Spjy2ksniff.c Network sniffer to operate passive attacks and find weaknesses in the protection of the traffic on your LAN. It uses the pcap(3) library to access to datalink level. Newbie (limited) version.
f92ff5362d4b2ff3a27899cba95cba754e336710159c7446b80329d721ae113bAll the exploits for 1999!
67fd709e350500d6439a175f6f5c708796faf47c82557dee6eb14fef418cd70eExploits for December, 1999.
703902df89bce6bdbde602567806f74bb44fe1f433263bec15a1ff6e8a8c69a5ntop is a tool that shows the network usage, similar to what the popular Unix command top does. ntop can be used in both interactive or web mode. In the first case, ntop displays the network status on the user's terminal whereas in web mode a web browser (e.g. netscape) can attach to ntop (that acts as a web server) and get a dump of the network status. In the latter case, ntop can be seen as a simple RMON-like agent with an embedded web interface.
3c63ec81eeec41332c094fb431f1daab8795b6686704506f51bafd9d711eeec0Sportal is made for people that need to know what is going on in their systems. It monitors files that you select, for "hot words" that you also select, through a graphical interface. When a hot word is found in the file being watched, it will let you know. There is no restriction on the numbers of files or hot words.
7b3b1a685fc17dbc039ee558ff2d0bd21e076d688efe321e80ffa4c17ce23d2ePsftp is an FTP client that uses ssh 1.x as its backend. It provides a command-line FTP interface on top of scp and ssh.
ea9ba0044356544b4d0241eabeb7d5461a381200523d1ff9f54def0abb2e14b2initscripts-4.48-1 on RedHat Linux is vulnerable to a race condition. Contains the l0pht advisory on the subject and exploit.
8fbb95a1d486767654b91e051c53b1fe705011257fc3403f663104539a8a7c68The Savant Web Server V2.0 Win9X / NT / 2K and possibly other versions has a buffer overflow caused by a NULL Character in the parsing Get Command routine.
f700ade2ff5160a78c751d4cad90724e7efd35a4b899b49a1e49ec9a813da624vnsl (vENOMOUS Scripting Language version 0.1b) can be used to script connections to daemons and backdoors.
2ed8380b373a9e5cfa497c3e67cad65bd64226d22a3b4260b158ea294aa27b71A vulnerability in majordomo allows local users to gain elevated privileges.
792d59158dadd36a7ada42e732b5f076be51ac1491f09ece77427d758fc24205CERT Advisory CA-99-17 - Denial-of-Service Tools. Recently, new techniques for executing denial-of-service attacks have been made public. MacOS 9 can be abused by an intruder to generate a large volume of traffic directed at a victim in response to a small amount of traffic produced by an intruder. This allows an intruder to use MacOS 9 as a "traffic amplifier," and flood victims with traffic. A tool similar to Tribe FloodNet (TFN), called Tribe FloodNet 2K (TFN2K) was released.
ab550f432f810ab211b9bb7a79666b37ff7dae0625f51ff5088743f51352e8ecVXE - Virtual eXecuting Environment protects Unix daemons from compromise in a manner similar to chroot. A main problem with UNIX security is that superuser can do with system anything he wants. There are programs (daemons) which work with superuser privilegies, for example popd, sendmail, and accessible from network (Internet/Intranet). There could be bugs in any program, so intruder connects to such programs via network, exploit existing bugs in it and get a control over all of the host. VXE (Virtual eXecuting Environment) protects UNIX servers from such intruders, hacker attacks from network and so on. It protects software subsystems, such as: SMTP, POP, HTTP and any other subsystem, already installed on the server. Free for non-commercial use.
3eb6d451693ed6597560f37329cf50a596b05a22bf76c2c60413c8c05cbb4ff2Wmmon is a popular program for monitoring CPU load and other system utilization. It runs as a dockapp under WindowMaker. The FreeBSD version of this program has a feature that can be trivially exploited to gain group kmem in recent installs, or user root in really old installs. This affects the FreeBSD version because under FreeBSD the program must be installed setgid kmem or setuid root in order to access system load information through the memory devices. The Linux version should not be vulnerable because it reads information through procfs which requires no special privileges.
b17324e668f1be017ac1858c718bf3d368886a8ffc62efe182da8ba3ed9aeb9cLocal / Remote D.o.S Attack in CSM Mail Server for Windows 95/NT v.2000.08.A and other older versions. Possibly exploitable.
214015ff3800285b4f7271b1d3b4fd58490fdf69a220c91c16ef20b2f0c74321InET Magazine #4 has been realeased with articles about the SS7 Telephony Protocol, IPv6 crypto and security,
eafed7d448854dc0ab899d00a77bebc0affdf75ebad959198ec88746765975dcWindows NT Security Update - Reflections from 1999 and into 2000, Savant Web Server Denial of Service, Avirt Rover Buffer Overflow, Netscape Navigator 4.5 Runs Arbitrary Code, Live Webcast, How Secure is Your Exchange Server? Update, and Using Windows 2000's Run As Command. NTsecurity homepage here.
f60bb1f99aff820fc73ab2697201335fa606baf5a3e95b0ea7026835b2c96754Patch advisory for Sun Microsystems. Please read for details.
62275e58fad04dd4e7d59d83a5810239d98a7874fc06f781749a908059ec2e54Patch advisory for Sun Microsystems. Please read for details.
331f3de970fcaecf431c3de270c4ce5a889ded086976b6fa1ce9c060c8e7d4e7This program remotely kills trino nodes on version 1.07b2+f3 and below.
f57c15a7388cce60e4861913031d4f77c0bca6be29a00a0a70402e9cde13e7c8Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.
73f96c9935f9004d24d7756ae75ca042b4a94759c66a12a2dfa2a9eac8bc62c1Zodiac is a portable, extensible and multithreaded DNS tool. It is meant to be used as a DNS packet monitor and DNS protocol test and debuging tool. It's basic features are: sniffing of DNS datagrams on an ethernet device, decoding of all types of DNS packets, including safe decompression (partly finished, SOA record are, for example, not decoded yet), nice display and gui, if you like ncurses and text based frontends, always interactive in all situations through built in command line, threaded and flexible design. Advanced features include: local DNS spoof handler, jizz DNS spoof, exploiting a weakness in old bind implementations, determines jizz-weakness, id-prediction and resolver type remotely, id spoofing, exploiting a weakness in the dns protocol itself, implements some advanced DNS denial of service attacks, including flood, label compression and unres attack, advanced DNS smurf.
9177cc687008fb78cc392b441323b5ec9f051c351001d1c448f35f7c9a88324aascend foo denial of service exploit - basically just another lame echo/echo link, but has nice results on ascend, the router needs to be rebooted.
fe530210211c98eb326d365ad3afea020c2bcac0189958f184e1b378dc1e2becEchelon for Dummies is a distributed sniffer which tries to show how the "echelon" network could be designed. It uses sniffer servers that can be installed and run on remote hosts, and will dig through local network traffic, useing custom pattern/keyword matching to find packets with interesting content, which are then forwarded to a central loghost on which the logging daemon is run that gathers and logs the data. For stealth purposes, Sniffers and the logger communicate via random protocols and encryption, and are compatible to many Unix systems and NT.
70592b2730b49a0cb5f11ce7b3258462d9a60e8f4b8feb94b9d5590f6af2438cCamShot is a Windows 95/98/NT web server that serves up web pages containing time stamped images captured from a video camera. The images can be viewed from anywhere on the network with a web browser. UssrLabs found a Local / Remote Buffer overflow, The code that handles GET commands has an unchecked buffer that will allow arbitrary code to be executed if it is overflowed.
f179a5f67d4a3699e41fea3f876e418d1c1298f43b98efb499e0052e8832b256
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed