Fancylogin 0.99.7 buffer overflow exploit. Fancylogin is usually not +s so this exploit isn't that dangerous. Tested on debian potato and kernel 2.2.18 and 2.2.19.
29d03dc71d859bbe4e1a2875ecdcaa1d77c2adb10f17069da1e18b83a08771c0Lcrzoex, created with the network library lcrzo, allows to test an Ethernet/IP network. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris.
dbfa70d9b6ce8ac4a17c12b0f95c81a072c7ebbcaf4406851176e70f4bcf9089The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.
4115335725a45f4603641308018122c98866dbd7787e7f9647379a7e21f766f6Security flaw in Linux 2.4 IPTables using FTP PORT - If an attacker can establish an FTP connection passing through a Linux 2.4.x IPTables firewall with the state options allowing "related" connections (almost 100% do), he can insert entries into the firewall's RELATED ruleset table allowing the FTP Server to connect to any host and port protected by the firewalls rules, including the firewall itself. Advisory available here.
ae3602a2f75b24ef995eb290537dc514837d292b96235e884dbb43f17d8b9bccThe Spapem project aims to how how to elude securelevel under *BSD systems by hiding the fact that the system has been rebooted. Includes code to restore the PID, a LKM to change the uptime, a generic rootkit example, a module to remove startup messages, and instructions for patching init(8).
82b43738fe9aaba0129a0e6210d475fb733357a302d34ecc0480bd867274d1d5Carbonite v1.0 is a LKM which is designed to investigate and detect rootkits, even LKM rootkits which patch calls to /proc. It works like lsof and ps at the kernel level, querying every process in Linux's task_struct, which is the kernel structure that maintains information on every running process in Linux. It gives administrators a more reliable method to identify all running processes on the system.
9ea8e381203f46223874eea4e92810c3094d00eeda03ad7b927236f98a7cbb78FreeBSD-4.2-Stable ftpd GLOB remote root exploit in perl. This version requires user access and writeable home dir without chroot.
d9d003dd6fbf397662aaadea0cda37b79f4f487bbe81f0f4dca4c6995f5cb632Denial of Service in Microsoft ISA server v1.0 - Microsoft ISA Server 1.0 on Windows 2000 Server SP1 is vulnerable to a simple network-based attack which stops all incoming and outgoing web traffic from passing through the firewall until the firewall is rebooted or the affected service is restarted. Exploit URL's included.
9d02d2508ec99a83764ebc8949250bbaa3f6a7f94d64565ec9d94e4721d64d5dOpenBSD 2.x remote root GLOB exploit w/ chroot break. It is possible to exploit an anonymous ftp without write permission under certain circumstances. This is most likely to succeed if there is a single directory somewhere with more than 16 characters in its name. With write permissions, one could easily create such a directory.
5e2903fcb27602a8d106b23765838518455a5fb29fed0495120e4cdf16853274Georgi Guninski security advisory #42, 2001 - By double clicking from Window Explorer or Internet Explorer on filenames with innocent extensions the user may be tricked to execute arbitrary programs. If the file extension has a certain CLSID, then Windows explorer and IE do not show the CLSID and only the harmless looking extension. Demonstration available here.
4343d6e471cf14bde5baebc0d0bf30f0bf01a8f1220ae414f85aef130a942a421i0n.tar.gz is an executable package for the 1ion worm by the ramen crew. Includes several shell scripts and helper binaries.
c809a95720b0fc977cdf4bf07033e74055cbae62236d58c20fd20b1352efb33dRed Hat Security Advisory RHSA-2001:047-03 - All Linux kernels prior to version 2.2.19 include possibilities for local denial of service or root exploits by exercising race conditions between the ptrace, exec, and/or suid system calls. Additionally, the sysctl system call included programming errors allowing a user to write to kernel memory. The 2.2.19 kernel fixes these problems.
7372e4cee1b52dc79e7f75bec31df9e9dced09ae503395416bd50c1899f96fc9Microsoft Security Advisory MS01-021 - The ISA Server Web Proxy service is vulnerable to a remote denial of service attack if the Web Publishing feature is enabled. Microsoft FAQ on this issue available here.
659d1ff434647b93422ef7fd88bfa6838a2c32f67e29c72d3bc0c32808bda089FreeBSD v4.2 ftpd remote root exploit. Uses a GLOB vulnerability. Requires an account on the machine. Compiles on FreeBSD, Linux, and Solaris. Includes information on finding offsets.
540b154821aa64ba0fdf0fbba86a254d332881eacb9247606a8b7fde62483b1eSWB enables the SMB(CIFS) session setup in any Windows settings. Tested on Windows NT/2000/98SE/ME.
71517cee9a9e636d740bffaa9cb997d3692f984468422b3a9f89e4b0d630e0e4BeatLm searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows NT and 2000.
4c535bd8c432c5bb6d185fb0bbf6605c72ba3347e9ad5c80023369270e750c90ScoopLM searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows 2000.
f2e9ef843e853126ff77c898f18f670108c195457bb18820c30fca54ab8370c7Debian Security Advisory DSA-047-1 - The kernels used in Debian GNU/Linux 2.2 have been found to have a dozen security problems. Upgrade to 2.2.19!
4cb8dd320857282d9391d0b8d746664e7731e2e0d7cf46e248a7589d153f459aShijack is a TCP connection hijacking tool for Linux, FreeBSD, and Solaris. Uses Libnet.
5c6dc0d3488506d6b2ee58d31394985fa820a4e43b656db460c86a956de1b810Go.pl allows you to scan ports through a misconfigured squid proxy.
98310269175325ec91f9370570f050216e816e3c000853861869d1df74773777Linux Kernel Patch from the segfault.net project - This patch for kernel v2.2.19 allows you to specify GID's which are allowed to bind to each interface. This patch could be very useful for shell providers or admins who wants to restrict the using of more interfaces.
0ab604f42e9c8656bf07b1286bd56f0d7f1d756a9d7ffda62764507085a0e115Man -l format string local exploit for Linux.
ca335bd4cdac2c35254a550caf5b711395186ac1f91e69c92d32054d17d198fcPort Scan Attack Detector (psad) is a perl program that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options (Linux 2.4.x kernels only), email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap.
fa42e7f72f7a151f777bdf40c928b0682a240e7cd781606b44f66c16e65be446
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed