Drupal Hostmaster third party module version 6.x suffers from access bypass and cross site scripting vulnerabilities.
7c02451f79ba6d4bfe66bd38a9d30bc0c21b9498c33fec40e740f123d695f5e5Network Penetration conducted a survey at the start of 2003 to check the status of the United Kingdom's DNS infrastructure. This paper discusses the second run of what was tested, the results, some sample zone transfers, and recommendations.
31dc371eb671d823d16aa2224c769ef3802e82eb0154f61065f3def5701be8f0Paper discussing how the Resource reSerVation Protocol (RSVP) is used within the Subnet Bandwidth Management protocol (RFC 2814) and is vulnerable to allowing a rogue host to hijack control of a server via the use of priority assignment.
a784b06a39d986e6dcbd5f350d4ebbf3f646da4776903e5d2db061756436979fGobbler is a tool designed to audit various aspects of DHCP networks, from detecting if DHCP is running on a network to performing a denial of service attack. Gobbler also exploits DHCP and ethernet, to allow distributed spoofed port scanning with the added bonus of being able to sniff the reply from a spoofed host. This tool is based on proof of concept code "DHCP Gobbler" available from networkpenetration.com and the DHCP flaws paper.
28547ebff2666e8695d9c5e76a8063c0a32e0fc3e55e54aa0f70c4206c761b56Paper discussing utilization of port zero for OS fingerprinting and how to protect against it.
bbe9a71a165db0e8b2e6a2f2d5c437c544faf4ba99ad3d4c8737d4bf2ef584a0By using the OpenBSD packet filter pf, one can utilize the NAT address pools added into OpenBSD 3.3 to aid in distributed port scanning.
8a31bcc028af2e38e08d090044b50741b4a83069781ec6191a41a5c751b115abGobbler is a tool designed to audit various aspects of DHCP networks, from detecting if DHCP is running on a network to performing a denial of service attack. Gobbler also exploits DHCP and ethernet, to allow distributed spoofed port scanning with the added bonus of being able to sniff the reply from a spoofed host. This tool is based on proof of concept code "DHCP Gobbler" available from networkpenetration.com and the DHCP flaws paper.
e67b7b0aaba893b9e0f5b0ff284ff00dc90a09e9061ead2c895a3ad085d770d8Stenographied File Transfer Using Posix File Locks - How to transfer information to other users on secure systems by communicating with locked files. Includes some sample code that uses 32 locked files to transfer data on Posix systems.
946de361a7741cef70570cb8e2a840356929f865101a429898f20fd3d294b852The DHCP gobbler is a proof of concept tool for an attack mentioned in RFC 3118 which grabs all available DHCP addresses. New machines trying to join the network won't be allocated IP addresses as they have all been allocated to no existent machines.
6156f06b8cad144a22b2a4d99327ea07ba5b2b22ed181c5a46bf0f1782c27783
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed