what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2001-04-10

Samhain File Integrity Checker
Posted Apr 10, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Lots of small bugfixes.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 09a63845ac98e809c95542526a65794687886f028534896e431f63e0814e1bc4
0103-exploits.tgz
Posted Apr 10, 2001
Authored by Todd J. | Site packetstormsecurity.com

Packet Storm new exploits for March, 2001.

tags | exploit
SHA-256 | cae3d0f36a25e813a0f839c9249a6484dc2ecb7de9f567b52d0cb991f80dec30
0102-exploits.tgz
Posted Apr 10, 2001
Authored by Todd J. | Site packetstormsecurity.com

Packet Storm new exploits for February, 2001.

tags | exploit
SHA-256 | aca4bbcb1ac4d019878073f52314a8555fe60d3ef9f3ad76451bcd3c344d65e3
nai.00-ftp.glob
Posted Apr 10, 2001
Authored by Covert Labs | Site nai.com

NAI Security Advisory - Multiple FTP server implementations contain buffer overflows that allow local and remote attackers to gain root privileges on affected servers. These vulnerabilities are contingent upon the remote user having the ability to create directories on the server hosting the FTP daemon, with the exception of a few cases noted below. The vulnerabilities presented are all related to the use of the glob() function, and can be divided into the following two categories - glob() expansion vulnerabilities and glob() implementation vulnerabilities. Vulnerable FTP servers include OpenBSD, NetBSD, FreeBSD, Irix, HPUX 11, and Solaris 8.

tags | remote, overflow, local, root, vulnerability
systems | netbsd, solaris, freebsd, irix, openbsd, hpux
SHA-256 | 14a21100e205f31e8a5af8bf40f62968749848f4653fa977060110baa1c23a96
CA-2001-07.ftp.glob
Posted Apr 10, 2001
Site cert.org

CERT Advisory CA-2001-07 - Many FTP servers have remote vulnerabilities in filename expansion due to the glob() function which allow arbitrary code execution. Vulnerable FTP servers include OpenBSD, NetBSD, FreeBSD, Irix, HPUX 11, and Solaris 8.

tags | remote, arbitrary, vulnerability, code execution
systems | netbsd, solaris, freebsd, irix, openbsd, hpux
SHA-256 | 809c9d0e40e40d5ec796bd833496f52b16bd9671042bef29959a533565d6676b
crazywwwb-exploit.pl
Posted Apr 10, 2001
Authored by Telehor | Site teleh0r.cjb.net

Remote buffer overflow exploit for CrazyWWWBoard which executes arbitrary code with the privileges of the webserver. Tested against CrazyWWWBoard2000p4 for RedHat 6.0 and CrazyWWWBoard2000LEp5 for RedHat 6.1. This is NOT that same overflow as discovered by Jin Ho You, 01.30.2001.

tags | exploit, remote, overflow, arbitrary
systems | linux, redhat
SHA-256 | 19688fd775a7f4f0a92299bf49551ce8414d7d354001d363cad28d1e972b9062
ms01-017
Posted Apr 10, 2001

Microsoft Security Advisory MS01-017 - Verisign created 2 digital certificates for someone who fraudulently claimed to be a Microsoft employee. The common name assigned to both certificates is "Microsoft Corporation". The ability to sign executable content using keys that purport to belong to Microsoft would clearly be advantageous to an attacker who wished to convince users to allow the content to run. Microsoft FAQ on this issue available here.

SHA-256 | ee77d083c9d8d2b90c75fe703247f46d4ebe0499c86e2b3a70910836516304c9
napalm-10.txt
Posted Apr 10, 2001
Authored by napalm, Kynik | Site napalm.firest0rm.org

Napalm Magazine issue #10 - In this issue: Chaffing as an Alternative to Encryption (Part I), Security Hole in Shareplex 2.x, Intro to Cryptographic Filesystems, How I Got Myself Into The Comp-Sec World, and BBS list.

tags | magazine
SHA-256 | e9409084014068b42284616f8cd81b044709d4b0e174ddc710df85d2de681275
CA-2001-06.mime.execute
Posted Apr 10, 2001
Site cert.org

CERT Advisory CA-2001-06 - All versions of Microsoft Internet Explorer 5.5 SP1 or earlier and any software which utilizes vulnerable versions of Internet Explorer to render HTML allows an intruder to construct malicious content that, when viewed in Internet Explorer (or any program that uses the IE HTML rendering engine), can execute arbitrary code.

tags | arbitrary
SHA-256 | 9c3e26644a6066867ffa37399fe54ba7c55d1e8341cd7e435a481c4ea6a2c3eb
debian.ntp.txt
Posted Apr 10, 2001
Site debian.org

Debian Security Advisory DSA-045-1 - A buffer overflow has been found in ntp which can lead to remote root compromise. Versions ntp-4.0.99k and prior are vulnerable.

tags | remote, overflow, root
systems | linux, debian
SHA-256 | 9c449bd96d0df6fbfc6293c1226d57c290433de8bfa9c3db1d4f1413b2a9c727
suse.xntp.txt
Posted Apr 10, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:10 - xntp is the network time protocol package widely used with many unix and linux systems for system time synchronization over a network. An exploit published by Przemyslaw Frasunek demonstrates a buffer overflow in the control request parsing code. The exploit allows a remote attacker to execute arbitrary commands as root. All versions as shipped with SuSE Linux are affected by the buffer overflow problem.

tags | remote, overflow, arbitrary, root, protocol
systems | linux, unix, suse
SHA-256 | 0940235fd01fc11193510402bc05eade811b55a7c35de34923ef206b95e019f8
talkback.txt
Posted Apr 10, 2001
Authored by ThePike | Site whizkunde.org

Talkback.cgi allows remote users to view any file on the webserver. Exploit URL included. It is also possible to display the admin password. Fix available here.

tags | exploit, remote, cgi
SHA-256 | e4e768f74ba3a8097a57dd1359054407e765b0969853046f335247b526a09588
RHSA-2001:045-05.ntpd
Posted Apr 10, 2001
Site redhat.com

Red Hat Security Advisory RHSA-2001:045-05 - The Network Time Daemon (ntpd) supplied with all releases of Red Hat Linux is vulnerable to a buffer overflow, allowing a remote attacker to gain root access to a machine. All users of ntpd are strongly encouraged to upgrade.

tags | remote, overflow, root
systems | linux, redhat
SHA-256 | dcd6a51d0e23b3b205c6c8584adddae70428954c2649ae647c767c863cf63a79
zorp-0.8.2.tar.gz
Posted Apr 10, 2001
Authored by Balazs Scheidler | Site balabit.hu

Zorp is a new-generation modular proxy firewall suite to fine tune proxy decisions with its built in script language, fully analyze complex protocols (like SSH with several forwarded TCP connections), and utilize out of band authentication techniques (unlike common practices where proxy authentication had to be hacked into the protocol).

Changes: Transparent HTTPS proxying now works thanks to fixes in the SSL proxy, and some other minor cosmetic changes have been applied.
tags | tool, tcp, firewall, protocol
systems | unix
SHA-256 | bd4feb90ae74ddf6602e998c1017856b63a0f72811e4b2d5567c4822c15372a0
ettercap-0.4.0.tar.gz
Posted Apr 10, 2001
Authored by Alberto Ornaghi, Marco Valleri | Site ettercap.sourceforge.net

Ettercap is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining an established TCP connection! Integrated into a easy-to-use and powerful ncurses interface.

tags | tool, sniffer, tcp
SHA-256 | b0e5122733726f953e306f371b55f74ecad998a09dfaf1987ace80720158f647
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close