Local root exploit for cifslogin on HP-UX 11.11 and below.
cbe107b425f84e964a28c2d35329b307c9a9e68db01f52d835edd0a6034f1266Windows with Delphi interface denial of service exploit for Savant HTTP Server 3.0 and below. This exploit utilizes four methods, all from old known vulnerabilities, to crash the daemon.
50fbaad57674f880ec45c9cd48db7355b820590adaa6ad15a8081ef4f1074f7cSmtpscan is a tool to guess which MTA is used by sending several "special" SMTP requests and by comparing error codes returned with those in the fingerprint database. It does not take into account banners and other text information, that cannot be trusted, only error codes. A document describing the fingerprinting method implemented in smtpscan is available here.
4c5bd1d3afc0e282eabb3eeb2a9eaf951fba6c2d8ee3085b14d76221cff3be18IP Sentinel is a tool that prevents unauthorized usage of IP addresses within an ethernet broadcast domain by answering ARP requests. After receiving faked replies, requesting parties store the MAC in their ARP tables and will send future packets to this invalid MAC, rendering the IP unreachable. Features chroot non-root operation.
b67c39bb7de96fc952d31f59c297e67e7956dbc59a1570dbc6a2b1dbc65b2ad7Hackbot v2.15 is an host exploration tool and banner grabber. It scans hosts for FTP banners, SSH banners, Open Relays, EXPN and VRFY options, more than 200 common CGI vulnerabilities and common indexable directories, NT unicode vulnerabilities and NT nimda infections.
585541a710f53e77b36a655588a546bd1b454b40761f3c43c42fd4f3dd1de912Winterrogate recurses directory structure obtaining the following information according to filemask: File Name, Complete Path, Directory, File Size, Creation Time, Last Access Time, Last Write Time, and MD5 Checksum. Extra information Gathered on *.DLL, *.VBX, *.DRV, *.EXE, *.OCX, *.BIN, *.SCR (IF THE DEVELOPER ADDED IT) includes CompanyName, FileDescription, FileVersion, InternalName, LegalCopyright, OriginalFilename, ProductName, ProductVersion, Comments, LegalTrademarks, PrivateBuild, and SpecialBuild. Screenshot available here.
bea6fd1fa9336ebd8a037f7e20dd886924399b6708e86468805e80cd11211c08Winfingerprint v0.5.4: Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controller), BDC (Backup Domain Controller), NT MEMBER SERVER, NT WORKSTATION, SQLSERVER, NOVELL NETWARE SERVER, WINDOWS FOR WORKGROUPS, WINDOWS 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, E numerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes.
c45a685becd894b737307ef8fc67eb36056f51363c88acc40028f5fd07a243f4Mapper is a network connectivity tester that employs a number of techniques to try and guess if a host is alive or not. Since many machines have ICMP firewalled off, it uses 7 different TCP and ICMP tests in attempting to gain some sort of response. Mapper can send spoofed decoys and use random delays for added stealth.
8e6ed6fd200d9037a5a4ceeac6f7a9e3a958b867e1b25983b6da7715b9c81c01PFilter filters OpenBSD PF log files parsed by tcpdump and prints colored messages. Both /var/log/pflog and pflog0 are supported for real-time logging. Tested on OpenBSD 3.2.
06aabdf94e4b27e355ac9c84239893655812953cf957332b8fdef3f30e001dd9Amnesia is a simple encryption/decryption tool for files and directories that uses a 702 bit key built off of a user provided password.
a64c0312a17205d862e7a23e63ab2d92577591796a8be88bf0c8a50a5deb33deA vulnerability in the LiteServe combination server for Win32 exists in that the handling of filenames on Win32 platforms may reveal the code of a desired CGI script to an attacker. Windows handles file names with the period character (0x2E) on the end as if the character had been removed. LiteServe fails to compensate for this behavior, and is vulnerable to a simple CGI disclosure attack.
2c3ca28c00d0930e2a9c6fbc4f72dc74895e351d73e4de6f97aa89bb5230a2adCross Site Scripting vulnerabilities exist in the e-mail web services of hotmail.com, yahoo.com, and excite.com. These problems allow for cookie capturing of unsuspecting victims who may easily give up their cookies via clicking on a link in an e-mail or elsewhere and with the link actually pointing to the legitimate site.
0e1d0d54940384d01ff7c3049f87a8a7e2540acdafd2a17cb783e60afe5122f5This DCL script abuses the old psi_mail trick on VAX/VMS systems to remotely find valid users.
b300bdc9bf7a8a50ee833fcd7c6502f1b542165feca28c88b135ae16d0afbccbA suite of scripts that were originally part of the AEnigma DIDS Project. The script snortctl is for management of the Snort NIDS. The snortfilter is a log parser and colorized.
a20e34b031a3b811e776cf26ef2b23b8da7a07a37c0d686dcea96aab426d35a4HAVOC is a random ARP traffic generator which will temporarily hose your ethernet segment. Bug fix of previous release (0.1c)
74e17c81361042e28aa21c339279aa472c86be6884323f0e8f0583ed01d48727Multithreaded Proxy Scanner for UNIX v0.7.0. This proxy scanner uses a small PHP script to collect open proxy servers.
f104e807c621cceb31c16056158d12c795b3dc603408f99872db08030dd301e3Remote exploit for rsync version 2.5.1 and below run on Linux. This exploit makes use of a simple frame pointer overflow.
6d22b5088d7fc52eb994bcfe37975d15f67800c96849738dce0efa68d5b1fe86Another exploit for ipppd, the daemon that is part of the isdn4linux-utils package and is part of the default install for many linux distributions. Tested on SuSE 7.3 and should work on SuSE 8.0. Anonymously submitted.
5010025186a5b9e7bdc4e46a0ff7cd95eee0761951c2b034cc7db0f606d8cd82The IISPop E-Mail Server from Curtiscomp.com is vulnerable to a denial of service attack via a simple buffer overflow on the listening daemon.
f1e9f711eabd7012bda2d2d99a807a06d454bfa9e37157608e2983ae2f405a47INetCop Security Advisory #2002-0x82-004 - Various buffer overflow vulnerabilities exist in Zeroo HTTP Server v1.5. Remote linux exploit included to gain root privileges.
a3c4fb3627efc81e628826beed19110486973e4f8ac5a7bd42bc897ce5b93c6aINetCop Security Advisory #2002-0x82-003 - LibHTTPD, a utility that can be used to add basic web server capabilities to an application or embedded device, is vulnerable to a buffer overflow which allows remote attackers to gain root access to the system.
42b98d2d9176568731b8e14b52d0f6712290e40350893e64b5996c712275747aINetCop Security Advisory #2002-0x82-002 - A buffer overflow in Light HTTPd version 1.0 allows for remote attackers to grab a shell or perform related activities as the webserver uid.
4394e54d71505d1fce1d0784dbc84067ece93adfb1a1d1cad4e863b4f87b14c9INetCop Security Advisory #2002-0x82-001 - A directory traversal vulnerability has been found in Tiny HTTPd 1.0. Basic exploitation is documented.
a49d55847f0e0b697cc4797e61934daffcf7b2aaf646fca37369ef068a3705ceLoggy is a log cleaner that will remove an IP address in the standard /var/log files under linux along with cleaning up wtmp, utmp, lastlog, etc.
287d1642b6111bc0527c95c818dcc5263a986daa55198b2805ec37c83adc5a56
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed