igmpofdeath.c is a modification of trash2.c which also sends out random type 2 igmp packets, as seen in pimp and pimp2.
1a0b90fb25e38665d05424f362ffbbf6374e0efd971ddd3b406e988288aa7fecWinamp contains a buffer overflow in its M3U playlist parser. It is possible to execute arbitrary code on a remote computer via a malicious playlist. Proof of concept playlist included.
9765035f7869f821c9fe0e6fe3c9d6e919118bc1a0033378ca09f8927214f384Shadowpenguin Security Advisory #39 - Adobe Acrobat Series PDF File buffer overflow. Many versions of Acrobat for Windows95/98/NT/2000 overflows when reading the PDF file which has long Registry or Ordering. The EIP can be controled and arbitrary code can be executed on the machine which views the PDF file. Patches available here.
517e6a13e53bcce4434518e0ff0fb9a5d889fe202d03af6d287ea2a02993baafRed Hat Security Advisory - gpm as shipped in Red Hat Linux 5.2 and 6.x contains a number of security problems. Additionally, a denial of service attack via /dev/gpmctl is possible. The newest gpm packages fix both these vulnerabilities.
ec2a6106adfda36f24bbf008cd22c924ced4bb4ed422fc3d0c2800773da2f69dicmpstrike.c is a modified trash.c with spoofed source addresses. Trash.c sends ICMP packets with random error codes which lag or freeze Windows98/95/2000/NT machines.
0a00551e7817686d2b2c9c0d5a0e1fead1565853f18f228d587c68aaef0636b9Microsoft Security Bulletin (MS00-051) - Patch Available for Excel 97 and 2000 REGISTER.ID Function vulnerability which allows a malicious user to run code from an Excel worksheet without the user's knowledge. Microsoft FAQ on this issue available here.
88cea937c761ae956180b040a2887de09a1a78094445b65a925371ac1fd22474Debian Security Advisory - The version of userv that was distributed with Debian GNU/Linux 2.1 had a problem in the fd swapping algorithm: it could sometimes make an out-of-bounds array reference. It is possible for local users to abuse this to carry out unauthorised actions or be able to take control for service user accounts.
714809e4a9e81e073e0999b21f4d27e00b008501ab642f5084bbcf66a81670f6Scan Detect prevents attackers from running TCP port scanners against your Linux system by listening on a given TCP port and if any host on the internet connects to that TCP port, Scan Detect will use Ipchains to block that host completely.
cda7abcd54b71300a9c18d2206790aa4a00683b281055f988c859d2208b55703IP Filter is a TCP/IP packet filter suitable for use in a firewall environment. To use, it can either be run as a loadable kernel module (recommended) or incorporated into your UNIX kernel. Scripts are provided to install and patch system files as required.
fa5b4d0eb422dcd9ba9909974f7a7e1ac8f89d54d323381d9ea16c66bfc377caspam.pl is a perl script which automates the process of sending complaint letters to spammers ISP's. It strips out the proper address from the spams mail headers, taken via stdin.
2e6cf2835e91600000a08901fc12ef6fab28c38736073587619056eaf38b127aMicrosoft Security Bulletin (MS00-032) - Patch and Tool Available for "Protected Store Key Length" vulnerability. This vulnerability makes it easier for a malicious user who has complete control over a Windows 2000 machine to compromise users private keys and certificates. Protected Shares in Windows 2000 are only encrypted with 40 bits, while they are to be protected with the strongest available encryption. Microsoft FAQ on this issue available here.
6cd5ac9e35ce150759d578536613c72e94ab1466a4d3677ca0a93b5ed09fedddFoundstone Security Advisory - AnalogX SimpleServer:WWW v1.06 and below is vulnerable to a "relative directory path" attack that allows a remote user to retrieve any known file one the the server.
2aa7701a5bbde76d87bd4d641b145632b1ca55e9080324df5aad27644489f2c1CERT Advisory CA-2000-14 - Microsoft Outlook and Outlook Express Cache Bypass vulnerability allows an attacker to use an HTML-formatted message to read certain types of files on the victim's machine. In addition, because this vulnerability also allows the attacker to store files on the victim's machine, it can be used in conjunction with existing vulnerabilities to execute arbitrary code on the target system.
7f6256494f3f98ce9cabcf2747730a949d21c497ecc9e0d1b9a558887b82531bA Solaris kernel module to emulate linux's /dev/random and /dev/urandom.
6dcdebdcddbb1188420c058247b24e5fe70e2ffa5574f6ac9ea7afc95ffd5d09Ftpdse scans a list of IP addresses for FTP servers, logs the version, and can optionally see if site exec accepts format strings.
2203a1227b7895400cdfbf6ab6e306613fc5af3eea72148088c3760eb25d6eaf
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed