pixlog is a utility for compiling useful reports from the syslog messages of a Cisco PIX firewall. As tens of megabytes of data can be generated by a PIX firewall per minute, pixlog cooperates with syslogd to parse the data as it comes in, generating nice looking HTML reports. Screenshot available here.
510acc5a8e898f3fb0a016c28fa59aa3b71d4864e00d1590b310bec215b46cb8overflow.txt is a paper written in Spanish which explains buffer overflows and includes sample code.
9f17d1e1309b6e4f54da9b694512de4fd015917ebdd3d4700e11a02c2f009890Signatures.pl is a tool to check fingerprint signatures. Tested on Linux, all comments are in Portugese.
853e57deb8cc4ec4067d2875ab05a7fcfe9615041b0d8641fc515bce387f6cd9The Security Focus pager v3.0 helps system administrators track content of interest to them from www.securityfocus.com, notifying the administrator when new content arrives. It provides short descriptive summaries allowing the administrator to stay updated on relevant issues in the security world including Bugtraq, vulnerabilities, news articles, software releases, and other important information. This is the linux source / binary distribution - windows binaries are available.
a6a7296b769c4ee8c8b562f7ba613a3810b3485774011fffdc0346cc6148ae62NCSA Httpd v1.3 remote root exploit. Tested against Slackware 4.0.
fd048c6976c8652d858e282e552db1b774bbf2a33f9c4f5d8cbdad0d39ab5194Rivat is a distributed CGI scanner written in perl which scans for over 405 vulnerabilities.
9e90411a076c4578051a6a030e0ddf9912c74a3586dd318b2d2f7e86d6cbe206Sourcescan.pl looks through C source code for common vulnerabilities, including strcpy, gets, strcat, sprintf, fscanf, scanf, vsprintf, realpath, getopt, getpass, streadd, strecpy, strtrns, getenv, and setenv.
08e9707e93b71327f7308ac80c26eb28bcc78a62b4c77d056f8e210bed720e03Many IDS systems detect buffer overflow exploitation by looking for a series of NOP's (hex 90) which are typically used to pad the buffer so the offset does not have to be exact. Instead of using NOP's, a stealthy exploit could jump to the next instruction (jmp 0x00) or jump a small number of instructions.
5a83aa8429b3c9c4766634a3e4e0e6c3a972a542233b82a48fde3c8475fd483bBajie is a freeware HTTP daemon written in Java has vulnerabilities which allow remote users to view any file on the system, and find out the real server path.
bb0152854b73ba34c57a2533b63ba1faaf12153332b4f4aad09a36c44a8d4d19ReD Hat Security Advisory 46-02 - New netscape packages are available that fix a buffer overflow due to improper input verification in netscape's JPEG processing code which can result in remote compromise. It is recommended that users of netscape update to the fixed packages.
9154a8b3261c8bd167de85415172f1dd9801dbce0f66004ba3dd5ed6d8ba3eadArping is an arp level ping utility which broadcasts a who-has ARP packet on the network and prints answers. Very useful when you are trying to pick an unused IP for a net that you don't yet have routing to.
9605f534628e2fe89ac1046bf6787b8c3728f2825f1204dd889afa780ef45374IPTraf is a console-based network statistics utility for Linux. It gathers a variety of figures such as TCP connection packet and byte counts, interface statistics and activity indicators, TCP/UDP traffic breakdowns, and LAN station packet and byte counts.
7c33cb1588b0c0496f31fdf7d1d1eb113fb9d029aa526d1cf1148f28b93a4ffc
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed