Remote linux x86 exploit for Qpopper 3.0beta29 and below. (not 2.5.3) Overflows the LIST command and spawns a shell with the UID of the user who logged in (requires valid account), and GID mail.
6e03060d06070addc039c651e773cc7edd7dfdbf64902dcb1d4ab4b12b4e97dfw00w00 Security Advisory - qmail-pop3d may pass an overly long command argument to it's password authentication service. When vpopmail is used to authenticate user information a remote attacker may compromise the privilege level that vpopmail is running, naturally root.
3bd0074f38eb47b414a84c38444aed7fa25ca801a4f14f89d10b39ad7380dd2dw00w00 Security Advisory - Linux VMware 1.1.2 Symlink Vulnerability. VMware stores temporary log files within the /tmp directory. It does not check whether all of these files exist prior to creation, resulting in the potential for a symlink attack.
da520fa5a7804353f424ed408de54dc3b46708d2f49b82447d0645507cc3049ew00w00 Security Advisory - S/Key & OPIE Database Vulnerability affecting most Unixes (not NetBSD) running skey-2.2. (possibly earlier versions too) allowing offline password cracking.
3ae33764fe45486317d0735a5c5fbdb38edd2d5553c4c986a29216ee7e9b8124Remote exploit for the inter7 supported vchkpw/vpopmail package for (replacement for chkeckpasswd). Tested on Sol/x86,linux/x86,Fbsd/x86 against linux-2.2.1 and FreeBSD 3.[34]-RELEASE, running vpopmail-3.4.10a/vpopmail-3.4.11[b-e]. Unofficial patch here.
96783f06acb089b526184c758e946ec901db1b61ec472cbee7dc24a2094b6765Windows NT Security Update - Information on Rdisk Race Condition, and the InetSrv 3.0 Buffer Overflow. Also contains articles on Internet Security with Windows NT, Email Encryption Plugin, and Change-Detection Software. NTsecurity homepage here.
d3fad445ac140dcb3f3f355fadd12b079518f12f7c8cea463e9a41c776190dc6Fwctl is a program that intends to make it easier to configure a tight firewall. It provides a configuration syntax that is easier to use and more expressive than the low-level primitives offered by ipchains. It supports multiple interfaces, masquerading and packet accounting. Fwctl doesn't replace a good security engineer, but it can make the job of the security engineer simpler.
820a6ad0cf4c9e39f85d67258df7a1c8180f56a15d84e22c1d851d443047a031The Falcon Project (the Free Application-Level CONnection) is an open firewall project with the intention of developing a free, secure and OS-independent firewall system. Falcon consists of different modules: Falcons's own proxies (generic TCP proxy and application-specific proxies), Squid for Web access and caching (modified package for Linux), and qmail for mail communication.
1628010f36f086dffea0ed511a1b62b4735021b6066f2991499be8fa5e334c4fxinetd is a replacement for inetd, the internet services daemon. Anybody can use it to start servers that don't require privileged ports because xinetd does not require that the services in its configuration file be listed in /etc/services. It can do access control on all services based on the address of the remote host and time of access. Access control works on all services, whether multi-threaded or single-threaded and for both the TCP and UDP protocols.
ec03d2092346616e5d9a7aa457f94e6bc3444ca2d1fa84a789ab94fe963aef87Stateful Packet Filter for Linux - constantly adjust an inbound packet filter to deal with allowing traffic in based on what was sent out. Now with RealAudio support.
ba8ad226569cce45d302b564238eecdf435dc7eb01501c284dc07e14a81ba1d9Swatch ("Simple WATCHdog") is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.
c4ff2006f2a9142b2de844df66a0a81cd02b462916db92ee088ec284570352c9MS IIS 5.0 has problems handling a specific form of URL ending with "ida". The extension ida has been taken from the Bugtraq posting "IIS revealing webdirectories" The problem causes 2 kind of results. The one result is that the server responds with a message like "URL String too long"; "Cannot find the specified path" The other error causes the server to terminate with an Access Violation. When the server "Access violates" it displays as last message.
c6301bd7666cad9967d8dafc5ad77f1302a8469ac918b24e757bf1d26a8ed0d1InetServ 3.0 (Windows NT) advisory and remote exploit.
cc2c208ea5bc9b1947f2e030b63f6be5825fda3e7e55165f78c314720c1ebd67Stream.c summary - DoS attack due to bug in many unix kernels, including Linux, Solaris, and all of the BSDs.
7cff59a33278aed639fdb203cfa2c7908bff64e6c40976ab8b6cbef24bc3e0b9Nortel's new Contivity seris extranet switches give administrators the ability to enable a small HTTP server and use Nortel's web based administration utility to handle configuration and maitenance. The server runs atop the VxWorks operating system and is located in the directory /system/manage. A CGI application, /system/manage/cgi/cgiproc that is used to display the administration html pages does not properly authenticate users prior to processing requests. An intruder can view any file on the switch without logging in.
e6470da7422c75f82642fd4a9d29e044d0ee71eaad5f6c6e169743abe355b388There exists a vulnerability in rdisk (Windows NT) which causes the contents of the registry hives to be exposed to Everyone during updating of the repair info.
d9d891c8304ca57c3de11b9e0bbc9cea3224a33302ce1296a8a19047a3d8f5e0RTF files consist of text and control information. The control information is specified via directives called control words. The default RTF reader that ships as part of many Windows platforms has an unchecked buffer in the portion of the reader that parses control words. If an RTF file contains a specially-malformed control word, it could cause the application to crash.
27ba30c0f7c1e053fdc20342b41f7fbf0815631ae08c4738c0819002d49a196fUSSR Labs found following. A memory leak exists in the Super Mail Transfer Package that may cause an NT host to stop functioning and/or need to be rebooted. The memory leak may occur when you connect to the SMTP port, all information you send to the system will be stored in memory, and SMTP support multiples HELO/ MAIL FROM/ RCPT TO / DATA in the same connection. If you did multiple HELO/ MAIL FROM/ RCPT TO / DATA in the same connection the memory may not be deallocated. This condition may cause the computer to stop functioning the moment memory runs out.
098828bc67aee64abdd87dabcd122bf51262d7df84bd843eef9f319e6f289b2bTimbuktu Pro 32 (TB2) from Netopia sends user IDs and passwords in clear text. When TB2 is used to remote control a machine that is not logged in or is locked, any user ID and password that is typed in is sent in clear text. A malicious user on the network can "sniff" the packets and gain the NT User IDs and passwords of any one using TB2 to remotely control a NT machine.
7409f6db13593aa2d56a2998e62d44ee0c31c668b0139f93213cebc734a8677cWebSite Pro is also revealing the webdirectory of each Website by a simple command line. This bug is similar to the "IIS revealing webdirectories" bug reported. On WebSitePro the diference ist the way you retrieve the path.
70b108388a2f189b10b9a7b6a8056ebcc7c966497f269b5fed0b43153d271e8dJaynus Jaynus found following. He read over the ICQ overflow that had been found so he was curious if this existed in any other clients. Upon testing the below URL, yahoo pager/messenger crashed in the same was as ICQ.
afc1794d389c2f332846bb6da3abde5c120db7e53c76005bc13d3854a685e7bbEthereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.
cc50df3e888a195319ddf17efec98d57edc7ac670114160578930c52fa1fde29The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.
4f4a235bffc7caa4775be7a1c492ba194a08b9210ad00a8cf3113b80803278beExcellet FAQ on packet sniffing version 0.3.0, updated Jan 15, 2000.
18096601ca786516ad5ca59eb160faffe8b4ec716cdeac439c6ef92f54a41b5aTcpdump allows you to dump the traffic on a network. It can be used to print out the headers of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect "ping attacks" or to monitor the network activities.
9d85ce6e1878df84d0d23e170c7adb1012880f0414abec5da02e735537cb5937
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed