Universal login trojan - Login trojan for pretty much any O/S. Tested on Linux, BSDI 2.0, FreeBSD, IRIX 6.x, 5.x, Sunos 5.5,5.6,5.7, and OSF1/DGUX4.0. Works by checking the DISPLAY environment variable before passing the session to the real login binary.
fb412b9239e72a75c7f47ba4a4785c5cbfc7665494372801af49f21457eed13drpc.c is a small rpc scanner to scan for vulnerabilities. Currently it checks for cmsd, ttdbserverd, sadmind, statd, and amd. Tested on Redhat, Solaris 7, and OpenBSD.
81bbde1e877e7e2dd448c7b709ed8f06ef43e9ef4a90418141a026b050d5e9cbLegitimate Sites as Covert Channels: An Extension to the Concept of Reverse HTTP Tunnels. Legitimate sites that allow anonymous posting can be used to covertly send commands to systems behind firewalls.
f38870b0140c9dcaa3bf98fc8e5581801de0fde783deb6c1eeff0a5c2b2f451eQuantum Encryption: just how does the whole thing works anyway? (Diagrams included)
57904fd44c7ca790d7c326dede72af1fda867ed1f0247671db29bc67f98f8a07Cerberus Information Security Advisory - Windows NT systems running Frontpage Server Extentions reveals the name of the anonyous Internet account and leaks physical paths on system.
a8f1405807d2ae29e4358d0e21c3a9db4d9b8e951dd86aab8ada6504e64ae1b1Pine/SSL adds the ability for Pine to make SSL connections to IMAP, POP, SMTP, or NNTP servers.
41a809ace52933b1344c6be17b3acb448d23f81e7d5f40bc248afbb23b51f598CERN 3.0A Heap overflow advisory - There is a heap overflow that wastes memory space in the CERN/3.0A webserver. Close to 50000 bytes of the heap will be ruined! DoS example included.
489fc3d42f1e7f2c642902f70308d9caefba877586655086add9c34454afe5b3This is a "fun version" of secfingerd's config.h file (which tells secfingerd where to look for files and what messages to display). This config.h causes secfingerd to barf out an ascii "flip the bird" hand in the event that
81f55c3aa78da8731f7bd7873139aaa158eac7a675c781e96801d9de062942a4Windows Api SHGetPathFromIDList Buffer Overflow - All Structure lengths, or Length of string, can be a modified or altered and cause whatever handles the shortcuts to crash.
76e69a39aa4a55144387c30002193441b975a29627e84d7c38fecdb3a6baa1caServ-u FTP-Server v2.5b for Win9x/WinNTFTP-Server v2.5b will crash if you upload a malformed link file and type the ftp command LIST, due to overflow in Windows API SHGetPathFromIDList.
1553e21d813e70115f971fbf6e139bf7d8dedb4efc386150d7a1b03a64116625Microsoft has released a patch for a security vulnerability in an administrative utility that ships with Microsoft Windows NT 4.0, Terminal Server Edition. The utility creates a temporary file during execution that can contain security-sensitive information, but does not appropriately restrict access to it. As a result, a malicious user on the terminal server could read the file as it was being created. Microsoft FAQ on this issue is available here.
fa5b52b98e64074061511032b60cf140f292f9015c3bbd36a249521d7140d5c1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed