Local buffer overflow exploit for gv postscript viewer. Spawns a shell on port 7000.
0cb7b7a6f09c3f68f36664d22f3f314d8fdbbe9e176580147a168dec28a0d898sptrace is a secure ptrace() module for Linux. It limits users' access to the ptrace() call. It can disable ptrace altogether, or if you add a ptrace group to your system, only users in that group will be able to use ptrace().
925d39bcb5258c0d96f619078df465b16b74d54e5578f6050b89569e1a9e3f5fNARC (Netfilter Automatic Rules Configurator) is a free firewalling package for Netfilter/Iptables, released under the BSD license. It attempts to simplify the setup of a firewall (stateful packet filter) via the iptables tools. It is a bash shellscript that generates (hopefully) sensible and secure rules for Netfilter based on a simple configuration file. It features quick setup via a simple configuration file, connection tracking (and fragmentation reassembly), customized logging, probe detection (TCP and UDP), and much more.
60f94c7b982da63800a7f82ac756c2d00ee154997acb4cf0f1fa0a49d0296c21This whitepaper discusses OpenVPN as a free, secure, and easy to use and configure SSL-Based VPN solution. It offers various scenarios of use.
3cc0030602a7611c59cb7895e284a2668cab765429606ed84dff1b4d43f04c07iDEFENSE Security Advisory 08.12.04-2: Remote exploitation of a buffer overflow in the uudecoding feature of Adobe Acrobat Reader 5.0 for Unix allows an attacker to execute arbitrary code. The Unix and Linux versions of Adobe Acrobat Reader 5.0 automatically attempt to convert uuencoded docuements back into their original format. The vulnerability specifically exists in that Acrobat Reader fails to check the length of the filename before copying it into a fixed length buffer. This allows a maliciously constructed file to cause a buffer overflow resulting in the execution of arbitrary code.
958b976a69769d6baec2b60fde3c3f54864ac66163b9ad5a24d7b3555dd2d9f7iDEFENSE Security Advisory 08.12.04: Remote exploitation of an input validation error in the uudecoding feature of Adobe Acrobat Reader (Unix) 5.0 allows an attacker to execute arbitrary code. The Unix and Linux versions of Adobe Acrobat Reader 5.0 automatically attempt to convert uuencoded documents back into their original format. The vulnerability specifically exists in the failure of Acrobat Reader to check for the backtick shell metacharacter in the filename before executing a command with a shell. This allows a maliciously constructed filename to execute arbitrary programs.
6090411f468013d9881fef9aade925396aa2c0ea7ba6bb2b3ff7d794178a1713Secunia Security Advisory - A vulnerability has been reported in MAILsweeper for SMTP, which can be exploited by malicious people to cause a DoS (Denial of Service) on a vulnerable system. The vulnerability is caused due to an error when processing malformed PowerPoint files, which may cause the service to enter an endless loop and exhaust all CPU resources. Versions below 4.3.15 are affected.
95fd5620becd38fbdace61d84681190a0443ce27dd28f2f467b94b239354bcd8glFlow is a pcap-based traffic analysis tool intended for monitoring high speed links. The detection algorithm is based on realtime NetFlow traffic aggregation and analysis. The code is portable across platforms, it should work on every system with working md4/md5 and pcap implementations, with very little modifications.
79b6a64f34273efc4ea59eb78160b32bfa41a87b272f780622e85b0db649cf22SUSE Security Announcement - The SuSE Security Team has discovered various remotely exploitable buffer overflows in the MSN-protocol parsing functions during a code review of the MSN protocol handling code of gaim. Remote attackers can execute arbitrary code as the user running the gaim client.
da2f9073a7f83965ed45ec7bb72412cb359a6d649f321acf0c0507490a7f2cc6Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.
c81fa12c53192a26420eb3ad1256f79168e01c856dadaee09291db693ff7a036The Netgear DG834G has a hardcoded root password of zebra and a debug mode that allows for an immediately available rootshell.
b999eb2868235898e0d8fc2929bc06e3e523cb6123740972c6f300b3c21e6831Yaotp (Yet Another One-Time Pad) implements the one-time pad cipher for en- and decryption of messages. It features real random number generation by audio sampling and hashing, key management that enforces one-time usage and irreproducible key destruction. It is the right choice for the totally paranoid geek and high-security issues beyond any imagination.
f5d101e25e349399b37f97a876bfd29e59800c8dace4c42493f33574cd763767Remote root exploit for Mac OS X versions 10.3.3, 10.3.2, and 10.2.8 that makes use of the stack buffer overflow in the Apple Filing Protocol (AFP).
9f288f0368bfa21ae4ec075d1d997e64fc2e774d97728922d146a07cfacfdd0aSecunia Security Advisory - Ziv Kamir has reported some vulnerabilities in Keene Digital Media Server, which can be exploited by malicious people to retrieve sensitive information and perform administrative tasks. The vulnerabilities have been reported in version 1.0.2. Other versions may also be affected.
93ca61e3f228e0e110b9d19feec0dba3de5b6f4c2b36f24951786570cd98bfafSecunia Security Advisory - A vulnerability has been discovered in Nokia IPSO, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability affects versions 3.5, 3.5.1, 3.6, 3.7, 3.7.1, and 3.8.
99793bbd1271fcfbcafb5e13166f91754ae3f58e3908dbb4bbb0f2601c86958e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed