exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2004-04-19 to 2004-04-20

sniff-2.3.tar.bz2
Posted Apr 19, 2004
Site thedumbterminal.co.uk

Sniff formats hex packets from tcpdump and converts them to ASCII to make them easier to read and understand. Its features include colored console output, CSV file saving, and fully customizable output. The program directly accepts all tcpdump options, including parsing from packet files.

Changes: Tcpdump -n option no longer used as default, to use option just specify it on the command line with your other tcpdump options.
tags | tool, sniffer
SHA-256 | 6b0dc26bcbe381e5af17036db35817ec657408fc3b4f9b8aa40a9ecdfd22c7ad
cctde-0.2.tar.gz
Posted Apr 19, 2004
Authored by Simon Castro | Site gray-world.net

CCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.

Changes: First public release.
tags | tool, sniffer
SHA-256 | 0d547e754b02df848f6c4d655587f1f6450a799b688c2490123a87451ca09372
Exch.pl
Posted Apr 19, 2004
Authored by Securma Massine

Kinesphere Corporation Exchange POP3 e-mail gateway remote exploit that makes use of a buffer overflow.

tags | exploit, remote, overflow
SHA-256 | aa21d34e23c056c9250ad35d4abf58eeff4391ebca64ff0ac12966a256d74237
MDKSA-2004:031.txt
Posted Apr 19, 2004
Authored by Steve Grubb | Site mandrakesecure.net

Mandrake Linux Security Update Advisory - Problems lie in the utempter program versions 10.0, 9.2, 9.1, Corporate Server 2.1, and Multi Network Firewall 8.2 that allow for arbitrary file overwrites and denial of service attacks.

tags | advisory, denial of service, arbitrary
systems | linux, mandrake
advisories | CVE-2004-0233
SHA-256 | d955011e39cbff52026f4c77016b564f2c9d8f72b1a57bf1a841fbbace58a5a8
phpBBmod.txt
Posted Apr 19, 2004
Authored by Officerrr

phpBB modified by PRzemo version 1.8 allows for arbitrary code execution due to improper filtering allowing for remote script inclusion.

tags | exploit, remote, arbitrary, code execution
SHA-256 | 8f915afa29d6d3113d81ad61be80a1976bff508961eda81a442555fabb47b0e4
113579-03.txt
Posted Apr 19, 2004
Authored by Chris Thompson

Patch 113579-03 that was released for Solaris 9 in mid-February introduces a security bug that affects anyone running a NIS server.

tags | advisory
systems | solaris
SHA-256 | af8a27c3a62be7c3fb127a4bfe17fa95641a3d58ac90fc99d916bb9d731edc1d
reverse_backdoored_binaries.txt
Posted Apr 19, 2004
Authored by Chris | Site cr-secure.net

Well written whitepaper about reverse engineering backdoored binaries. It is meant for the beginner reverse engineer with some knowledge of ELF, C, x86 ASM, and Linux.

tags | x86
systems | linux
SHA-256 | b31fe0048b71bab934815417a3d57f26b2f50823b7d9600434d47c9c533ed212
dsa-488.txt
Posted Apr 19, 2004
Authored by Debian | Site debian.org

Debian Security Advisory DSA 488-1 - Christian Jaeger reported a bug in logcheck which could potentially be exploited by a local user to overwrite files with root privileges. logcheck utilized a temporary directory under /var/tmp without taking security precautions. While this directory is created when logcheck is installed, and while it exists there is no vulnerability, if at any time this directory is removed, the potential for exploitation exists.

tags | advisory, local, root
systems | linux, debian
SHA-256 | 0847d476372853d07fab312a6d3a8a545b2f8c1634ced2c0ed2d79f678c6ea79
msg00000.html
Posted Apr 19, 2004
Authored by tsifra | Site xchat.org

XChat versions 2.0.8 through 1.8.0 are vulnerable to a boundary error condition in their SOCKS-5 proxy code. Successful exploitation can lead to a complete system compromise.

tags | advisory
SHA-256 | d5f20b76db2c8dc08bf4e18ba72b64835cbb45e7648c299108cb57c4fec1bc1e
kphone.stun.txt
Posted Apr 19, 2004
Authored by storm

KPhone versions 4.0.1 and below are vulnerable to a denial of service attack when receiving a malformed STUN response packet.

tags | exploit, denial of service
SHA-256 | 12d4c98fd485fb0fefda4a56371fd88ee6fd8c0ce96b29a81aca47739fbb89b8
SQL_Injection_Evasion.pdf
Posted Apr 19, 2004
Authored by Ofer Maor, Amichai Shulman | Site imperva.com

A white paper from the Imperva Application Defense Center entitled 'SQL Injection Signature Evasion'. This paper discusses how protecting against SQL injection attacks using signatures is not enough.

tags | paper, sql injection
SHA-256 | 03d6daf972705613464988cfa766093ecc5478c6bc77a3064f497d825b56093f
zaep20.txt
Posted Apr 19, 2004
Authored by Noam Rathaus

Zaep AntiSpam 2.0 is susceptible to cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 3e7e4f123c4943e9bd523542e9c492ae9d9114fb2b02ef17bbd39fbb62c40969
bitdefender.txt
Posted Apr 19, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

BitDefender's online scanning service has Active-X related flaws that allow an attacker to run arbitrary code server side.

tags | advisory, arbitrary, activex
SHA-256 | b99278bb29477cd2c8b3b823340d554551425884717cdd650dc007d6d6ad6370
pam_usb-0.2.2.tar.gz
Posted Apr 19, 2004
Authored by Andrea Luzzardi | Site sig11.org

pam_usb is a PAM module that enables authentication using a USB storage device through DSA private/public keys. It can also work with floppy disks, CD-ROMs, or any kind of mountable device.

Changes: Added support for multiple filesystems, various other enhancements.
systems | linux
SHA-256 | b338e9b1161e4b56f4e007713a4e147501ee2576bf18243f3256c28ee37f03cc
tumbler.tar.gz
Posted Apr 19, 2004
Authored by John Graham-Cumming | Site tumbler.sourceforge.net

tumbler is a protocol that enables a client piece of software to securely tell a server process on a remote machine to execute a predetermined command. tumbler is similar to port knocking and is designed so that a remote user can securely and stealthily enable and disable server processes, or open and close firewall holes on a computer connected to the Internet.

tags | tool, remote, protocol, rootkit
systems | unix
SHA-256 | 9be51278bb9e8b11bb91de779ebb180175c8e973892af7b6bd5a4df438c8acc6
knock-0.2.tar.gz
Posted Apr 19, 2004
Authored by Judd Vinet | Site zeroflux.org

knock is a server/client set of tools that implements the idea known as port-knocking. Port-knocking is a method of accessing a backdoor to your firewall through a special sequence of port hits. This can be useful for opening up temporary holes in a restrictive firewall for SSH access or similar.

Changes: Bug fixes, Added support for specific TCP flags.
tags | tool, scanner
systems | unix
SHA-256 | 74c00936c571fd618296180db3c5df9fe74da0470553de3d7284bb4538df92dd
Samhain File Integrity Checker
Posted Apr 19, 2004
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: See documentation.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | aa82b94f5ba3f6d6d565f1986ead96f390cd3776552d3bdb6a2d38dd90a5bef1
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close