Foundstone Security Advisory FS-091002-SVWS - A buffer overflow exists in versions 3.1 and previous of Savant Web Server. Exploitation of this vulnerability allows remote execution of arbitrary code with daemon privileges. Sending a GET request containing a URL of approximately 291 characters or more causes Savant Web Server to crash. Exploitation is possible and proof of concept code has been authored to demonstrate this problem.
99b8e77654a232b752bea47a2145e7f0SNScan v1.04 is a Windows GUI SNMP detection utility that can quickly and accurately identify SNMP enabled devices on a network. This utility can effectively indicate devices that are potentially vulnerable to SNMP related security threats. SNScan allows for the scanning of SNMP specific ports (e.g. UDP 161, 193, 391 and 1993) and the use of standard (i.e. "public") and non-standard (i.e. user-defined) SNMP community names. User defined community names may be used to more effectively evaluate the presence of SNMP enabled devices in more complex networks.
15a77747bf2146c15440d721f35fca0fUDPFlood v2.0 is a UDP packet sender. It sends out UDP packets to the specfied IP and port at a controllable rate. Packets can be made from a typed text string, a given number of random bytes or data from a file. This program was written to stress test game servers where I work. It proved to be especially useful for bullet-proofing the packet receiving code, making sure it could deal with various combinations of formatted and random data.
07b27c52c3470fe1c6411a000a525a1dTrout v2.0 is a visual (i.e. GUI as opposed to command-line) traceroute and Whois program. Pinging can be set at a controllable rate as can the frequency of repeatedly scanning the selected host. The built-in simple Whois lookup can be used to identify hosts discovered along the route to the destination computer. Parallel pinging and hostname lookup techniques make this traceroute program perhaps the fastest currently available.
86bea5f3b024ade783a1790d95c2741dSuperScan v3.0 - SuperScan is a powerful connect-based TCP port scanner, pinger and hostname resolver. Multithreaded and asynchronous techniques make this program extremely fast and versatile.
0071813eb4668769a15fcd2d1ca1686dDDoSPing v2.0 is a Win 9x/NT GUI scanner for the DDoS agents Wintrinoo, Trinoo, Stacheldraht and TFN.
92dbe2bfc9673ec480aea091b042093bBOPing is a network scanner for the infamous Back Orifice trojan. It is many times faster than the ping sweeper built in to the original client program. This is intended as a vigilante tool to notify victims who unknowingly have the trojan on their system. It includes the ability to notify detected victims by sending them a BO message box message directly from within the program.
061f1d24551da1881a25eb144341698cPatchit v2.0 is a file byte-patching utility. This is driven by a simple scripting language. It can patch sequences of bytes in any file, search for byte patterns (with wildcards) and also extract and utilize DLL exported function addresses as source positions in files to be patched.
38ec13b906d6b9b617e088171cced2e8BinText v3.0 is a small and fast text extractor that will be of particular interest to programmers. It can extract text from any kind of file and includes the ability to find plain ASCII text, Unicode (double byte ANSI) text and Resource strings, providing useful information for each item in the optional "advanced" view mode. It's comprehensive filtering helps prevent unwanted text being listed. The gathered list can be searched and saved to a separate file as either a plain text file or in informative tabular format.
e06a602d752700d5fb98d6d731b0279dShowin is a utility which can display hidden password editbox fields (text behind the asterisks *****). This will work in many programs although Microsoft have changed the way things work in some of their applications, most notably MS Office products and Windows 2000. ShoWin will not work in these cases. Neither will it work for password entry boxes on web pages, at least with most web browsers.
0ba0909771ca10a8a0cb050e933fc975FileWatch v1.0 is a file change monitor. FileWatch (originally called ICEWatch 1.x) is a small utility that can monitor a given file for changes. Monitoring can detect file size changes or simply file writes, both with minimal impact on system resources (no polling is performed). The primary use of this utility is for monitoring changes in the log file of a personal firewall program and being able to spawn a separate application when changes are detected, but the tool can be applied to any number of other uses.
9f7d541b29435c7f2a9f636d73a45c6fFoundstone Security Advisory - AnalogX SimpleServer:WWW v1.06 and below is vulnerable to a "relative directory path" attack that allows a remote user to retrieve any known file one the the server.
4e3ed0a0db03245950db00b35d595d3fFoundstone Security Advisory - AnalogX Proxy v4.04 contains multiple buffer overflows. Includes several proof of concept denial of service examples.
b35dcbfc570f44addb330eee78d4c138Super Scan 2.03. Finally, a windows based port scanner which deserves its name, multi-threaded, fast as lightning with NO Windows TCP/Stack memory problems.
d906d91b186a4ee6fbc213738efcd158
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed