Red Hat Security Advisory - A remote denial of service attack is possible with bind versions prior to 8.2.2_P7.
230026a4ceabecb9b80e8daf329e37d2916897959e5ee27d66dc9ccc9a0cbfd4Many systems have the SUID bit set on cons.saver (/usr/lib/mc/bin/cons.saver), part of the Midnight Commander package. A denial of service vulnerability has been found which allows local users to overwrite a null character to any symlinkable file. Includes proof of concept exploit and a patch for cons.saver.
65e644ff14594df49724ef14d399326c53243a989d5213911a2bd76b3885227cNCPQuery is an open source tool that allows probing of a Novell Netware 5.0/5.1 server running IP. It uses TCP port 524 to enumerate objects with public read access, disclosing such information as account names, server services, and other various objects. A remote attacker can gather the equivalent information provided by the console command "display servers" and the DOS client command "cx /t /a /r" without authentication.
97f05208a1c028a90715780ea2c8dea387e4888c2aff9bf2d8ce53286f2f65ceThis paper discusses full disclosure, the necessity of legitimate network scanning, and the results of criminalizing security research and information. Overreactions to harmless activities not crossing legal boundaries are leading to a scenario where anyone acquiring basic information about a system needs to be afraid about potential consequences.
e221f988e97f22109eda8c7087b9b887b9ed8deda208b3f903f4f85474a6bd52sping sends ICMP ECHO requests to network hosts to determine whether they are 'alive'. It is a small and hopefully secure implementation of the common ping utility that offers far less control over the packet options that may be specified (packet size, delay between packets, etc.) - this is a feature, for both security and bandwidth reasons. sping has been tested on Linux 2.4.0-test8 but should work on other operating systems.
52e646017a626a2389a46f8af16b089194a24df5ab3b347cd25c4472aaca769atcpspy is a linux administrator's tool that logs information about incoming and outgoing TCP/IP connections: local address, remote address and, probably the most useful feature, the user name. The current version allows you to include and exclude certain users from logging - this may be useful if you suspect one of the users on your system is up to no good but do not want to violate the privacy of the other users.
be42a858d82aa8bc9eed613022377744edf6de8fe109da302c4dd48d5d059325libformat is a library for the Linux operating system that intercepts, among others, calls to the printf() family of functions to prevent format string attacks, in which a possibly malicious user supplied format string is used. This is a programming error, but has recently been used to break computer security. This library can be used to protect against compromises due to yet undiscovered vulnerabilities in privileged programs. libformat checks for format strings containing the %n format specifier in writable parts of a process' address space, and if found, the process is terminated with the KILL signal.
6f6b78a44959aef3e5a36b00f50a4946b6cc269063b016bb01f17e77fcb01caetinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.
3192d3d8e0c1ecca4c6b8331bf6458eb6a3b3b4379f1d3c85f452c098537a1dbSuSE Security Announcement - Newer versions of /sbin/modprobe can be tricked into executing commands as root if setuid programs which can trigger the loading of modules are installed.
600ed3a3cac000cdeae2f9e19fa707d65d6b882e05aa67d20e04dbc68db5a864PIKT is a cross-platform, multi-functional toolkit for monitoring systems, reporting and fixing problems, security managment, and updating system configurations. PIKT comprises an embedded scripting language with unique, labor-saving features. Binaries available here.
3a3f14641f881b3b319134edc1ab5df3ce97303f9e4de4219044947072651fb7sldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic. Tested on Linux, Solaris, FreeBSD, and HP/UX.
c35edc6a47dd9ec731693a1d92c22a6c43c64129490deb94e6fc6df430bb97e5Debian Security Advisory - Versions of BIND prior to 8.2.2p7-1 are vulnerable to a denial of service attack which causes the nameserver to crash after accessing an uninitialized pointer.
536c3d922dd395eb83a854e077ee0dd94b4857e267412af555f3c2f9e9429050Recover is a tool to help undelete files in linux by automating some steps as described in the ext2-undeletion howto. It indexes all the deleted inodes with debugfs, then asks a series of questions about the deleted file. All deleted files which match your criteria are dumped to a directory.
9ce95fa6175ec5ff1e426564e366c4202e8163723685f8e751cda309bde17a3fXScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. It is also more stable than xlock.
d9f4897347410dd26f57447bb414b678e3fa3a8a5564b9edf6f94267bc8eaa49fwlogwatch analyzes the ipchains, netfilter, or iptables packet filter logfiles and generates text and HTML summaries. Features realtime anomaly alerting capability, an interactive report generator, and the ability to cut off attacks by adding firewall rules.
65bc397bea1525fde5091a45199b7aed82073ea348b5e8573ebc9e5ff5f5a9afScanlogd v2.1 is a TCP port scan detection tool for linux, originally designed to illustrate various attacks an IDS developer has to deal with, for a here.
e257be420e3aab29821f6d513bcf720c764fb611dbd9f6a187f9dd52fb809b37
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed