A denial of service bug was discovered in BitchX - a nasty user can invite you to a channel with a %s in it, causing the client to coredump. This is a classic case of printf(variable) where variable contains formatting chars. Patch available here.
d314b02f3283b0b921e3c16a0e5bd4fc35f5d697e913f7b6012543988df5805cThe Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.
33678460ffc6fa0c37fbd52ae9cfd11f65a7a816b4dbbba078de33d32a5e1020Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture.
ee7a7e964115535103a02f9b2b7facf6da55899977b21474ee6080a246f41141The Java Telnet Applet is a fully featured telnet/SSH program that allows users to connect and login to remote hosts via the Internet or an Intranet using only their WWW Browser. It includes not only telnet-compliant connection services, but also the ability to dynamically load additional Terminal Emulations and plugins. The available plugins are: Socket, Telnet, Terminal, Script, and SSH.
fa8ae877e6261dbdd2623d9536d76644396414503991dc303bec06f6742e3e31The Secure-Linux patch adds a few security features to the kernel which, while not a complete method of protection, will stop most of the 'cookbook' buffer overflow exploits cold. It also adds the option of restricting the use of symlinks and named pipes in +t (temp) directories which fixes most tmp-race exploits as well. It can also add a little bit more privacy to the system by restricting access to parts of /proc to root so that users may not see who else is logged on or what they're doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction, and priveledged IP aliases for kernel 2.0.
7c5609e0c9a26127045b2710c3dfc843e5dc9943a91f2e6b684b535102993a4aPatch to VNC which allows a brute force dictionary attack. The fun with vnc is that the password is 8 characters or smaller, and that vnc has no concept of users, which brings down the number of possibilities to try.
dd6532a7d721d5a8132dbba379d53f6798fc81a52af882ace2deed87f07405d6SMEGMA is an engine for generating garbled shellcode using several encryption mechanisms and making it self-decryptable by putting an Intel x86 machine-code decryptor in front of it. It uses a hand-written C lexer to grab the shellcode from sourcefiles and try and identify it. Use SMEGMA to modify shellcode in which characters get ruined by regular expressions (often seen in CGI binaries, web applications and webservers).
1da73e27fb59643dd6998adbcad2852ae9f92894f5b5ad30e9abbcac42f8bea8ISS Security Alert Summary July 1, 2000 - 77 new vulnerabilities were reported last month. This document has links to more information and full advisories on each. Includes: win2k-telnetserver-dos, win2k-cpu-overload-dos, fw1-resource-overload-dos, sybergen-routing-table-modify, ircd-dalnet-summon-bo, win-arp-spoofing, imesh-tcp-port-overflow, ie-active-setup-download, ftgate-invalid-user-requests, winproxy-get-dos, firstclass-large-bcc-dos, winproxy-command-bo, boa-webserver-file-access, ie-access-vba-code-execute, ie-powerpoint-activex-object-execute, fortech-proxy-telnet-gateway, xwin-clients-default-export, sawmill-file-access, sawmill-weak-encryption, netscape-virtual-directory-bo, netscape-enterprise-netware-bo, proxyplus-telnet-gateway, glftpd-privpath-directive, irc-leafchat-dos, openbsd-isc-dhcp-bo, debian-cups-malformed-ipp, jetadmin-network-dos, wuftp-format-string-stack-overwrite, jrun-read-sample-files, redhat-secure-locate-path, redhat-gkermit, weblogic-file-source-read, netscape-ftpserver-chroot, linux-kon-bo, dmailweb-long-username-dos, dmailweb-long-pophost-dos, aix-cdmount-insecure-call, irix-workshop-cvconnect-overwrite, blackice-security-level-nervous, linux-libice-dos, xdm-xdmcp-remote-bo, webbbs-get-request-overflow, nettools-pki-http-bo, nettools-pki-unauthenticated-access, panda-antivirus-remote-admin, dragon-telnet-dos, dragon-ftp-dos, small-http-get-overflow-dos, mdaemon-pass-dos, simpleserver-long-url-dos, win2k-desktop-separation, zope-dtml-remote-modify, pgp-cert-server-dos, antivirus-nav-fail-open, antivirus-nav-zip-bo, kerberos-gssftpd-dos, sol-ufsrestore-bo, tigris-radius-login-failure, webbanner-input-validation-exe, smartftp-directory-traversal, antisniff-arptest, weblogic-jsp-source-read, websphere-jsp-source-read, freebsd-alpha-weak-encryption, mailstudio-set-passwords, http-cgi-mailstudio-bo, mailstudio-view-files, kerberos-lastrealm-bo, kerberos-localrealm-bo, kerberos-emsg-bo, kerberos-authmsgkdcrequests, kerberos-free-memory, openssh-uselogin-remote-exec, mailstudio-cgi-input-vaildation, ceilidh-path-disclosure, ceilidh-post-dos, and nt-admin-lockout.
56bdbd85738f9ce23d025f2bb8e258e5ea88fba4f6c6be7083dc0867aabe88e2Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture.
90a6574566353d2feec425eecf7a19a853e56dc96f8126f5096ae689f912cea7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed