients uploading "multipart/form-data" information with form requests. Security holes in versions 4.0.0 through 4.0.4 of the PHP Apache module have been found.

tags | php
systems | linux, redhat
SHA-256 | 49bd516233cab75acb589e5fe6145f0b36672f93b47ed654481f0bb48d780d9b
RHSA-2001:004-04.icecast
Posted Jan 25, 2001
Site redhat.com

Red Hat Security Advisory RHSA-2001:004-04 - A remote format string vulnerability in Icecast v1.3.8beta2 allows remote code execution. Icecast 1.3.7 is not vulnerable.

tags | remote, code execution
systems | linux, redhat
SHA-256 | 3f93642683d664439de5c1193de406878913711c80313f610e5f8ab639b1eb95
unitools.tgz
Posted Jan 25, 2001
Authored by Roelof Temmingh | Site sensepost.com

Unitools.tgz contains two perl scripts - unicodeloader.pl uploads files to a vulnerable IIS site, and unicodexecute3.pl includes searches for more executable directories and is more robust and stable.

tags | exploit, perl
SHA-256 | ef1371caea9d6be5421cdfd47295c380d367086653e0281f537a4f4b1db5503e
thong.pl
Posted Jan 25, 2001
Authored by Hypoclear | Site hypoclear.cjb.net

Thong.pl is a perl script which exploits several vulnerabilities found in Cisco products. Includes the Cisco Catalyst ssh Protocol Mismatch dos, Cisco 675 Web Administration dos, Cisco Catalyst 3500 XL command execution, and the Cisco IOS Software HTTP Request dos.

tags | exploit, web, perl, vulnerability, protocol
systems | cisco
SHA-256 | 594060a5dec2fcf16403a904d4ad89eb7a7015552c986112125f18ead0a5a9e8
crank-0.0.3.tar.gz
Posted Jan 25, 2001
Site crank.sourceforge.net

Crank is a project to provide a GUI toolkit to facilitate (and where possible, automate) the breaking of classical (pen-and-paper) cryptosystems. Initial focus is on the cryptanalysis of monoalphabetic substitution ciphers.

Changes: This release contains bugfixes for the autocracker - it now works near perfectly on large enough text samples. The code bas been cleaned.
tags | encryption
SHA-256 | 11d8590fd645d22db4952bf7a9556d8c93728eaa26e128a01db40b7fcd679faf
vtun-2.4.tar.gz
Posted Jan 25, 2001
Authored by Maxim Krasnyansky | Site vtun.sourceforge.net

VTun is the easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, and encryption. It is a user space implementation and doesn't need modification of any kernel parts. VTun supports IP, PPP, SLIP, Ethernet, and other tunnel types. VTun is easily and highly configurable; it can be used for various network tasks like VPN, Mobil IP, Shaped Internet access, Ethernet tunnel, IP address saving, etc.

Changes: This is the final stable release!!!Includes a configurable keep-alive, a fix for 0 compression level, and an RPM package and docs update.
tags | tool, kernel, tcp, firewall
systems | unix
SHA-256 | 295d299fc81b7f6aad33dfa1814f44e007067b6af27cfd3a8c8e8ca8f3e7c086
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close