Intact Open Use is a host integrity checking system for Windows 95/98. This is only a 30 day trial. Intact can detect change in the filesystem and registry.
4cf2810673f6b8e0ec16988e8a63d002e0d5952d90749361e6f2904a5ddf8cefWeekly Newsletter from Help Net Security Issue 18 - 19.06.2000 - Covers weekly roundups of security related events. In this issue: Remote dos attack in NAI pgp certificate server, SmartFTP daemon v0.2 vulnerability, Microsoft revises ms00-035, remote dos attack in AnalogX Simpleserver WWW v1.05, MS00-031 patch re-release, Dragon Server v1.00 and 2.00 remote dos attacks, AOL instant messenger dos. Also linux security techniques, kernel basics, and much more.
370cba453102d1a90e1f04d927c9700faca6b6b3ad60c541ebf6dea08cb96e37Linux Security Week June 12 - In this issue: Updates are available for the Document Template package, BRU Backup Utility, Kerberos 5, and a bug on FreeBSD/Alpha systems that weakens its encryption. OpenBSD 2.7 is annunced and and the U.S. House gives its "OK" to the digital signature bill.
d3af4c437f7224ecb592716f7973e2c5f6eeb9545d977a4490847348ca8cf0e6motion uses a video4linux device as a motion detector. It will make snapshots of the movement it sees, making it usable as an observation or security system. It can send out email, SMS messages, or invoke an external command when detecting motion.
180eb595eae21df8fc38fa47ed24dc5f4a9ffc4673821d67aa65aeb364992adeDebian 2.1 local root exploit - A vulnerability exists in the apcd package shipped with Debian 2.1.
f7ca16d4ea9299fd7aef4c4a72b95848377702b1feeccf9d2d657e4193b25dbeMailStudio2000 v2.0 and below userreg.cgi exploit - Executes arbitrary commands on remote host as root.mail.
095872ca533dfd3c5443df88fb3daab10038263b301956bf03770b5a5ac72928SetXConf local root exploit for Corel linux v1.0 with xconf utils.
db447881a66d9c741450d6d7e316b1bb4edd263812be29422ab468e0194719f4Majordomo local exploit for Suse 6.0 and 6.3. Tested against Majordomo Wrapper <= v1.94.5.
312f4fcbf45535494f8a44755293ca6e8bc7842547f4c8e7aa00445f3d859041SSH (Secure Shell) Windows Port is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.
9086e00c98cc755dca63755c3eb1eb211bfeb07f77b8d7755f4239f67d512ab2SSH (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.
2eed3b75a12f7cdfaa9f8ea85b5399fc1cd4ac5e88192c9a5784851d93a2950cVbs is a mail-filter to make attachments unexecutable by replacing the dot in the filename extension of critical attachments with a tilde, so that MUAs won't recognize those attachments anymore as executable. It is implemented as a wrapper for the delivery agent.
0e593fdba33fb611f5cd4ce5e761239c474b21be1468684fcbbc7de6349e6bf0Winfingerprint 225: Advanced remote windows OS detection which does not run under Win 9x. Features the ability to enumerate servers, shares, global groups and users, displays active services, scan network neighborhood, establish null IPC$ sessions, and registry query (currently determines Service Pack Level & Applied Hotfixes).
ae7ee89927e58ab7a222f65d01cf51ba546ce17889f6adfbfb6d1a3cff3b1eb4dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.
2c83a22007336345ee4a0b4a690b0df387ca6dc1f1c1ac7eb68f04e8465c341cPine v4.10-21 local buffer overflow - drops a gid=mail shell if /usr/bin/pine is SGID. Tested on Debian slink2.1.
7764b61d5684322567f4c2b7d67debaf0db0e2c30bbcecd3de3c2f2533e14b92Zodiac is a portable, extensible and multithreaded DNS tool. It is meant to be used as a DNS packet monitor and DNS protocol test and debuging tool. It's basic features are: sniffing of DNS datagrams on an ethernet device, decoding of all types of DNS packets, including safe decompression (partly finished, SOA record are, for example, not decoded yet), nice display and gui, if you like ncurses and text based frontends, always interactive in all situations through built in command line, threaded and flexible design. Advanced features include: local DNS spoof handler, jizz DNS spoof, exploiting a weakness in old bind implementations, determines jizz-weakness, id-prediction and resolver type remotely, id spoofing, exploiting a weakness in the dns protocol itself, implements some advanced DNS denial of service attacks, including flood, label compression and unres attack, advanced DNS smurf.
87f79104df9555ecf18355d034a721bd7327ecf82037e1e480a0752bb07e3a14Using the sysctl support in linux to enhance a system security against outside attacks. Includes a script to optimize these settings by echoing values to /proc/sys/net/ipv4/*, turning on kernel security features which lessen the effect of SYN floods, smurf attacks, and turn on source validation by reversed path to add more protection against spoofed packets. Tested on linux 2.2.x.
ecb153fa9297b6558f676c779fca71d43e72cda281fcdba5c8b5c5d910578a74a mIRC script thathacks the current window with a display of mexican nationalism.
25af6367785d36145f4ef7cfa80574451b104291a7c9775cada49267be9bc828Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
84506ebbcbbe67a4ed331bd2d3446a9fd4e42551ddbea393dacb12a963cc7757Microsoft Security Bulletin (MS00-031) - fix Available for "Undelimited .HTR Request" and "File Fragment Reading via .HTR" Vulnerabilities. Microsoft has released a patch for two security vulnerabilities in Microsoft Internet Information Server. The vulnerabilities could, respectively, be used to slow an affected web server's response or to obtain the source code of certain types of files under some conditions. Microsoft FAQ on this issue available here.
98eca05701fecabe23033301fec85f807448feab8ae6fbf412aef87bdc28cb72Wmnetmon v0.2 buffer overflow exploit for Linux - Provides a euid=0 shell provided /usr/X11R6/bin/wmnetmon is suid root, as it is by default. Includes perl script to try all offsets.
86bef23e564b83a03659996407371bf9b0c8902fe578e15b80db3ca10affd2eb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed