LEA is a simple algorithm for file encryption that uses some boolean algebra and modular arithmetic. It can test the stream and generates numbers with a logical order. Using bytes as increments and decrements you can choose between a normal encryption without pseudo-random data generator or steganography with/without random data emulating binary executables. By default it includes a VMS Alpha Executable and a Linux IA32 ELF you can add to the binaries on a standard header included in the distribution and editing the steganographic routine, the fake binary included works on all the Linux distributions over IA32. Tested on HP-UX IA64, FreeBSD IA-32, Linux IA64 and Linux IA32.
7d3ddcd31b7fa89b53fd95ecfaae04a65e31c6f4a76b5b74a0316c850e682a3aSecunia Research Advisory - A vulnerability has been identified in OpenBSD allowing a malicious root user to escalate privileges. The problem is that the root user may set the semaphore limit to a high value, which causes an integer overflow. This could be exploited to bypass the security level access control (securelevel) specified at boot time.
f31997d5d1e04fd1b70e758ee24b98598f34265b3b0f58f83720a3ee45983017Secunia Research Advisory - A vulnerability has been reported in ASP.NET, which can be exploited by malicious people to bypass the "Request Validation" security mechanism. The "Request Validation" mechanism designed to protect against Cross-Site Scripting and SQL injection allows restricted tags when they include a NULL byte. However, this is a problem since some browsers, like Internet Explorer, ignore NULL bytes when parsing input, which may cause them to execute the content in the tags anyway.
289ddf4085f312bb8fe0319c2b08e847dcf9dde239b04f3cf03bbd5c373a1e62Secunia Research Advisory - Two vulnerabilities have been identified in FTGatePro mail server version 1.x that allow malicious users to access sensitive information. One lies in the file ftgatedump.fts allowing an attacker to see the system configuration while another lies in exportmbx.fts that holds all the usernames and passwords for the system.
37e62379ae7d3410654e1b6dbec013a2f429722f7a11bac666000f9c31637ac1Secunia Research Advisory - Two vulnerabilities have been identified in Gordano, which allows malicious people to consume large amounts of CPU power and see information about other users.
6fe5b63708044356c7045256059750a6e4f4dea633deb68198e6017732cca8bbProgram for testing weak binaries for basic overflows. It can test command line overflows, ENV and basic format string vulnerabilities as well. Utilizes ptrace() to analyze the stack during testing and report any overwritten stack addresses and other important data. Very useful for testing items that are precompiled.
ea46f5f18b2c7e88368f709209625793eefecb5c676758acc69e3555a8aa2193Secure Network Operations, Inc. Advisory SRT2003-09-11-1200 - In the man-1.5x code, some checks may not be present upon compile time that keep man from not being vulnerable. RedHat 9 is one such installation that ships man setgid and vulnerable to attack if the vendor supplied binary is utilized. http://www.secnetops.com.
743603b784eb340ce003d68fe7310d77a3cf4938a9b7ae14aee5b8377252c813Thorough paper discussing how to defeat the stack based buffer overflow prevention mechanism in Microsoft Windows 2003 Server.
b38cd24d571d9497d31fa51821bf46da5ded71c3cc615f565477fda2effa5f09Bandsite portal system version 1.5 lacks authentication validation in its admin.php code when an administrator is added, thus allowing a remote attacker to gain administrative privileges.
5d166e4129b983e42146f8f03a2ab30cec5d84c35a9f1631e971a799a69627baCode that executes /bin/sh.
11e293324484a29a36787255c819b460d7830e2359d8331471dfd2121836cde0Code that attempts to restore root privileges.
5003f212fcd49a9b5b28e29825d3e9d16357bd5435a2f33fd2e63e05acc535deNetwork server code that creates a listening TCP socket on port 65535 and executes /bin/sh.
5c33126a97310122075e5c934031c3ed15df533b9d0ebfb96f8e77ddd038ce0fNetwork server code that creates a listening TCP socket on port 65535.
acd1d81c06f35d9d09b67d8d71987e83ddd6d83bb82c05f95aca65db052e5646WIDZ version 1.8 is an IDS system for 802.11 that guards access points and monitors local frequencies for potentially malevolent activity. It detects scans, association floods, and bogus or rogue APs. It can easily be integrated with SNORT or RealSecure.
7eaaaa7ef04553766dafd60b7eabb6d62e07109fd991ce91186616fb307e0c95Atstake Security Advisory A091103-1 - The Asterisk software PBX is vulnerable to a SQL injection attack if a user is able to supply malformed CallerID data.
5e15bb2ff6724c97a49a179d9a726211e776427e671df463171f1f56c220d1b74D WebSTAR FTP server suite version 5.3.1 remote exploit that binds a shell to port 6969 as the uid running the server. This exploit makes use of the pre-authentication buffer overflow that exists in the login mechanism of the WebSTAR FTP service.
01bd8e388df9d06a72dc6ebd9d02e2c90f9818694359d81010f1bde7d75c1d8eSecunia Research Advisory - Multiple remotely exploitable vulnerabilities have been discovered in Microsoft Internet Explorer, including cross site scripting problems, exposure of sensitive information, and system access. Vulnerable versions are 5.01, 5.5, and 6.
4e79f2cf181ab7bc26673e30bb7e89b6032c9f17fa3926229fc65644418bf5f5Debian Security Advisory DSA 379-1 - Several security related problems have been discovered in the sane-backends package that allows a remote attacker to cause a denial of service.
14a8b86eb3fe69526f71c2cb0d208516e1418ab00a1d3f518b0deb76cd6e4dd8Secunia Research Advisory - A vulnerability in MySQL version 4.0.14 and below, due to a boundary error when checking passwords before hashing and storing them in the User table, can be exploited by malicious users to escalate their privileges via supplying a value longer than 16 characters using set password.
b38050cc8622e8b30bee6fe74ad079fbb83abe828e36d3b629f1c530345f520dElf Shell v0.51b3-portable is an automated reverse engineering tool with read/write capability for the ELF format. Sophisticated output with cross references using .got, .ctors, .dtors, .symtab, .dynsym, .dynamic, .rel.* and many other with an integrated hexdump. Designed for Linux. All calls encapsulated in libelfsh.a, so the elfsh API is really reusable.
ecffe100d0da12235cfe464726313491409739493030f3fbdb3a28696b23447fmyPHPNuke version 1.8.8_7 performs improper variable sanitizing that will inadvertently allow a remote attacker to upload files from another site to the current site.
3a1d3adb28ded0cb43ab4856777f220e3e957aa1f45290d28d02a1d2cd088a90NSFOCUS Security Advisory SA2003-06 - The NSFOCUS Security Team has found a remotely exploitable buffer overflow vulnerability in the RPC DCOM interface of Microsoft Windows. Exploiting the vulnerability remote attackers could gain local system privileges.
70585563c17300b64273505b039efe0d297c03ce9b48ffb8fa7ca381475a6841
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed