A simple ICMP/TCP/UDP packet sniffer that was written for and tested on Linux.
b5998435a4a0e12b7ec376aaf53a26839c8421fdbe23f0273a52109c470a54aaLocal privilege escalation exploit for Kerio WebSTAR versions 5.4.2 and below which suffer from a local privilege escalation vulnerability due to an improper loading of a library.
348e6138bc49a3143247bec9a4c214653ceca1ead1eb83b9e524b1b7cf979444Kerio WebSTAR versions 5.4.2 and below suffer from a local privilege escalation vulnerability due to an improper loading of a library.
8aef29338e469e924e743135fe46ec140c3e14f4a70c29302bca1c5781c28d15SLRC is a simple bash script put together to crack rar archives on Linux.
3eb62117334b9dc42cf227a04409053ed722aa6e8092e51f6c63540a8b3f0a94A vulnerability allows remote attackers to proxy web attacks and scan internal hosts through vulnerable installations of Verity Ultraseek. Authentication is not required to exploit this vulnerability. The specific flaw exists within the highlight script used to highlight search terms on spidered pages. An attacker can directly access the highlight script at '/highlight/index.html' to pass parameters to and retrieve content from arbitrary URLs. The same script can also be abused to enumerate otherwise inaccessible internal addresses and open ports.
e68c46d4144a326c7191c980791ede05f02dbf23e2688633f2284d6ec20a8528Outpost Firewall PRO version 4.0 (and possibly older versions) hooks many functions in SSDT and in at least twelve cases it fails to validate arguments that come from user mode.
bc9bb6e4e3f4642ad76c49bc4cedd0802595ee2c321bb23fda2456831e0ad726Backdoored version of OpenSSH 4.5p1 that logs passwords to /var/tmp/sshbug.txt.
9a8ba9bc0a0cb4015271c8d343320c84897ad229fee3c44666e47b7b5162e52dDebian Security Advisory 1212-1 - Two denial of service vulnerabilities have been found in the OpenSSH server. The sshd support for ssh protocol version 1 does not properly handle duplicate incoming blocks. This could allow a remote attacker to cause sshd to consume significant CPU resources leading to a denial of service. A signal handler race condition could potentially allow a remote attacker to crash sshd and could theoretically lead to the ability to execute arbitrary code.
d055d29f8a677bdf5ebce0328815231b0d4096388f3230b3d97eaa2ca84bea58OpenPKG Security Advisory OpenPKG-SA-2006.034 - Miloslav Trmac from Red Hat discovered a buffer overflow in GNU Texinfo. The flaw was found in a function used by Texinfo's texi2dvi and texindex commands. An attacker could construct a carefully crafted Texinfo file that could cause texi2dvi or texindex to crash or possibly execute arbitrary code when opened.
878e47113669a4f4780cad26b04bda1aa8d62ebe2073d4f4aa25c8cb53347bd8This shellcode does a execve("ipchains -F") in 41 bytes for Linux/x86.
e742f9afc4b4c28d5ccc45d6e151176a73545cd305be09731907f104d0d080c3The Firewire device enabled by default in the GENERIC kernel for TrusedBSD* defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.
f94ae1bcce3d81531804a53063bbcd52822d657019342bcde89ef71668151272The Firewire device enabled by default in the GENERIC kernel for DragonFlyBSD defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.
544872d3cf1474aa8017d59d4555b331e3d8e6bc6286478e935ee38627971745The Firewire device enabled by default in the GENERIC kernel for NetBSD defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.
13c192bac8d2f8ab8a9022715e1340029f8bed9822169e74a3ea56a0de711ecbThe Firewire device enabled by default in the GENERIC kernel for FreeBSD defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.
82423b755e39255304cd291c2c1e57430c3c394fcfe1bff6e87af69b61b6bb54Firewire patch for BSD kernels that fixes an improper length check.
e5d6f7c84c09a9181031304f08adb48507c1fa8f8d06c44330f6609ff4321308Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery.
c6e3d2322a93ddcef837aad2f9599c06aeeaa9d93aa14a78f8e2924b069de388DrKnock is a port knocking solution based on sig2knock by Cappella and Tan Chew Keong (http://www.security.org.sg/code/portknock1.html). Right now, the only functional improvement over sig2knock is the ability to use the client under Windows XP SP2. The client and server work on both Unix and Windows.
0969a77fe8ed08a8e9fa2ae30b8308c43d4f7c3712f918655a5e719bab5e0be4vthrottle is an implementation of an SMTP throttling engine for Sendmail servers, based upon M. Williamson's mechanisms, as described in his 2003 Usenix Security paper. It allows the administrator to control how much email users and hosts may send, hindering the rapid spread of viruses, worms, and spam. Exceptions can be made using a whitelist mechanism, which can be generated manually or with the included tool vmeasure.
81371e8cfdf739eccf59b70ac3a40d53a00742977da0f7c73029f63c7261246eThe timemachine can record the entire contents of a high-volume network traffic stream in order to later "travel back in time" and inspect activity that has only become interesting in retrospect. Two examples of use are security forensics (determining just how an attacker compromised a given machine) and network trouble-shooting, such as inspecting the precursors to a fault after the fault. The timemachine is designed to work in Gigabit environments and to store several days of network traffic.
d1c8b279cc9d1626bd858e6e908c26b6074c5828b4bfd6353908545a1e7abc72Secunia Security Advisory - r0ut3r has discovered some vulnerabilities in torrentflux-b4rt, which can be exploited by malicious people to gain system access or to manipulate data.
99393de284ce3c159972cdd1110048018e8c67fef8a1b0293266eb7fd35577eeMandriva Linux Security Advisory MDKSA-2006-208 - An unspecified vulnerability in OpenLDAP allows remote attackers to cause a denial of service (daemon crash) via a certain combination of SASL Bind requests that triggers an assertion failure in libldap.
72f0ced9408a8f34ea32a355dc0ff4f5ac47cbd33bf5978148a3a7850f1552daMandriva Linux Security Advisory MDKSA-2006-207 - The BIND DNS server is vulnerable to the recently-discovered OpenSSL RSA signature verification problem. BIND uses RSA cryptography as part of its DNSSEC implementation.
04844bb9f90e36eee3500f3a14039e283c71395210931aac5bca624f2996a049There is a flaw in the Links web browser version 1.00pre12 that allows malicious web sites to execute smbclient commands on the victim's machine.
6121dc9c6ffa689fd764304d625c202668733f31a7533ba6ec5ed3c9bbb4f0f0Microsoft Windows Wkssvc NetrJoinDomain2 stack overflow exploit that works against the vulnerability described in MS06-070.
13641e3cc338d4d93cf646f8124f402f3a5400b71465e1773c54a6e526d6c0a1WinZIP versions 10.0.7245 and below FileView ActiveX control remote buffer overflow exploit.
a55c09bb96fdc249ab51759f91535b4960838cdf65004233a7630f189ec5dda1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed