mod_rootme is a very cool module that sets up a backdoor inside of Apache where a simple GET request will allow a remote administrator the ability to grab a root shell on the system without any logging.
9a739606a09c5832a815a754bcd656241faf19f768f15d9537d2c76938728b00The Linux kernel IEEE 1394 aka Firewire driver suffers from integer overflows that can result in a local denial of service and possible code execution. Both the 2.4 and 2.6 series are affected.
4871c28b4a1ceac9f9d68c77950e103399841d51e84d43d791e9156d8da2a03cTechnical Cyber Security Alert TA04-174A - Two vulnerabilities in the ISC DHCP allow a remote attacker to cause a denial of the DHCP service on a vulnerable system. It may be possible to exploit these vulnerabilities to execute arbitrary code on the system. Systems affected are ISC DHCP versions 3.0.1rc12 and 3.0.1rc13.
bf37320dd558e2cc0101d6e98690e231d906a7bda985ba6dca250c32f7197e14Remote proof of concept denial of service exploit that makes use of a flaw in the Unreal game engine where a simple UDP packet with a long value can overwrite important memory zones. Vulnerable games include: DeusEx versions below and equal to 1.112fm, Devastation versions below and equal to 390, Mobile Forces versions below and equal to 20000, Nerf Arena Blast versions below and equal to 1.2, Postal 2 versions below and equal to 1337, Rune versions below and equal to 107, Tactical Ops versions below and equal to 3.4.0, TNN Pro Hunter, Unreal 1 versions below and equal to 226f, Unreal II XMP versions below and equal to 7710, Unreal Tournament versions below and equal to 451b, Unreal Tournament 2003 versions below and equal to 2225, Unreal Tournament 2004 versions below 3236, Wheel of Time versions below and equal to 333b, X-com Enforcer.
6c7d8ca999fd82ca534f47257a00d83b7cdf78a424a1ac8cf377fb5568c2fdf5The Unreal game engine has a flaw where a simple UDP packet with a long value can overwrite important memory zones and possibly allow for remote code execution. Vulnerable games include: DeusEx versions below and equal to 1.112fm, Devastation versions below and equal to 390, Mobile Forces versions below and equal to 20000, Nerf Arena Blast versions below and equal to 1.2, Postal 2 versions below and equal to 1337, Rune versions below and equal to 107, Tactical Ops versions below and equal to 3.4.0, TNN Pro Hunter, Unreal 1 versions below and equal to 226f, Unreal II XMP versions below and equal to 7710, Unreal Tournament versions below and equal to 451b, Unreal Tournament 2003 versions below and equal to 2225, Unreal Tournament 2004 versions below 3236, Wheel of Time versions below and equal to 333b, X-com Enforcer.
e57e8509f33616fa5401f768a7a4c2abfc5aab3a91844a97e7ceae234da38313rssh, the small shell whose purpose is to restrict users to using scp or sftp, has a bug that allows a user to gather information outside of a chrooted jail unintentionally. Affected versions are 2.0 through 2.1.x.
311bdd186d8b1ea269ad967cd01b3b095ad35878525c4d3fb410e7ef1f211d8bA flaw in osTicket will allow a malicious attacker the ability to view files that are supposed to be protected.
cac76973da432f255c3cf4113e13301d51783cd3cdae4aba949e8d31c2902592Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix clone.
7d034f726e7d17e30b8246607b01e1e6ce425887707b75835caf07f8792659cchping is a network tool designed to send custom ICMP/UDP/TCP packets and to display target replies like ping. It handles fragmentation and arbitrary packet body and size, and can be used to transfer files under all supported protocols. Using hping, you can test firewall rules, perform spoofed port scanning, test net performance using different protocols, packet size, TOS (type of service), and fragmentation, do path MTU discovery, transfer files (even with really Fascist firewall rules), perform traceroute-like actions under different protocols, fingerprint remote OSs, and audit a TCP/IP stack. hping is very useful for learning TCP/IP.
044834e54a6341b1d44cee884a1fc256ee70528ea3f9c0a2248b9ce01171b091Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
1759ed6c9368787989437d5198bd563c001e86b295097c8822669e183bb9c063NSTX (the Nameserver Transfer Protocol) makes it possible to create IP tunnels using DNS queries and replies for IP packet encapsulation where IP traffic other than DNS isn't possible.
c0fc4b483d4ca9653baf46bd945f54b3125c99cb3a505827ac609b7744eae4b5Easy integrity check system is an easy-to-install and use file integrity system. It is intended to be used by system administrators to aid with intrusion detection.
bee152473ba711c7665a5ca0423dccae9e2467bd96ce3867f045c839d0c18afdNMB Scanner scans the shares of a SMB network, using the NMB and SMB protocols. It is useful for acquiring information on a local area network for such purposes as security auditing. It can obtain such information as NMB/SMB/Windows hostname, IP address, IP hostname, ethernet MAC address, Windows username, NMB/SMB/Windows domain name, and master browser. It can discover all the NMB/SMB/Windows hosts on a local area network by using the hosts lists maintained by master browsers.
d8c5980024332f98b9c623dd4927173d09b5eedbba5b72e70cd221fc86d030dcSqwebmail 4.0.4.20040524 is susceptible to a cross site scripting vulnerability.
b4baa82ebe0204df4d4f0c194efcd8f768666097feda0aca9403eab1bb8ff729Information regarding proper exploitation of a cross site scripting flaw affecting Internet Explorer 6 SP1 running on Windows XP.
fa7c800af3ddd9495112ac117250468eeb5035d63765176288113058bd094d62The DI-614+ SOHO DLINK router suffers a script injection vulnerability that uses DHCP as a vector of attack.
b89f567cac4704eaa1323775e91f7c938e9c34a4c6b3f5a58e198b767eca3571RPM Finder Project version 1.2 is a utility that works much like the rpmfind.net site. It supports RedHat and Mandrake Linux.
1b21c1e4fe44c14c6699021a8dfb60258df84ba160eb73d9c370d35decd0d8d2Integcheck is a system integrity checker. It checks the integrity of exposed systems by getting a list of MD5 hashes of any important file via SSH, keeps a master list of these on a relatively secure system, and compares this list daily with the current list. As long as the system considered safe is not compromised, it should inform administrators of any changes on the exposed systems.
61b95fcdb4192f32e0a682b7ec3ad6f420e146d5d8aca0b056a98ad3f98fc21bOs-sim attempts to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, Acid, MRTG, NTOP, OpenNMS, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security. Supported platform is Linux.
6a79dd8145f4067ef55ff267510341d6dc7df4cd97ab17bc70bc60c527f8bb54iDEFENSE Security Advisory 06.21.04: Remote exploitation of a denial of service condition within GNU Radius allows attackers to crash the service. The problem specifically exists in the code for handling SNMP messages. By supplying a malformed packet containing an invalid OID, such as -1, it is possible to cause the server to shutdown, preventing further requests from being handled. The Radius server must have been compiled with the '-enable-snmp' option in order to be vulnerable.
2e0e226c0c89a68cd1ee9d3f9d66b5e5d49fdec1ef03e7ec5cfa887e5d82e200mod_rootme is a very cool module for the Apache 1.3 series that sets up a backdoor inside of Apache where a simple GET request will allow a remote administrator the ability to grab a root shell on the system without any logging.
4ad725b929e8714ed72b2aef702d7383e7f30973e4a777ae8a882ba784fcf58aDebian Security Advisory DSA 522-1 - A format string vulnerability in super has been discovered that allows specified users to execute commands with root privileges. This vulnerability could potentially be exploited by a local user to execute arbitrary code with root privileges.
78c7e1bf65152d505c10fbb236ca5fba4a3cc83b2737cffa0bc5add027d86b91A vulnerability has been found in the Mobile Code filter in ZoneAlarm Pro where SSL content is not filtered. Tested against Windows XP Pro running ZoneAlarm Pro 5.0.590.015 and Internet Explorer version 6, with all patches.
9f550907ba57239e2e48c56db138dbfa750a3cb38f6d2cdd756fae1d650f0bbaA user can deny access to the web-based administration by establishing 30 connections to the web-based administration port (80) on the Microsoft MN-500 Wireless Router. Until the connections are closed, the router administrator cannot access the web-based administration.
9eb7fa9b0faacd20f011010c664c60362d59d51325c8fb8bda4a97e82a6c3447A user can deny access to the web-based administration by establishing 1 connection to the web-based administration port (80) on a Linksys BEFSR41 Cable/DSL Router. Until the connection is closed, the router administrator cannot access the web-based administration. Note that the router automatically closes the TCP connection after about ten seconds of inactivity.
cc4d06d74473ac6a04901d1309b131325e16dbe2a571ed5f24f1a9fce4b531f9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed