what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 92 of 92 RSS Feed

Files from Solar Designer

Email addresssolar at openwall.com
First Active1999-08-17
Last Active2021-03-11
OW-003-ssh-traffic-analysis.txt
Posted Mar 19, 2001
Authored by Solar Designer | Site openwall.com

Openwall Advisory - Passive Analysis of SSH Traffic. This advisory demonstrates several weaknesses in implementations of SSH protocols. When exploited, they let the attacker obtain sensitive information by passively monitoring encrypted SSH sessions. The information can later be used to speed up brute-force attacks on passwords, including the initial login password and other passwords appearing in interactive SSH sessions, such as those used with su(1) and Cisco IOS "enable" passwords. All attacks described in this advisory require the ability to monitor (sniff) network traffic between one or more SSH servers and clients.

tags | paper, protocol
systems | cisco
SHA-256 | bfeb7cdafd8058c9afd04d84449f245f170f6508d8227c5fdcf97b1a9b102c98
linux-2.2.18-ow4.tar.gz
Posted Feb 10, 2001
Authored by Solar Designer | Site openwall.com

The Secure-Linux patch adds a few security features to the kernel which, while not a complete method of protection, will stop most of the 'cookbook' buffer overflow exploits cold. It also adds the option of restricting the use of symlinks and named pipes in +t (temp) directories which fixes most tmp-race exploits as well. It can also add a little bit more privacy to the system by restricting access to parts of /proc to root so that users may not see who else is logged on or what they're doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction, and privileged IP aliases for kernel 2.0.

Changes: A fix for the recently announced execve(2)/ptrace(2) race condition vulnerability in the Linux kernel. Readme available <a href="http://www.openwall.com/linux/README"here.</a>
tags | overflow, kernel, root
systems | linux
SHA-256 | 344f3a6d2f4002b6b02bf7331ee38b2611faf4b19354bdd970e2fec9c9a74cfd
linux-2.0.39-ow2.tar.gz
Posted Feb 10, 2001
Authored by Solar Designer | Site openwall.com

The Secure-Linux patch adds a few security features to the kernel which, while not a complete method of protection, will stop most of the 'cookbook' buffer overflow exploits cold. It also adds the option of restricting the use of symlinks and named pipes in +t (temp) directories which fixes most tmp-race exploits as well. It can also add a little bit more privacy to the system by restricting access to parts of /proc to root so that users may not see who else is logged on or what they're doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction, and privileged IP aliases for kernel 2.0.

Changes: A fix for the recently announced execve(2)/ptrace(2) race condition vulnerability in the Linux kernel. Readme available <a href="http://www.openwall.com/linux/README"here.</a>
tags | overflow, kernel, root
systems | linux
SHA-256 | b6430969c8e562784874ef4735ebc4e84e5be9eac68657408bbaa3acbc5877a1
Openwall Linux Kernel Patch
Posted Dec 15, 2000
Authored by Solar Designer | Site openwall.com

The Secure-Linux patch adds a few security features to the kernel which, while not a complete method of protection, will stop most of the 'cookbook' buffer overflow exploits cold. It also adds the option of restricting the use of symlinks and named pipes in +t (temp) directories which fixes most tmp-race exploits as well. It can also add a little bit more privacy to the system by restricting access to parts of /proc to root so that users may not see who else is logged on or what they're doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction, and priveledged IP aliases for kernel 2.0.

Changes: Now works on kernel 2.2.18! Also includes workarounds for GNU MailMan and Courier Mail. Readme available <a href="http://www.openwall.com/linux/README"here.</a>
tags | overflow, kernel, root
systems | linux
SHA-256 | 9e7bf4bf8d704bdfa6dcc56066ed237fdc76140d9939c21863c15318242d51a6
scanlogd-2.2.tar.gz
Posted Nov 13, 2000
Authored by Solar Designer | Site openwall.com

Scanlogd v2.1 is a TCP port scan detection tool for linux, originally designed to illustrate various attacks an IDS developer has to deal with, for a here.

Changes: Support for Libnids 1.14, bug fixes.
tags | tcp
systems | linux, unix
SHA-256 | e257be420e3aab29821f6d513bcf720c764fb611dbd9f6a187f9dd52fb809b37
Openwall Linux Kernel Patch
Posted Sep 12, 2000
Authored by Solar Designer | Site openwall.com

The Secure-Linux patch adds a few security features to the kernel which, while not a complete method of protection, will stop most of the 'cookbook' buffer overflow exploits cold. It also adds the option of restricting the use of symlinks and named pipes in +t (temp) directories which fixes most tmp-race exploits as well. It can also add a little bit more privacy to the system by restricting access to parts of /proc to root so that users may not see who else is logged on or what they're doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction, and priveledged IP aliases for kernel 2.0.

Changes: Now works on kernel 2.2.17! Readme available <a href="http://www.openwall.com/linux/README"here.</a>
tags | overflow, kernel, root
systems | linux
SHA-256 | 692f8267696e01ade4b6dda45b7bbee34eca73f9f815b5173d20f137240df20e
OW-002-netscape-jpeg-r1.tar.gz
Posted Jul 25, 2000
Authored by Solar Designer | Site openwall.com

Netscape 4.73 and below remote proof of concept exploit for linux/x86. Includes a test image which crashes Netscape, a JFIF file compiler which exploits the COM marker processing vulnerability, and an unofficial patch for Mozilla M15 and Win32 Netscape.

tags | exploit, remote, x86, proof of concept
systems | linux, windows
SHA-256 | 0f05859c7ef597bbacc6e8eca02d88950d83123ded5db560eac573fc6dc8107f
netscape.jpg-marker.txt
Posted Jul 25, 2000
Authored by Solar Designer | Site openwall.com

Netscape browsers v4.73 and below can be tricked into executing arbitrary assembly code by a malicious web site. In the case of Netscape Mail or News, the attack may be performed via a mail message or a news article, as well. A bug in the way Netscape browsers use the Independent JPEG Group's decoder library can cause the JPEG stream to be read onto the heap. Exploiting this vulnerability into executing arbitrary code is non-trivial, but possible on some platforms.

tags | exploit, web, arbitrary
SHA-256 | 6c13825689c162377d5aef906252e6f595a0015f46abc25bdb05bed5645897b5
Openwall Linux Kernel Patch
Posted Jul 8, 2000
Authored by Solar Designer | Site openwall.com

The Secure-Linux patch adds a few security features to the kernel which, while not a complete method of protection, will stop most of the 'cookbook' buffer overflow exploits cold. It also adds the option of restricting the use of symlinks and named pipes in +t (temp) directories which fixes most tmp-race exploits as well. It can also add a little bit more privacy to the system by restricting access to parts of /proc to root so that users may not see who else is logged on or what they're doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction, and priveledged IP aliases for kernel 2.0.

Changes: Now works on kernel 2.2.16! Readme available <a href="http://www.openwall.com/linux/README"here.</a>
tags | overflow, kernel, root
systems | linux
SHA-256 | 7c5609e0c9a26127045b2710c3dfc843e5dc9943a91f2e6b684b535102993a4a
tacacs.analysis.txt
Posted Jun 2, 2000
Authored by Solar Designer | Site openwall.com

This advisory presents an analysis of several vulnerabilities in the TACACS+ protocol. Unfortunately, only some of the vulnerabilities can be fixed without breaking the interoperability. Thus, the main purpose of this advisory is to identify the weaknesses, to allow for a conscious decision to be made on how much trust to place into the encryption offered by TACACS+.

tags | paper, vulnerability, protocol
SHA-256 | 072ddc2bf221d5c240f48441f527c417d20180f2dd0752f271db6be05c4d6be2
scanlogd-2.1.tar.gz
Posted Apr 25, 2000
Authored by Solar Designer | Site openwall.com

Scanlogd v2.1 is a TCP port scan detection tool for linux, originally designed to illustrate various attacks an IDS developer has to deal with, for a here.

tags | tcp
systems | linux, unix
SHA-256 | 78959c2380ba0c76ab938c17250bcd65557aa7949742c3227a301132bfc09782
linux-2.2.12-ow6.tar.gz
Posted Oct 12, 1999
Authored by Solar Designer

The Secure-Linux patch adds a few security features to the kernel which, while not a complete method of protection, will stop most of the 'cookbook' buffer overflow exploits cold. It also adds the option of restricting the use of symlinks in +t (temp) directories which fixes most tmp-race exploits as well. It can also add a little bit more privacy to the system by restricting access to parts of /proc to root so that users may not see who else is logged on or what they're doing.

tags | overflow, kernel, root
systems | linux
SHA-256 | d72f9b43933eac2c13a83036ca7d5017dc1d78ce758198b6c633a00759d706a4
john-1.6.tar.gz
Posted Aug 17, 1999
Authored by Solar Designer

John the Ripper v1.6 (UNIX -- source distribution) - High quality UNIX password cracker, probably the fastest available. New Features: Batch mode, Kerberos AFS passwords support, WinNT passwords support, Idle priority support on Linux, Rule reject flags: can reject entire rules on condition, New utility: 'unique' (removes duplicated lines without re-ordering), New options: '-stdout', '-status', GNU-style long options support, New make targets for AIX, HP-UX, IRIX, Bug and portability fixes, and new bugs.

tags | cracker
systems | linux, windows, unix, irix, aix, hpux
SHA-256 | 134a45c749190fd0a139edb151cb7b6096c7a3c1a42b89f3bcc2f9187d17a4f5
secure-linux-06.tar.gz
Posted Aug 17, 1999
Authored by Solar Designer

Secure Linux -- kernel patch for Linux 2.0.33 ... 2.0.36.

tags | kernel
systems | linux, unix
SHA-256 | 6613b549a0c23f39d4cadd5e8a60967a7487fc8bf3b16eba1f68e26e32494db1
scanlogd-v1.2.c.gz
Posted Aug 17, 1999
Authored by Solar Designer

Linux scanlogd v1.2 - Linux scanlogd port scan detector. Use to detect many of the latest nmap scans.

systems | linux, unix
SHA-256 | e9d445f3aabe420cde0fc71e64444074ebacc87c74e195b97c290a6d7cd4f958
scanlogd-v1.3.c.gz
Posted Aug 17, 1999
Authored by Solar Designer

Linux scanlogd v1.3 is a port scan detector daemon for Linux that is designed to recognize all of the latest nmap scans.

systems | linux, unix
SHA-256 | ba092ba0d7ad19e30696c65f31a24b2108694fc7e74a6b0579e546dbb5112879
scanlogd.c.gz
Posted Aug 17, 1999
Authored by Solar Designer

scanlogd v1.1 - Linux scanlogd port scan detector.

systems | linux, unix
SHA-256 | 8cca6749e370018fe2051e21e0e3dd82b5bbddfbde8fc7a33772c7f67c19af27
Page 4 of 4
Back1234Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close