CryptoFS is an encrypted filesystem utility for Linux that makes use of a normal directory to store files encrypted.
1c81e207f634d524316c52d7cc9ed62c6937fc35cbea3076f93f1edc57e31075fwanalog is a shell script that parses and summarizes firewall logfiles. It understands logs from ipf (xBSD, Solaris), OpenBSD 3.x pf, Linux 2.2 ipchains, Linux 2.4 iptables, and a few types of routers and firewalls (Cisco, Checkpoint FW-1, and Watchguard). The excellent log analysis program Analog is used to create the reports.
f905cd54ef07ecfe7461faae9bbb07dc280be235d9fe49edb8703fc033871ecdKernel Security Therapy Anti-Trolls (KSTAT) is a very powerful security tool to detect many kinds of rogue kernel rootkits. It analyzes the kernel through /dev/kmem and detects modified syscalls as well as various other problems. This version runs on 2.4.x only, and can assist in finding and removing trojan LKMs. It supports network socket dumps, sys_call fingerprinting, stealth module scanning, and more.
812c5cc62aa476aea9387d2843ecea645455345d2f9415eacffea7e0beea1515The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
1cb5559ce2f9b37a2da3e63dc97647d133b72a1a11ce3f0299136a23683955a0Os-sim attempts to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, Acid, MRTG, NTOP, OpenNMS, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security. Supported platform is Linux.
924253434cdd1bf801e25eb5d26e1da1fddb67ed434319521380088c60830270Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
0558d3af731d01bbb05956ccfa7d07c1ec09c6c293a7643aaece0ceb155a0ab7Phong Nguyen identified a severe bug in the way GnuPG creates and uses ElGamal keys for signing. This is a significant security failure which can lead to a compromise of almost all ElGamal keys used for signing. Note that this is a real world vulnerability which will reveal your private key within a few seconds.
85e50ed51bad2ccd298b77d5a8b7daf4ef35336d896cce52b84c4db05a6c0ba2OpenCA Security Advisory - Multiple flaws in OpenCA before version 0.9.1.4 could cause OpenCA to use an incorrect certificate in the chain to determine the serial being checked which could lead to certificates that are revoked or expired being incorrectly accepted.
2d8bf6a4c4e3a857072f500345d0d66c8422632aae593d41cd7f4d2e92012debInlineEgg is a Python module that provides the user with a toolbox of convenient classes for writing small assembly programs. Only that instead of having to remember confusing assembly mnemonics and requiring the developer to remember how to use complex tools like assemblers and linkers, everything is done the easy way: in Python. InlineEgg is oriented but not limited to developing shellcode (sometimes called eggs) for use in exploits.
dec741e449e5e99f5c5162df47762797a147fb32a79dd9177428f12086310808Impacket is a collection of Python classes for working with network protocols. Impacket is mostly focused on providing low-level programmatic access to the packets, however some protocols (for instance NMB and SMB) are implemented in a higher level as a foundation for other protocols. Packets can be constructed from scratch, as well as parsed from raw data, and the object oriented API makes it simple to work with deep hierarchies of protocols. Impacket is most useful when used together with a packet capture utility or package such as Pcapy, an object oriented Python extension for capturing network packets.
16806ae256dee67a6544795e84608cd43e3b4ab1a51b93acbac7833e0da87816Pcapy is a Python extension module that enables software written in Python to access the routines from the pcap packet capture library. Pcapy is most useful when used together with a packet handling package such as Impacket, a collection of Python classes for constructing and dissecting network packets.
9dc8f21bce951270b9d09ba3b889186465a27a40cec995b91b9700f4bdf3cecdThe GNU Screen utility versions 4.0.1, 3.9.15, and below, suffer from a buffer overflow vulnerability that allows local users to escalate their privileges. The screen utility is installed either setgid-utmp or setuid-root. It also has some potential for remote attacks and allows an attacker to get control of another user's screen, providing a 2-3 gigabyte transfer of data needed to exploit this vulnerability.
6dd123f1fa7d2605626d7627c38ae214dcddbe9ee058e57e88595aedaa3c365eThe RNN Guestbook version 1.2 has multitudes of vulnerabilities. They range from allowing a remote attacker to execute commands to the ability to achieve full administrative access without authentication. Full descriptions and exploitation enclosed.
bbc07675f04461c29b805cfaf9019fee859075f88d1bcbb7eef350c4e27c9d74hwing is a win32 version of the ever favorite utility hping. It allows an administrator the ability to send customized pings, gather raw fingerprinting data, and more. Original Linux version is available here.
28c595cbcb24c5941f8edd9282008564211b3dcc6eaa791bab042ab6ce91ac8eRemote exploit that makes use of a SQL injection vulnerability that exists in the viewtopic.php file in phpBB version 2.06. Using a malformed query against the searching functionality, the MD5 password hash will be exposed. Related type of vulnerability here.
ed5d998c736d0f35a74e85810a46c3439dadbda8c6b535de6997f2c5b2730fc6FreeBSD Security Advisory FreeBSD-SA-03:19.bind - A programming error in BIND 8 named can allow an attacker the ability to arrange for malicious DNS messages to be delivered to a target name server, and cause that name server to cache a negative response for some target domain name. The name server would thereafter respond negatively to legitimate queries for that domain name, resulting in a denial-of-service for applications that require DNS. Affected versions are up to FreeBSD 4.9-RELEASE and 5.1-RELEASE.
de46a2eed27c50e9d58b35e42ad502868bd6b827919f08f4908ff0233d3c61fbHedgeHog is a simple proof-of-concept portscanner written in VBA for Excel. Useful utility for scanning when in a locked down terminal environment.
0b394a869aee06a859c789aeee56263809e01b81d42b794acfef57b4727ebb40Bugtraq Security Systems Security Advisory - Multiple vulnerabilities have been discovered in the Applied Watch Command Center IDS. Two exploits have been released to demonstrate these flaws. The first, appliedsnatch.c, allows a remote attacker to add a user to the console without having to authenticate to the system. The second, addrule.c, allows a remote attacker to add custom IDS alerts to all sensor nodes in a network, enabling a human denial-of-service attack by making good packets look bad.
89d611aba3b2b3bd598156b14a689aeb759d16617579758d1bce7e8b845eb94cOpenSSH patchkit that patches both the client and daemon to log all incoming and outgoing logins and passwords, adds a magic password for sshd, can send uuencoded logs outbound via smtp, store passwords to an encrypted logfile, disables logging if the magic password is used, and supports PAM password grabbing by patching openssh monitor.
47a46ce7d180ccc4dc7a66c4d7f812698ac1d81467507da55577cdcb4d6f32fbSecure Network Operations Advisory SRT2003-TURKEY-DAY - Administrators using the traceroute detection utility published in Phrack Volume 7, Issue 51 may be leaving themselves exploitable to a format strings issue in detecttr.c.
33e3182819127da3ad076e5420778a32b82010b43f282830765514729f9307f2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed