HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories iff they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.
8afc8f239df57d7e59887fc1c7a662a5e5cd9b87c22db29ea11bae50881dc1ceLsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port.
20bede6af359e9b2e9e2c464bd4e26ce16d488d584ffb85add31d8c501381a07iptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.
da4d93b1c3020bcef87809e69ef9c24d8fc81e1a696279e546ff84e5e8429bb0Inflex is an email scanner which encapsulates your existing sendmail server setup. It scans both incoming and outgoing email and it does not alter your current /etc/sendmail.cf file. It can scan for email viruses, unwanted file types (eg. EXE, BMP, MPEG) and file names (eg. prettypark.exe). It can also be used to scan for text snippets within emails.
657490d45dbb29f95afa92c6b49cbe813b4e5bd67985a7607b29fde1cbe3c5e8PIKT is a cross-platform, multi-functional toolkit for monitoring systems, reporting and fixing problems, security management, and updating system configurations. PIKT comprises an embedded scripting language with unique, labor-saving features. Binaries available here.
6f0a48185a82dcb2427684b86bcfe4f5e1781fa871c85917659c54f764bdb740Debian Security Advisory DSA-055-1 - The gftp package has a problem in its logging code which allows malicious ftp servers to execute commands on the client machine. This has been fixed in version 2.0.6a-3.1.
298107ba14642c6d63372744b8b8563c74b01a97174ddea28e973a233b9425d8Debian Security Advisory DSA-028-1 - Man has a format string vulnerability which leads to a local exploit for the man user.
7f1b284492e7f4466c1805b48d1553b0a408b290f99d672010d6fbe1e88e5746Cert Advisory CA-2001-11 - A worm which uses the sadmind overflow and the IIS unicode bug is propagating on the internet. Solaris systems compromised by this worm are being used to scan and compromise other Solaris and IIS systems. IIS systems compromised by this worm can suffer modified web content.
b7fd1b3c4d68118378d002763085fde45537233ded7492d3360c662fb0f27415kbdis.c disables the keyboard on most x86 systems. Useful for locking out root in a pinch.
d2559c85ee2c388d2f54bb79b4cf3e6bd5941488ee9e21421191f8c9b35e5618taSpyNetworkX 0.2 Beta is a IRC bot which is under development. Features encrypted user data, a nick DB, port redirect, web download and execute, built in ident server, and more.
14e442cc280369dc27f22bde0db3c2fc573e973d1783a88b34f3092f51ec2068Debian Security Advisory DSA-055-1 - A new Zope hotfix has been released which fixes a problem in ZClasses. The problem is "any user can visit a ZClass declaration and change the ZClass permission mappings for methods and other objects defined within the ZClass, possibly allowing for unauthorized access within the Zope instance." This hotfix has been added in version 2.1.6-10.
43e19e4a032a56c2461d42748f3de86336800b35fc5bacf830e6b6bf021f9c86/usr/bin/mailx local buffer overflow exploit. Gives gid=mail shell. Tested against Solaris 8.
8270d776c54245c8f9730bdf87c4de6ee29ce8e325d9e3fb78e6f9951ae96cbcStMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. This is a experimental version, and a spin off from the Saint Jude Project.
dc244889f82b38409d2d4895342ec004e2fe8ee52ab5326ddf12acc3346c0b4dDebian Security Advisory DSA-054-1 - A recent (fall 2000) security fix to cron introduced an error in giving up privileges before invoking the editor. A malicious user can easily gain root access. This has been fixed in version 3.0pl1-57.3.
eea63bc6e40eb0f860cdf6f571bf398bc563b0d3726796f358485a9e1bb57c60Cfingerd prior to v1.4.3 remote root exploit for linux/x86. Exploits a format string vulnerability in the syslog() call.
d8bf8ec5db51a03a2a06971d1a62f5b817394a89a0963c7f4adf17a3b5bfdc71
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed