w00w00 announcment about an exploitable buffer overflow in the POProxy program shipped with Norton Antivirus 2000 for Windows 95/98/NT/2000.
71353195c368a425177adddf5f0313879278613d3f2067468d5866251a84344aFive new vulnerabilities have been found in Berkeley Sendmail and 'procmail'.
739a99c27c891bd518989d4459effe5d7dbae8f49924a28318fe663f8c8dbe7bTwo remote issues were found with the Novell Groupwise web server. The help argument will reveal the full path of the server, and any .htm file on the system may be read with GWWEB.EXE.
6e8012dff3fa95418285c4ea3cae3829f2c00f863699c100e3f2cc66339f2aa3There exists a vulnerability with certain configurations of certain ftp daemons with which users with a valid ftp only acccount on a system may execute arbitrary commands (including binaries supplied by themselves). There also exists the possibilty that anonymous ftp users may execute arbitrar y commands (also including binaries supplied by themselves). While this vulnerability is entirely configuration dependent. The required configuration is rather common. Exploit information here.
223f01ce4e2ad4bdfbd09c6989851a84ceba7d1fbe6c4a85a5d5802a338bf787Tribe Flood Network 2000. Using distributed client/server functionality, stealth and encryption techniques and a variety of functions, TFN can be used to control any number of remote machines to generate on-demand, anonymous Denial Of Service attacks and remote shell access. The new and improved features in this version include Remote one-way command execution for distributed execution control, Mix attack aimed at weak routers, Targa3 attack aimed at systems with IP stack vulnerabilities, Compatibility to many UNIX systems and Windows NT, spoofed source addresses, strong CAST encryption of all client/server traffic, one-way communication protocol, messaging via random IP protocol, decoy packets, and extensive documentation. Currently no IDS software will recognise tfn2k.
07f94c742546e490bd6c8ab103c0ffa31399129812380e0bece242fcdf7a4cbasyslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.
62ac25504ef5b5cd6f93565f4508d8e054b5e8fd5cabbac88aa235d449f593f5The PHP firewall generator is a simple PHP script that generates a firewall script for ipchains-based firewalls. The aim is to support an easily configurable rule set similar to those supported by commercial firewall systems.
ecdd5a51224251df6e9581ae5f472715f33c5b6ae47f7d472ece524f7a8f051aAttacking FreeBSD with Kernel Modules - The System Call Approach. System calls can be backdoored on FreeBSD much like they can on linux, and most linux kernel modules can easily be ported to FreeBSD. Includes information on intercepting system calls, filesystem related hacks, hiding files and contests, process related hacks, file execution redirection, tty hijacking, and module hiding.
99570c1f731fdefef35078cbb47958ca6d7efe7e113d0f5d14d4788fbf479ea0Viper is a standard unix password cracker, but instead of using a wordlist it will generate all the password combinations for the character sets and length you specify. New in this version is the ability to load and save from a progress file, define a minimum password length, and set the number of hours to run. Included in this package is the perl source, which shouldn't be a problem on a unix machine, but for win32 you will need to install the perl interpreters (ActivePerl @ http://www.activestate.com).
7f5ea6e7e3331da5626452380d82279a05cc1ed998283231ec5ad33178a74420The Nemesis Project is designed to be a commandline-based, portable human IP stack for UNIX/Linux. The suite is broken down by protocol, and should allow for useful scripting of injected packet streams from simple shell scripts.
7b17a581a81a74e77e9e3d222ea042914b16a48a380e5484ce5c96e93273bf43Small banner scanner written in perl. Grabs banners from a list of hosts or a class C network.
72b4d028293885ec0fc65a1303f5b7271e5fdfac1dd4405f9ebef390dadc0638ORBit and esound used a source of random data that was easily guessable, possibly allowing an attacker with local access to guess the authentication keys used to control access to these services.
88673368c030e121c6a00197e4cf49c0176c1cd11017908930afaf1751cd8671Fork Bomb Defuser is an easily loadable kernel module for Linux which detects, logs, and disables "fork bombs". It allows you to configure max_forks_per_second and max_tasks_per_user parameters at module load time. Any possible fork bomb that attempts to spawn a huge number of processes simultaneously is detected in real time, and the fork bomb is disabled.
2ed032795fcf4b9dee19d6a0cd71de216bb414252882b0aa548add76e2116015
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed