what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 60 RSS Feed

Files Date: 2006-01-15

iwar-0.07.tar.gz
Posted Jan 15, 2006
Authored by Da Beave | Site softwink.com

IWar is a war dialer used for auditing your PSTN (phone) network. Its features include random/sequential dialing, Voice over IP using the IAX2 (Intra-Asterisk eXchange) protocol, ASCII flat file and MySQL logging, a curses-based front end, key stroke marking, multiple modem support, several methods of tone detection, save/load state, banner detections (to determine remote system types) and blacklist support.

Changes: Added support for IAX2. Various bug fixes and enhancements.
tags | tool, remote, protocol, wardialer
SHA-256 | d16330469c1c10c84b415b360b2898660cb3b8a4f167a5343430032dd49596d5
Fwknop Port Knocking Utility
Posted Jan 15, 2006
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added GPG based authentication capability for SPA packets. Added patch against OpenSSH-4.2p1 to integrate SPA mode. Various other additions, enhancements, and bug fixes.
tags | tool, scanner, vulnerability
systems | unix
SHA-256 | 61d9bcf837b6f1d1377469a0a3e005aadb67c39ef8476883d92e35767c09da02
slad2-1.0.tar.gz
Posted Jan 15, 2006
Authored by lgrunwald | Site dn-systems.org

System Local Audit Daemon can run standalone or managed by systems like IBM-Tivoli, HP-OpenView, or Nessus to perform local security checks. It runs on the target hosts and enables them to call security tools like John the Ripper, Tiger, Tripwire, or a virus scanner via a unified XML interface. It is part of the BOSS Project.

tags | local, virus
systems | unix
SHA-256 | 49144aaa097f8d0f0c2697e4989e92d751c5a10db6c89eff5cf883382c58ab22
html-trap.procmail-1.150.gz
Posted Jan 15, 2006
Authored by John Hardin | Site impsec.org

Email Security through Procmail attempts to address the trend towards "enhancing" email clients with support for active content, which exposes end-users to many and varied threats, by "sanitizing" email: removing obvious exploit attempts and disabling the channels through which exploits are delivered. Facilities for detecting and blocking Trojan Horse exploits and worms are also provided.

Changes: Fix the unrar executable check so that it does not test for unrar if RAR scanning is already explicitly disabled by $DISABLE_RAR_SCAN. Fix recipient notification so that it will now work on relays.
tags | worm, trojan
systems | unix
SHA-256 | ed45904440d2a6be917137c868071b99074c1caededc8a55bd75f20656fb7031
placid-2.1.tar.gz
Posted Jan 15, 2006
Authored by Phillip Deneault | Site speakeasy.wpi.edu

Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.

Changes: Bug fixes, Fixed start/end time problems when searching, Added http refresh to UI, Added returned row count to search summary screen, and more.
tags | tool, web, sniffer
SHA-256 | 8d889a5c0f59a98ce5ef0b59f13d560decbd7c3142e438413fa5ccf158098f16
ttyrpld-2.11.tbz2
Posted Jan 15, 2006
Authored by Jan Engelhardt | Site ttyrpld.sourceforge.net

ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).

Changes: Added support back in for the latest releases of the previous generation of kernels.
tags | shell, kernel, system logging
systems | linux, unix, freebsd, bsd, openbsd
SHA-256 | 1d480badd146e67be914f84d3a014584ce046edce7e3ac77a93a49c4bc17565d
nabi.c
Posted Jan 15, 2006
Authored by x90c

Nabi version 1.0 - Advanced /var log wiper for Linux.

tags | tool, rootkit
systems | linux, unix
SHA-256 | b1c68442026f6c6d0e25698c226206e348634261e88d9b038bdc711de7296650
simpleBlog21.txt
Posted Jan 15, 2006
Authored by Zinho | Site hackerscenter.com

SimpleBlog version 2.1 is susceptible to SQL injection and cross site scripting attacks due to a lack of variable sanitization.

tags | exploit, xss, sql injection
SHA-256 | ff3506b3610ffd9f70066e0dfd16bf0eefd11f81fdae4679dc4fb59c83fa407c
nmrc-14Jan2006.txt
Posted Jan 15, 2006
Authored by Simple Nomad | Site nmrc.org

This advisory documents an anomaly involving Microsoft's Wireless Network Connection. If a laptop connects to an ad-hoc network it can later start beaconing the ad-hoc network's SSID as its own ad-hoc network without the laptop owner's knowledge. This can allow an attacker to attach to the laptop as a prelude to further attack.

tags | advisory
SHA-256 | 78cd0166cc3fdf94d948b2a5271ecace8556a14b625a9e730b15c0da1b9c63fa
firefoxCross.txt
Posted Jan 15, 2006

Firefox is susceptible to cross domain scripting attacks via iframes.

tags | advisory
SHA-256 | 6b89d1a712c42d0fa22e8d3c4e52b2435c889ef59a3099d697e6dc33a9ba2ee7
homeftp_v1.1_xpl.c
Posted Jan 15, 2006
Authored by Pi3cH, cvh | Site kapda.ir

HomeFTP versions 1.1 and below remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | bfe507a22b3a191feed82a1e2d6e93ea181a1033f05c8b587ee2c18c91fc4df0
ezDatabase20.txt
Posted Jan 15, 2006
Authored by Pridels Team | Site pridels.blogspot.com

ezDatabase versions 2.0 and below are susceptible to remote php file inclusion flaws due to a lack of sanitizing variables.

tags | exploit, remote, php, file inclusion
SHA-256 | ac57b93b8fc1d7e7df2e5d472a80f4f20f28d7027c75879ea8e99db34f8ddc2a
ip-array_0.05.55.tar.gz
Posted Jan 15, 2006
Authored by AllKind | Site sourceforge.net

IP-Array is a linux firewall script written in bash designed for small to mid sized networks. Includes support for traffic shaping and VPN.

Changes: Minor bugfix release.
tags | bash
systems | linux, unix
SHA-256 | 500c1516f91b94f1701b91e3b91120974f43a902cc657105f2744fcd270e2a3c
iDEFENSE Security Advisory 2006-01-13.t
Posted Jan 15, 2006
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 01.13.06 - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s Open Enterprise Server Remote Manager allows attackers to execute arbitrary code. iDefense has confirmed this vulnerability in Novell SUSE Linux Enterprise Server 9. All previous versions are suspected vulnerable. Novell SUSE Linux Enterprise Server components are included in Novell Open Enterprise Server; as such, Open Enterprise Server is also vulnerable.

tags | advisory, remote, overflow, arbitrary
systems | linux, suse
advisories | CVE-2005-3655
SHA-256 | 197db68e48a10d85b265fb699041cf0c6e9abc7b8a68545fc33a0559c112dcc7
DSR-farmerswife44sp1.pl.txt
Posted Jan 15, 2006
Authored by Knud Erik Hojgaard

Farmers WIFE version 4.4 sp1 ftpd remote exploit that allows for system compromise.

tags | exploit, remote
SHA-256 | 890997b51723f28c17e0b21e78bc7cc7e3e5fb4620c3ebe70555565e6bffafc1
xmame.c
Posted Jan 15, 2006
Authored by Qnix

xmame version 0.102 -lang local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | caeb134ee85336174f93db9c40254941cea8034983b2bef940871d7882de9aba
SUSA-SA-2006-002.txt
Posted Jan 15, 2006
Site suse.com

SUSE Security Announcement - iDEFENSE reported a security problem with the Novell Remote Manager. By passing a huge or negative size via a HTTP request header to httpstkd it was possible to corrupt heap memory and so potentially execute code.

tags | advisory, remote, web
systems | linux, suse
advisories | CVE-2005-3655
SHA-256 | 87bf1965c10956fc2c5e9eaba8f5e3a7ec9b2235ed03cbed1250c56b594036e8
Debian Linux Security Advisory 939-1
Posted Jan 15, 2006
Authored by Debian | Site debian.org

Debian Security Advisory DSA 939-1 - Daniel Drake discovered a problem in fetchmail, an SSL enabled POP3, APOP, IMAP mail gatherer/forwarder, that can cause a crash when the program is running in multidrop mode and receives messages without headers.

tags | advisory, imap
systems | linux, debian
advisories | CVE-2005-4348
SHA-256 | eb504508b154bb07b0bb263ba3c986f09ccb2fd68c81cba8ebfb80da0474e83d
Gentoo Linux Security Advisory 200601-9
Posted Jan 15, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200601-09 - H D Moore discovered that Wine implements the insecure-by-design SETABORTPROC GDI Escape function for Windows Metafile (WMF) files. Versions less than 20050930 are affected.

tags | advisory
systems | linux, windows, gentoo
SHA-256 | cd8ca0e1a30edba91563e64b6d76c0d63d0c00d2aa1332d8aa876d3e21148e3d
Gentoo Linux Security Advisory 200601-8
Posted Jan 15, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200601-08 - Damian Put has reported a flaw due to an integer overflow in the get_bhead() function, leading to a heap overflow when processing malformed .blend files. Versions less than 2.40 are affected.

tags | advisory, overflow
systems | linux, gentoo
SHA-256 | e18b4c51a8fa22878df3aa1f69fe1dabdd1850bdb5421c8925ca390a8cb66f32
Gentoo Linux Security Advisory 200601-7
Posted Jan 15, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200601-07 - Zero Day Initiative (ZDI) reported a heap buffer overflow vulnerability. The vulnerability is due to an incorrect boundary check of the user-supplied data prior to copying it to an insufficiently sized memory buffer. The flaw occurs when the application attempts to handle compressed UPX files. Versions less than 0.88 are affected.

tags | advisory, overflow
systems | linux, gentoo
SHA-256 | c9984dd1c3662a2d8cdaf40fd2641d724abdd7923edc21626d62b254b8506859
MiniNukeSQL-2.txt
Posted Jan 15, 2006
Authored by Mustafa Can Bjorn | Site nukedx.com

MiniNuke CMS System versions 1.8.2 and below suffer from a flaw where an authenticated user can change any password via membership.asp.

tags | exploit, asp
SHA-256 | c6423873b6c974af6954684aa5e8d239c47ef8a713d5e4956fc919cf56f47cc6
MiniNukeSQL.txt
Posted Jan 15, 2006
Authored by Mustafa Can Bjorn | Site nukedx.com

MiniNuke CMS System versions 1.8.2 and below suffer from a SQL injection attack in news.asp.

tags | exploit, sql injection, asp
SHA-256 | 3061308ccb8ff80555c1621b1060cbc2a6137f5856046a796d3781f41899d5b3
ptscan.tgz
Posted Jan 15, 2006
Authored by Robert Molnar

A simple threaded portscanner that is lightweight.

tags | tool, scanner
systems | unix
SHA-256 | 471fde63c18412449830d4ba493ef8fd2b3e2ed9c4e9f04a51adaf2d3d1c0868
DMA-2006-0112a.txt
Posted Jan 15, 2006
Authored by Kevin Finisterre | Site digitalmunition.com

Using ussp-push from the Toshiba Bluetooth Stack versions 4.00.23(T) and below, an attacker can place a trojaned file anywhere on the filesystem.

tags | exploit, trojan
SHA-256 | 032e619b38af3404776cca356075de5f940987e34114e0fcfc11faaae45c8d2f
Page 1 of 3
Back123Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close