The Firewall Tester consists of two perl scripts, the client part (ftest) and the listening sniffer (ftestd). The client injects custom marked packets, while the sniffer listens for them. The comparison of the script's log files permit the detection of filtered packets and consequently filtering rules if the two scripts are ran on different sides of a firewall. An IDS (Intrusion Detection System) testing feature is also available and snort rule definition file can parsed instead of the standard configuration syntax, ftest can also use common IDS evasion techniques. Stateful inspection firewall and IDS can be tested with the 'connection spoofing' option. Requires: Net::RawIP, Net::PcapUtils, NetPacket.
c48c80e3066209b78c7fbc41f645fb86367300c006054db11014fedf633d98d3jnethack 1.1.5 and below exploit that yields gid of games. Tested against Debian Woody 3.0.
0cac4955047c0b0311c5301dedcf27d64d4f5c78c3f77710a896d66963d8b72bRemote exploit that makes use of a SQL injection vulnerability that exists in the /viewtopic.php file in phpBB.
ae816afd06e9754038e95b8a44efd5ef404baaa7ba725077b7e618cdab27686bYet another OpenSSH Patch. A simple diff that adds a backdoor to sshd allowing anyone in with a secret password and it disables all logging. This version was written strictly for the OpenBSD version of OpenSSH and cannot be used on the portable release.
81750ac6c5c07a5d9dbed37ac1295667a41f6533df2197539ecde15327f71360Rapid 7 Security Advisory - The secure redirect function of the RSA ACE/Agents protecting IIS, Apache, or SunONE web servers contains a cross-site scripting vulnerability. The redirector does not properly escape special characters, so requests for a URL containing special script characters will cause the ACE/Agent to emit a page containing web script which would execute in the user's browser. An attacker could potentially use this to fool unsuspecting users into entering their passphrase information, which could then be replayed by the attacker to the protected server to gain access.
d332921b1cffe2e12b86291375e5c8fff2ac5021f59bc3b7ad98fa7a22fa41c9Remote exploit for Squid V2.4.DEVEL4 and below on linux/x86.
4d88b1cac25a2d926015a0a76de60258e2921cc54ee0b1bed4f093b1ee59cf9eSTG Security Advisory - Java Enterprise User Solution, or JEUS, has a cross site scripting vulnerability issue when invoking non-existent URLs.
fb61d2e5a250f0d0de9f36ee16d044503666f5e77723563ef05e9844f37d058cExploitation of data streams authorized by a network access control system for arbitrary data transfers: tunneling and covert channels over the HTTP protocol.
45e9e41b5b3669bd7cdaa1190fc3c1cf452a3ee7911a2a4b07f203f858377e21SGI Security Advisory 20030605-01-A - SGI acknowledges the MIPSPro compiler temporary file vulnerability reported by Crimelabs. The have nothing else to say about it at this time.
3977debbe76e19253bd052ccf85de793d7de03b7c0daa864382ffc4feafb04e9RPM Finder Project version 1.2 is a utility that works much like the rpmfind.net site. It supports RedHat and Mandrake Linux.
6459a4c851ab66b8349b4e3c4a5708961d44bcb8b8619a9b9ba72fa620066729Sibylle 1.0 is a password manager that make use of the following features: 3-Way block encryption, A simple and easy to use interface, and DOD 5220.22-M secure file deletion function. It is Securengine (securengine.isecurelabs.com) 3.0 compatible and offers multiple user support. All passwords are stored in an encrypted file that can be easily backed up.
006539a44fb2caa3d4724b8de1a367be71e4031cf78307c56e2b27330d6899a3Microsoft Internet Explorer 5.01, 5.5 and 6.0 has a parsing procedure with a flaw in it that may cause arbitrary script commands to be executed in the Local Zone. This can lead to potential arbitrary command execution, local file reading and other severe consequences.
a1540b588487d7bd0bd38292e470f26634d2bc21c8824bc90b85740e975aa019This script is used to automate escalation of normal user privileges to root making use of FORTH hacking on Sparc hardware.
325fd7bf0f7765175435cfc0edb188bbfee72d6c1fa31b5dedf1ab31c371b473Xmame local root exploit for Redhat 7.0 and 7.2 which overflows the --lang switch in /usr/local/bin/xmame.x11.
8dce5d3bb6bbe4081f8ca8af9f20e24a1da5ec801e3f803058e7c3e1025ce41f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed