Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News

Hacking & Security News

Page: 12... 168 169 170 171 172 173 174 175 out of 175

Icecast 1.3.7 and 1.3.8 beta2 buffer overflow | 2001-01-23 20:26:44
|CyRaX| from PKcrew has discoverd buffer overflow in icecast 1.3.7 and 1.3.8 beta2 streaming audio server....

GoodTech FTP 3.0.1 DoS | 2001-01-23 20:20:08
Goodtech 3.0.1 can be DoS-ed by making 2060-2080 connections. Server will crash or refuse any new connection. For successful DoS attacker must make these connections rapidly ...
Solution: visit GoodTechSys

WGET/Windows 1.5.3.1 | 2001-01-22 23:01:43
We've added wget for windows in our download section. Wget is a simple command line tool for downloading files (ftp/http..) which supports resuming, recursive downloading, and comes with almost every Linux Distribution....

Windows 2000 EFS Temporary File Retrieval Vulnerability | 2001-01-22 09:36:55
A problem in the package could allow the recovery of sensitive data encrypted by the EFS. When the file is selected for encryption, and backup copy of the file is moved into the temporary directory using the file name efs0.tmp.....

HP-UX Support Tools Manager Denial of Service Attack | 2001-01-21 14:39:32
Support Tools Manager is a software package included with HP-UX designed to make administration of systems easier. HP-UX is the Hewlett Packard UNIX Operating System designed for use on Hewlett Packard servers. A potential Denial of Service...

Tinyproxy Heap Overflow Vulnerability | 2001-01-19 23:35:14
Versions 1.3.2 and 1.3.3 of tinyproxy, a small HTTP proxy, exhibit a vulnerability to heap overflow attacks......

Microsoft WINS Domain Controller Spoofing Vulnerability | 2001-01-19 23:28:17
WINS does not properly verify the registration of domain controllers. It is possible for a user to modify the entries for a domain controller, causing the WINS service to redirect requests for the DC to another system. This can lead to a loss of network functionality for the domain. The DC impersonator can also be set up to capture username and password hashes passed to it during login attempts.
[Exploit]

Microsoft miffed at Bulgarian bug buster | 2001-01-19 22:40:31
A row has broken out between Microsoft and veteran bug hunter Georgi Guninski after he publicised a vulnerability with Windows Media Player 7 before a software patch was available. As previously reported, a vulnerability involving the "skins" feature of the application exists which could allow hackers to read files on a victim's PC. According to Guninski, if the bug is properly exploited it could allow an attacker to gain control of a victim's machine. Microsoft is working on a fix that it said will provide a complete solution to the problem. In the interim it is advising users to change their security zone settings within Internet Explorer.

Linux worm uses its noodle | 2001-01-19 22:21:08
An Internet worm cobbled together from pre-existing scripts is spreading rapidly through Red Hat Linux systems, leaving in its wake a trail of defaced web pages touting the virtues of oriental noodles. The so-called 'Ramen' worm is a bulky, but effective, collection of hacking tools rolled up into a package. A modified scanning program searches broad swaths of the Internet for Red Hat Linux versions 6.2 and 7.0 installations. The scanner then launches attacks against those machines with publicly available exploits of three known vulnerabilities and spreads into each crackable box.

New additions | 2001-01-18 18:37:59
The new version of Lids (Linux Intrusion Detection System) under "kernel tools" and fwlogwatch under "analyzer", of course in "Downloads".

Just a tip. To see a description of a file that you want to download just hover with your mouse pointer over the little "document" image left to the filename. It should show you a description and download counter.

- Phiber

Remote bug in tinyproxy | 2001-01-17 22:53:40
Cyrax from 'packet knight' crew has found remote heap vulnerability in tinyproxy 1.3.2 and 1.3.3. Problem is in sprintf c function,because sprintf doesn't have bound checking ...
PKcrew

Hostile HTML | 2001-01-17 21:55:09
Java scripts have become very popular in webdesign. Only problem is that you can very easily make hostile code and harm remote computers. Here are some simple examples on how to to just that. A solution for the problem is also provided...

Newest addition | 2001-01-17 09:00:52
Newest addition is Snort 1.7 available here, or you may click the download link in the main menu.

splitvt Format String Vulnerability | 2001-01-16 23:16:00
splitvt is a VT100 window splitter, designed to allow the user two command line interfaces in one terminal window, originally written by Sam Lantinga. It is freely available, open source, and included with many variants of the Linux Operating System. A problem in the program could allow for a format string attack.......

Interbase back door exposed | 2001-01-16 00:27:41
A back door password has been hidden in Borland/Inprise's popular Interbase database software for at least seven years, potentially exposing tens of thousands of private databases at corporations and government agencies to unauthorized access and manipulation over the Internet, experts say.

Downloads!!! | 2001-01-16 00:12:34
We have finally added the Download section. Look at it here, or click on it in the main menu.
- Phiber, Xatrix admin

Microsoft MSHTML.DLL Crash Vulnerability | 2001-01-15 23:25:12
MSHTML.DLL is the shared library for parsing HTML in Internet Explorer and related applications. It may be possible for an attacker to crash this library remotely and cause a denial of service with special Jscript code.
[Homepage]

jaZip vulnerability | 2001-01-15 22:44:10
Teleh0r has found stack buffer overflow vulnerability in jaZip. That program is often setuid root,and normal user can become root.Exploit source and simple advisory you can download from here: Securityfocus

Ethereal 0.8.15 | 2001-01-14 16:10:01
Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.
[Homepage] [Download]

Linux - biggest threat to Windows -- Steve Ballmer?!? | 2001-01-13 16:19:53
Microsoft's President and CEO this week named Linux as the company's biggest problem going into 2001. Speaking at an Internet conference hosted by Morgan Stanley Dean Witter, Steve Ballmer said that both Unix and Linux threaten Windows' stronghold in the marketplace, but that the latter is the bigger headache.

Personal Side of Being a Sysadmin | 2001-01-13 16:11:12
Have you got what it takes to be a sysadmin? Can you deal with an annoying user without telling them off? How about that dreaded boss with an idea? In this article, the Personal Side of being a Sysadmin, we will look at methods of dealing with the day to day aspects of keeping all the kids happy in the sandbox.

Security Store - Two more books | 2001-01-11 16:22:06
Two more books added:

Unix in a Nutshell
and
XML for the World Wide Web.


Read more

BitchX 1.0c18 | 2001-01-10 17:27:59
BitchX is a popular IRC client which is a modified clone of the popular ircII client. It is available for almost all UNIX OS's as well as Win95/NT and OS/2. Changes: Fixes an exploitable stack overflow in the DNS parsing code, SSL support added, DCC_AUTORESUME support, nonblocking connect support, and various bug fixes.
[Homepage] [Download]

Lids 2.4.0 | 2001-01-10 17:25:06
The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.
[Homepage] [Download]

Solaris 2.4/5/6 buffer overflow | 2001-01-10 14:28:05
Program /usr/lib/exrecover can be overflowed in the second argument. That program is suid on Solaris 2.4/5/6 and it seems that overflow is in heap.This vulnerability is found by Pablo Sor.

Page: 12... 168 169 170 171 172 173 174 175 out of 175

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »