The version of htdig that was shipped in Debian GNU/Linux 2.1 has a problem with calling external programs to handle non-HTML documents: it calls the external program with the document as a parameter, but does not check for shell escapes. This can be exploited by creating files with filenames that include shell escapes to run arbitraty commands on the machine that runs htdig. Debian security homepage here.
e334f26289821d3de2a28c9cfdff8ef04d3a9b28263a6855d2b422c4e2face76Results of the Distributed-Systems Intruder Tools Workshop (Nov 2-4, 1999). Several distributed intruder tools are in widespread use now, and the technology is maturing. As a result, a single command from an attacker can result in tens of thousands of concurrent attacks.
8b00c34553af24954aaa094e37bc7bc7c6a40a85b44fbaa778b7a8dd07d54f5eBlitznet launches a distributed syn flood attack with spoofed source IP, without logging.
7e13767a2fae8ed723cb49b74266f24f2085c49ab06b7cd89d66b692b116ecbaTrinoo daemon source - Implements a distributed denial of service attack. Controlled via UDP.
ef6f8c0870efe8b6a80b4c51f17562d1c0a6e09003b9babc6566380d885899dfnscache is a simple program to browse the Netscape cache directory with a GTK UI. It shows the contents of the browser cache in a three level hierarchy of files: protocols, servers and documents. nscache permits you to files to the cache, remove files or gather various information about specific files.
7e39f5463aa323401f5af15fc4dbb296ebd396fd15301180e2dfeae9a720e0baSnort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting capabilty, with alerts being sent to syslog, a seperate "alert" file, or as WinPopup messages via Samba's smbclient.
fbcf52430b9b6f565608394593577f039ed3eccb3f8e9782aa78c44553dcefb8Bastille Linux aims to be the most comprehensive, flexible and educational Security Hardening Program for Red Hat Linux. Virtually every task it performs is optional, providing immense flexibility. It also educates the user regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.
00ad3e0ef42dff1544106d915af45f9f0d394d526b30c79312939e48a639152eXScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. More than 100 display modes are included in this package.
96733be91f478718519c6ae57cbeb7615248f97cda59782bc6ecc432529e89adgShield (formerly Godot's Modified Modular Firewall), is an aggressive, modular, ipchains-based firewall script. Features include: easy configuration through a BSD-style configuration file, optional IPmasq support, TCPwrapper-like funtionality for service access, and extremely restrictive defaults. It hopes to make administrating a comprehensive firewall easier, as well as offering robust protection.
b66f429eb7acca7775aad24bbd2a9a705b6271956c2b294a6c82d732cd9400b5syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.
d365857c5a764f9831fe8d5db9e3ac337b0db014bac26a7692f17821be8c137ePerl script which scans a remote system for about 150 trojans. Based on Evil Dead's trojan port list.
4e8ec91924dddac3217c3ded08c44f1ed0e75546bdc43b980b52912980df673dGetcode assists you in coding windows exploits by getting the codes for jmp reg,call reg,push reg;ret from some loaded dlls.
7cbbdc5037e046422003cb81047ef31d48b67a030528f6863b9093acd02a86b4Microsoft Internet Explorer 4.x and 5.x - Frame Loop Vulnerability. By creating an endless loop of frames, it is possible to create a malicious webpage that when visited by an IE user all of their system resources are devoured and depending on the system its probable that the machine will crash and reboot itself. Exploit code included.
24e2bf47adda735c3da3d4b2b7f11aae167e1d5a809fbef07252f7d4c711ce16Since the invention of Web browser cookies by Netscape, the claim has always been made that they are anonymous and cannot be associated with any personal information unless someone provides this information. In this write-up, I will present a technique in which browser cookies can be matched to Email addresses without people's knowledge. The technique relies on a security hole that is present in both Microsoft's Internet Explorer browser and Netscape's Navigator browser. This technique can be used, for example, to allow a banner ad company to associate an Email address with a "anonymous" profile that has been created for a person as they surf the Web.
47f14da3aa9f1689692f108845fad8b6b3d627c6b65c81714e5d0d58b19318f8Windows NT security update for December 8, 1999. New vulnerabilities covered include IE 5.0 WPAD Spoofing, IIS ISAPI Filter Plain Text Leak, FTP Serv-U Subject to Denial of Service, and IE 5.0 Subject to Frame Spoofing. Also has info on making certain you are ready for y2k, the MiniZip virus, Babylonia virus, and Y2K-Specific Worms. NTsecurity homepage here.
a6aa9fff249cad6fef9c9fcdb215405e054d8eabe95afcbcebb4e26b213704a6This is a perl script which interprets Checkpoint FW1 (V4.0) account logs, obtained from Master management console, or with the 'fw logexport' command. Can be used safely for standalone FW as well.
8ff492db1234a619ad6f8afb8d4ff0b6c230403f1329b2b47ca5162f3d351650Portfwd is a small C++ utility which forwards incoming TCP connections and/or UDP packets to remote hosts. Multiple forwarders can be specified in a flexible configuration file. There is support for FTP forwarding.
4cafde089c8d1958c11398043ef10d6c9b3ec9c8f8fea65f7a95be6ced4f1853Portfwd is a small C++ utility which forwards incoming TCP connections and/or UDP packets to remote hosts. Multiple forwarders can be specified in a flexible configuration file. There is support for FTP forwarding.
232abde80aeab674528f51b2f8b626dd8cd391e3b0f3f9c7e1855c829b7467ecPortfwd is a small C++ utility which forwards incoming TCP connections and/or UDP packets to remote hosts. Multiple forwarders can be specified in a flexible configuration file. There is support for FTP forwarding.
b7a488f21e81e940673baebf8469c099830e8195901f6a9a47fa515484d13925Portfwd is a small C++ utility which forwards incoming TCP connections and/or UDP packets to remote hosts. Multiple forwarders can be specified in a flexible configuration file. There is support for FTP forwarding.
10bf0e5eb046b271dabe62402a38d9a0c6bfc4328db1eeffb2eda7ebbe6a1651
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed