exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2000-10-21 to 2000-10-22

redhat.lpr.txt
Posted Oct 21, 2000
Authored by Zen-Parse

Lpr lpr-0.50-4 and below contains vulnerabilities which allow local users to access other accounts, and sometimes root.

tags | exploit, local, root, vulnerability
SHA-256 | 6ab9815eb4979f4f020da0a0b9a0978875d632bc2a0951630c7aef34b390f59a
rhsa.2000-084-04.gnupg
Posted Oct 21, 2000
Site redhat.com

Red Hat Security Advisory - A problem has been found in GnuPG versions (up to and including 1.0.3). Due to this problem, GnuPG may report files which have been signed with multiple keys (one or more of which may be incorrect) to be valid even if one of the signatures is invalid.

systems | linux, redhat
SHA-256 | 1ab144da652cc58ee50c74503e5ec6b62d5b5b1ed4bfec784c0eee283a2b6ac6
vlad-0.7.4.tgz
Posted Oct 21, 2000
Authored by Bindview Vlad Team | Site razor.bindview.com

VLAD the Scanner - A freeware, open-source scanner that checks for the common security problems referenced in the SANS Top Ten list of common security problems. While freeware scanners are not neccessarily unique, VLAD is rather unique because of the amount of vulnerable CGI programs it checks for, and its comprehensive account/password checks (seven different protocols).

Changes: Added htr, webhits, and the new iis-unicode checks to the CGI scanner database.
tags | tool, cgi, scanner, protocol
systems | unix
SHA-256 | 608aeb171c612c89e6d76b4bfe6c22989376748948513936c24b05ad401469b8
check-ps-1.3.1.tar.gz
Posted Oct 21, 2000
Authored by Duncan Simpson | Site checkps.alcom.co.uk

Check ps is a simple program that runs ps and compares it with its own list. It currently requires /proc but other scanning methods can be implemented. The program will run in the background or one-shot mode. Check-ps has grown rather to better resist increasingly sophisticated attacks, generate more useful reports, and implement more detection methods.

Changes: Better reporting, bug fixes, more resistant to attack.
tags | tool, intrusion detection
systems | unix
SHA-256 | 4637b14d6d2c1c46530c81a8b0005e0aea5fc61f51a174b202d2a364a383b485
shoki-0.08.2.tar.gz
Posted Oct 21, 2000
Site meshuggeneh.net

Shoki is a collection of IDS tools, scripts, and so forth. All the bits together can collect data from sensors, schlep it to a central location for storage, run signature-based and statistical analysis on the data, and load the data into a SQL database. Shoki provides a framework for a distributed system for network traffic analysis among untrusted peers.

tags | tool, intrusion detection
systems | unix
SHA-256 | 904a9c47b41b202a970ca5edc2f7a3fd52e937e4c3bf798ede5865ec6fce332f
exiscan-0.7.tar.gz
Posted Oct 21, 2000
Site duncanthrax.net

Exiscan is an email virus scanner which works together with the Exim MTA and McAffee's uvscan or Trend Micro's vscan. It is written in Perl and is designed to be as subtle and lightweight as possible. The special thing about exiscan is that is does not resend messages after scanning them, so that the process is fully transparent to the MTA and requires only minimal reconfiguration of Exim.

Changes: The reformime MIME decoder can now be used instead of metamail, a configurable sender and receiver notification has been added, as well as better security against fake X-Scanner header lines.
tags | perl, virus
systems | unix
SHA-256 | 90ae5efdbf9efad590af21f4901221b32fe7fe785a8110385ec8d7db96be86ab
xzarch.c
Posted Oct 21, 2000
Authored by vade79, realhalo | Site realhalo.org

Linux /usr/games/zarch v.92 local root buffer overflow exploit.

tags | exploit, overflow, local, root
systems | linux
SHA-256 | d420c219019c22b1db498fbe394d018774d0fc7f953b8a9a311f957a40202d37
GNU Privacy Guard
Posted Oct 21, 2000
Site gnupg.org

GnuPG is a complete and free replacement for PGP. Because it does not use IDEA it can be used without any restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application. Features RSA support.

Changes: A security fix which causes gnupg to report files which have been signed with multiple keys to be valid even if just one of the signatures is in fact valid, new utility gpgv to validate signatures, AES encryption added.
tags | encryption
SHA-256 | 2e9f7c2ef3a2ceafbcdf6191ed14fb029f9e97a3562af51f38c217a7ed5ab4cc
ip_scfw-0.9.1.tar.gz
Posted Oct 21, 2000
Site bronzesoft.org

The SYN cookie firewall implements syn cookie syn flood protection on all hosts behind it. Contains a patch to Linux kernel 2.2.17 and an administration tool.

tags | kernel
systems | linux
SHA-256 | c192488f6c7329d60f1d1abec4ccbb6318beca885dc66b9f6839e6439bf761f4
oracle-815.c
Posted Oct 21, 2000
Authored by Kim Yong-jun | Site hackerslab.org

Oracle 8.1.5 local buffer overflow exploit for Linux.

tags | exploit, overflow, local
systems | linux
SHA-256 | d10cd01d2e252d4560cf80fd8e8ad2a8ab0de947c5c91cad0cda66125a53492f
pdump-0.782-2.tar.gz
Posted Oct 21, 2000
Authored by Samy Kamkar | Site pdump.lucidx.com

Pdump is a sniffer written in perl which dumps, greps, monitors, creates, and modifies traffic on a network. It combines features from tcpdump, tcpkill, ngrep, tcptrace, dsniff (and its webspy and urlsnarf), pfilt, macof, and xpy. It is able to do passive operating system detection/fingerprinting and can also watch packet streams and then create it's own spoofed packets to hijack or kill TCP connections. It understands tcpdump-like and perl-like syntax and allows easy modifications via a plug-in system. The packet display is easily configurable. Readme available here.

Changes: The packet injection tool has been updated, updated documentation, and Makefile fixes.
tags | tool, perl, spoof, sniffer, tcp
SHA-256 | 8e24b0b378bb2fcb4299404c9d926b4fd10bad9457d9ca28daeca49a647ca5d9
decoyblues.pl
Posted Oct 21, 2000
Authored by Roelof Temmingh | Site sensepost.com

decoyblues.pl is a denial of service attack against active firewalls. Works by basically creating a lot of decoys with nmap. Router/firewall will try to block all the (decoyed) IP numbers, eventually running out of access list/packetfilters, and possibly crashing, or overwriting access lists.

tags | denial of service
SHA-256 | cad12139ba8649d84be98349cfaf7e9026766bcf1b08660fe6c02a0942410501
webevent.txt
Posted Oct 21, 2000

Webevent v3.3.3 (webevent.pl) is an online calendar which contains a remote cgi vulnerability which allows administrative access.

tags | exploit, remote, cgi
SHA-256 | 5496ce9dcc8d0910d984fc7e479e1a67727682f51767ceae31adf5e834118d53
cst.tar.gz
Posted Oct 21, 2000
Authored by Toxic Ocean | Site blackhat.be

The Cum Security Toolkit v1.2 is a cgi/port scanner which checks for over 350 vulnerable CGI scripts and can implement 5 different Anti-IDS tactics. Features support for vhosts, wait times, fake X-forwarded-for: headers, and much more.

tags | cgi
systems | unix
SHA-256 | 65d4e38e08388580ad5f6d1883da40bb1b4454eebda1f187608b30d654e4f7ce
xsplumber.c
Posted Oct 21, 2000
Authored by vade79, realhalo | Site realhalo.org

Linux space plumber (/usr/games/splumber) local buffer overflow exploit.

tags | exploit, overflow, local
systems | linux
SHA-256 | 807d031351ea5f76324fc2b5994894828847822ca1112cab19cbaff5f38514e9
sara-3.2.3.tar.gz
Posted Oct 21, 2000
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated twice a month to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins, open shares, and much more.

Changes: Improved tcp wrapper detection, Added http tests for Web Shopper, Shopping Cart, PHP, and PUT, and fixed bugs.
tags | tool, cgi, scanner
systems | unix
SHA-256 | 1c29425efe9e0bdb06cdb00ee62355819ba967b90ab3d62401cc502c445a63f1
unicode.pl
Posted Oct 21, 2000
Authored by SteeLe

Unicde.pl exploits vulnerable IIS servers which allow remote command execition, as described in iis-unicode.txt.

tags | exploit, remote
SHA-256 | ab15a086254fb78c36eb6996bbda2ad646248d11ed4dc609531b7f3030a47b81
iisscan.pl
Posted Oct 21, 2000
Authored by Piffy

iisscan.pl scans for vulnerable IIS servers which allow remote command execition, as described in iis-unicode.txt.

tags | tool, remote, scanner
systems | unix
SHA-256 | 093aeb644066b0be68548ece511a815a0694daf0c35c00b210047c28f7e2ebb3
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close