Ptrace24.c is a local root exploit for linux kernels prior to 2.4.9. Works on openwall patched kernels. Uses the su, newgrp, or screen +s binaries. Originally by Nergal. Improved by sd.
34f2343b68982c93e1847b8d51efff89c80d91b830be997aa880fa1b93f29e9aSendmail 8.11.5 and below local root exploit.
7dddb7e68fd03e22cdedc657022b2a85c0486e0472018a47ea76df38320a9ff7StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.
a7774eef3632893c5a98ee5c960e6b6f9dbac1d3f386cf18305d212787aaa0c8Inflex is an email scanner which encapsulates your existing sendmail server setup. It scans both incoming and outgoing email and it does not alter your current /etc/sendmail.cf file. It can scan for email viruses, unwanted file types (eg. EXE, BMP, MPEG) and file names (eg. prettypark.exe). It can also be used to scan for text snippets within emails.
b56f564870eea41acdb84c6f0b9aa351c96f5cf62f29e5811a4276e1335086bbThe Linux Port/Socket Pseudo ACLs project is a patch to Linux kernel v2.4 which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
1605e648558e2e30d762b0fc7cb12304dfe3c9d95b5720e51d6f33615c99cf17XScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. It is also more stable than xlock.
596c68a33215cd5420be7a48d2b3dc92621b76361ccc1937b772ba1e4f565673Automated rwhoisd v1.5.x remote exploit for Linux, FreeBSD, and BSDi.
98794dfbff0ebd0b05c428520ffb01277ea25d97720edf4dc52d8af1c4d97da4RWhoisd by NSI remote format string exploit affecting v1.5.x. Overflows the -soa directive.
47eb9c7b3cefb2436c94a13dc4b0c06ae4d08b9935047a8adc13cf569fa39b6cEraser is a utility for all versions of Windows which securely deletes data so it can not be undeleted easily.
34c904699dc7fda0fcaa55f1d94e1e5c6a0d74c6aaa67f5a708eda0db552505eIPV6 connection flooder which also works as a DoS for 6tunnel.
d5ca45f8b25520d798b30f8a21951e4b7668edc263961f72640139d1cf60c41aMirc script which crashes Cisco 600 series routers with CBOS of v2.4.2 or below. Uses proxies.
46d5405022bc328c22c9cc071a2d65c252d30a4ed08c8c83458ab43a896bc718Microsoft Security Advisory MS01-053 - Binhex and Macbinary files which are downloaded in IE 5.1 for Mac OS X automatically execute, allowing attackers who run a malicious web site to run code on machines browsing the web. Microsoft FAQ on this issue available here.
be385d1247f3dee9dd93aa62656eee7ed817062606b3e9807846ede26b7d22b7Patch advisory for Sun Microsystems. Please read for details.
473e15680d08d7127eaf2b5d80db1a44b25e3a07165ff9c95d5b77ce53e84488Patch advisory for Sun Microsystems. Please read for details.
2c02294fb571fb8897d0907ea0e7245e583f1eedd27191dd851c24d338a06001Patch advisory for Sun Microsystems. Please read for details.
8d675ac9c48f300a123234880037ac86f96f6e7dcde8c6030cba4cb41b890ad3Patch advisory for Sun Microsystems. Please read for details.
89a69c3113f11e06f9096f343e6f4f53e83150b60b699805d37677f024855bc6Microsoft Security Advisory MS01-052 - The implementation of the Remote Data Protocol (RDP) in the terminal service in Windows NT 4.0 and Windows 2000 does not correctly handle a particular series of data packets, allowing a remote denial of service attack requiring server reboot to fix. Microsoft FAQ on this issue available here.
fc07f9ea20df5088bbd765db680ca56e58e84aca9357c8f66a02e4b7b8dcbabePcat is a utility which concatenates several libpcap (tcpdump) files into one.
f933c3a300b9e61426387c45f2ebabcc1ef48caf708a04bb6ff007d1343dfc30StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.
aea8dd329d274f75e8784ed565f3fbfe92bc1d968087cc372f4a6edd4e673f6aNmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Screenshot available here.
72764cd746a4f23f6d5e60ae742612285c33c63c325c0bdcd8f17c00372879f5Ptracekm is a kernel module for Linux 2.2 (Possibly 2.4, but untested) that blocks the ptrace() syscall for all users except root. This should effectively prevent local root from being gained via the latest series of ptrace() exploits.
18768578edd24d9a17c34381bd0f0c288641287232e6fd41e7207a05887a2baeDefcom Labs Advisory def-2001-30 - Release 2.0.0.1.0 and below of Oracle9iAS Web Cache contains buffer overflow allowing remote code execution or denial of service. Four tcp ports are affected - 1100, 4000, 4001, and 4002.
f84e5fa56ac7f1defed18d7d99d77cc257d1afee8c87d4d53b68e58d7fa1eba8Proof-of-concept exploit for Oracle9iAS Web Cache/2.0.0.1.0. Creates the file c:\defcom.iyd. See def-2001-30.txt for more info.
62ca3554b66c12a3b3c3b2676b4bbd4cc360e5479984efa4b2884dd4f42a7f35Napalm Magazine issue #12 - In this issue: Local DoS in Solaris 8, Why chroot(2) sucks (includes a linux kernel patch to secure it), DSL and Ma Bell, BBS list, and more.
107c7da450c3849f79a2f560b027fb9cc0cd37652190823870b8d6ca57dcbf04Napalm Magazine issue #10 - In this issue: Security Holes in Remedy Client Installer, Multi-Technology Automated Reader Cards (MARC), and Chaffing as an Alternative to Encryption (Part II).
70c9bb057f2779c8f07bd7a47d611cc6269d6d65d6154c2ea5ddba7676a3daf9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed