Pdump is a sniffer written in perl which dumps, greps, monitors, creates, and modifies traffic on a network. It combines features from tcpdump, ngrep, tcptrace, dsniff (and its webspy and urlsnarf), pfilt, macof, and xpy. It understands tcpdump-like syntax and allows easy modifications via a plug-in system. Readme available here.
f312f47fbf5e181eaef1e1785de4fa33f18d686d8cdfcb40874a22fd732570ebFreeBSD Security Advisory FreeBSD-SA-00:51 - The mailman port, versions prior to 2.0b5, contained several locally exploitable vulnerabilities which could be used to gain root privileges.
dedb3bb4a1ce3ca995f2fb71a6dfc4cc5f55e619fc981e278494f0f87dd01815FreeBSD Security Advisory FreeBSD-SA-00:50 - The listmanager port, versions prior to 2.105.1, contained several locally exploitable buffer overflow vulnerabilities which could be used to gain root privileges.
3e32fb931fa234b663d485febacb30965ed690394c9e151c22d8c8c63ec013ceFreeBSD Security Advisory FreeBSD-SA-00:49 - The eject port is installed setuid root, and contains several exploitable buffers which can be overflowed by local users, yielding root privileges.
031b23226b8c3145fcc2d633e190d78e52aa482d69c5e45788560e7f54bc4834FreeBSD Security Advisory FreeBSD-SA-00:48 - The xchat IRC client provides the ability to launch URLs displayed in an IRC window in a web browser by right clicking on the URL. However this was handled incorrectly in versions prior to 1.4.3, and prior to 1.5.7 in the 1.5 development series, and allowed a malicious IRC user to embed command strings in a URL which could cause an arbitrary command to be executed as the local user if the URL were to be "launched" in a browser as described above.
aed685a66de97edce6729dc5e82feed39ad7397a61a60b4b457ceaf446493e6dFreeBSD Security Advisory FreeBSD-SA-00:47 - The pine4 port, versions 4.21 and before, contained a bug which would cause the program to crash when processing a folder which contains an email message with a malformed X-Keywords header. The message itself could be deleted within pine if identified, but other operations such as closing the folder with the message still present would cause the program to crash with no apparent cause.
fef7796ba9f4008ae05e32e357e31610d2560144adcb1cfbe8ecff674325874cKlogd Local Exploit. Envcheck is a Linux kernel module which detects and prevents exploitation of the recent glibc vulnerabilities by intercepting the execve system call and sanitising the enviroment passed. At the cost of a very small performance penalty, it has advantages over a glibc upgrade, including logging of exploit attempts, it works with statically linked binaries, it is transparent to applications that may be sensitive to a change of glibc, and it partially protects libc5.
3c854c738a6a76ef40141f865055426a01aff9e74874c43676c3a699869312f9Vigilante Advisory #11 - Lotus Domino ESMTP Service Lotus Domino Release 5.0.2a contains a buffer overflow in the processing of SMTp commands, causing the service to crash. Tested on OS/2 Warp 4.5, it is assumed that other platforms are vulnerable as well.
899917d16df031887b0b09207f33847668e2d85bd87d183da90737c8950ead90Vigilante Advisory #10 - Intel Express Switch series 500 crashes when a malformed ICMP packet is sent to the Intel Express Switch or a host behind it. The switch looses all routing functionality but continues to function as a switch, except for the fact that learning also crashes, so new connections are not "picked up". Fix available here.
7256e8c0df1d7ce12f4af0950cdfe91032004217c0851024af0a141e17c70d5aMicrosoft Security Bulletin (MS00-063) - Microsoft has released a patch for a security vulnerability in Microsoft Internet Information Server (IIS). The vulnerability could enable a malicious user to prevent an affected web server from providing useful service by sending a particular type of invalid URL. Microsoft FAQ on this issue available here.
12d25552be38868a8fa36ffe9023fb0e2764f085ac7e10c191b403366e1535b4Vigilante Advisory #9 - Internet Information Server (IIS) 4.0 for Windows NT 4.0 is vulnerable to a denial of service attack as described in ms00-063 in which a certain series of requests can cause INETINFO.EXE to gradually consume all system ressources (99-100% CPU and all memory). When the pagefile can't expand any further, INETINFO.EXE is killed by the operating system.
f88b454e98f58dc0cab36e2079df258a10823f10487e75deb9870d645da092caRed Hat Security Advisory - The mgetty-sendfax package contains a vulnerability which allows any user with access to the /var/tmp directory to destroy any file on any mounted filesystem. A malicious user can create a symbolic link named /var/spool/fax/outgoing/.lastrun which points to any file on a mounted filesystem, and that file's contents will be destroyed the next time faxrunq is run.
6729a1a0b2737e85ae4f5ba7398a377fec561d503a17dd3698e11dd59d09872eAtstake Security Advisory - Netegrity's SiteMinder is a web access control product for Solaris and Windows NT that implements various authentication mechanisms to protect content on websites. Due to an error in SiteMinder's URL parsing, it is possible for an attacker to bypass the authentication phase and view protected web pages directly.
e0d3f793315991d1bfe7a1596da57ae4a879f58a9bf6b103ecee5c49798552b3A serious vulnerability has been found in IRIX telnetd which can give remote root access to any IRIX 6.2-6.5.8[m,f] system. The vulnerability occurrs when one of the environment variables contains a format string which is passed on to the syslog() function. Proof of concept exploit included (updated version - compiler and little endian fixes). Fix available here.
f3757ed7c83366e37236fcd1468ac10d93f1b85113d1d44c9616dc8a918135d9SuSE Security Advisory - pam_smb is a package that allows Linux/Unix user authentication using a Windows NT server. Versions 1.1.5 and before contain a buffer overflow that would allow a remote attacker to gain root access on the target host. In addition, Zope needs updating again and the Xchat IRC client can be tricked to execute arbitrary commands if the user clicks on an URL. SuSE security site here.
5a5cc35d33db367672c5f0cd1d3602494bd48a405273b950e7dabe93aac239c6ICMP Usage in Scanning v2.01 - This paper outlines what can be done with the ICMP protocol regarding scanning. The paper deals with plain Host Detection techniques, Advanced Host Detection techniques, Inverse Mapping, Trace routing, OS fingerprinting methods with ICMP, and which ICMP traffic should be filtered on a Filtering Device.
1ff9c1a751e358458994c2d61f241f21e90f086d7913e3155237dfdc53b0edabThis is a list of the ports which trojans run on. Updated Aug 2000, lists 350 trojans and thier default port. Newest version of this list available here. Archive password is set to p4ssw0rd. Use at your own risk.
3e1809812271d23eb04ede26e54c8aa3db1ba2160ff2c809ca459101541ee74aBeginners guide to unix hacking. Includes host enumeration, buffer overflows, firewalls, common mistakes, log cleaning, and more.
ea3139e78e2968521486618e39ab47156557263a1b247cf7ca40e4dfc47ca6c6Lsof is an extremely powerfiul unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port.
dbf618652685f94befe85ab1fcbe56c7cc178f174f75e966f269a3b022932bf9GuardDog is a firewall configuration utility for KDE on Linux. GuardDog is aimed at two groups of users - novice to intermediate users who are not experts in TCP/IP networking and security, and those users who don't want the hastle of dealing with cryptic shell scripts and ipchains parameters. Features an easy to use goal oriented GUI and the ability to generate ipchains scripts as output. Screenshot here.
1172c166fc36a5ea8ebc0eddde3e51a29b810b9013715e79bcc5f06d91eac949The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.
b40ffca783d988cd32bc8a1f948667fe2f25abad1c4aa33bdea0a3ae60db0e7eScreen 3.9.5 BSD local root exploit. Tested against OpenBSD.
8ee52045aae8ee9d02f7529addb6cb4f32eb283bdbcc2dfabb8ab07255fc01c5locale.c is a local root exploit for the glibc / locale format string bug. Tested against RedHat 6.2 with kernel 2.2.16.
04c4435735e287f9fd1e709e762aa900e3d60c3d7b0792743e6936a569fb926eScreen 3.7.6 (and others) local root exploit.
62f1c82f1876f11bcc563d044cc998f0f0b3ce2061a32bad1588595b8a773e53Yabb 9.1.2000 and prior for Windows and Unix is a web based BBS system which has a vulnerability in YaBB.pl which allows remote attackers to view any file on the system.
b2141b021a48b28bf0bb81210dfbaa6fe7aae1817ab3d9c84bb3511551d57e91
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed