Lots of good information on Oracle Database security. From the packet storm forums.
9c21cda33e2fe82137f1e4b5cf476e37e568b8ae5be7497d8dae89cdc093a286Shell In A Box provides shell access to a server from within any Java-enabled Web browser. Requests are tunneled over HTTP using the same proxy settings that the browser uses. On the server, it installs as a CGI program, and there is no client-side installation necessary. It sports full VT102 emulation with Unicode support, international font files, ANSI colors, a scrollback buffer, mouse position reporting, clipboard support, and user-configurable emulation modes. All user preferences are stored as cookies in the client's browser.
bab597954c3f02125d4b13bcb88954599602b33329b4ce52df6299fcffb5f9easping sends ICMP ECHO requests to network hosts to determine whether they are 'alive'. It is a small and hopefully secure implementation of the common ping utility that offers far less control over the packet options that may be specified (packet size, delay between packets, etc.) - this is a feature, for both security and bandwidth reasons. sping has been tested on Linux 2.4.0-test8 but should work on other operating systems.
5d18db6fc500692b383fc05fbd67e5b833897c35d8f847c4b2f4fe0487aa229bTetrinet v1.13 has a denial of service vulnerability which is caused by telnetting to the tetrinet port and pressing enter once, freezing the game.
ed11e968ca11f1ec388ea80f84379db00319fe1bf75648088cf4b43c2f6bc74fIIS and NTS 4.0 Hardening Guide v1.1 - Detailed instructions on tightening down the security on an IIS 4.0 web server. Includes install and setup details, server configuration, hardening, registry edits, securing permissions, firewall ACL's, and SSHD. This hardening procedure should NOT be used on general-purpose NT servers on an internal LAN as it removes several of the services that NT uses for default functionality.
6a460f07556c6f4e9eb5683f3c5badc17be689e406aa0c961ddd5f0fc7a47cc9secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.
08c177f1c5eba6e4857fb8a5a55d96687448658c9bafbac14c6c38b672e4428dEthereal v0.8.13 advisory and remote exploit for Linux x86. A stack overflow in the AFS packet parsing routine allows a spoofed packet to start a root shell bound to TCP port 36864.
5849011e1fbedaeca9f6469317a94d0d5df77b160e51dc2cfaf731ba6fdbc8e5Debian Security Advisory - The version of Vixie Cron shipped with Debian GNU/Linux 2.2 is vulnerable to a local attack, discovered by Michal Zalewski. Several problems, including insecure permissions on temporary files and race conditions in their deletion, allowed attacks from a denial of service (preventing the editing of crontabs) to an escalation of privilege (when another user edited their crontab). As a temporary fix, "chmod go-rx /var/spool/cron/crontabs" prevents the only available exploit; however, it does not address the problem - upgrade is needed.
45066b5be833b8794dd17760df1ec1d6a414c23ede771168906f53a3c837a917
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed