Defcom Labs Advisory def-2001-18 - Cyberscheduler for Linux, Windows, and Solaris lacks bounds checking on the timezone variable, allowing remote root compromise. Patch available here. Includes proof of concept exploit x-cybershcehd.c and a shell script to brute force the offset. Vulnerable systems include Mandrake, RedHat, Slackware, Caldera, Suse, Debian, Windows NT, 2000 (IIS 4.0 and 5.0), and Solaris 2.5, 2.6, 7, and 8.
21c37966585bd74ddeb800641942dfeff9778cd7e600ab1a642ec1d919315aa4Defcom Labs Advisory def-2001-19 - Innfeed has local stack overflow vulnerabilities in the logOrPrint() function which can be exploited to give uid=news. Tested on Slackware 7.1, Mandrake 7.0, and RedHat 7.2. Includes a patch, proof of concept exploit x-startinnfeed.c, and a shell script to brute force the offset.
4138178fdea0de7a98d769d075ebec0aa842b1ff03426901f91cd2c8b12ac932Removing the SUID bit from xlock causes enter to work as a password to unlock the screen for all users except root. With no SUID bit it can no longer read /etc/shadow, creating a blank .xlockrc, causing enter to be a valid password.
7a3fc00fea0ff0994ae858e317eefc68874f30058a8c8af694cc82126a795089spfx2.c is a linux kernel module which stops many exploits by protecting the system from code running on the stack. Works by limiting the use of key system calls to library functions. Although spfx2 does not prevent buffer-overflow related crashes, it does make it very difficult to break security with with a buffer-overflow attack, preventing most root compromises.
21123c498529b71be6d347b91c4205c6d050024dbd2a5899cf8fb5b621b3df73Debian Security Advisory DSA-048-1 - Samba does not use temp files correctly, allowing local attackers to trick samba into overwriting arbitrary files. Both problems have been fixed in version 2.0.7-3.2.
c64ca9f497ad002e62c183ca44b7e3a1180a6da09f6d05e942a74c5b380db8a7Icmp-Log v0.4 is a simple ICMP logger.
ca68646691293ec198e2109258822f5491defff735799a86db504b84fcaf73a9Check-ps is a program that is designed to detect rootkit versions of ps that fail to tell you about selected processes. It currently requires /proc but other scanning methods can be implemented. The program will run in the background or one-shot mode. Check-ps has grown rather to better resist increasingly sophisticated attacks, generate more useful reports, and implement more detection methods. You are encouraged to check the signatures, available here.
b1c08424547c197563f6641aee28b0b9450246b337ba74064bd85a9711b9b8a1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed