Xato Security Advisory XATO-122000-01 - The majority of the command-line SMTP mailers available for Win32-based systems are vulnerable when used to send mail from a web server. The vulnerabilities found allow remote web users to read and/or write to the servers file system, retrieve files from the server's file system as mail attachments, bounce and/or spoof e-mail messages, spam, flood, mail bomb, or otherwise use a server's resources without authorization, bounce off a server to perform port scans, bounce off a server to perform brute-force attacks to POP and/or SMTP accounts, reroute all the mail through an untrusted mail server by changing mailer options, and launch dos attacks against the server or other systems. Vulnerable mailers include BatMail v1.8d, Blat v1.85h, CGIMail v2.5, CLEMAIL v1.3, Comments v1.7, FormVar v1.61, GBMail v2.02, MailForm v1.96, MailMe! v1.6, MailPost v5.1, MailSend v7.15, MailSend v3.18, NetFormDD v2.9, Postie v6, SendFile v1.0, Stalkerlab's Mailers V1.2, WindMail v3.05, WebMailer Pro v1.2, WebMailer Lite v1.2, and wSendmail v1.5.
5778b64953305f37414121c27758dc5965bc40da638cb84c38fd43be55ea05a4LPRng v3.6.24 and below remote root exploit for Linux/x86 which exploits the syslog() format string vulnerability. Tested against the default install of Redhat 7.0 (LPRng-3.6.24-1) and LPRng3.6.22-1 installed on Slackware 7.0.
711ec9e53d55297ca043c724b126975613590c27a195978efaf80054e1390558Intrusion Detection Message Exchange Format (IDMEF) XML output plugin for Snort - Produces IDMEF messages in response to events triggering Snort rules. It is configured in a standard Snort configuration file, and can run concurrently with existing Snort logging output.
47be696d8de817eee9d309676ddafdcad0bd15b9991cfc434abf5f7c06d62654Ipfirewall v3.1 is a script which configures a Unix firewall. Includes compatibility for ipchains, ipfw, ipfwadm, and natd. Designed for linux or BSD.
cf6bdbbe6a015b9b900e4aeabaee56db61c9543a9b63771c185f0f50a5e5da7aWatchGuard SOHO is an appliance firewall device targeted at small to mid-sized companies that wish to connect their network to the Internet. ISS X-Force discovered the following vulnerabilities in the SOHO Firewall that may allow an attacker to compromise or deny service to the device:
8cc47b08e479f3101cc3f6ca9d94c2fd332658761e4a019a84429b4c8c47abfbNScan is a very fast portscanner for Windows (up to 200 ports per second) for both hosts and large networks with numerous features: it scans not only address ranges, but also files with host lists (e.g. proxy list, domain zone or old log), writes logs at the different detail levels, has speed limits, pre-defined service sets and so on. It includes a set of additional tools: whois client, that supports automatic information recognition and fetch, has query history and other features; traceroute, that traces all the way to the host at once in one or two seconds, making route discovery tenth times faster; TCP-based DNS client that supports most of the available options, including AXFR zone transfer.
336b6d9ffde4587d851f236b75356d3c8f8df2eb7928cf02a262ba738c03f85bSaint Jude LKM is a Linux Kernel Module for 2.2.0 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work equally well for both known and unknown exploits.
0a1f1e745c9305728343c29b50726a9384d6f9f0123caec99ec9473b156315fbStunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.
6e5823fa9edd49e61120e42eff0ef519263f3c773f984da6ec77d63e51a183f2G2S is a smart, all-in-one frontend between client and server applications. It features portability, a robust super-server (inetd) replacement, TCP-wrappers integrated with paranoid DNS checks and support for broken or fake name servers, handy but detailed log files, support for various protocols (raw IP, ICMP, GGP, TCP, EGP, PUP, UDP, RDP), IPv6 compliance, IPv6 to IPv4 gatewaying, and support for RBL maps for automatic spam filtering.
7032acdac4351ce4a81bc1552c9d0244076982c9f5f469cbed77b3c2c5a1affdVorpal Mail is an easily configurable but flexible replacement for sendmail, supporting advanced features such as virus scanning, virtual domains, etc.
e5206c70485e446e7bf4a50d9973d709a5ecbd046844b46dfb8e84bc29dae99eThe Secure CGI Library eases the development of C/C++ Web applications using the CGI interface. It's designed with security in mind and can enforce correct limits to avoid common denial-of-service attacks. It can also handle an unlimited number of variables with unlimited content size, and with very fast parsing and hashed lookups.
fb8afc71525fd3a7a7393057d5b7321cfb29ad3cead3d057d120b6cde64db024unrm is a small linux utility which can, under some circumstances, recover almost 99% of your erased data (similar to DOS's undelete).
c461c5b17f93bf7b8d5f6b731db312a72037b5fd0d83072b98b17ffea9ea3af3The Secure-Linux patch adds a few security features to the kernel which, while not a complete method of protection, will stop most of the 'cookbook' buffer overflow exploits cold. It also adds the option of restricting the use of symlinks and named pipes in +t (temp) directories which fixes most tmp-race exploits as well. It can also add a little bit more privacy to the system by restricting access to parts of /proc to root so that users may not see who else is logged on or what they're doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction, and priveledged IP aliases for kernel 2.0.
9e7bf4bf8d704bdfa6dcc56066ed237fdc76140d9939c21863c15318242d51a6The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.
98eb2f63e572a4aa415b91b47db7527b0c11c5db548aa6a529bfb715ca5071dfThe Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.
77d51a6ef53e377459d132a3d65faba0ed5c39b85e2f9439483a99a686abc0feCERT Advisory CA-2000-22 - Input Validation Problems in LPRng. A popular replacement software package to the BSD lpd printing service called LPRng contains at least one format string vulnerability in the syslog() function, which allows remote users with access to TCP port 515 to execute arbitrary code on vulnerable systems as root. Fix available here.
7fc230b21bc7c073377322bd6f4f933c974648e8cc9f128acc8e460b7085da36Icqrinfo is a Windows program which reads information (including passwords, personal information, and deleted contact list information) stored in ICQ.DAT files. ICQ Versions 99a, 99b, 2000a, and 2000b are supported.
3c1bbb96928d420b7f704c1d789026a92c786f88ccbf3cf8776784146905cf01A simple TCP port listener. You provide a list of ports to listen on and the program will notify you when a connection is made to the port(s). Can minimize to the system tray and play an audible alert. This program is intended to act as a guard dog to notify you of attempted probes to your computer via the Internet. 11/19/1998 release.
3391210655a754537c5e861930e9b93630d18972107662c36c2f83492e3f923cUDPFlood v2.0 is a UDP packet sender. It sends out UDP packets to the specfied IP and port at a controllable rate. Packets can be made from a typed text string, a given number of random bytes or data from a file. This program was written to stress test game servers where I work. It proved to be especially useful for bullet-proofing the packet receiving code, making sure it could deal with various combinations of formatted and random data.
4b7ae9a55e88c36ba84ba2aa2fa3321494b17e84ce127a199df2a3a8ef60d764Blast v2.0 - A small, quick TCP service stress test tool. Blast does a good amount of work very quickly and can help spot potential weaknesses in your network servers.
4748961063184db9300cb0e92b5327c7001591c319c6cac0ad3f148a0474d49fShellcode which does a setreuid before spawning a shell. Allows you to choose which UID / GID to use.
bab59cebad1397fb98c625b155e3892b60680d09a40410d2dae76cd0f4e43062Nettoe v1.0.5 denial of service attack - Causes the Nettoe server to use all available CPU cycles and lock the game.
0829ddccf17a5f6cf8784776e011d370671b9df074562df981cf1b37ab918cddA serious newbies guide to the underground.
370184283306338515c762102e2da6cd29d333067479676072a56635fb416bdeNSFOCUS Security Advisory (SA2000-09) - EZshopper v2.0 and v3.0 from AHG contains remote CGI vulnerabilities which allow an attacker to get directory listings and sensitive file contents. Exploit URL's included.
26cabffb2d71d094476b9be5255376ed3fa9940c9c2776dc3aa0c73a88675d8aNSFOCUS Security Advisory (SA2000-08) - Microsoft IIS for Far East Editions File Disclosure Vulnerability. Submitting a malformed URL with a non-ascii character, a different file can be opened and the contents read. Vulnerable versions include IIS 4.0 (Far East Edition) previous to SP6 and IIS 5.0 (Far East Edition). English versions are unaffected. Exploit will be released soon.
18ac62855ee1f46fc88efa8ccb402ebb65f449eb0664a5ce46786c49c83d7b5b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed