All Hot News World. Public world blog, journal online reviewed.

Worm File, PacketStorm Security

RSS feed: Worm File, PacketStorm Security
Mon, 05 Nov 2018 21:09:02 GMT
Worm Files ≈ Packet Storm
Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers [ + ]
Mon, 05 Nov 2018 21:05:50 GMT
Morris Worm sendmail Debug Mode Shell Escape
This Metasploit module exploits sendmail's well-known historical debug mode to escape to a shell and execute commands in the SMTP RCPT TO command. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. Currently only cmd/unix/reverse and cmd/unix/generic are supported. [ + ]
Wed, 19 Oct 2016 01:02:21 GMT
Morris Worm fingerd Stack Buffer Overflow
This Metasploit module exploits a stack buffer overflow in fingerd on 4.3BSD. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. [ + ]
Mon, 02 Feb 2015 10:22:22 GMT
Hak5 WiFi Pineapple Preconfiguration Command Injection 2
This Metasploit module exploits a command injection vulnerability on WiFi Pineapples versions 2.0 and below and pineapple versions prior to 2.4. We use a combination of default credentials with a weakness in the anti-csrf generation to achieve command injection on fresh pineapple devices prior to configuration. Additionally if default credentials fail, you can enable a brute force solver for the proof-of-ownership challenge. This will reset the password to a known password if successful and may interrupt the user experience. These devices may typically be identified by their SSID beacons of 'Pineapple5_....'; details derived from the TospoVirus, a WiFi Pineapple infecting worm. [ + ]
Sat, 05 Apr 2014 03:11:21 GMT
Metamorphic Worms: Can They Remain Hidden?
Whitepaper that discusses types of computer worms and how metamorphic worms differ from the rest. [ + ]
Mon, 17 Feb 2014 20:02:22 GMT
Linksys E-Series TheMoon Remote Command Injection
Some Linksys E-Series Routers are vulnerable to an unauthenticated OS command injection. This vulnerability was used from the so called "TheMoon" worm. There are many Linksys systems that might be vulnerable including E4200, E3200, E3000, E2500, E2100L, E2000, E1550, E1500, E1200, E1000, E900. This Metasploit module was tested successfully against an E1500 v1.0.5. [ + ]
Mon, 17 Feb 2014 03:33:33 GMT
Linksys Worm Remote Root
Proof of concept exploit used by the recent Linksys worm (known as "Moon"). Exploits blind command injection in tmUnblock.cgi. [ + ]
Thu, 21 Nov 2013 15:57:18 GMT
Linksys E-Series Remote Code Execution
Linksys E-Series unauthenticated remote command execution exploit that leverages the same vulnerability as used in the "Moon" worm. [ + ]
Thu, 10 Nov 2011 02:38:15 GMT
To Kill A Centrifuge
Whitepaper called To Kill a Centrifuge - A Technical Analysis of What Stuxnet's Creators Tried to Achieve. [ + ]
Wed, 05 May 2010 00:53:06 GMT
Wormtrack Network IDS 0.1
Wormtrack is a network IDS that helps detect scanning worms on a local area network by monitoring anomalous ARP traffic. This allows detection of scanning threats on the network, without having privileged access on a switch to set up a dedicated monitor port, nor does it require a constant updating of the rules engine to address new threats. [ + ]
Wed, 17 Feb 2010 23:45:41 GMT
PHP-Nuke 7.0 / 8.1 / 8.1.35 Wormable Remote Code Execution
PHP-Nuke versions 7.0, 8.1 and 8.1.35 wormable remote code execution exploit. [ + ]
Thu, 26 Nov 2009 00:34:53 GMT
LPRng use_syslog Remote Format String Vulnerability
This Metasploit module exploits a format string vulnerability in the LPRng print server. This vulnerability was discovered by Chris Evans. There was a publicly circulating worm targeting this vulnerability, which prompted RedHat to pull their 7.0 release. They consequently re-released it as "7.0-respin". [ + ]
Wed, 15 Apr 2009 00:06:50 GMT
Sasser Worm avserve FTP PORT Buffer Overflow
This Metasploit module exploits the FTP server component of the Sasser worm. By sending an overly long PORT command the stack can be overwritten. [ + ]
Tue, 14 Apr 2009 23:17:50 GMT
How Conficker Makes Use Of MS08-067
Whitepaper called How Conficker makes use of MS08-067. [ + ]
Mon, 30 Mar 2009 19:50:26 GMT
Using ShoutBoxes To Control Malicious Software
Whitepaper called Using "ShoutBoxes" to control malicious software. [ + ]
Thu, 05 Feb 2009 22:08:04 GMT
Technical Cyber Security Alert 2009-88A
Technical Cyber Security Alert TA09-088A - US-CERT is aware of public reports indicating a widespread infection of the Conficker worm, which can infect a Microsoft Windows system from a thumb drive, a network share, or directly across a network if the host is not patched with MS08-067. [ + ]
Thu, 20 Nov 2008 22:44:51 GMT
Exploit Web 2.0, Real Life XSS-Worm
Whitepaper called Exploiting Web 2.0, Real Life XSS-Worm. [ + ]
Wed, 20 Jun 2007 05:02:32 GMT
The Visitor Messages add-on for vBulletin version 3.7.3 suffers from cross site scripting and cross site request forgery vulnerabilities. This is a worm exploit that takes advantage of these issues. [ + ]
Tue, 06 Mar 2007 04:37:19 GMT
The 5th ACM Workshop On Recurring Malcode (WORM) 2007 Call For Papers has been announced. It will be held on November 2, 2007 in Alexandria, VA, USA. [ + ]
Tue, 06 Mar 2007 01:07:38 GMT
Technical Cyber Security Alert 2007-59A
Technical Cyber Security Alert TA07-059A - A worm is exploiting a vulnerability in the telnet daemon (in.telnetd) on unpatched Sun Solaris systems. The vulnerability allows the worm (or any attacker) to log in via telnet (23/tcp) with elevated privileges. [ + ]
Wed, 06 Dec 2006 02:38:51 GMT
This code shows how to send hidden data steganographed into a simulation of common (worm) traffic. [ + ]
Wed, 06 Dec 2006 02:38:14 GMT
A Win32 tool for easing/automating the process of creating IDS/IPS signatures for SMTP based worms, providing a comfortable GUI, including raw base64 variants and Snort signatures support. This tarball is the source version. [ + ]
Thu, 16 Nov 2006 16:52:49 GMT
A Win32 tool for easing/automating the process of creating IDS/IPS signatures for SMTP based worms, providing a comfortable GUI, including raw base64 variants and Snort signatures support. This tarball is the binary executable version. [ + ]
Wed, 01 Nov 2006 16:23:02 GMT
vthrottle is an implementation of an SMTP throttling engine for Sendmail servers, based upon M. Williamson's mechanisms, as described in his 2003 Usenix Security paper. It allows the administrator to control how much email users and hosts may send, hindering the rapid spread of viruses, worms, and spam. Exceptions can be made using a whitelist mechanism, which can be generated manually or with the included tool vmeasure. [ + ]
Wed, 01 Nov 2006 16:23:02 GMT
Advanced Polymorphic Worms: Evading IDS by Blending with Normal Traffic. [ + ]

Anomalous Payloadbased Worm Detection and Signature Generation. [ + ]
PacketStorm Security

2013 Copyright © Mobile version 2015 | PeterLife & company World news today. Popular science publications online. The best manufacturers in the world. Products for industrial purposes. News of science and technology. Encyclopedic articles. Photos and videos. Science History. Promotion of manufacturers sites. Industrial goods. Display of goods stores online. | Terms of use Link at is mandatory if site materials are using fully or particulary. | Skimlinks helps publishers monetize editorial content through automated affiliate links for products. News: Affiliate programm. | Script Nevius. | Site Public Relations 1PS. | Hosting: Valuehost.