SE46 from Cryptzone and Application Control from McAfee suffer from file handling issues that can allow for arbitrary binary execution.
efbcdf48625ce7bc7327f19051a636ea8f8e2c3089629f3de29c07c0d05ac2b9Siemens SIMATIC S7-1200 PLCs, version 2 and higher, allow device management over TCP port 102 (ISO-TSAP) and retrieving status information over UDP port 161 (SNMP). It is possible to cause the device to go into defect mode by sending specially crafted packets to these ports.
679ddc6a6dfabb319c2d94eaa550f322d746da693bd83835da6ccdc4172e3a1fpmdump.exe is a tool that dumps memory for a specified process to a file (as opposed to tools like memdump and dd which dump all of the RAM at once). It is useful for auditing things that might store passwords in memory (for example, VPN clients, email clients, and instant-messaging applications).
9a4af71c1a5d4d3180957f67eb75609469b0cc0b24c245ff7b96adfbb0c22915PromiscDetect for Windows NT 4.0 / 2000 / XP checks if your network adapter(s) is in promiscuous mode or not (that is, in most cases, if a sniffer is running on the computer or not). Of course the attacker might be intercepting the communication between the tool and the adapter, making the result unreliable, but there are probably many more cases out there where the tool will really detect a sniffer.
8a4345015f03031fc61b7d463780177d80619f954ab9748ce8585b34ea995058Sqldict is a dictionary attack tool for Microsoft SQL Server which lets you test if the accounts are strong enough to resist an attack or not.
41e688c7185065b68cd74e8c1c66f03331b936fc512c25400bdd89eda271d5a0WinZapper is a tool which allows you to erase event records selectively from the Security Log in Windows NT 4.0 and Windows 2000. Winzapper FAQ available here.
f48b79bec06f0ac8d48c122ec1a7af1c9a59ff354aeda78b6c751004093eb002AckCmd is a special kind of remote Command Prompt for Windows 2000. It communicates using only TCP ACK segments. This way the client component is able to directly contact the server component through a firewall in some cases. More information can be found in the ACK Tunneling Trojans paper.
76bfbdd19f3bc39942b1179dd39f4ee701c18efc216705a72c44051bde2db503Snitch turns back the asterisks in password fields to plaintext passwords.
42ac6b745abd6ab4895ecab7baa93ec7cbdd618cc9419a1e7f8609f403d3110aInzider v1.2 shows which processes listen at which ports, and can be used to find Back Orfice 2000 when it is hidden in another process. This is like LSOF for Windows 95/98, Windows NT 4.0 and Windows 2000.
2e6466d6e3dddc4f8a9cbd550dc4bdf278548f173b6f6f055ed30ebfbff8d7b9FakeGINA intercepts the communication between Winlogon and the normal GINA, and while doing this it captures all successful logins (domain, username, password) and writes them to a text file. FakeGINA shows at least one very important thing - one should never use the same password on more than one system. If one system is compromised, the attacker might use something like FakeGINA to capture all the passwords, and then use them against other systems.
5a9e498c2ef801c16119a90749139794ff69b96fbd1ef6e91651a427170d3b2fThe "Strip Script Tags" feature in Firewall-1 can be circumvented by adding an extra less than sign before the SCRIPT tag. The code will still execute in both Navigator and Explorer.
63dba9e4776e49be0b9d685899d424e7c95359cd0499b13e8116377966747f78A vulnerability has been found that the installation of Internet Explorer 5 introduces in Windows NT through the Task Scheduler service. This vulnerability makes it possible for a User to become a member of the Administrators group if he/she can do an interactive logon. The Task Scheduler service is an "improved" version of the usual Schedule service - they are not the same thing. The Schedule service is replaced by the Task Scheduler when Internet Explorer 5 is installed on Windows NT. Microsoft security bulletin 51 addresses this issue and is available here.
e586b63470a7536dfa7b26cc02b77cf27aea8efa4fc13b852d5f0a78a50e98c8DelGuest deletes the built-in Guest account in Windows NT. This account is supposed to be impossible to delete, and it is impossible to delete through the ordinary user interface, but with DelGuest you can do it.
e0828fcde478bd09c2faeac52cd28067f6a1545284e87d4cc32d4fa4b6faeeafBuffer overflows in FTP Serv-U 2.5.
3a0930556d22757867dbc57017c8360dce0eea7e4d7cf71bb2f9c0c7a452b56c".."-hole in Alibaba 2.0.
ab85df42ea84cf87c53ad28ae97e61da057744109d4ecd488d109858fb7b295eVulnerabilities in BisonWare FTP Server 3.5.
1afa959029404442157477e21c28438df90a40354bf7959843d365e82fdebf6f".."-hole in Broker FTP Server v.3.0 Build 1.
acfc6c3200dab5bf7eab84848292f6b0484d0d94053fc3bd9537b80dcaf13b5bNetscape Enterprise Server SSL Handshake Bug
285d0656db3855b2db3b7e41b331819b487551a63280b537fc0b7c149ef6c543Buffer overflow in AspUpload 1.4.
5ad4e0688d466820ec188552e81108419055d14da22cdd713bf4a438d2bf83d0GSD (Get Service Dacl) gives you the DACL (Discretionary Access Control List) of the Windows NT service you specify as a command line option.
207e65ce416221840f3ea2bdd7b9ff9ee7a7a1ebf1ab4e9599eab2ee19af02c4A DLL that works like passfilt.dll, but enforces some extra password policies to make it harder for password crackers like l0phtcrack to crack LANMAN hashes of the passwords.
46c055ddc72e9b13f964b8310997adc7198cac1962db7fc18277c4aea581363bFake SMB server that tries a dialect downgrade to get plaintext passwords from remote users. For Windows NT.
62340b061d7a15fec551bb7363ad26af415e1c46046113635019a369ec27025bUses Null Sessions to retrieve account and share information from Windows NT.
438d40336b187ddd4f1ae7936aab6bee89668ec6aa6a4955fd9e39953de21f77A UDP port scanner for Windows. Works with Win95/Winsock2.2, Windows 98, NT.
f4da110b14db5eb5c4c6d2d526bd46237c0b42079d3b886adce824f5112e65a1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed