Wsh is a remote UNIX shell that works via HTTP. The client script provides a shell-like prompt, encapsulating user commands into HTTP POST requests and sending them to the server script. The server script extracts and executes commands and returns STDOUT and STDERR output. Features include command line history support, file upload/download, and it can work through an HTTP proxy server.
d778cfad8fe9cd4984360d7fde1d073a5c62594e05b81265830cf21f00b1e303Efstool local root exploit which works against Redhat 7.3.
fc58920909390e466bdff6c7022d3d2d779ddd56de80c9aa9dfad48f12929155The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
528bce1080424a31cd75d58767c939449c114e6a662d62e98ae74c66a1129bcdHAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories if they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.
d20cc21047b544d7f0a2e9c047049768d120ab55d0feadb777455e4a62ac0ca2The cipherfunk Patched Linux Kernels provide patch sets that focus on security enhancements, optimizations, and bugfixes to the current stable Linux Kernel. They are suitable for workstation or high-end server use in both production and development environments.
37f4484d70c789b143522624938dc6144a3abab6e46224fdf83093a4c17a4c9aSNARE (System iNtrusion Analysis and Reporting Environment) is a loadable kernel module and daemon that provide a host intrusion detection facility and C2-style auditing/event logging capability for Linux similar to the Basic Security Module (BSM) for Solaris.
c74c1c5112557a48cc3956fdc4ed792e1df40853a3998db778b1e0df83977eebSingle Honeypot simulates many services - SMTP, HTTP, shell, and FTP. It can pretend to be many OS's, such as Windows FTP systems, Windows SMTP systems, different Linux distributions, and some Posix distributions.
7dad16d66c29a95ba1e3e9264d36977273af7bd19f478539d5b254aa78302492AIM Sniff is a utility for monitoring and archiving AOL Instant Messenger messages across a network which has the ability to do a live dump (actively sniff the network) or read a PCAP file and parse the file for IM messages. You also have the option of dumping the information to a MySQL database or STDOUT. AIM Sniff will also monitor for an AIM login and then perform an SMB lookup on the originating computer in order to match NT Domain names with AIM login names (handles). A basic Web frontend is included.
60f1864b3854048b5d19c1299eb05153a1d3c9a7a15ab8becab045228461a740SOFFIC is a Linux kernel patch for kernel 2.4.18 that provides file integrity control integrated into the normal system operation, on-the-fly. It checks a file's integrity each time a monitored file is opened for reading or execution, and issues a warning if it is found to be invalid. It protects against rootkits, backdoors, worms, viruses, Web defacement, unauthorized installation and use of new software, and much more.
2063dc3d456ab6d0c6bcea1d44e61d352a87fc81ffa3f80061768a5feeeb91a7iDEFENSE Security Advisory 09.18.2002 - Three locally exploitable buffer overflows have been found in older versions of Tru64/OSF1. The -s parameter to the uucp utility can give local root, as can inc mail and dxterm.
613c7847d1e5ec418d42614e0651bd7d1c878053db6ad2a0af3bc69ad0dbbcc2Microsoft Windows NT, 2000 and XP do not check execution rights correctly before allowing 16-bit executables to load, allowing users to run 16 bit apps even if the execution permission is denied. More information available here.
6964e798605925a0df1a108eaea05a0cb0dce6760bfeb63b5160218271793347The @stake Sleuth Kit (TASK) is an open source forensic toolkit for a complete analysis of Microsoft and UNIX file systems. TASK enables investigators to identify and recover evidence from images acquired during incident response or from live systems. Features the ability to analyze images generated by the 'dd' utility, Supports the NTFS, FAT, FFS, and EXT2FS file systems, 14 command line tools that allow the user to control what data is processed and presented, identify deleted files by name and location, and create time lines of file activity to identify files and directories to analyze.
6ecf9a862791266bd9d6b242a4b64a9536637fb3f0a10d432dab44af3f145f7fThe Bridge Filter kernel patch for v2.2.22 creates a new built-in chain you can use to filter packets before the bridge. The Linux firewall and bridge functions work well but you can't filter exactly which packets are bridged. The main goal of this patch is to allow this capability.
e3d51abe7aa586c9876430bbb9e8618e9a1234c9c5cdf10823e44ead73c67068The Stealth Kernel Patch for Linux v2.2.22 makes the linux kernel discard the packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags. Does a very good job of confusing nmap and queso.
9da0cd16aad5d2f5f49edafb6cfb922ef8dd5bcd4ea1c3a44acbbff851af4117Exploit for the PRIVMESG DoS that exists in several Trillian versions. This code, which emulates an IRC server, should work against Trillian version 0.73 and 0.74. Compiles on Windows - Tested with Borland 5.5 Commandline Tools.
a47fd98697a3fdd1a24f95897a80bb0d2e38da58a83484cb3d1aa8bf68fd37d7KPMG security advisory 2002035 - IBM Websphere 4.0.3 on Windows 2000 Server does not process large HTTP headers received from connected clients correctly. This can be used to remotely crash the application. The advisory contains patch information that can be used to counter this vulnerability.
42521d9ce42e9706532fdcd6ca4eb3e092a3f4f38c91caeec71e5b5a37a532d420 byte IRIX/MIPS PIC shellcode that calls exit().
67a14fa05590c787dcec843671f49b7443a1d7ccc3515d6ee76cb37e2b1870f7204 byte MIPS/IRIX PIC shellcode that binds /bin/sh to port 16705 TCP.
479827468c5e228e46d4aa888071676392b5c4dc1707661bd875f603c64b1da952 byte MIPS/IRIX PIC shellcode that does an execve of /bin/sh.
16f8054992c0d396b5836585aca7a5de8f0a5d1d01fb58a831de763055ada649The Check Point VPN-1/FireWall-1 4.1 and NG HTTP Security Server (in.ahttpd) can be used to proxy all kinds of different protocols. Since it is not possible to select the allowed protocols, this is considered a security risk.
a9b9e181e4d501629c8a297037d7956bcee7d444aaac7a7518d443cb31c01469Debian security advisory DSA 168-1 - Debian released new PHP packages that fix newline character injection in several PHP functions. Additionally, these packages correct a bug in PHP that allow a safe_mode restriction to be bypassed.
d11df9bb3f7995a61aa5db1b828fa32e561204530e69128bcd82699694604d0bConectiva security advisory CLA-2002:524 - Several buffer overflow vulnerabilities found in PostgreSQL query functions affect Conectiva releases 6.0, 7.0 and 8. Abuse of these overflows, for which database access is needed, can result in a compromise of the affected systems.
a4d852419920ca11e133713dc203ab2d29ce4b0e093eb9b5b6244ae02f7fb036Blowdoor v2.0 is a backdoor for Unix systems and uses md5sum passwords for authentication.
cd4c9df16235197d6f1234733005b24229793a87de84374240a544f8582d7932RATS, the Rough Auditing Tool for Security, is a security auditing utility for C, C++, Python, Perl and PHP code. RATS scans source code in order to find potentially dangerous function calls. The output generated by RATS can be used as a good starting point for performing manual security audits.
33eab6ae6618322c56f8fca866f0b60be85a586e1807a08fdc02a51ddf1e10e9Microsoft Security Advisory MS02-052 - Three serious security vulnerabilities have been found in Microsoft VM which allow attackers to create web pages which cause remote code execution. The vulnerabilities can be exploited via Outlook unless the Email Security Update is installed.
5e58cc4e3bfe7b10c12d51e443206ba7577f8f3bfa1cbdeea6bbf9551b0bcb0f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed